qualitest.perkbox.com Open in urlscan Pro
34.254.111.74 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://qualitest.perkbox.com/perks/info/buyagift-christmas-competition
Submission: On December 04 via manual (December 4th 2023, 5:58:42 am UTC) from IN — Scanned from DE

Summary HTTP 65 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 16 IPs in 5 countries across 12 domains to perform 65 HTTP transactions. The main IP is 34.254.111.74, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is qualitest.perkbox.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on March 16th 2023. Valid for: a year.

This is the only time qualitest.perkbox.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	34.254.111.74 34.254.111.74	16509 (AMAZON-02) (AMAZON-02)
24	99.86.4.127 99.86.4.127	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c0c::54	15169 (GOOGLE) (GOOGLE)
3	130.211.16.248 130.211.16.248	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	13.32.27.114 13.32.27.114	16509 (AMAZON-02) (AMAZON-02)
8	18.245.86.68 18.245.86.68	16509 (AMAZON-02) (AMAZON-02)
4	18.66.147.5 18.66.147.5	16509 (AMAZON-02) (AMAZON-02)
6	18.210.132.136 18.210.132.136	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6813:a641	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
65	16

6 34.254.111.74 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-111-74.eu-west-1.compute.amazonaws.com

qualitest.perkbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 99.86.4.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-127.fra6.r.cloudfront.net

cdn.perkbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::54 (Brussels, Belgium)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 130.211.16.248 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 248.16.211.130.bc.googleusercontent.com

cdn.coview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.coview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-114.fra56.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.245.86.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-68.fra60.r.cloudfront.net

api.production.eu-west-1.perkbox.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.147.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-5.fra60.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.210.132.136 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-132-136.compute-1.amazonaws.com

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:a641 (United States)

ASN13335 (CLOUDFLARENET, US)

res.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	perkbox.com qualitest.perkbox.com cdn.perkbox.com — Cisco Umbrella Rank: 365899	3 MB
8	perkbox.services api.production.eu-west-1.perkbox.services — Cisco Umbrella Rank: 355940	4 KB
7	intercom.io widget.intercom.io — Cisco Umbrella Rank: 1721 api-iam.intercom.io — Cisco Umbrella Rank: 2121	18 KB
4	intercomcdn.com js.intercomcdn.com — Cisco Umbrella Rank: 2136	305 KB
3	coview.com cdn.coview.com — Cisco Umbrella Rank: 113690 app.coview.com — Cisco Umbrella Rank: 95664	12 KB
3	google.com accounts.google.com — Cisco Umbrella Rank: 23 www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 2693	80 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6765	515 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 75	409 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	138 KB
1	cloudinary.com res.cloudinary.com — Cisco Umbrella Rank: 2314	16 KB
0	ibb.co Failed i.ibb.co Failed
65	12

	Domain	Requested by
24	cdn.perkbox.com	qualitest.perkbox.com cdn.perkbox.com
8	api.production.eu-west-1.perkbox.services	cdn.perkbox.com
6	api-iam.intercom.io	js.intercomcdn.com
6	qualitest.perkbox.com	cdn.perkbox.com
4	js.intercomcdn.com	widget.intercom.io js.intercomcdn.com
2	www.google.de
2	stats.g.doubleclick.net	cdn.perkbox.com www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com cdn.perkbox.com
2	app.coview.com	cdn.coview.com
2	www.googletagmanager.com	cdn.perkbox.com www.google-analytics.com
1	region1.analytics.google.com	www.googletagmanager.com
1	www.google.com
1	res.cloudinary.com
1	widget.intercom.io	cdn.perkbox.com
1	cdn.coview.com	cdn.perkbox.com
1	accounts.google.com	cdn.perkbox.com
0	i.ibb.co Failed	qualitest.perkbox.com
65	17

This site contains links to these domains. Also see Links.

Domain
help.perkbox.com
www.perkbox.com
status.perkbox.com

Subject Issuer	Validity	Valid
*.perkbox.com Amazon RSA 2048 M02	`2023-03-16` - `2024-04-13`	a year	crt.sh
cdn.perkbox.com Amazon RSA 2048 M01	`2023-06-08` - `2024-07-06`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
app.coview.com GTS CA 1D4	`2023-11-21` - `2024-02-19`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.intercom.com Amazon RSA 2048 M02	`2023-02-14` - `2024-03-14`	a year	crt.sh
api.production.eu-west-1.perkbox.services Amazon RSA 2048 M02	`2023-10-14` - `2024-11-09`	a year	crt.sh
*.intercomcdn.com Amazon RSA 2048 M02	`2023-12-01` - `2024-12-29`	a year	crt.sh
*.cloudinary.com Go Daddy Secure Certificate Authority - G2	`2023-06-21` - `2024-06-22`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://qualitest.perkbox.com/perks/info/buyagift-christmas-competition
Frame ID: 7521113AD2F183EF2DC4E52BB7C8039C
Requests: 49 HTTP requests in this frame

Frame: https://app.coview.com/api/client-info/launcher
Frame ID: F437BBADAB4933B25478673C27A6296A
Requests: 1 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.2b58570a.js
Frame ID: 33CA456CCD95C65CA1A84D50F8EA4626
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Perkbox | Login

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

65
Requests

98 %
HTTPS

53 %
IPv6

12
Domains

17
Subdomains

16
IPs

5
Countries

3171 kB
Transfer

11100 kB
Size

10
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://help.perkbox.com/en/articles/1321180-setting-up-your-perkbox-account
Title: How to setup my account

Search URL Search Domain Scan URL

URL: https://www.perkbox.com/uk/
Title: About

Search URL Search Domain Scan URL

URL: https://help.perkbox.com/en/
Title: Help

Search URL Search Domain Scan URL

URL: https://www.perkbox.com/policies
Title: Terms & conditions

Search URL Search Domain Scan URL

URL: https://status.perkbox.com/
Title: Status Page

Search URL Search Domain Scan URL

URL: http://help.perkbox.com/en/articles/1885242-cookie-policy
Title: full policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://image.ibb.co/jDB7fm/logo_small.png HTTP 301
https://i.ibb.co/THm67QG/logo-small.png

65 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request buyagift-christmas-competition Show response
qualitest.perkbox.com/perks/info/ 2 KB
4 KB 201ms
56ms Document
text/html 34.254.111.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://qualitest.perkbox.com/perks/info/buyagift-christmas-competition

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

34.254.111.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-254-111-74.eu-west-1.compute.amazonaws.com

Software

Resource Hash

f016830c4b0fb2808a5b241e8c4f696cadba39e25059bbad43bdf5d557ee0356

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' cdn.perkbox.dev cdn.perkbox.net cdn.perkbox.com .marketo.com app.phrase.com phraseapp.com .googleapis.com apis.google.com .google-analytics.com .googletagmanager.com .intercom.io .intercomcdn.com .mxpnl.com .mixpanel.com .chilipiper.com .coview.com .stripe.com .fidel.uk .asknice.ly .vimeo.com .adyen.com accounts.google.com .paypal.com teams.microsoft.com;style-src 'self' 'unsafe-inline' cdn.perkbox.dev cdn.perkbox.net cdn.perkbox.com .marketo.com app.phrase.com phraseapp.com phrase.com .chilipiper.com .coview.com .googleapis.com .typekit.net .stripe.com .fidel.uk .fontawesome.com accounts.google.com;img-src * data: cdn.perkbox.dev cdn.perkbox.net cdn.perkbox.com;connect-src ;frame-src self .google.com .adyen.com .vimeo.com cdn.perkbox.com cdn.perkbox.net;media-src cdn.perkbox.net cdn.perkbox.com js.intercomcdn.com;form-action self .perkbox.dev .perkbox.net .perkbox.com .localhost:* intercom.help *.intercom.io;default-src 'self';base-uri 'self';font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Length: 1669
Content-Type: text/html; charset=utf-8
Date: Mon, 04 Dec 2023 05:58:36 GMT
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: script-src 'self' cdn.perkbox.dev cdn.perkbox.net cdn.perkbox.com *.marketo.com app.phrase.com phraseapp.com *.googleapis.com apis.google.com *.google-analytics.com *.googletagmanager.com *.intercom.io *.intercomcdn.com *.mxpnl.com *.mixpanel.com *.chilipiper.com *.coview.com *.stripe.com *.fidel.uk *.asknice.ly *.vimeo.com *.adyen.com accounts.google.com *.paypal.com teams.microsoft.com;style-src 'self' 'unsafe-inline' cdn.perkbox.dev cdn.perkbox.net cdn.perkbox.com *.marketo.com app.phrase.com phraseapp.com phrase.com *.chilipiper.com *.coview.com *.googleapis.com *.typekit.net *.stripe.com *.fidel.uk *.fontawesome.com accounts.google.com;img-src * data: cdn.perkbox.dev cdn.perkbox.net cdn.perkbox.com;connect-src *;frame-src self * *.google.com *.adyen.com *.vimeo.com cdn.perkbox.com cdn.perkbox.net;media-src cdn.perkbox.net cdn.perkbox.com js.intercomcdn.com;form-action self * *.perkbox.dev *.perkbox.net *.perkbox.com *.localhost:* intercom.help *.intercom.io;default-src 'self';base-uri 'self';font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';upgrade-insecure-requests
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: same-origin
etag: W/"685-3kyIb/LI1seC7pt+Gor8Rw4KR3Q"
expires: 0
origin-agent-cluster: ?1
pragma: no-cache
referrer-policy: origin,origin-when-cross-origin,strict-origin-when-cross-origin
strict-transport-security: max-age=15552000; includeSubDomains
surrogate-control: no-store
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H2 200 bootstrap.min.css
cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/vendor/ 119 KB
20 KB 194ms
12ms Stylesheet
text/css 99.86.4.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/vendor/bootstrap.min.css

Requested by

Host: qualitest.perkbox.com
URL: https://qualitest.perkbox.com/perks/info/buyagift-christmas-competition

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-127.fra6.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d189a49b9758133fe7e6e82a301d5274be027f4c43d9dc7cae964c7ace022e64

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .marketo.com .googleapis.com .google-analytics.com .googletagmanager.com .intercom.io .intercomcdn.com .mxpnl.com .mixpanel.com .amplitude.com .amazonaws.com; style-src 'self' 'unsafe-inline' .marketo.com .googleapis.com; img-src * data:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qualitest.perkbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 13:30:54 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: script-src 'self' *.marketo.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.intercom.io *.intercomcdn.com *.mxpnl.com *.mixpanel.com *.amplitude.com *.amazonaws.com; style-src 'self' 'unsafe-inline' *.marketo.com *.googleapis.com; img-src * data:
content-encoding: gzip
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
age: 491263
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 28 Nov 2023 13:24:46 GMT
server: AmazonS3
etag: W/"321f6002ece6d60f39a1ecbb16edf5bf"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000,public
x-amz-cf-id: OAMIsPm_N_AiRPyXDU5xQ4aoQSRCc1vWm02JceIpB8nRrxlN56cdcg==

GET
H2 200 global.css
cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/ 7 KB
2 KB 191ms
9ms Stylesheet
text/css 99.86.4.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/global.css

Requested by

Host: qualitest.perkbox.com
URL: https://qualitest.perkbox.com/perks/info/buyagift-christmas-competition

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-127.fra6.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

fa2dfc29c93781e75a8a6d948525f069ce6c53385a44e36e1984a9bb8fd4aef0

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .marketo.com .googleapis.com .google-analytics.com .googletagmanager.com .intercom.io .intercomcdn.com .mxpnl.com .mixpanel.com .amplitude.com .amazonaws.com; style-src 'self' 'unsafe-inline' .marketo.com .googleapis.com; img-src * data:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qualitest.perkbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 13:30:54 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: script-src 'self' *.marketo.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.intercom.io *.intercomcdn.com *.mxpnl.com *.mixpanel.com *.amplitude.com *.amazonaws.com; style-src 'self' 'unsafe-inline' *.marketo.com *.googleapis.com; img-src * data:
content-encoding: gzip
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
age: 491263
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 28 Nov 2023 13:24:43 GMT
server: AmazonS3
etag: W/"061132ddf8d86cea06456ce2176de9d1"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000,public
x-amz-cf-id: nG5KJFYnH6jtt0POvS3A6vDan25ka-5BKfrzkLwLkgIXvdRAyVanDw==

GET
H2 200 perkbox-icons.css
cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/fonts/ 5 KB
2 KB 204ms
23ms Stylesheet
text/css 99.86.4.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/fonts/perkbox-icons.css

Requested by

Host: qualitest.perkbox.com
URL: https://qualitest.perkbox.com/perks/info/buyagift-christmas-competition

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-127.fra6.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

4748e68c5c9f2b769a0872355d5603955d5875fc2741648c14673008140a848e

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .marketo.com .googleapis.com .google-analytics.com .googletagmanager.com .intercom.io .intercomcdn.com .mxpnl.com .mixpanel.com .amplitude.com .amazonaws.com; style-src 'self' 'unsafe-inline' .marketo.com .googleapis.com; img-src * data:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qualitest.perkbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 13:30:54 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: script-src 'self' *.marketo.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.intercom.io *.intercomcdn.com *.mxpnl.com *.mixpanel.com *.amplitude.com *.amazonaws.com; style-src 'self' 'unsafe-inline' *.marketo.com *.googleapis.com; img-src * data:
content-encoding: gzip
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
age: 491263
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 28 Nov 2023 13:24:43 GMT
server: AmazonS3
etag: W/"3c2dd658432233972c16bdf257b325e8"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000,public
x-amz-cf-id: ta0mAZ4u-spcZCLQKAG3PwejzMI9HUS7vgzO3Xcafzood3Qfd-TMPQ==

GET
H2 200 font-awesome.css
cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/fonts/ 36 KB
8 KB 192ms
11ms Stylesheet
text/css 99.86.4.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/fonts/font-awesome.css

Requested by

Host: qualitest.perkbox.com
URL: https://qualitest.perkbox.com/perks/info/buyagift-christmas-competition

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-127.fra6.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

2e6992699efb87895cae41af6253b8cb9892c37330980200fc0b146c38180a91

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .marketo.com .googleapis.com .google-analytics.com .googletagmanager.com .intercom.io .intercomcdn.com .mxpnl.com .mixpanel.com .amplitude.com .amazonaws.com; style-src 'self' 'unsafe-inline' .marketo.com .googleapis.com; img-src * data:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qualitest.perkbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 13:30:54 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: script-src 'self' *.marketo.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.intercom.io *.intercomcdn.com *.mxpnl.com *.mixpanel.com *.amplitude.com *.amazonaws.com; style-src 'self' 'unsafe-inline' *.marketo.com *.googleapis.com; img-src * data:
content-encoding: gzip
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
age: 491263
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 28 Nov 2023 13:24:43 GMT
server: AmazonS3
etag: W/"22d64b3ecdb061be04e177f7930ce4f0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000,public
x-amz-cf-id: Y5Xw6v_19qtR5VA_Bz2--LMCGMlU6FoqOirCwjXsx_Ps8XH5qra0ow==

GET
H2 200 color-thief.min.js Show response
cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/vendor/ 6 KB
3 KB 208ms
27ms Script
application/javascript 99.86.4.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/vendor/color-thief.min.js

Requested by

Host: qualitest.perkbox.com
URL: https://qualitest.perkbox.com/perks/info/buyagift-christmas-competition

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-127.fra6.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

a710ca056816b88c87eaad04d958126a7514f5878d09ad40b62fc41f373cf37e

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .marketo.com .googleapis.com .google-analytics.com .googletagmanager.com .intercom.io .intercomcdn.com .mxpnl.com .mixpanel.com .amplitude.com .amazonaws.com; style-src 'self' 'unsafe-inline' .marketo.com .googleapis.com; img-src * data:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qualitest.perkbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 13:30:54 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: script-src 'self' *.marketo.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.intercom.io *.intercomcdn.com *.mxpnl.com *.mixpanel.com *.amplitude.com *.amazonaws.com; style-src 'self' 'unsafe-inline' *.marketo.com *.googleapis.com; img-src * data:
content-encoding: gzip
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
age: 491263
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 28 Nov 2023 13:24:46 GMT
server: AmazonS3
etag: W/"cac6b812a1349b4b8bde12d5219ac1e6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000,public
x-amz-cf-id: 3SEF48dXIAhoRWHcJZnAjbS1CcH1UYsIIP0p8QrZZ6GpEiPHLfLMIA==

GET
H2 200 main.d996af7a.js Show response
cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/static/js/ 2 MB
598 KB 193ms
12ms Script
application/javascript 99.86.4.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/static/js/main.d996af7a.js?024274468ed7caf24b30

Requested by

Host: qualitest.perkbox.com
URL: https://qualitest.perkbox.com/perks/info/buyagift-christmas-competition

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-127.fra6.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

a91aeb03200e7995d69884e714c13f2a2ba63b5172ed0b2b438bbd09c9404b8f

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .marketo.com .googleapis.com .google-analytics.com .googletagmanager.com .intercom.io .intercomcdn.com .mxpnl.com .mixpanel.com .amplitude.com .amazonaws.com; style-src 'self' 'unsafe-inline' .marketo.com .googleapis.com; img-src * data:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qualitest.perkbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 13:30:54 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: script-src 'self' *.marketo.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.intercom.io *.intercomcdn.com *.mxpnl.com *.mixpanel.com *.amplitude.com *.amazonaws.com; style-src 'self' 'unsafe-inline' *.marketo.com *.googleapis.com; img-src * data:
content-encoding: gzip
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
age: 491263
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 28 Nov 2023 13:24:44 GMT
server: AmazonS3
etag: W/"1c8709ceb65ed1d18ba3fb0644b493d9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000,public
x-amz-cf-id: qhbMXkTxhMXKWNrOViy2Ue0lZ_hm6P01lF0NdSKJm6mK2e3TsVJrgA==

GET
H2 200 client Show response
accounts.google.com/gsi/ 205 KB
79 KB 115ms
76ms Script
application/javascript 2a00:1450:400c:c0c::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: cdn.perkbox.com
URL: https://cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/static/js/main.d996af7a.js?024274468ed7caf24b30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::54 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1da78f9ed9515ff6089572e6a16cba60a7a2e8c33671b9e7d9680c38e5661384

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-p-KL1grMqjLVLbH7B9SZGQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qualitest.perkbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:58:36 GMT
content-security-policy: script-src 'report-sample' 'nonce-p-KL1grMqjLVLbH7B9SZGQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Mon, 04 Dec 2023 05:58:36 GMT

GET
H2 200 coview.js Show response
cdn.coview.com/ 26 KB
11 KB 87ms
24ms Script
application/javascript 130.211.16.248
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.coview.com/coview.js

Requested by

Host: cdn.perkbox.com
URL: https://cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/static/js/main.d996af7a.js?024274468ed7caf24b30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

130.211.16.248 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

248.16.211.130.bc.googleusercontent.com

Software

Resource Hash

a22afd0fcabd4edfe3cacba60bea89eb10b2b904f670ff1309eae071c6130e92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qualitest.perkbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:58:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Dec 2022 06:26:32 GMT
via: 1.1 google
etag: W/"26888-1671690392000"
x-frame-options: DENY
vary: accept-encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: Public, max-age=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 04 Dec 2023 06:58:36 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 148 KB
57 KB 84ms
37ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W53DNG4

Requested by

Host: cdn.perkbox.com
URL: https://cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/static/js/main.d996af7a.js?024274468ed7caf24b30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ac22f7cc27670b47a6d446828bb2409ffd548d8b570a23a247d9214192952924

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qualitest.perkbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:58:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57654
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 04 Dec 2023 05:58:36 GMT

GET
H2 200 vendors~devTools~global~internal~tenant.1bfe1518.chunk.js Show response
cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/static/js/ 1 MB
295 KB 12ms
11ms Script
application/javascript 99.86.4.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/static/js/vendors~devTools~global~internal~tenant.1bfe1518.chunk.js

Requested by

Host: cdn.perkbox.com
URL: https://cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/static/js/main.d996af7a.js?024274468ed7caf24b30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-127.fra6.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

3dfec0dfc85e9355c33be56747362576ac0bebf738e863b32c141751457c3738

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .marketo.com .googleapis.com .google-analytics.com .googletagmanager.com .intercom.io .intercomcdn.com .mxpnl.com .mixpanel.com .amplitude.com .amazonaws.com; style-src 'self' 'unsafe-inline' .marketo.com .googleapis.com; img-src * data:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qualitest.perkbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 13:30:54 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: script-src 'self' *.marketo.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.intercom.io *.intercomcdn.com *.mxpnl.com *.mixpanel.com *.amplitude.com *.amazonaws.com; style-src 'self' 'unsafe-inline' *.marketo.com *.googleapis.com; img-src * data:
content-encoding: gzip
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
age: 491263
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 28 Nov 2023 13:24:44 GMT
server: AmazonS3
etag: W/"a748597b95f4999618dbb45a3e550419"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000,public
x-amz-cf-id: 1WyJN1jrAPML4zkiBOg6gybtIiZ5u40eXB__csMSQKphXp5LRdpqbQ==

GET
H2 200 vendors~global~internal~tenant.f09ec659.chunk.js Show response
cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/static/js/ 51 KB
14 KB 12ms
11ms Script
application/javascript 99.86.4.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/static/js/vendors~global~internal~tenant.f09ec659.chunk.js

Requested by

Host: cdn.perkbox.com
URL: https://cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/static/js/main.d996af7a.js?024274468ed7caf24b30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-127.fra6.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d4bd1bbe98d668d1baad539fc5c6b99b48bb07eca7688eb28ab251eed22ef528

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .marketo.com .googleapis.com .google-analytics.com .googletagmanager.com .intercom.io .intercomcdn.com .mxpnl.com .mixpanel.com .amplitude.com .amazonaws.com; style-src 'self' 'unsafe-inline' .marketo.com .googleapis.com; img-src * data:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qualitest.perkbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 13:30:54 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: script-src 'self' *.marketo.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.intercom.io *.intercomcdn.com *.mxpnl.com *.mixpanel.com *.amplitude.com *.amazonaws.com; style-src 'self' 'unsafe-inline' *.marketo.com *.googleapis.com; img-src * data:
content-encoding: gzip
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
age: 491263
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 28 Nov 2023 13:24:44 GMT
server: AmazonS3
etag: W/"f158ed5c7e01ce76bb3480cd3b2ce877"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000,public
x-amz-cf-id: 0KTIy5nA-L3qaCAf-K0T7uhkQybN3Zpmzms-3sX0OU5PDpMN1bQYFA==

GET
H2 200 vendors~internal~tenant.f88841e7.chunk.js Show response
cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/static/js/ 131 KB
41 KB 12ms
11ms Script
application/javascript 99.86.4.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/static/js/vendors~internal~tenant.f88841e7.chunk.js

Requested by

Host: cdn.perkbox.com
URL: https://cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/static/js/main.d996af7a.js?024274468ed7caf24b30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-127.fra6.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

4ae4edb3c8f439aca2985565fea2346ab8be8357b64b2cde5dfb5e10a2702062

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .marketo.com .googleapis.com .google-analytics.com .googletagmanager.com .intercom.io .intercomcdn.com .mxpnl.com .mixpanel.com .amplitude.com .amazonaws.com; style-src 'self' 'unsafe-inline' .marketo.com .googleapis.com; img-src * data:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qualitest.perkbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 13:30:54 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: script-src 'self' *.marketo.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.intercom.io *.intercomcdn.com *.mxpnl.com *.mixpanel.com *.amplitude.com *.amazonaws.com; style-src 'self' 'unsafe-inline' *.marketo.com *.googleapis.com; img-src * data:
content-encoding: gzip
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
age: 491263
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 28 Nov 2023 13:24:45 GMT
server: AmazonS3
etag: W/"1c285f98dc11ee29a189f054b3c8a08b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000,public
x-amz-cf-id: 49rIW4OV6C4rHcCzjaafZkFeiSjiYtSGZkMmFfsnTm8DDTB_VXNW0A==

GET
H2 200 vendors~global~tenant.09576ae7.chunk.js Show response
cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/static/js/ 112 KB
38 KB 12ms
12ms Script
application/javascript 99.86.4.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/static/js/vendors~global~tenant.09576ae7.chunk.js

Requested by

Host: cdn.perkbox.com
URL: https://cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/static/js/main.d996af7a.js?024274468ed7caf24b30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-127.fra6.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

4098e14c1625ec8ed8bd41f18c22731aaa16e38a7ff5b24864ecc8e51160ab13

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .marketo.com .googleapis.com .google-analytics.com .googletagmanager.com .intercom.io .intercomcdn.com .mxpnl.com .mixpanel.com .amplitude.com .amazonaws.com; style-src 'self' 'unsafe-inline' .marketo.com .googleapis.com; img-src * data:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qualitest.perkbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 13:32:49 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: script-src 'self' *.marketo.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.intercom.io *.intercomcdn.com *.mxpnl.com *.mixpanel.com *.amplitude.com *.amazonaws.com; style-src 'self' 'unsafe-inline' *.marketo.com *.googleapis.com; img-src * data:
content-encoding: gzip
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
age: 491147
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 28 Nov 2023 13:24:45 GMT
server: AmazonS3
etag: W/"85c495ec42d39c1adad493bade75fcfa"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000,public
x-amz-cf-id: urKjdadZQPmQJrkZZZfEWiGHDMH2WUfm1mq-wCgt875SQ3iz6H2DLQ==

GET
H2 200 tenant.e5aeb992.chunk.js Show response
cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/static/js/ 5 MB
1 MB 15ms
15ms Script
application/javascript 99.86.4.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/static/js/tenant.e5aeb992.chunk.js

Requested by

Host: cdn.perkbox.com
URL: https://cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/static/js/main.d996af7a.js?024274468ed7caf24b30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-127.fra6.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

46a124a92fa7af23ce593617b5e6d2c40a88bc4c195086c2e8ffdecb3f742ae2

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .marketo.com .googleapis.com .google-analytics.com .googletagmanager.com .intercom.io .intercomcdn.com .mxpnl.com .mixpanel.com .amplitude.com .amazonaws.com; style-src 'self' 'unsafe-inline' .marketo.com .googleapis.com; img-src * data:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qualitest.perkbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 13:32:50 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: script-src 'self' *.marketo.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.intercom.io *.intercomcdn.com *.mxpnl.com *.mixpanel.com *.amplitude.com *.amazonaws.com; style-src 'self' 'unsafe-inline' *.marketo.com *.googleapis.com; img-src * data:
content-encoding: gzip
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
age: 491147
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 28 Nov 2023 13:24:44 GMT
server: AmazonS3
etag: W/"89ac8758bc084622b66ab00a85c069f9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000,public
x-amz-cf-id: aVYikSx0qD6GXbh7oBVRIqLxXj4WDAJxANORIsgImgBVPdPJ7vXHOg==

GET

logo-small.png
i.ibb.co/THm67QG/
Redirect Chain

https://image.ibb.co/jDB7fm/logo_small.png
https://i.ibb.co/THm67QG/logo-small.png

0
0

GET
H2 200 WorkSans-Regular.woff2
cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/fonts/WorkSans/ 17 KB
18 KB 51ms
15ms Font
binary/octet-stream 99.86.4.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/fonts/WorkSans/WorkSans-Regular.woff2

Requested by

Host: cdn.perkbox.com
URL: https://cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/global.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-127.fra6.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

3c46b18a1ccba221be436881e1649ef1bfd1e656184fcd535e84bc77c77e8e5d

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .marketo.com .googleapis.com .google-analytics.com .googletagmanager.com .intercom.io .intercomcdn.com .mxpnl.com .mixpanel.com .amplitude.com .amazonaws.com; style-src 'self' 'unsafe-inline' .marketo.com .googleapis.com; img-src * data:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/global.css
Origin: https://qualitest.perkbox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:20:26 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: script-src 'self' *.marketo.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.intercom.io *.intercomcdn.com *.mxpnl.com *.mixpanel.com *.amplitude.com *.amazonaws.com; style-src 'self' 'unsafe-inline' *.marketo.com *.googleapis.com; img-src * data:
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 67091
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 17912
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 29 Nov 2023 15:17:53 GMT
server: AmazonS3
etag: "4116d9a86a2889032aaca45779a997ca"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST, HEAD
content-type: binary/octet-stream
access-control-allow-origin: https://qualitest.perkbox.com
access-control-expose-headers: ETag
cache-control: max-age=2592000,public
access-control-allow-credentials: true
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: Uxd2HqPFagQo_OP-kXO576-EdMYJmhJ-Kdo95HjTl-RBcxOhqCY70A==

POST
H2 200 launcher Show response
app.coview.com/api/client-info/ Frame F437 490 B
474 B 23ms
22ms XHR
application/json 130.211.16.248
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.coview.com/api/client-info/launcher

Requested by

Host: cdn.coview.com
URL: https://cdn.coview.com/coview.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

130.211.16.248 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

248.16.211.130.bc.googleusercontent.com

Software

Resource Hash

c937c4e8d97c6c6f81863e391c797a5c51ec160702a1fcd75983c3eb595295d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: application/json;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:58:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 google
x-frame-options: DENY
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://qualitest.perkbox.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

OPTIONS
H2 200 launcher
app.coview.com/api/client-info/ Frame 0
0 60ms
22ms Preflight
application/json 130.211.16.248
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.coview.com/api/client-info/launcher

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

130.211.16.248 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

248.16.211.130.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://qualitest.perkbox.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,POST,PUT,OPTIONS,HEAD,DELETE
access-control-allow-origin: https://qualitest.perkbox.com
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
content-length: 0
content-type: application/json
date: Mon, 04 Dec 2023 05:58:36 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
via: 1.1 google
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 account.json Show response
cdn.perkbox.com/locale/web/en-gb/ 11 KB
4 KB 23ms
22ms XHR
application/json 99.86.4.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.perkbox.com/locale/web/en-gb/account.json?b5712564683136223994b88463b44f4912a1f99f

Requested by

Host: cdn.perkbox.com
URL: https://cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/static/js/main.d996af7a.js?024274468ed7caf24b30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-127.fra6.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

2dfecf4fb60a39c04a8ffacdc74565de2d75c1fd7cbe0c3501070bec82b78506

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .marketo.com .googleapis.com .google-analytics.com .googletagmanager.com .intercom.io .intercomcdn.com .mxpnl.com .mixpanel.com .amplitude.com .amazonaws.com; style-src 'self' 'unsafe-inline' .marketo.com .googleapis.com; img-src * data:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://qualitest.perkbox.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: script-src 'self' *.marketo.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.intercom.io *.intercomcdn.com *.mxpnl.com *.mixpanel.com *.amplitude.com *.amazonaws.com; style-src 'self' 'unsafe-inline' *.marketo.com *.googleapis.com; img-src * data:
x-content-type-options: nosniff
date: Mon, 04 Dec 2023 05:54:16 GMT
content-encoding: gzip
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
age: 262
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 01 Dec 2023 14:17:27 GMT
server: AmazonS3
etag: W/"7481bbdc4bf0d3169d3d03d29d861c02"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST, HEAD
content-type: application/json
access-control-allow-origin: https://qualitest.perkbox.com
access-control-expose-headers: ETag
cache-control: max-age=1800,public
access-control-allow-credentials: true
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: fWcZVrO1saNaSheI5qU1ObiexWLsiax3aYWpNon0qM0mg3FYQupIJg==

GET
H2 200 platform.json Show response
cdn.perkbox.com/locale/web/en-gb/ 80 KB
20 KB 23ms
23ms XHR
application/json 99.86.4.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.perkbox.com/locale/web/en-gb/platform.json?b5712564683136223994b88463b44f4912a1f99f

Requested by

Host: cdn.perkbox.com
URL: https://cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/static/js/main.d996af7a.js?024274468ed7caf24b30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-127.fra6.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

47beaee745c199817c09624b85e61ffd0bc78182f79c35f9b1e49718c92bd428

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .marketo.com .googleapis.com .google-analytics.com .googletagmanager.com .intercom.io .intercomcdn.com .mxpnl.com .mixpanel.com .amplitude.com .amazonaws.com; style-src 'self' 'unsafe-inline' .marketo.com .googleapis.com; img-src * data:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://qualitest.perkbox.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: script-src 'self' *.marketo.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.intercom.io *.intercomcdn.com *.mxpnl.com *.mixpanel.com *.amplitude.com *.amazonaws.com; style-src 'self' 'unsafe-inline' *.marketo.com *.googleapis.com; img-src * data:
x-content-type-options: nosniff
date: Mon, 04 Dec 2023 05:54:16 GMT
content-encoding: gzip
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
age: 262
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 01 Dec 2023 14:17:28 GMT
server: AmazonS3
etag: W/"22f74f2a0dea6c9053ebfcf5c7b88cc0"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST, HEAD
content-type: application/json
access-control-allow-origin: https://qualitest.perkbox.com
access-control-expose-headers: ETag
cache-control: max-age=1800,public
access-control-allow-credentials: true
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: sZ-PlrXFg-Pgqq644ZzjNJlF7MnYn1CAxvf0vhUR0wUEWNpJVZ2sYw==

GET
H2 200 errors.json Show response
cdn.perkbox.com/locale/web/en-gb/ 72 KB
15 KB 13ms
13ms XHR
application/json 99.86.4.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.perkbox.com/locale/web/en-gb/errors.json?b5712564683136223994b88463b44f4912a1f99f

Requested by

Host: cdn.perkbox.com
URL: https://cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/static/js/main.d996af7a.js?024274468ed7caf24b30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-127.fra6.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

40d0c333a64d55d56e581cf9fd630695bd8c48e07d4b8f73920d4d0df6be3c79

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .marketo.com .googleapis.com .google-analytics.com .googletagmanager.com .intercom.io .intercomcdn.com .mxpnl.com .mixpanel.com .amplitude.com .amazonaws.com; style-src 'self' 'unsafe-inline' .marketo.com .googleapis.com; img-src * data:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://qualitest.perkbox.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: script-src 'self' *.marketo.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.intercom.io *.intercomcdn.com *.mxpnl.com *.mixpanel.com *.amplitude.com *.amazonaws.com; style-src 'self' 'unsafe-inline' *.marketo.com *.googleapis.com; img-src * data:
x-content-type-options: nosniff
date: Mon, 04 Dec 2023 05:54:16 GMT
content-encoding: gzip
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
age: 262
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 01 Dec 2023 14:17:27 GMT
server: AmazonS3
etag: W/"3965fdbf270bcf295029fa75a97e0c9d"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST, HEAD
content-type: application/json
access-control-allow-origin: https://qualitest.perkbox.com
access-control-expose-headers: ETag
cache-control: max-age=1800,public
access-control-allow-credentials: true
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: WjN9rg-j1UcN7IMq4g2UAMIK1O1V6RI2Uut1ccxIFBP95uXG777Msw==

GET
H2 200 effyqzrr Show response
widget.intercom.io/widget/ 7 KB
3 KB 42ms
8ms Script
application/javascript 13.32.27.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.intercom.io/widget/effyqzrr
Requested by: Host: cdn.perkbox.com
URL: https://cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/static/js/main.d996af7a.js?024274468ed7caf24b30
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-114.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a7f184f3a0f2bd23e61025ffae0b9322b79bef1b6e5e954be4e462ce5f4ca247

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qualitest.perkbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: Inp6vlvxbBNjM2m.PKBv5cWgwlH.srn1
content-encoding: gzip
via: 1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
date: Mon, 04 Dec 2023 05:52:25 GMT
x-amz-cf-pop: FRA56-C2
age: 374
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2705
last-modified: Thu, 30 Nov 2023 14:41:51 GMT
server: AmazonS3
etag: "a5ff02a279189bf8329ddf0ee507fb61"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=300, s-maxage=300, public
accept-ranges: bytes
x-amz-cf-id: sT_3PrdIGQkuwP0jzkCznkvSRT3Ts-GyLsLfhzq5CwQpOZueuEqDvA==

OPTIONS
H2 204 v1
api.production.eu-west-1.perkbox.services/graphql/ Frame 0
0 197ms
120ms Preflight 18.245.86.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.production.eu-west-1.perkbox.services/graphql/v1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-68.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: apollographql-client-name,apollographql-client-version,content-type
Access-Control-Request-Method: POST
Origin: https://qualitest.perkbox.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Correlation-UUID,X-Platform-UUID,X-User-UUID,X-Tenant-UUID,Content-Type,Authorization,If-Match,apollographql-client-version,apollographql-client-name,x-pb-channel,x-pb-show-premium-wellness,x-pb-features
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE,PATCH
access-control-allow-origin: *
access-control-expose-headers: ETag,X-Correlation-UUID,x-amzn-requestid
access-control-max-age: 1728000
cache-control: max-age=300,public
date: Mon, 04 Dec 2023 05:58:37 GMT
via: 1.1 146c0f4d7da9f5b3108ac41c3becbb82.cloudfront.net (CloudFront)
x-amz-apigw-id: PZ2WNEx0DoEENMA=
x-amz-cf-id: _0YnQeDiYQfSdmglRXnDMZgk3OINhDMcKlfpvKvugi3sqmh2Z8eHOw==
x-amz-cf-pop: FRA60-P6
x-amzn-requestid: b7677a2d-8d31-49d0-9c50-92ba3ec49276
x-cache: Miss from cloudfront

GET
H2 200 platform.json Show response
cdn.perkbox.com/locale/web/en-gb/ 80 KB
20 KB 11ms
11ms XHR
application/json 99.86.4.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.perkbox.com/locale/web/en-gb/platform.json?b5712564683136223994b88463b44f4912a1f99f

Requested by

Host: cdn.perkbox.com
URL: https://cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/static/js/main.d996af7a.js?024274468ed7caf24b30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-127.fra6.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

47beaee745c199817c09624b85e61ffd0bc78182f79c35f9b1e49718c92bd428

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .marketo.com .googleapis.com .google-analytics.com .googletagmanager.com .intercom.io .intercomcdn.com .mxpnl.com .mixpanel.com .amplitude.com .amazonaws.com; style-src 'self' 'unsafe-inline' .marketo.com .googleapis.com; img-src * data:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://qualitest.perkbox.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: script-src 'self' *.marketo.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.intercom.io *.intercomcdn.com *.mxpnl.com *.mixpanel.com *.amplitude.com *.amazonaws.com; style-src 'self' 'unsafe-inline' *.marketo.com *.googleapis.com; img-src * data:
x-content-type-options: nosniff
date: Mon, 04 Dec 2023 05:54:16 GMT
content-encoding: gzip
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
age: 262
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 01 Dec 2023 14:17:28 GMT
server: AmazonS3
etag: W/"22f74f2a0dea6c9053ebfcf5c7b88cc0"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST, HEAD
content-type: application/json
access-control-allow-origin: https://qualitest.perkbox.com
access-control-expose-headers: ETag
cache-control: max-age=1800,public
access-control-allow-credentials: true
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: KcoKl77uvOsEd1pPPXzEiKDUJqnmgMagA913BMpmjZl8wBbfS6IVwg==

POST
H2 200 v1 Show response
api.production.eu-west-1.perkbox.services/graphql/ 123 B
800 B 136ms
136ms XHR
application/json 18.245.86.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.production.eu-west-1.perkbox.services/graphql/v1
Requested by: Host: cdn.perkbox.com
URL: https://cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/static/js/main.d996af7a.js?024274468ed7caf24b30
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-68.fra60.r.cloudfront.net
Software: / Express
Resource Hash: a63017c6621f4fe58f3613d21cbcb1c444cf4e7953d3f06eb86ec44744006203

Request headers

Accept: application/json, text/plain, */*
apollographql-client-name: web
Referer: https://qualitest.perkbox.com/
apollographql-client-version: 1.0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Mon, 04 Dec 2023 05:58:37 GMT
via: 1.1 146c0f4d7da9f5b3108ac41c3becbb82.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 123
x-amz-cf-pop: FRA60-P6
x-amzn-requestid: d907e9e9-4997-4a3e-b1ef-06728d200bf2
x-amzn-remapped-connection: keep-alive
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: PZ2WNH0ADoEEvOg=
content-length: 123
pragma: no-cache
x-correlation-uuid: 8a0c25901a8b84f8f4f758c87b634d2a
etag: W/"7b-6NisqLyvLxQa1pw0qLr3qVSDPW4"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: ETag,X-Correlation-UUID,x-amzn-requestid
cache-control: max-age=0,no-cache,no-store,must-revalidate
access-control-allow-credentials: true
x-amzn-remapped-date: Mon, 04 Dec 2023 05:58:37 GMT
x-amz-cf-id: vOp9R8Y9WFt3fxsDyoWAugrr6p-1SyIanAQns4IpvrRWo4N7XqFovg==
expires: -1

GET
H2 200 frame-modern.2b58570a.js Show response
js.intercomcdn.com/ Frame 33CA 514 KB
143 KB 51ms
8ms Script
application/javascript 18.66.147.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/frame-modern.2b58570a.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/effyqzrr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-5.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c7b10df757d5669f641fa828e4d1719d43d1ec964a0c767720be9de1dc5e803e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: s_6BJZEdU3GdO5Ft2jMUUZhAY7XIW9kW
content-encoding: gzip
via: 1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
date: Mon, 04 Dec 2023 04:41:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P4
age: 4602
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 145292
last-modified: Thu, 30 Nov 2023 14:39:36 GMT
server: AmazonS3
etag: "a2b326a7d4c69e817d61dea56bb90857"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: lA65dQ8aTXerJvWY2dZ0GZXc0OXSYHgfPFcZaSE3udfUT7JJeRIX-w==

GET
H2 200 vendor-modern.689650c5.js Show response
js.intercomcdn.com/ Frame 33CA 426 KB
131 KB 66ms
24ms Script
application/javascript 18.66.147.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendor-modern.689650c5.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/effyqzrr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-5.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

a98b0d22fb50853a6fbb1a665e510a9595d2dae5f86a5774f8f0c2f701955532

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: 9tYAPQIxXteWoLaSDpXLwgSyAUpknMzo
content-encoding: gzip
via: 1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
date: Mon, 04 Dec 2023 05:43:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P4
age: 886
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 133792
last-modified: Tue, 21 Nov 2023 15:41:26 GMT
server: AmazonS3
etag: "d0a2ac2a870e5d8e688aada7a9b12be6"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: mEBufAFq0rIfWSl8ZrKHTKqUrtahUOEd-9tfCFTBSDLX9rWUi4RH2Q==

GET
H2 200 WorkSans-Medium.woff2
cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/fonts/WorkSans/ 18 KB
19 KB 24ms
24ms Font
binary/octet-stream 99.86.4.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/fonts/WorkSans/WorkSans-Medium.woff2

Requested by

Host: cdn.perkbox.com
URL: https://cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/global.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-127.fra6.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

05767a03c3f73ebd335b167630feb53617581c5489f9e7c46a7ed4ff374f2e6f

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .marketo.com .googleapis.com .google-analytics.com .googletagmanager.com .intercom.io .intercomcdn.com .mxpnl.com .mixpanel.com .amplitude.com .amazonaws.com; style-src 'self' 'unsafe-inline' .marketo.com .googleapis.com; img-src * data:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/global.css
Origin: https://qualitest.perkbox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:20:27 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: script-src 'self' *.marketo.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.intercom.io *.intercomcdn.com *.mxpnl.com *.mixpanel.com *.amplitude.com *.amazonaws.com; style-src 'self' 'unsafe-inline' *.marketo.com *.googleapis.com; img-src * data:
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 67091
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 18820
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 29 Nov 2023 15:17:53 GMT
server: AmazonS3
etag: "30853c52ed840fcce98b892b6af2f790"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST, HEAD
content-type: binary/octet-stream
access-control-allow-origin: https://qualitest.perkbox.com
access-control-expose-headers: ETag
cache-control: max-age=2592000,public
access-control-allow-credentials: true
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: -IlQIEvym_X5H51sA1gbRLt4eRE1l_8GEgkfJsQdmYYk5amtbyYi4Q==

GET
H2 200 WorkSans-Bold.woff2
cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/fonts/WorkSans/ 18 KB
19 KB 13ms
13ms Font
binary/octet-stream 99.86.4.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/fonts/WorkSans/WorkSans-Bold.woff2

Requested by

Host: cdn.perkbox.com
URL: https://cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/global.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-127.fra6.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

ec04cae0d225b48861b4763dcfe8a3be504dfcf78e2336eefc8fc0bd99760ef8

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .marketo.com .googleapis.com .google-analytics.com .googletagmanager.com .intercom.io .intercomcdn.com .mxpnl.com .mixpanel.com .amplitude.com .amazonaws.com; style-src 'self' 'unsafe-inline' .marketo.com .googleapis.com; img-src * data:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/global.css
Origin: https://qualitest.perkbox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:20:27 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: script-src 'self' *.marketo.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.intercom.io *.intercomcdn.com *.mxpnl.com *.mixpanel.com *.amplitude.com *.amazonaws.com; style-src 'self' 'unsafe-inline' *.marketo.com *.googleapis.com; img-src * data:
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 67091
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 18784
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 29 Nov 2023 15:17:53 GMT
server: AmazonS3
etag: "3367f941f126098953b86681002b2d5c"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST, HEAD
content-type: binary/octet-stream
access-control-allow-origin: https://qualitest.perkbox.com
access-control-expose-headers: ETag
cache-control: max-age=2592000,public
access-control-allow-credentials: true
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: jJzi4N_IvsWW7GTMHJdHz1EetFidppaBUc-izcZvDTquceevLqBdyg==

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame 33CA 8 KB
3 KB 627ms
411ms XHR
application/json 18.210.132.136
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.2b58570a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.210.132.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-210-132-136.compute-1.amazonaws.com

Software

nginx /

Resource Hash

ef6a13a690c8a04c09769bbd2a7a4e0b2bb19d25f1980730cda233f20c009ac4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 04 Dec 2023 05:58:38 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-ami-version: ami-0ae8bcf5f60a6679a
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 0005hba4p7566dkh49k0
x-runtime: 0.297592
server: nginx
etag: W/"ef6a13a690c8a04c09769bbd2a7a4e0b"
x-request-queueing: 0
vary: Accept,Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://qualitest.perkbox.com
x-intercom-version: c8f91d3552957287975d1a1824666cfe80b6546d
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA

GET
H2 200 vendors~sentry-modern.ee8487f2.js Show response
js.intercomcdn.com/ Frame 33CA 116 KB
29 KB 8ms
8ms Script
application/javascript 18.66.147.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendors~sentry-modern.ee8487f2.js

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.2b58570a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-5.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

7e3db603c1ec61223d6cefbf8761e6abded0b6cdc07113b35e41cabbca449d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: 55GB2X_RkewaMZ8sciK69PiRgqFNJIaL
content-encoding: gzip
via: 1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
date: Mon, 04 Dec 2023 05:08:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P4
age: 3012
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 28897
last-modified: Thu, 30 Nov 2023 14:39:37 GMT
server: AmazonS3
etag: "56869526d3f3e15422dbfb41ca5e329c"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: QzLaXWHbIlOIDVe1Xfr-nQMnhx64tLYH7orBSTa7IMdwLjxynYuymA==

GET
H2 200 sentry-modern.7e109de4.js Show response
js.intercomcdn.com/ Frame 33CA 3 KB
2 KB 9ms
8ms Script
application/javascript 18.66.147.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/sentry-modern.7e109de4.js

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.2b58570a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-5.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

8fbc500036255ef837a3db5910e0de7c2d0d0384fb18c3e7fc456e3835281f5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: pgfc33Wr2onRcJkFEJInPD4tKKWsilrE
content-encoding: gzip
via: 1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
date: Mon, 04 Dec 2023 05:48:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P4
age: 602
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1432
last-modified: Thu, 30 Nov 2023 14:39:36 GMT
server: AmazonS3
etag: "b24144b267ec4304c5f532e7418a211c"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: l68I6SLFaxcen8XCYbAm3UFjY2YeJRpSA2Qo0MRO-HfpSoSxmm7fEQ==

OPTIONS
H2 204 v1
api.production.eu-west-1.perkbox.services/graphql/ Frame 0
0 85ms
84ms Preflight 18.245.86.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.production.eu-west-1.perkbox.services/graphql/v1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-68.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: apollographql-client-name,apollographql-client-version,content-type,x-pb-channel,x-pb-features,x-pb-show-premium-wellness
Access-Control-Request-Method: POST
Origin: https://qualitest.perkbox.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Correlation-UUID,X-Platform-UUID,X-User-UUID,X-Tenant-UUID,Content-Type,Authorization,If-Match,apollographql-client-version,apollographql-client-name,x-pb-channel,x-pb-show-premium-wellness,x-pb-features
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE,PATCH
access-control-allow-origin: *
access-control-expose-headers: ETag,X-Correlation-UUID,x-amzn-requestid
access-control-max-age: 1728000
cache-control: max-age=300,public
date: Mon, 04 Dec 2023 05:58:38 GMT
via: 1.1 146c0f4d7da9f5b3108ac41c3becbb82.cloudfront.net (CloudFront)
x-amz-apigw-id: PZ2WPFZtDoEEXVQ=
x-amz-cf-id: LrF6LdC00EQzixxf1saasBvEWhAcYEdbZMx543b9miueX0VvorI--A==
x-amz-cf-pop: FRA60-P6
x-amzn-requestid: ff1523b1-2acf-4ddc-a0c6-b523875dae0f
x-cache: Miss from cloudfront

POST
H/1.1 200
OK get-credentials Show response
qualitest.perkbox.com/api/v1/ 2 B
2 KB 50ms
49ms XHR
application/json 34.254.111.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://qualitest.perkbox.com/api/v1/get-credentials

Requested by

Host: cdn.perkbox.com
URL: https://cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/static/js/main.d996af7a.js?024274468ed7caf24b30

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

34.254.111.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-254-111-74.eu-west-1.compute.amazonaws.com

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' cdn.perkbox.dev cdn.perkbox.net cdn.perkbox.com .marketo.com app.phrase.com phraseapp.com .googleapis.com apis.google.com .google-analytics.com .googletagmanager.com .intercom.io .intercomcdn.com .mxpnl.com .mixpanel.com .chilipiper.com .coview.com .stripe.com .fidel.uk .asknice.ly .vimeo.com .adyen.com accounts.google.com .paypal.com teams.microsoft.com;style-src 'self' 'unsafe-inline' cdn.perkbox.dev cdn.perkbox.net cdn.perkbox.com .marketo.com app.phrase.com phraseapp.com phrase.com .chilipiper.com .coview.com .googleapis.com .typekit.net .stripe.com .fidel.uk .fontawesome.com accounts.google.com;img-src * data: cdn.perkbox.dev cdn.perkbox.net cdn.perkbox.com;connect-src ;frame-src self .google.com .adyen.com .vimeo.com cdn.perkbox.com cdn.perkbox.net;media-src cdn.perkbox.net cdn.perkbox.com js.intercomcdn.com;form-action self .perkbox.dev .perkbox.net .perkbox.com .localhost:* intercom.help *.intercom.io;default-src 'self';base-uri 'self';font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
csrf-token: J7iNSkxn-gPqouruTxXDtaofflXSeYx2WtQc
Referer: https://qualitest.perkbox.com/perks/info/buyagift-christmas-competition
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Date: Mon, 04 Dec 2023 05:58:38 GMT
content-security-policy: script-src 'self' cdn.perkbox.dev cdn.perkbox.net cdn.perkbox.com *.marketo.com app.phrase.com phraseapp.com *.googleapis.com apis.google.com *.google-analytics.com *.googletagmanager.com *.intercom.io *.intercomcdn.com *.mxpnl.com *.mixpanel.com *.chilipiper.com *.coview.com *.stripe.com *.fidel.uk *.asknice.ly *.vimeo.com *.adyen.com accounts.google.com *.paypal.com teams.microsoft.com;style-src 'self' 'unsafe-inline' cdn.perkbox.dev cdn.perkbox.net cdn.perkbox.com *.marketo.com app.phrase.com phraseapp.com phrase.com *.chilipiper.com *.coview.com *.googleapis.com *.typekit.net *.stripe.com *.fidel.uk *.fontawesome.com accounts.google.com;img-src * data: cdn.perkbox.dev cdn.perkbox.net cdn.perkbox.com;connect-src *;frame-src self * *.google.com *.adyen.com *.vimeo.com cdn.perkbox.com cdn.perkbox.net;media-src cdn.perkbox.net cdn.perkbox.com js.intercomcdn.com;form-action self * *.perkbox.dev *.perkbox.net *.perkbox.com *.localhost:* intercom.help *.intercom.io;default-src 'self';base-uri 'self';font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
surrogate-control: no-store
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
Connection: keep-alive
Content-Length: 2
x-xss-protection: 0
pragma: no-cache
referrer-policy: origin,origin-when-cross-origin,strict-origin-when-cross-origin
cross-origin-opener-policy: same-origin-allow-popups
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
x-download-options: noopen
x-frame-options: SAMEORIGIN
Content-Type: application/json; charset=utf-8
origin-agent-cluster: ?1
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
expires: 0

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame 33CA 8 KB
3 KB 494ms
445ms XHR
application/json 18.210.132.136
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/vendors~sentry-modern.ee8487f2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.210.132.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-210-132-136.compute-1.amazonaws.com

Software

nginx /

Resource Hash

4e322fde7a1e14f3309e82732c93bde22148375b4295d6ed3b26b8e727c3b815

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 04 Dec 2023 05:58:38 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-ami-version: ami-0ae8bcf5f60a6679a
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 000btvk5rghnviaegejg
x-runtime: 0.332653
server: nginx
etag: W/"4e322fde7a1e14f3309e82732c93bde2"
x-request-queueing: 0
vary: Accept,Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://qualitest.perkbox.com
x-intercom-version: c8f91d3552957287975d1a1824666cfe80b6546d
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA

POST
H2 200 v1 Show response
api.production.eu-west-1.perkbox.services/graphql/ 3 KB
1 KB 157ms
157ms XHR
application/json 18.245.86.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.production.eu-west-1.perkbox.services/graphql/v1
Requested by: Host: cdn.perkbox.com
URL: https://cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/static/js/main.d996af7a.js?024274468ed7caf24b30
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-68.fra60.r.cloudfront.net
Software: / Express
Resource Hash: a835a106a3b930aa18374af2192ea870424acad96e32a667d1dd50ce1f54d048

Request headers

apollographql-client-name: web
x-pb-features: Merchandise,GroupCelebration
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*, */*
Referer: https://qualitest.perkbox.com/
apollographql-client-version: 1.0
x-pb-channel: web
x-pb-show-premium-wellness: true

Response headers

date: Mon, 04 Dec 2023 05:58:38 GMT
content-encoding: gzip
via: 1.1 146c0f4d7da9f5b3108ac41c3becbb82.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 2932
x-amz-cf-pop: FRA60-P6
x-amzn-requestid: 1bb469ea-1a9f-43e0-a1a2-80153a9b35cc
x-amzn-remapped-connection: keep-alive
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: PZ2WQFENjoEEuIA=
content-length: 776
pragma: no-cache
x-correlation-uuid: d75a2095a3566d98280b3ab84cef8d8f
etag: W/"b74-hRr/Ubux4AJrM2ATrtauKlmImtE"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: ETag,X-Correlation-UUID,x-amzn-requestid
cache-control: max-age=0,no-cache,no-store,must-revalidate
access-control-allow-credentials: true
x-amzn-remapped-date: Mon, 04 Dec 2023 05:58:38 GMT
x-amz-cf-id: _u5UxazTs4ndTUBcfVvQuySkcgShIXYxi9D_2Oc3giEmXqBzl7kWuw==
expires: -1

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame 33CA 8 KB
3 KB 534ms
534ms XHR
application/json 18.210.132.136
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/vendors~sentry-modern.ee8487f2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.210.132.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-210-132-136.compute-1.amazonaws.com

Software

nginx /

Resource Hash

63132b4145efd294fa667fe0fca1988c8a018036c29f05d2b319cf203529d437

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 04 Dec 2023 05:58:38 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-ami-version: ami-0ae8bcf5f60a6679a
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 00047mahqr79bphmdhgg
x-runtime: 0.425353
server: nginx
etag: W/"63132b4145efd294fa667fe0fca1988c"
x-request-queueing: 0
vary: Accept,Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://qualitest.perkbox.com
x-intercom-version: c8f91d3552957287975d1a1824666cfe80b6546d
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA

GET
H2 200 perks.json Show response
cdn.perkbox.com/locale/web/en-gb/ 51 KB
12 KB 23ms
23ms XHR
application/json 99.86.4.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.perkbox.com/locale/web/en-gb/perks.json?b5712564683136223994b88463b44f4912a1f99f

Requested by

Host: cdn.perkbox.com
URL: https://cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/static/js/main.d996af7a.js?024274468ed7caf24b30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-127.fra6.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

060e14c1be05947103bf860c7b0683561468dfd5795d611ba6712fd7beee6e71

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .marketo.com .googleapis.com .google-analytics.com .googletagmanager.com .intercom.io .intercomcdn.com .mxpnl.com .mixpanel.com .amplitude.com .amazonaws.com; style-src 'self' 'unsafe-inline' .marketo.com .googleapis.com; img-src * data:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://qualitest.perkbox.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: script-src 'self' *.marketo.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.intercom.io *.intercomcdn.com *.mxpnl.com *.mixpanel.com *.amplitude.com *.amazonaws.com; style-src 'self' 'unsafe-inline' *.marketo.com *.googleapis.com; img-src * data:
x-content-type-options: nosniff
date: Mon, 04 Dec 2023 05:54:17 GMT
content-encoding: gzip
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
age: 262
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 01 Dec 2023 14:17:28 GMT
server: AmazonS3
etag: W/"0377d82fba5461e653c111def3d728f3"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST, HEAD
content-type: application/json
access-control-allow-origin: https://qualitest.perkbox.com
access-control-expose-headers: ETag
cache-control: max-age=1800,public
access-control-allow-credentials: true
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: pag4D2DYeiuczqugDsDxDt6gRrJ58Rum6nZkHYU_J32Zak7xo2hESQ==

GET
H2 200 logo-alt.49191f56.svg
cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/static/media/ 4 KB
3 KB 10ms
10ms Image
image/svg+xml 99.86.4.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/static/media/logo-alt.49191f56.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-127.fra6.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b20df95f1a83966ea01c95de54de9ff7cbb75c227e7e4d34bd1c350fba70cedc

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .marketo.com .googleapis.com .google-analytics.com .googletagmanager.com .intercom.io .intercomcdn.com .mxpnl.com .mixpanel.com .amplitude.com .amazonaws.com; style-src 'self' 'unsafe-inline' .marketo.com .googleapis.com; img-src * data:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qualitest.perkbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 13:32:55 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: script-src 'self' *.marketo.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.intercom.io *.intercomcdn.com *.mxpnl.com *.mixpanel.com *.amplitude.com *.amazonaws.com; style-src 'self' 'unsafe-inline' *.marketo.com *.googleapis.com; img-src * data:
content-encoding: gzip
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
age: 491144
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 28 Nov 2023 13:24:45 GMT
server: AmazonS3
etag: W/"49191f56ca76a8d9f4d4c785dab7d81e"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000,public
x-amz-cf-id: 29kFH0JEV9URzFWovDwyxSYHj_HcBITVuM88zvoLU7bgvLz1b0K6lw==

GET
H2 200 Http403.5352f981.svg
cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/static/media/ 10 KB
3 KB 11ms
11ms Image
image/svg+xml 99.86.4.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/static/media/Http403.5352f981.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-127.fra6.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e4ab9894d97a53fb14275b0db230640cedb3b90e5bc0e7d9bce953fc9d7e4d53

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .marketo.com .googleapis.com .google-analytics.com .googletagmanager.com .intercom.io .intercomcdn.com .mxpnl.com .mixpanel.com .amplitude.com .amazonaws.com; style-src 'self' 'unsafe-inline' .marketo.com .googleapis.com; img-src * data:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qualitest.perkbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 15:05:17 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: script-src 'self' *.marketo.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.intercom.io *.intercomcdn.com *.mxpnl.com *.mixpanel.com *.amplitude.com *.amazonaws.com; style-src 'self' 'unsafe-inline' *.marketo.com *.googleapis.com; img-src * data:
content-encoding: gzip
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
age: 485602
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 28 Nov 2023 13:24:45 GMT
server: AmazonS3
etag: W/"5352f981417a4cafca1ce31b34063b21"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000,public
x-amz-cf-id: 3Yluren1WXRtPt33TBPmQtXm4qj1-3COtScXqMBC4idafzaruoYhLg==

GET
H2 200 cccd6448-dd6c-4b88-af12-df6dfae0045a.png
res.cloudinary.com/perkbox/image/upload/v1580718002/ 16 KB
16 KB 213ms
147ms Image
image/png 2606:4700::6813:a641
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/perkbox/image/upload/v1580718002/cccd6448-dd6c-4b88-af12-df6dfae0045a.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:a641 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d56983dbf1519b7efcb19d5d17166b45116665459af300ce5cff670785d8d8b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qualitest.perkbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:58:38 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
server-timing: cld-cloudflare;dur=132;start=2023-12-04T05:58:38.493Z;desc=miss,rtt;dur=6;cloudinary;dur=15;start=2023-12-04T05:58:38.564Z
content-length: 16304
last-modified: Mon, 03 Feb 2020 08:20:03 GMT
server: cloudflare
etag: "ed1f739feb0d542a8f669a4c5810c3e6"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control: public, no-transform, immutable, max-age=2592000
accept-ranges: bytes
cf-ray: 8301d19a8c595d8c-FRA
timing-allow-origin: *

GET
H2 200 WorkSans-SemiBold.woff2
cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/fonts/WorkSans/ 18 KB
19 KB 15ms
14ms Font
binary/octet-stream 99.86.4.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/fonts/WorkSans/WorkSans-SemiBold.woff2

Requested by

Host: cdn.perkbox.com
URL: https://cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/global.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-127.fra6.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b5595a0f4045f98ff785b89e3f12ad747b441a0622a41710cdf42163f35d325e

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .marketo.com .googleapis.com .google-analytics.com .googletagmanager.com .intercom.io .intercomcdn.com .mxpnl.com .mixpanel.com .amplitude.com .amazonaws.com; style-src 'self' 'unsafe-inline' .marketo.com .googleapis.com; img-src * data:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/global.css
Origin: https://qualitest.perkbox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:20:27 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: script-src 'self' *.marketo.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.intercom.io *.intercomcdn.com *.mxpnl.com *.mixpanel.com *.amplitude.com *.amazonaws.com; style-src 'self' 'unsafe-inline' *.marketo.com *.googleapis.com; img-src * data:
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 67091
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 18848
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 29 Nov 2023 15:17:53 GMT
server: AmazonS3
etag: "9942d3192d5c8728bf813d0884347bb4"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST, HEAD
content-type: binary/octet-stream
access-control-allow-origin: https://qualitest.perkbox.com
access-control-expose-headers: ETag
cache-control: max-age=2592000,public
access-control-allow-credentials: true
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: ozVFnmnrw4h1jsdACbZQBW3-zJVfwcCz7UPxYw-CNZ9W0igl-u8qCQ==

OPTIONS
H2 204 v1
api.production.eu-west-1.perkbox.services/graphql/ Frame 0
0 42ms
41ms Preflight 18.245.86.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.production.eu-west-1.perkbox.services/graphql/v1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-68.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: apollographql-client-name,apollographql-client-version,content-type,x-pb-channel,x-pb-features,x-pb-show-premium-wellness
Access-Control-Request-Method: POST
Origin: https://qualitest.perkbox.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Correlation-UUID,X-Platform-UUID,X-User-UUID,X-Tenant-UUID,Content-Type,Authorization,If-Match,apollographql-client-version,apollographql-client-name,x-pb-channel,x-pb-show-premium-wellness,x-pb-features
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE,PATCH
access-control-allow-origin: *
access-control-expose-headers: ETag,X-Correlation-UUID,x-amzn-requestid
access-control-max-age: 1728000
cache-control: max-age=300,public
date: Mon, 04 Dec 2023 05:58:38 GMT
via: 1.1 146c0f4d7da9f5b3108ac41c3becbb82.cloudfront.net (CloudFront)
x-amz-apigw-id: PZ2WUE3ZDoEEYOQ=
x-amz-cf-id: nmSEqpys_T_c8t757PTnAudkX1Jexu3CxGCON_m6mKg65yCb0BmNbg==
x-amz-cf-pop: FRA60-P6
x-amzn-requestid: 665b82a7-061e-4551-8e4b-f06bb776e599
x-cache: Miss from cloudfront

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 47ms
13ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W53DNG4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qualitest.perkbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 04 Dec 2023 04:31:40 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5218
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 04 Dec 2023 06:31:40 GMT

POST
H2 200 v1 Show response
api.production.eu-west-1.perkbox.services/graphql/ 1 KB
1 KB 139ms
139ms XHR
application/json 18.245.86.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.production.eu-west-1.perkbox.services/graphql/v1
Requested by: Host: cdn.perkbox.com
URL: https://cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/static/js/main.d996af7a.js?024274468ed7caf24b30
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-68.fra60.r.cloudfront.net
Software: / Express
Resource Hash: 17c48c225293277e54a7ec557c0eea4cf0645cb035c6cc8cd912a6683c16d810

Request headers

apollographql-client-name: web
x-pb-features: Merchandise,GroupCelebration
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*, */*
Referer: https://qualitest.perkbox.com/
apollographql-client-version: 1.0
x-pb-channel: web
x-pb-show-premium-wellness: true

Response headers

date: Mon, 04 Dec 2023 05:58:38 GMT
content-encoding: gzip
via: 1.1 146c0f4d7da9f5b3108ac41c3becbb82.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 1074
x-amz-cf-pop: FRA60-P6
x-amzn-requestid: 1e363e1e-cdf9-430b-8e81-752245575c4d
x-amzn-remapped-connection: keep-alive
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: PZ2WVFNgjoEEKJA=
content-length: 495
pragma: no-cache
x-correlation-uuid: de9c9d2da859274238286e9de5d6d8eb
etag: W/"432-8NNF5jd1ZjQX3+E0udLun92tn/s"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: ETag,X-Correlation-UUID,x-amzn-requestid
cache-control: max-age=0,no-cache,no-store,must-revalidate
access-control-allow-credentials: true
x-amzn-remapped-date: Mon, 04 Dec 2023 05:58:38 GMT
x-amz-cf-id: 1YWLx8CyY6Qy2M32UXc6Vm6THk4B0l6zbwuwu2JwPRDoAF0b6TyLYw==
expires: -1

POST
H/1.1 200
OK set-credentials Show response
qualitest.perkbox.com/api/v1/ 2 B
2 KB 38ms
38ms XHR
application/json 34.254.111.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://qualitest.perkbox.com/api/v1/set-credentials

Requested by

Host: cdn.perkbox.com
URL: https://cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/static/js/main.d996af7a.js?024274468ed7caf24b30

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

34.254.111.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-254-111-74.eu-west-1.compute.amazonaws.com

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' cdn.perkbox.dev cdn.perkbox.net cdn.perkbox.com .marketo.com app.phrase.com phraseapp.com .googleapis.com apis.google.com .google-analytics.com .googletagmanager.com .intercom.io .intercomcdn.com .mxpnl.com .mixpanel.com .chilipiper.com .coview.com .stripe.com .fidel.uk .asknice.ly .vimeo.com .adyen.com accounts.google.com .paypal.com teams.microsoft.com;style-src 'self' 'unsafe-inline' cdn.perkbox.dev cdn.perkbox.net cdn.perkbox.com .marketo.com app.phrase.com phraseapp.com phrase.com .chilipiper.com .coview.com .googleapis.com .typekit.net .stripe.com .fidel.uk .fontawesome.com accounts.google.com;img-src * data: cdn.perkbox.dev cdn.perkbox.net cdn.perkbox.com;connect-src ;frame-src self .google.com .adyen.com .vimeo.com cdn.perkbox.com cdn.perkbox.net;media-src cdn.perkbox.net cdn.perkbox.com js.intercomcdn.com;form-action self .perkbox.dev .perkbox.net .perkbox.com .localhost:* intercom.help *.intercom.io;default-src 'self';base-uri 'self';font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
csrf-token: J7iNSkxn-gPqouruTxXDtaofflXSeYx2WtQc
Referer: https://qualitest.perkbox.com/welcome/login
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Date: Mon, 04 Dec 2023 05:58:38 GMT
content-security-policy: script-src 'self' cdn.perkbox.dev cdn.perkbox.net cdn.perkbox.com *.marketo.com app.phrase.com phraseapp.com *.googleapis.com apis.google.com *.google-analytics.com *.googletagmanager.com *.intercom.io *.intercomcdn.com *.mxpnl.com *.mixpanel.com *.chilipiper.com *.coview.com *.stripe.com *.fidel.uk *.asknice.ly *.vimeo.com *.adyen.com accounts.google.com *.paypal.com teams.microsoft.com;style-src 'self' 'unsafe-inline' cdn.perkbox.dev cdn.perkbox.net cdn.perkbox.com *.marketo.com app.phrase.com phraseapp.com phrase.com *.chilipiper.com *.coview.com *.googleapis.com *.typekit.net *.stripe.com *.fidel.uk *.fontawesome.com accounts.google.com;img-src * data: cdn.perkbox.dev cdn.perkbox.net cdn.perkbox.com;connect-src *;frame-src self * *.google.com *.adyen.com *.vimeo.com cdn.perkbox.com cdn.perkbox.net;media-src cdn.perkbox.net cdn.perkbox.com js.intercomcdn.com;form-action self * *.perkbox.dev *.perkbox.net *.perkbox.com *.localhost:* intercom.help *.intercom.io;default-src 'self';base-uri 'self';font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
surrogate-control: no-store
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
Connection: keep-alive
Content-Length: 2
x-xss-protection: 0
pragma: no-cache
referrer-policy: origin,origin-when-cross-origin,strict-origin-when-cross-origin
cross-origin-opener-policy: same-origin-allow-popups
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
x-download-options: noopen
x-frame-options: SAMEORIGIN
Content-Type: application/json; charset=utf-8
origin-agent-cluster: ?1
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
expires: 0

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame 33CA 8 KB
3 KB 401ms
401ms XHR
application/json 18.210.132.136
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/vendors~sentry-modern.ee8487f2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.210.132.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-210-132-136.compute-1.amazonaws.com

Software

nginx /

Resource Hash

3486d031dcb4673089d6c9f4a8c442f3d01b17237f3f336a32b826ce28cb1d2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 04 Dec 2023 05:58:38 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-ami-version: ami-0ae8bcf5f60a6679a
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 000527d8nj94s09v6b6g
x-runtime: 0.284230
server: nginx
etag: W/"3486d031dcb4673089d6c9f4a8c442f3"
x-request-queueing: 0
vary: Accept,Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://qualitest.perkbox.com
x-intercom-version: c8f91d3552957287975d1a1824666cfe80b6546d
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA

POST
H/1.1 200
OK set-credentials Show response
qualitest.perkbox.com/api/v1/ 2 B
2 KB 43ms
38ms XHR
application/json 34.254.111.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://qualitest.perkbox.com/api/v1/set-credentials

Requested by

Host: cdn.perkbox.com
URL: https://cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/static/js/main.d996af7a.js?024274468ed7caf24b30

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

34.254.111.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-254-111-74.eu-west-1.compute.amazonaws.com

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' cdn.perkbox.dev cdn.perkbox.net cdn.perkbox.com .marketo.com app.phrase.com phraseapp.com .googleapis.com apis.google.com .google-analytics.com .googletagmanager.com .intercom.io .intercomcdn.com .mxpnl.com .mixpanel.com .chilipiper.com .coview.com .stripe.com .fidel.uk .asknice.ly .vimeo.com .adyen.com accounts.google.com .paypal.com teams.microsoft.com;style-src 'self' 'unsafe-inline' cdn.perkbox.dev cdn.perkbox.net cdn.perkbox.com .marketo.com app.phrase.com phraseapp.com phrase.com .chilipiper.com .coview.com .googleapis.com .typekit.net .stripe.com .fidel.uk .fontawesome.com accounts.google.com;img-src * data: cdn.perkbox.dev cdn.perkbox.net cdn.perkbox.com;connect-src ;frame-src self .google.com .adyen.com .vimeo.com cdn.perkbox.com cdn.perkbox.net;media-src cdn.perkbox.net cdn.perkbox.com js.intercomcdn.com;form-action self .perkbox.dev .perkbox.net .perkbox.com .localhost:* intercom.help *.intercom.io;default-src 'self';base-uri 'self';font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
csrf-token: J7iNSkxn-gPqouruTxXDtaofflXSeYx2WtQc
Referer: https://qualitest.perkbox.com/welcome/login
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Date: Mon, 04 Dec 2023 05:58:38 GMT
content-security-policy: script-src 'self' cdn.perkbox.dev cdn.perkbox.net cdn.perkbox.com *.marketo.com app.phrase.com phraseapp.com *.googleapis.com apis.google.com *.google-analytics.com *.googletagmanager.com *.intercom.io *.intercomcdn.com *.mxpnl.com *.mixpanel.com *.chilipiper.com *.coview.com *.stripe.com *.fidel.uk *.asknice.ly *.vimeo.com *.adyen.com accounts.google.com *.paypal.com teams.microsoft.com;style-src 'self' 'unsafe-inline' cdn.perkbox.dev cdn.perkbox.net cdn.perkbox.com *.marketo.com app.phrase.com phraseapp.com phrase.com *.chilipiper.com *.coview.com *.googleapis.com *.typekit.net *.stripe.com *.fidel.uk *.fontawesome.com accounts.google.com;img-src * data: cdn.perkbox.dev cdn.perkbox.net cdn.perkbox.com;connect-src *;frame-src self * *.google.com *.adyen.com *.vimeo.com cdn.perkbox.com cdn.perkbox.net;media-src cdn.perkbox.net cdn.perkbox.com js.intercomcdn.com;form-action self * *.perkbox.dev *.perkbox.net *.perkbox.com *.localhost:* intercom.help *.intercom.io;default-src 'self';base-uri 'self';font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
surrogate-control: no-store
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
Connection: keep-alive
Content-Length: 2
x-xss-protection: 0
pragma: no-cache
referrer-policy: origin,origin-when-cross-origin,strict-origin-when-cross-origin
cross-origin-opener-policy: same-origin-allow-popups
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
x-download-options: noopen
x-frame-options: SAMEORIGIN
Content-Type: application/json; charset=utf-8
origin-agent-cluster: ?1
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
expires: 0

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame 33CA 8 KB
3 KB 432ms
428ms XHR
application/json 18.210.132.136
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/vendors~sentry-modern.ee8487f2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.210.132.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-210-132-136.compute-1.amazonaws.com

Software

nginx /

Resource Hash

8c6de2b5e1b5c6ecbc723ef412904fe79a1dba5a38ceab82b712690369a6953a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 04 Dec 2023 05:58:38 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-ami-version: ami-0ae8bcf5f60a6679a
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 00047mctmeg5hi6rgup0
x-runtime: 0.319560
server: nginx
etag: W/"8c6de2b5e1b5c6ecbc723ef412904fe7"
x-request-queueing: 0
vary: Accept,Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://qualitest.perkbox.com
x-intercom-version: c8f91d3552957287975d1a1824666cfe80b6546d
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA

GET
H/1.1 200
OK session-data Show response
qualitest.perkbox.com/api/v1/ 0
2 KB 75ms
37ms XHR
application/json 34.254.111.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://qualitest.perkbox.com/api/v1/session-data

Requested by

Host: cdn.perkbox.com
URL: https://cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/static/js/main.d996af7a.js?024274468ed7caf24b30

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

34.254.111.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-254-111-74.eu-west-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' cdn.perkbox.dev cdn.perkbox.net cdn.perkbox.com .marketo.com app.phrase.com phraseapp.com .googleapis.com apis.google.com .google-analytics.com .googletagmanager.com .intercom.io .intercomcdn.com .mxpnl.com .mixpanel.com .chilipiper.com .coview.com .stripe.com .fidel.uk .asknice.ly .vimeo.com .adyen.com accounts.google.com .paypal.com teams.microsoft.com;style-src 'self' 'unsafe-inline' cdn.perkbox.dev cdn.perkbox.net cdn.perkbox.com .marketo.com app.phrase.com phraseapp.com phrase.com .chilipiper.com .coview.com .googleapis.com .typekit.net .stripe.com .fidel.uk .fontawesome.com accounts.google.com;img-src * data: cdn.perkbox.dev cdn.perkbox.net cdn.perkbox.com;connect-src ;frame-src self .google.com .adyen.com .vimeo.com cdn.perkbox.com cdn.perkbox.net;media-src cdn.perkbox.net cdn.perkbox.com js.intercomcdn.com;form-action self .perkbox.dev .perkbox.net .perkbox.com .localhost:* intercom.help *.intercom.io;default-src 'self';base-uri 'self';font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
Referer: https://qualitest.perkbox.com/welcome/login
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 05:58:38 GMT
content-security-policy: script-src 'self' cdn.perkbox.dev cdn.perkbox.net cdn.perkbox.com *.marketo.com app.phrase.com phraseapp.com *.googleapis.com apis.google.com *.google-analytics.com *.googletagmanager.com *.intercom.io *.intercomcdn.com *.mxpnl.com *.mixpanel.com *.chilipiper.com *.coview.com *.stripe.com *.fidel.uk *.asknice.ly *.vimeo.com *.adyen.com accounts.google.com *.paypal.com teams.microsoft.com;style-src 'self' 'unsafe-inline' cdn.perkbox.dev cdn.perkbox.net cdn.perkbox.com *.marketo.com app.phrase.com phraseapp.com phrase.com *.chilipiper.com *.coview.com *.googleapis.com *.typekit.net *.stripe.com *.fidel.uk *.fontawesome.com accounts.google.com;img-src * data: cdn.perkbox.dev cdn.perkbox.net cdn.perkbox.com;connect-src *;frame-src self * *.google.com *.adyen.com *.vimeo.com cdn.perkbox.com cdn.perkbox.net;media-src cdn.perkbox.net cdn.perkbox.com js.intercomcdn.com;form-action self * *.perkbox.dev *.perkbox.net *.perkbox.com *.localhost:* intercom.help *.intercom.io;default-src 'self';base-uri 'self';font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
surrogate-control: no-store
Transfer-Encoding: chunked
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
Connection: keep-alive
x-xss-protection: 0
pragma: no-cache
referrer-policy: origin,origin-when-cross-origin,strict-origin-when-cross-origin
cross-origin-opener-policy: same-origin-allow-popups
x-download-options: noopen
x-frame-options: SAMEORIGIN
Content-Type: application/json; charset=utf-8
origin-agent-cluster: ?1
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
expires: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
226 B 20ms
20ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=817254263&t=pageview&_s=1&dl=https%3A%2F%2Fqualitest.perkbox.com%2Fwelcome%2Flogin&ul=en-us&de=UTF-8&dt=Perkbox%20%7C%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=429846976&gjid=504801646&cid=1245896760.1701669519&tid=UA-109494921-1&_gid=1093471572.1701669519&_r=1&_slc=1&gtm=45He3bt0n81W53DNG4&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1924332681

Requested by

Host: cdn.perkbox.com
URL: https://cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/static/js/main.d996af7a.js?024274468ed7caf24b30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

42425549688f490d14c82728dd81f2c735d3292db3918726ac84290b4ddc6047

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://qualitest.perkbox.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:58:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://qualitest.perkbox.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
353 B 59ms
19ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-109494921-1&cid=1245896760.1701669519&jid=429846976&gjid=504801646&_gid=1093471572.1701669519&_u=YEBAAEAAAAAAACAAI~&z=1852245459

Requested by

Host: cdn.perkbox.com
URL: https://cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/static/js/main.d996af7a.js?024274468ed7caf24b30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://qualitest.perkbox.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 04 Dec 2023 05:58:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://qualitest.perkbox.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 229 KB
81 KB 38ms
37ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-B1J5QSRL9R&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cfdf47877fae59085e337ed8a45d378b439e480f7714a43430f8f2a6e183392b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qualitest.perkbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:58:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83105
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 04 Dec 2023 05:58:38 GMT

POST
H/1.1 200
OK session-data Show response
qualitest.perkbox.com/api/v1/ 2 B
2 KB 38ms
38ms XHR
application/json 34.254.111.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://qualitest.perkbox.com/api/v1/session-data

Requested by

Host: cdn.perkbox.com
URL: https://cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/static/js/main.d996af7a.js?024274468ed7caf24b30

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

34.254.111.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-254-111-74.eu-west-1.compute.amazonaws.com

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' cdn.perkbox.dev cdn.perkbox.net cdn.perkbox.com .marketo.com app.phrase.com phraseapp.com .googleapis.com apis.google.com .google-analytics.com .googletagmanager.com .intercom.io .intercomcdn.com .mxpnl.com .mixpanel.com .chilipiper.com .coview.com .stripe.com .fidel.uk .asknice.ly .vimeo.com .adyen.com accounts.google.com .paypal.com teams.microsoft.com;style-src 'self' 'unsafe-inline' cdn.perkbox.dev cdn.perkbox.net cdn.perkbox.com .marketo.com app.phrase.com phraseapp.com phrase.com .chilipiper.com .coview.com .googleapis.com .typekit.net .stripe.com .fidel.uk .fontawesome.com accounts.google.com;img-src * data: cdn.perkbox.dev cdn.perkbox.net cdn.perkbox.com;connect-src ;frame-src self .google.com .adyen.com .vimeo.com cdn.perkbox.com cdn.perkbox.net;media-src cdn.perkbox.net cdn.perkbox.com js.intercomcdn.com;form-action self .perkbox.dev .perkbox.net .perkbox.com .localhost:* intercom.help *.intercom.io;default-src 'self';base-uri 'self';font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
csrf-token: J7iNSkxn-gPqouruTxXDtaofflXSeYx2WtQc
Referer: https://qualitest.perkbox.com/welcome/login
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Date: Mon, 04 Dec 2023 05:58:38 GMT
content-security-policy: script-src 'self' cdn.perkbox.dev cdn.perkbox.net cdn.perkbox.com *.marketo.com app.phrase.com phraseapp.com *.googleapis.com apis.google.com *.google-analytics.com *.googletagmanager.com *.intercom.io *.intercomcdn.com *.mxpnl.com *.mixpanel.com *.chilipiper.com *.coview.com *.stripe.com *.fidel.uk *.asknice.ly *.vimeo.com *.adyen.com accounts.google.com *.paypal.com teams.microsoft.com;style-src 'self' 'unsafe-inline' cdn.perkbox.dev cdn.perkbox.net cdn.perkbox.com *.marketo.com app.phrase.com phraseapp.com phrase.com *.chilipiper.com *.coview.com *.googleapis.com *.typekit.net *.stripe.com *.fidel.uk *.fontawesome.com accounts.google.com;img-src * data: cdn.perkbox.dev cdn.perkbox.net cdn.perkbox.com;connect-src *;frame-src self * *.google.com *.adyen.com *.vimeo.com cdn.perkbox.com cdn.perkbox.net;media-src cdn.perkbox.net cdn.perkbox.com js.intercomcdn.com;form-action self * *.perkbox.dev *.perkbox.net *.perkbox.com *.localhost:* intercom.help *.intercom.io;default-src 'self';base-uri 'self';font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
surrogate-control: no-store
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
Connection: keep-alive
Content-Length: 2
x-xss-protection: 0
pragma: no-cache
referrer-policy: origin,origin-when-cross-origin,strict-origin-when-cross-origin
cross-origin-opener-policy: same-origin-allow-popups
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
x-download-options: noopen
x-frame-options: SAMEORIGIN
Content-Type: application/json; charset=utf-8
origin-agent-cluster: ?1
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
expires: 0

GET
H2 200 profile.b702b6e0.svg
cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/static/media/ 1 KB
1 KB 10ms
9ms Image
image/svg+xml 99.86.4.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/static/media/profile.b702b6e0.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-127.fra6.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

9d86d5a5888d8f1ec363deed6ab81d4065c036d6b2b81cbcee999ea4816a72da

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .marketo.com .googleapis.com .google-analytics.com .googletagmanager.com .intercom.io .intercomcdn.com .mxpnl.com .mixpanel.com .amplitude.com .amazonaws.com; style-src 'self' 'unsafe-inline' .marketo.com .googleapis.com; img-src * data:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qualitest.perkbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 13:40:04 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: script-src 'self' *.marketo.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.intercom.io *.intercomcdn.com *.mxpnl.com *.mixpanel.com *.amplitude.com *.amazonaws.com; style-src 'self' 'unsafe-inline' *.marketo.com *.googleapis.com; img-src * data:
content-encoding: gzip
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
age: 490715
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 28 Nov 2023 13:24:45 GMT
server: AmazonS3
etag: W/"b702b6e051d268ae05f02fbb9e21cda6"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000,public
x-amz-cf-id: Py1BP9Q00BxlZ4cU1fwbFR0Qe5XwZFNTpsQVev9tX_x8sCO0KaMqNQ==

POST
H2 200 v1 Show response
api.production.eu-west-1.perkbox.services/graphql/ 71 B
749 B 132ms
131ms XHR
application/json 18.245.86.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.production.eu-west-1.perkbox.services/graphql/v1
Requested by: Host: cdn.perkbox.com
URL: https://cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/static/js/main.d996af7a.js?024274468ed7caf24b30
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-68.fra60.r.cloudfront.net
Software: / Express
Resource Hash: 4e1a056f7bae25878b6b272a2af0a58c43cccb2296621f29851dcb26e1c8b1ed

Request headers

apollographql-client-name: web
x-pb-features: Merchandise,GroupCelebration
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*, */*
Referer: https://qualitest.perkbox.com/
apollographql-client-version: 1.0
x-pb-channel: web
x-pb-show-premium-wellness: true

Response headers

date: Mon, 04 Dec 2023 05:58:38 GMT
via: 1.1 146c0f4d7da9f5b3108ac41c3becbb82.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 71
x-amz-cf-pop: FRA60-P6
x-amzn-requestid: e753942f-39f0-441b-9110-eb0e4f1249b0
x-amzn-remapped-connection: keep-alive
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: PZ2WXFH0joEEmTw=
content-length: 71
pragma: no-cache
x-correlation-uuid: 655892a891eae7e089d7c2fa82433134
etag: W/"47-Mz+TvQUF6w2TloyTid5JWHVHeX8"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: ETag,X-Correlation-UUID,x-amzn-requestid
cache-control: max-age=0,no-cache,no-store,must-revalidate
access-control-allow-credentials: true
x-amzn-remapped-date: Mon, 04 Dec 2023 05:58:38 GMT
x-amz-cf-id: JjJvHhHCyBrw2Lfjsi8qga6cHF2EWV3fHZdmchoBx7YGhr7eAxRZPQ==
expires: -1

OPTIONS
H2 204 v1
api.production.eu-west-1.perkbox.services/graphql/ Frame 0
0 86ms
85ms Preflight 18.245.86.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.production.eu-west-1.perkbox.services/graphql/v1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-68.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: apollographql-client-name,apollographql-client-version,content-type,x-pb-channel,x-pb-features,x-pb-show-premium-wellness
Access-Control-Request-Method: POST
Origin: https://qualitest.perkbox.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Correlation-UUID,X-Platform-UUID,X-User-UUID,X-Tenant-UUID,Content-Type,Authorization,If-Match,apollographql-client-version,apollographql-client-name,x-pb-channel,x-pb-show-premium-wellness,x-pb-features
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE,PATCH
access-control-allow-origin: *
access-control-expose-headers: ETag,X-Correlation-UUID,x-amzn-requestid
access-control-max-age: 1728000
cache-control: max-age=300,public
date: Mon, 04 Dec 2023 05:58:38 GMT
via: 1.1 146c0f4d7da9f5b3108ac41c3becbb82.cloudfront.net (CloudFront)
x-amz-apigw-id: PZ2WWHIIDoEEXcg=
x-amz-cf-id: dRuOS293tb8FPpDvlRO0401L0PaMmA-O2oU1tQmAv6K2-MRFPpp5CA==
x-amz-cf-pop: FRA60-P6
x-amzn-requestid: 0d60bef4-1090-4a5b-9173-e57bf0d0093e
x-cache: Miss from cloudfront

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 60ms
25ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-109494921-1&cid=1245896760.1701669519&jid=429846976&_u=YEBAAEAAAAAAACAAI~&z=1189736045

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qualitest.perkbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:58:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 65ms
25ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-109494921-1&cid=1245896760.1701669519&jid=429846976&_u=YEBAAEAAAAAAACAAI~&z=1189736045

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qualitest.perkbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:58:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
258 B 48ms
16ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-B1J5QSRL9R&gtm=45je3bt0v9164372102&_p=1701669516789&_gaz=1&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=1245896760.1701669519&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fqualitest.perkbox.com%2Fwelcome%2Flogin&dt=Perkbox%20%7C%20Login&sid=1701669518&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2569
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B1J5QSRL9R&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qualitest.perkbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:58:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://qualitest.perkbox.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 21ms
20ms Ping
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-B1J5QSRL9R&cid=1245896760.1701669519&gtm=45je3bt0v9164372102&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B1J5QSRL9R&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qualitest.perkbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:58:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://qualitest.perkbox.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 25ms
24ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-B1J5QSRL9R&cid=1245896760.1701669519&gtm=45je3bt0v9164372102&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2&z=849847594

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qualitest.perkbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:58:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 profile.b702b6e0.svg
cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/static/media/ 1 KB
1 KB 12ms
11ms Image
image/svg+xml 99.86.4.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/static/media/profile.b702b6e0.svg

Requested by

Host: cdn.perkbox.com
URL: https://cdn.perkbox.com/b5712564683136223994b88463b44f4912a1f99f/static/js/main.d996af7a.js?024274468ed7caf24b30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-127.fra6.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

9d86d5a5888d8f1ec363deed6ab81d4065c036d6b2b81cbcee999ea4816a72da

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .marketo.com .googleapis.com .google-analytics.com .googletagmanager.com .intercom.io .intercomcdn.com .mxpnl.com .mixpanel.com .amplitude.com .amazonaws.com; style-src 'self' 'unsafe-inline' .marketo.com .googleapis.com; img-src * data:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qualitest.perkbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 13:40:04 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: script-src 'self' *.marketo.com *.googleapis.com *.google-analytics.com *.googletagmanager.com *.intercom.io *.intercomcdn.com *.mxpnl.com *.mixpanel.com *.amplitude.com *.amazonaws.com; style-src 'self' 'unsafe-inline' *.marketo.com *.googleapis.com; img-src * data:
content-encoding: gzip
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
age: 490715
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 28 Nov 2023 13:24:45 GMT
server: AmazonS3
etag: W/"b702b6e051d268ae05f02fbb9e21cda6"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000,public
x-amz-cf-id: Vv5yntWVcpJDgXRKWqq_MQipbY4p0kOr_tkjt_G1kfIZeaSJINGspQ==

POST
H2 200 events Show response
api-iam.intercom.io/messenger/web/ Frame 33CA 4 B
705 B 281ms
280ms XHR
application/json 18.210.132.136
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/events

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/vendors~sentry-modern.ee8487f2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.210.132.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-210-132-136.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e10808d43975dc400731053386849f864f297e6c4f7519c380f3dbaf7067a840

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 04 Dec 2023 05:58:39 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-ami-version: ami-0ae8bcf5f60a6679a
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 0006o44mr2jh1fur8q9g
x-runtime: 0.166288
server: nginx
etag: W/"e10808d43975dc400731053386849f86"
x-request-queueing: 0
vary: Accept,Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://qualitest.perkbox.com
x-intercom-version: c8f91d3552957287975d1a1824666cfe80b6546d
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: i.ibb.co
URL: https://i.ibb.co/THm67QG/logo-small.png

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
qualitest.perkbox.com/	1969-12-31 23:59:59	Name: _csrf Value: NTJbn57Wm-23cA-2xaY8ZYCM
qualitest.perkbox.com/	1970-01-20 18:07:33	Name: sid Value: s%3A52AXBZ5GHc5W53O7yulI6UUdVg6m3SvU.xoEN8YlCTTNDapCGeWvrLwNz8wWX4wnV5pyLxfMiw6A
.perkbox.com/	1970-01-21 01:26:45	Name: mp_db23a499d137c41fe1659f21e2b6cadf_mixpanel Value: %7B%22distinct_id%22%3A%20%2218c336835f1187-0bef09709ab455-6d325e53-1d4c00-18c336835f2ef7%22%2C%22%24device_id%22%3A%20%2218c336835f1187-0bef09709ab455-6d325e53-1d4c00-18c336835f2ef7%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.perkbox.com/	1970-01-21 02:17:09	Name: _ga Value: GA1.2.1245896760.1701669519
.perkbox.com/	1970-01-20 16:42:35	Name: _gid Value: GA1.2.1093471572.1701669519
.perkbox.com/	1970-01-20 16:41:09	Name: _gat_UA-109494921-1 Value: 1
.perkbox.com/	1970-01-21 02:17:09	Name: _ga_B1J5QSRL9R Value: GS1.2.1701669518.1.0.1701669518.60.0.0
.perkbox.com/	1970-01-20 23:09:59	Name: intercom-id-effyqzrr Value: 1059f866-b565-472e-a4b6-9f90a3e0a29b
.perkbox.com/	1970-01-20 16:51:14	Name: intercom-session-effyqzrr Value:
.perkbox.com/	1970-01-20 23:09:59	Name: intercom-device-id-effyqzrr Value: 577c13be-febd-4c89-8cb1-a5d6c814c329

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://i.ibb.co/THm67QG/logo-small.png Message: Failed to load resource: net::ERR_HTTP2_PROTOCOL_ERROR

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	script-src 'self' cdn.perkbox.dev cdn.perkbox.net cdn.perkbox.com .marketo.com app.phrase.com phraseapp.com .googleapis.com apis.google.com .google-analytics.com .googletagmanager.com .intercom.io .intercomcdn.com .mxpnl.com .mixpanel.com .chilipiper.com .coview.com .stripe.com .fidel.uk .asknice.ly .vimeo.com .adyen.com accounts.google.com .paypal.com teams.microsoft.com;style-src 'self' 'unsafe-inline' cdn.perkbox.dev cdn.perkbox.net cdn.perkbox.com .marketo.com app.phrase.com phraseapp.com phrase.com .chilipiper.com .coview.com .googleapis.com .typekit.net .stripe.com .fidel.uk .fontawesome.com accounts.google.com;img-src * data: cdn.perkbox.dev cdn.perkbox.net cdn.perkbox.com;connect-src ;frame-src self .google.com .adyen.com .vimeo.com cdn.perkbox.com cdn.perkbox.net;media-src cdn.perkbox.net cdn.perkbox.com js.intercomcdn.com;form-action self .perkbox.dev .perkbox.net .perkbox.com .localhost:* intercom.help *.intercom.io;default-src 'self';base-uri 'self';font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
api-iam.intercom.io
api.production.eu-west-1.perkbox.services
app.coview.com
cdn.coview.com
cdn.perkbox.com
i.ibb.co
js.intercomcdn.com
qualitest.perkbox.com
region1.analytics.google.com
res.cloudinary.com
stats.g.doubleclick.net
widget.intercom.io
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
i.ibb.co
13.32.27.114
130.211.16.248
18.210.132.136
18.245.86.68
18.66.147.5
2001:4860:4802:34::36
2606:4700::6813:a641
2a00:1450:4001:80e::2004
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2008
2a00:1450:400c:c07::9a
2a00:1450:400c:c0c::54
34.254.111.74
99.86.4.127
05767a03c3f73ebd335b167630feb53617581c5489f9e7c46a7ed4ff374f2e6f
060e14c1be05947103bf860c7b0683561468dfd5795d611ba6712fd7beee6e71
17c48c225293277e54a7ec557c0eea4cf0645cb035c6cc8cd912a6683c16d810
1da78f9ed9515ff6089572e6a16cba60a7a2e8c33671b9e7d9680c38e5661384
2dfecf4fb60a39c04a8ffacdc74565de2d75c1fd7cbe0c3501070bec82b78506
2e6992699efb87895cae41af6253b8cb9892c37330980200fc0b146c38180a91
3486d031dcb4673089d6c9f4a8c442f3d01b17237f3f336a32b826ce28cb1d2c
3c46b18a1ccba221be436881e1649ef1bfd1e656184fcd535e84bc77c77e8e5d
3dfec0dfc85e9355c33be56747362576ac0bebf738e863b32c141751457c3738
4098e14c1625ec8ed8bd41f18c22731aaa16e38a7ff5b24864ecc8e51160ab13
40d0c333a64d55d56e581cf9fd630695bd8c48e07d4b8f73920d4d0df6be3c79
42425549688f490d14c82728dd81f2c735d3292db3918726ac84290b4ddc6047
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46a124a92fa7af23ce593617b5e6d2c40a88bc4c195086c2e8ffdecb3f742ae2
4748e68c5c9f2b769a0872355d5603955d5875fc2741648c14673008140a848e
47beaee745c199817c09624b85e61ffd0bc78182f79c35f9b1e49718c92bd428
4ae4edb3c8f439aca2985565fea2346ab8be8357b64b2cde5dfb5e10a2702062
4e1a056f7bae25878b6b272a2af0a58c43cccb2296621f29851dcb26e1c8b1ed
4e322fde7a1e14f3309e82732c93bde22148375b4295d6ed3b26b8e727c3b815
63132b4145efd294fa667fe0fca1988c8a018036c29f05d2b319cf203529d437
7e3db603c1ec61223d6cefbf8761e6abded0b6cdc07113b35e41cabbca449d96
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8c6de2b5e1b5c6ecbc723ef412904fe79a1dba5a38ceab82b712690369a6953a
8fbc500036255ef837a3db5910e0de7c2d0d0384fb18c3e7fc456e3835281f5a
9d86d5a5888d8f1ec363deed6ab81d4065c036d6b2b81cbcee999ea4816a72da
a22afd0fcabd4edfe3cacba60bea89eb10b2b904f670ff1309eae071c6130e92
a63017c6621f4fe58f3613d21cbcb1c444cf4e7953d3f06eb86ec44744006203
a710ca056816b88c87eaad04d958126a7514f5878d09ad40b62fc41f373cf37e
a7f184f3a0f2bd23e61025ffae0b9322b79bef1b6e5e954be4e462ce5f4ca247
a835a106a3b930aa18374af2192ea870424acad96e32a667d1dd50ce1f54d048
a91aeb03200e7995d69884e714c13f2a2ba63b5172ed0b2b438bbd09c9404b8f
a98b0d22fb50853a6fbb1a665e510a9595d2dae5f86a5774f8f0c2f701955532
ac22f7cc27670b47a6d446828bb2409ffd548d8b570a23a247d9214192952924
b20df95f1a83966ea01c95de54de9ff7cbb75c227e7e4d34bd1c350fba70cedc
b5595a0f4045f98ff785b89e3f12ad747b441a0622a41710cdf42163f35d325e
c7b10df757d5669f641fa828e4d1719d43d1ec964a0c767720be9de1dc5e803e
c937c4e8d97c6c6f81863e391c797a5c51ec160702a1fcd75983c3eb595295d4
cfdf47877fae59085e337ed8a45d378b439e480f7714a43430f8f2a6e183392b
d189a49b9758133fe7e6e82a301d5274be027f4c43d9dc7cae964c7ace022e64
d4bd1bbe98d668d1baad539fc5c6b99b48bb07eca7688eb28ab251eed22ef528
d56983dbf1519b7efcb19d5d17166b45116665459af300ce5cff670785d8d8b7
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e10808d43975dc400731053386849f864f297e6c4f7519c380f3dbaf7067a840
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4ab9894d97a53fb14275b0db230640cedb3b90e5bc0e7d9bce953fc9d7e4d53
ec04cae0d225b48861b4763dcfe8a3be504dfcf78e2336eefc8fc0bd99760ef8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6a13a690c8a04c09769bbd2a7a4e0b2bb19d25f1980730cda233f20c009ac4
f016830c4b0fb2808a5b241e8c4f696cadba39e25059bbad43bdf5d557ee0356
fa2dfc29c93781e75a8a6d948525f069ce6c53385a44e36e1984a9bb8fd4aef0

qualitest.perkbox.com Open in urlscan Pro 34.254.111.74 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

65 Requests

98 %HTTPS

53 %IPv6

12 Domains

17 Subdomains

16 IPs

5 Countries

3171 kBTransfer

11100 kBSize

10 Cookies

6 Outgoing links

Redirected requests

65 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

qualitest.perkbox.com Open in urlscan Pro
34.254.111.74 Public Scan

Screenshot
Live screenshot

Full Image

65
Requests

98 %
HTTPS

53 %
IPv6

12
Domains

17
Subdomains

16
IPs

5
Countries

3171 kB
Transfer

11100 kB
Size

10
Cookies

65 HTTP transactions
0 data transactions