Submitted URL: http://www.positivepromotions.com/catalogs/a/374/
Effective URL: https://www.positivepromotions.com/catalogs/a/374/
Submission: On June 12 via api from US — Scanned from DE

Summary

This website contacted 47 IPs in 7 countries across 36 domains to perform 105 HTTP transactions. The main IP is 18.245.46.103, located in United States and belongs to AMAZON-02, US. The main domain is www.positivepromotions.com. The Cisco Umbrella rank of the primary domain is 245677.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on September 18th 2023. Valid for: a year.
This is the only time www.positivepromotions.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
17 18.245.46.103 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1288:80:... 203220 (YAHOO-DEB)
2 63.33.186.64 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.98 15169 (GOOGLE)
2 188.114.96.3 13335 (CLOUDFLAR...)
1 35.186.249.72 15169 (GOOGLE)
1 34.252.40.201 16509 (AMAZON-02)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
1 54.231.233.169 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 142.250.185.163 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.66 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
3 172.64.150.44 13335 (CLOUDFLAR...)
2 18.66.130.11 16509 (AMAZON-02)
2 54.211.52.65 14618 (AMAZON-AES)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 2a02:26f0:310... 20940 (AKAMAI-ASN1)
3 2a02:26f0:ab0... 20940 (AKAMAI-ASN1)
1 18.245.60.86 16509 (AMAZON-02)
2 18.66.122.101 16509 (AMAZON-02)
1 143.204.205.137 16509 (AMAZON-02)
1 18.172.103.101 16509 (AMAZON-02)
1 142.250.186.132 15169 (GOOGLE)
1 104.26.11.16 13335 (CLOUDFLAR...)
1 18.169.25.8 16509 (AMAZON-02)
1 3.33.220.150 16509 (AMAZON-02)
3 5 2620:1ec:21::14 8068 (MICROSOFT...)
1 1 2606:4700:440... 13335 (CLOUDFLAR...)
1 13.107.42.14 8068 (MICROSOFT...)
5 104.18.41.49 13335 (CLOUDFLAR...)
2 2a03:2880:f17... 32934 (FACEBOOK)
1 18.195.235.26 16509 (AMAZON-02)
1 4 54.209.79.159 14618 (AMAZON-AES)
5 104.16.118.43 13335 (CLOUDFLAR...)
2 2600:9000:225... 16509 (AMAZON-02)
1 2 3.127.112.86 16509 (AMAZON-02)
2 34.199.134.70 14618 (AMAZON-AES)
1 1 52.5.117.245 14618 (AMAZON-AES)
1 34.232.220.37 14618 (AMAZON-AES)
5 172.64.144.42 13335 (CLOUDFLAR...)
3 104.198.23.205 396982 (GOOGLE-CL...)
2 13.248.219.41 ()
105 47
Apex Domain
Subdomains
Transfer
19 positivepromotions.com
www.positivepromotions.com — Cisco Umbrella Rank: 245677
emails.positivepromotions.com
1 MB
7 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 352
www.linkedin.com — Cisco Umbrella Rank: 558
px4.ads.linkedin.com — Cisco Umbrella Rank: 6457
4 KB
7 listrakbi.com
cdn.listrakbi.com — Cisco Umbrella Rank: 12488
s1.listrakbi.com — Cisco Umbrella Rank: 12722
at1.listrakbi.com — Cisco Umbrella Rank: 13259
m1.listrakbi.com — Cisco Umbrella Rank: 53127
53 KB
5 espssl.com
mediacdn.espssl.com — Cisco Umbrella Rank: 15796
168 KB
5 zoominfo.com
ws-assets.zoominfo.com — Cisco Umbrella Rank: 14408
ws.zoominfo.com — Cisco Umbrella Rank: 5178
31 KB
5 datasteam.io
cdn.datasteam.io — Cisco Umbrella Rank: 23651
api.datasteam.io — Cisco Umbrella Rank: 13037
26 KB
5 logr-ingest.com
cdn.logr-ingest.com — Cisco Umbrella Rank: 21851
r.logr-ingest.com — Cisco Umbrella Rank: 18666
206 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
467 KB
4 yotpo.com
staticw2.yotpo.com — Cisco Umbrella Rank: 8141
p.yotpo.com — Cisco Umbrella Rank: 7738
184 KB
3 cloudfront.net
d21gpk1vhmjuf5.cloudfront.net
d10lpsik1i8c69.cloudfront.net
16 KB
3 zi-scripts.com
js.zi-scripts.com — Cisco Umbrella Rank: 7394
4 KB
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 132
googleads.g.doubleclick.net — Cisco Umbrella Rank: 63
473 B
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 357
14 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 5
region1.analytics.google.com — Cisco Umbrella Rank: 3078
2 KB
2 ringcentral.com
positive-promotions.chat.digital.ringcentral.com
7 KB
2 liadm.com
i.liadm.com — Cisco Umbrella Rank: 575
360 B
2 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 563
1 KB
2 insent.ai
positivepromotions.widget.insent.ai — Cisco Umbrella Rank: 342514
23 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
3 KB
2 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 1419
insight.adsrvr.org — Cisco Umbrella Rank: 1061
5 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 205
71 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 68
21 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 8196
126 B
2 digicert.com
seal.digicert.com — Cisco Umbrella Rank: 12633
11 KB
2 yimg.com
s.yimg.com — Cisco Umbrella Rank: 697
7 KB
1 rtactivate.com
idxch.rtactivate.com — Cisco Umbrella Rank: 43107
132 B
1 dtstmio.com
api.dtstmio.com — Cisco Umbrella Rank: 18063
402 B
1 unbxdapi.com
tracker.unbxdapi.com — Cisco Umbrella Rank: 24793
1 KB
1 luckyorange.net
settings.luckyorange.net — Cisco Umbrella Rank: 13861
774 B
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 958
17 KB
1 gstatic.com
www.gstatic.com
205 KB
1 pubhtml5.com
pubhtml5.com — Cisco Umbrella Rank: 186258
538 B
1 amazonaws.com
kaliopositive.s3.amazonaws.com — Cisco Umbrella Rank: 605446
5 KB
1 yahoo.com
sp.analytics.yahoo.com — Cisco Umbrella Rank: 1642
500 B
1 impactradius-event.com
d.impactradius-event.com — Cisco Umbrella Rank: 4410
16 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 135
21 KB
105 36
Domain Requested by
17 www.positivepromotions.com www.positivepromotions.com
5 mediacdn.espssl.com
5 px.ads.linkedin.com 3 redirects cdn.logr-ingest.com
5 www.googletagmanager.com www.positivepromotions.com
www.googletagmanager.com
4 ws.zoominfo.com cdn.logr-ingest.com
4 api.datasteam.io 1 redirects cdn.datasteam.io
3 r.logr-ingest.com cdn.logr-ingest.com
3 at1.listrakbi.com cdn.listrakbi.com
3 staticw2.yotpo.com www.positivepromotions.com
staticw2.yotpo.com
3 js.zi-scripts.com www.positivepromotions.com
cdn.logr-ingest.com
3 bat.bing.com www.googletagmanager.com
bat.bing.com
www.positivepromotions.com
2 positive-promotions.chat.digital.ringcentral.com www.positivepromotions.com
positive-promotions.chat.digital.ringcentral.com
2 i.liadm.com
2 aa.agkn.com 1 redirects cdn.datasteam.io
2 positivepromotions.widget.insent.ai js.zi-scripts.com
positivepromotions.widget.insent.ai
2 www.facebook.com
2 d21gpk1vhmjuf5.cloudfront.net www.positivepromotions.com
d21gpk1vhmjuf5.cloudfront.net
2 connect.facebook.net www.googletagmanager.com
connect.facebook.net
2 emails.positivepromotions.com www.positivepromotions.com
2 cdn.listrakbi.com www.positivepromotions.com
cdn.listrakbi.com
2 www.google-analytics.com www.googletagmanager.com
cdn.logr-ingest.com
2 www.google.de www.positivepromotions.com
2 stats.g.doubleclick.net www.googletagmanager.com
cdn.logr-ingest.com
2 cdn.logr-ingest.com www.positivepromotions.com
cdn.logr-ingest.com
2 www.google.com www.positivepromotions.com
2 seal.digicert.com www.positivepromotions.com
2 s.yimg.com www.positivepromotions.com
s.yimg.com
1 m1.listrakbi.com cdn.listrakbi.com
1 idxch.rtactivate.com
1 api.dtstmio.com 1 redirects
1 ws-assets.zoominfo.com js.zi-scripts.com
1 p.yotpo.com
1 s1.listrakbi.com cdn.listrakbi.com
1 px4.ads.linkedin.com
1 www.linkedin.com 1 redirects
1 insight.adsrvr.org js.adsrvr.org
1 tracker.unbxdapi.com
1 settings.luckyorange.net cdn.logr-ingest.com
1 js.adsrvr.org www.googletagmanager.com
1 d10lpsik1i8c69.cloudfront.net www.positivepromotions.com
1 cdn.datasteam.io www.googletagmanager.com
1 snap.licdn.com www.googletagmanager.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.gstatic.com www.google.com
1 pubhtml5.com www.positivepromotions.com
1 region1.analytics.google.com www.googletagmanager.com
1 kaliopositive.s3.amazonaws.com www.googletagmanager.com
1 sp.analytics.yahoo.com www.positivepromotions.com
1 d.impactradius-event.com www.positivepromotions.com
1 www.googleadservices.com www.positivepromotions.com
105 50
Subject Issuer Validity Valid
www.positivepromotions.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-18 -
2024-10-18
a year crt.sh
*.google-analytics.com
WR2
2024-05-27 -
2024-08-19
3 months crt.sh
*.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA
2024-05-30 -
2024-07-17
2 months crt.sh
seal.digicert.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-02-14 -
2025-01-30
a year crt.sh
www.google.com
WR2
2024-05-27 -
2024-08-19
3 months crt.sh
*.googleadservices.com
WR2
2024-05-27 -
2024-08-19
3 months crt.sh
logr-ingest.com
GTS CA 1P5
2024-05-30 -
2024-08-28
3 months crt.sh
*.impactradius-event.com
Sectigo RSA Domain Validation Secure Server CA
2023-12-08 -
2025-01-06
a year crt.sh
real.sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2024-03-19 -
2024-09-11
6 months crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 02
2024-05-01 -
2024-06-27
2 months crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01
2024-04-22 -
2025-04-07
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2024-05-21 -
2024-08-13
3 months crt.sh
*.google.de
WR2
2024-05-27 -
2024-08-19
3 months crt.sh
*.pubhtml5.com
Sectigo RSA Domain Validation Secure Server CA
2024-04-03 -
2025-04-03
a year crt.sh
*.gstatic.com
WR2
2024-05-27 -
2024-08-19
3 months crt.sh
zi-scripts.com
GTS CA 1P5
2024-05-27 -
2024-08-25
3 months crt.sh
*.listrakbi.com
Amazon RSA 2048 M03
2023-12-08 -
2025-01-03
a year crt.sh
emails.positivepromotions.com
GeoTrust TLS RSA CA G1
2024-02-27 -
2025-03-29
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-03-22 -
2024-06-20
3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA
2023-12-13 -
2024-12-12
a year crt.sh
*.yotpo.com
DigiCert TLS RSA SHA256 2020 CA1
2024-01-30 -
2025-01-29
a year crt.sh
cdn.datasteam.io
Amazon RSA 2048 M03
2023-08-19 -
2024-09-16
a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2023-10-10 -
2024-09-19
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2024-04-23 -
2025-05-25
a year crt.sh
*.google.com
WR2
2024-05-27 -
2024-08-19
3 months crt.sh
luckyorange.net
GTS CA 1P5
2024-05-28 -
2024-08-26
3 months crt.sh
unbxd.io
Amazon RSA 2048 M01
2023-10-11 -
2024-11-08
a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA
2024-01-30 -
2024-07-30
6 months crt.sh
listrakbi.com
Cloudflare Inc ECC CA-3
2023-06-27 -
2024-06-25
a year crt.sh
yotpo.com
Amazon RSA 2048 M03
2024-02-04 -
2025-03-05
a year crt.sh
*.datasteam.io
Amazon RSA 2048 M02
2024-05-01 -
2025-05-30
a year crt.sh
zoominfo.com
E1
2024-05-20 -
2024-08-18
3 months crt.sh
*.widget.insent.ai
Amazon RSA 2048 M03
2024-01-30 -
2025-02-27
a year crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1
2023-09-07 -
2024-09-29
a year crt.sh
*.liadm.com
Amazon RSA 2048 M02
2023-08-31 -
2024-09-28
a year crt.sh
rtactivate.com
Amazon RSA 2048 M03
2024-02-12 -
2025-03-11
a year crt.sh
mediacdn.espssl.com
E6
2024-06-11 -
2024-09-09
3 months crt.sh
api.logrocket.com
R3
2024-05-02 -
2024-07-31
3 months crt.sh
digital.ringcentral.com
Amazon RSA 2048 M03
2024-02-06 -
2025-03-07
a year crt.sh

This page contains 3 frames:

Primary Page: https://www.positivepromotions.com/catalogs/a/374/
Frame ID: 493B22C4DF8170E9C6723A5BA68F3BAF
Requests: 99 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=2o3w7sp&ref=https%3A%2F%2Fwww.positivepromotions.com%2Fcatalogs%2Fa%2F374%2F&upid=vsckpbz&upv=1.1.0
Frame ID: 39E75829598C77435BBD5134A5A264F8
Requests: 1 HTTP requests in this frame

Frame: https://positivepromotions.widget.insent.ai/?project_key=jYGBPZwgYeB3Qnzv6J3P&blog_url=www.positivepromotions.com%2Fcatalogs%2Fa%2F374%2F&event_listener=CoQLdbL6Bx7b5cz&marketo_cookies=[]&hubspot_cookies=[]&pardot_cookies=[]&eloqua_cookies=[]&parent_innerwidth=1600&parent_innerheight=1200&widgetVisibility=true&locale=undefined&user_id=f7bdfca11c13658909fd1718224421&_zitok=f7bdfca11c13658909fd1718224421
Frame ID: AE4A62B42B67FB273F24584F17B516A4
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Page Not Found

Page URL History Show full URLs

  1. http://www.positivepromotions.com/catalogs/a/374/ HTTP 307
    https://www.positivepromotions.com/catalogs/a/374/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • d\.impactradius-event\.com

Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

105
Requests

96 %
HTTPS

33 %
IPv6

36
Domains

50
Subdomains

47
IPs

7
Countries

2726 kB
Transfer

8951 kB
Size

61
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.positivepromotions.com/catalogs/a/374/ HTTP 307
    https://www.positivepromotions.com/catalogs/a/374/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2535298&time=1718224421510&url=https%3A%2F%2Fwww.positivepromotions.com%2Fcatalogs%2Fa%2F374%2F HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2535298&time=1718224421510&url=https%3A%2F%2Fwww.positivepromotions.com%2Fcatalogs%2Fa%2F374%2F&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2535298%26time%3D1718224421510%26url%3Dhttps%253A%252F%252Fwww.positivepromotions.com%252Fcatalogs%252Fa%252F374%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2535298&time=1718224421510&url=https%3A%2F%2Fwww.positivepromotions.com%2Fcatalogs%2Fa%2F374%2F&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2535298&time=1718224421510&url=https%3A%2F%2Fwww.positivepromotions.com%2Fcatalogs%2Fa%2F374%2F&cookiesTest=true&liSync=true&e_ipv6=AQKugCAd0Na2cwAAAZAOKAWYUJAzpzUY7ZHymqWDbA1lnLAq5GApZNUdzcQJIeBJoev05-Ei
Request Chain 85
  • https://aa.agkn.com/adscores/g.pixel?sid=9202283468&_userID=98BD64-74835280-F85D-4D91-851E-396FD2DB6098&_takID=5436AC25A958 HTTP 302
  • https://api.dtstmio.com/v1/visitaction/nspx?segment=000&userID=98BD64-74835280-F85D-4D91-851E-396FD2DB6098&takID=5436AC25A958&seg1= HTTP 302
  • https://api.datasteam.io/v1/visitaction/nspx?segment=000&userID=98BD64-74835280-F85D-4D91-851E-396FD2DB6098&takID=5436AC25A958&seg1= HTTP 302
  • https://i.liadm.com/s/63537?bidder_id=242861&bidder_uuid=98BD64-74835280-F85D-4D91-851E-396FD2DB6098

105 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.positivepromotions.com/catalogs/a/374/
Redirect Chain
  • http://www.positivepromotions.com/catalogs/a/374/
  • https://www.positivepromotions.com/catalogs/a/374/
820 KB
154 KB
Document
General
Full URL
https://www.positivepromotions.com/catalogs/a/374/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-103.fra56.r.cloudfront.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
bdbd1ac1981f444b84e6e1e229267ac3038afb252d36d91684a46a70c3bf6f72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control
private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 12 Jun 2024 20:33:39 GMT
referrer-policy
strict-origin-when-cross-origin
server
Microsoft-IIS/10.0
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 e999795aa400a9b7027a66ec4ada5728.cloudfront.net (CloudFront)
x-amz-cf-id
eh5jm0KbRFwpF3MsBPDfpQUVKTAWnQzq6Mlcl3NyS7e-JYDw6rCTJg==
x-amz-cf-pop
FRA56-P9
x-aspnet-version
4.0.30319
x-cache
Error from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
ASP.NET
x-request-id
7c189a5f-ca18-4920-b7d3-2d5a0362e7d1 fda46123-4a63-4fc2-b0a4-a1f5f336133a
x-visitor-guid
64382cb0-fe47-432a-9010-5f22dbd6809a 64382cb0-fe47-432a-9010-5f22dbd6809a
x-xss-protection
1; mode=block

Redirect headers

Location
https://www.positivepromotions.com/catalogs/a/374/
Non-Authoritative-Reason
HttpsUpgrades
fa-solid-900.woff2
www.positivepromotions.com/fonts/
74 KB
75 KB
Font
General
Full URL
https://www.positivepromotions.com/fonts/fa-solid-900.woff2
Requested by
Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/catalogs/a/374/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-103.fra56.r.cloudfront.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3d1080625d3030e88357b3ac9aa377dcec23f1b529c4ad03f7a9a435ccae04be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/catalogs/a/374/
Origin
https://www.positivepromotions.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 20:00:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 e999795aa400a9b7027a66ec4ada5728.cloudfront.net (CloudFront)
last-modified
Tue, 24 Sep 2019 00:53:56 GMT
server
Microsoft-IIS/10.0
x-amz-cf-pop
FRA56-P9
age
1967
etag
"02aee8a7272d51:0"
x-powered-by
ASP.NET
x-cache
Hit from cloudfront
content-type
application/font-woff2
cache-control
max-age=31536000
accept-ranges
bytes
content-length
75728
x-amz-cf-id
ZOXMNrcHVuEiMoZchFXKC8IoJVDPWJ1iYvJHgaGpR4ijWpG5IvX4xA==
roboto-regular.woff2
www.positivepromotions.com/fonts/
15 KB
16 KB
Font
General
Full URL
https://www.positivepromotions.com/fonts/roboto-regular.woff2
Requested by
Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/catalogs/a/374/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-103.fra56.r.cloudfront.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/catalogs/a/374/
Origin
https://www.positivepromotions.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 20:00:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 e999795aa400a9b7027a66ec4ada5728.cloudfront.net (CloudFront)
last-modified
Wed, 03 May 2023 03:40:38 GMT
server
Microsoft-IIS/10.0
x-amz-cf-pop
FRA56-P9
age
1967
etag
"0ff9e6717dd91:0"
x-powered-by
ASP.NET
x-cache
Hit from cloudfront
content-type
application/font-woff2
cache-control
max-age=31536000
accept-ranges
bytes
content-length
15744
x-amz-cf-id
5W3eX1uJMIoom04IOgAVVau9mi3zpzVm_aKZMGxAbD6W6HjrW83lvA==
roboto-700.woff2
www.positivepromotions.com/fonts/
15 KB
16 KB
Font
General
Full URL
https://www.positivepromotions.com/fonts/roboto-700.woff2
Requested by
Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/catalogs/a/374/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-103.fra56.r.cloudfront.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/catalogs/a/374/
Origin
https://www.positivepromotions.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 20:00:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 e999795aa400a9b7027a66ec4ada5728.cloudfront.net (CloudFront)
last-modified
Wed, 03 May 2023 03:40:38 GMT
server
Microsoft-IIS/10.0
x-amz-cf-pop
FRA56-P9
age
1967
etag
"0ff9e6717dd91:0"
x-powered-by
ASP.NET
x-cache
Hit from cloudfront
content-type
application/font-woff2
cache-control
max-age=31536000
accept-ranges
bytes
content-length
15860
x-amz-cf-id
cuNzr9AX-1cMiL6CT5V8u_xRuQeeMGa4z2AVe7umgMLGIq0p9XUAwg==
js
www.googletagmanager.com/gtag/
333 KB
107 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-8BCJWV5VCL
Requested by
Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/catalogs/a/374/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0bd9700c72baf940aa515c2150530bd30c57b3b913b2531e51df73da9fb847f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 20:33:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
109631
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 12 Jun 2024 20:33:40 GMT
gtm.js
www.googletagmanager.com/
316 KB
105 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PJD7SL
Requested by
Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/catalogs/a/374/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
be7e9488abdbed71df4ea21c8158114fe9e425e3d79dbee06758f20b56c91073
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 20:33:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
107572
x-xss-protection
0
last-modified
Wed, 12 Jun 2024 20:04:54 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 12 Jun 2024 20:33:40 GMT
ytc.js
s.yimg.com/wi/
18 KB
7 KB
Script
General
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/catalogs/a/374/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

ats-carp-promotion
1, 1
date
Wed, 12 Jun 2024 19:40:17 GMT
x-amz-version-id
xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
content-encoding
gzip
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-amz-request-id
XXNWRJ4N278PCD7X
age
3204
x-amz-server-side-encryption
AES256
content-length
6262
x-amz-id-2
6XWiN8WE37LJjFWkaeaW8xCvLPm47o3Gaqo4DQL4TITUAnzj5vktePmzwJb2FdG6HRfe8zhW2QI=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Mon, 26 Jun 2023 09:26:35 GMT
server
ATS
etag
"5c6ed25dce803fd84288922b8928409e-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=3600
accept-ranges
bytes
pp-logo-wide.webp
www.positivepromotions.com/images/art/
11 KB
11 KB
Image
General
Full URL
https://www.positivepromotions.com/images/art/pp-logo-wide.webp?v=5
Requested by
Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/catalogs/a/374/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-103.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f17bd493979526d186d0a0feb3543145ff5b8d0e19ab92bbc006693e833758bb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/catalogs/a/374/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 19:59:06 GMT
via
1.1 e999795aa400a9b7027a66ec4ada5728.cloudfront.net (CloudFront)
last-modified
Tue, 03 Jan 2023 18:30:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P9
age
2075
etag
"a19a1c02c1ff18790cc841f49ae4ee0a"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=31536000
content-length
10944
x-amz-cf-id
_8i_DAvzY3sK4xcQ5pURic3RguDgwoXaSZ1oVdbp-hnIP0Tb-9U2CQ==
logo_800x200.webp
www.positivepromotions.com/images/art/
19 KB
19 KB
Image
General
Full URL
https://www.positivepromotions.com/images/art/logo_800x200.webp?v=2
Requested by
Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/catalogs/a/374/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-103.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2b6c58f017bc5137f544620baae1115797521af8bd7182e22565e030b4d3e162

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/catalogs/a/374/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 20:00:56 GMT
via
1.1 e999795aa400a9b7027a66ec4ada5728.cloudfront.net (CloudFront)
last-modified
Fri, 09 Sep 2022 15:44:49 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P9
age
1964
etag
"fb7d2571d4dfdb437975622fbdbfad09"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=31536000
content-length
19444
x-amz-cf-id
M7B8s5hgfxQPucMllgVjYKtLt-_r-zojHPTdP0oatVYSoe2D0lFGvA==
seal.min.js
seal.digicert.com/seals/cascade/
8 KB
8 KB
Script
General
Full URL
https://seal.digicert.com/seals/cascade/seal.min.js
Requested by
Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/catalogs/a/374/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.33.186.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-186-64.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
81f277888d1ee510668666fb819bcf637e488b613dac15cf78cbe9d1ac41658c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 12 Jun 2024 20:33:40 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
last-modified
Tue, 11 Jun 2024 19:23:13 GMT
Server
nginx
etag
"1e3d-61aa232688a40"
Content-Type
text/javascript
x-envoy-upstream-service-time
1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7741
X-XSS-Protection
1; mode=block
LibraryGlobalJS.bundle.js
www.positivepromotions.com/Javascript/
907 KB
155 KB
Script
General
Full URL
https://www.positivepromotions.com/Javascript/LibraryGlobalJS.bundle.js?v=71
Requested by
Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/catalogs/a/374/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-103.fra56.r.cloudfront.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0b49f7dafd0fa6a1b16131fa00f1b627d26266355aab67651b3a147dc410921c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/catalogs/a/374/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 20:12:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Tue, 28 Nov 2023 13:47:36 GMT
server
Microsoft-IIS/10.0
via
1.1 e999795aa400a9b7027a66ec4ada5728.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P9
etag
W/"bc883772122da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=2592000
age
1281
x-amz-cf-id
jtnfDEvAeXqhRfTBirwtKR_vBFUjn0bXJmi-dJ1kKFVqL6GP0sW42g==
LibraryGlobalDeferredJS.bundle.js
www.positivepromotions.com/Javascript/
833 KB
145 KB
Script
General
Full URL
https://www.positivepromotions.com/Javascript/LibraryGlobalDeferredJS.bundle.js?v=208
Requested by
Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/catalogs/a/374/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-103.fra56.r.cloudfront.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c6d60d6cd9192817f0609aa5b560ea7c8b12c512d2a8425dd68913ee8625b0d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/catalogs/a/374/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 20:10:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Wed, 12 Jun 2024 19:33:29 GMT
server
Microsoft-IIS/10.0
via
1.1 e999795aa400a9b7027a66ec4ada5728.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P9
etag
W/"b2424167ffbcda1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=2592000
age
1389
x-amz-cf-id
VMPQeNGNDOvfIxN9oCnWCtf5uufRbA_AnrOeg5lZ5hiL0X4vBVWFIw==
api.js
www.google.com/recaptcha/
1 KB
1 KB
Script
General
Full URL
https://www.google.com/recaptcha/api.js?onload=onRecaptchaLoad&render=explicit
Requested by
Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/catalogs/a/374/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
52db5942e83502f235c57aa7efa365241b89a72a6caa8244661f75b0c3c29133
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 20:33:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Wed, 12 Jun 2024 20:33:40 GMT
page-404.js
www.positivepromotions.com/Javascript/
1 KB
770 B
Script
General
Full URL
https://www.positivepromotions.com/Javascript/page-404.js?v=3
Requested by
Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/catalogs/a/374/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-103.fra56.r.cloudfront.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
61db5ac1761fa76b052c803671e011e3bfde940c403b3a4b1d71889fd50b0f3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/catalogs/a/374/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 20:33:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Wed, 08 Jun 2022 19:00:29 GMT
server
Microsoft-IIS/10.0
via
1.1 e999795aa400a9b7027a66ec4ada5728.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P9
etag
W/"b6dc3e56a7bd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=2592000
age
2
x-amz-cf-id
IjeGbyYevnCFH6kwRWJ8YjLWH7oofsF5WoktFGyBfsJYhOEVDzrwYw==
conversion.js
www.googleadservices.com/pagead/
57 KB
21 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/catalogs/a/374/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
b9f7ee560d8f612b21f001669e09721a4a0946770a7f20490088205372a9cfc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 20:33:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21148
x-xss-protection
0
server
cafe
etag
11959601201566921006
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 12 Jun 2024 20:33:40 GMT
LogRocket.min.js
cdn.logr-ingest.com/
113 KB
30 KB
Script
General
Full URL
https://cdn.logr-ingest.com/LogRocket.min.js
Requested by
Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/catalogs/a/374/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96eede1e885b6b59876887f33a736929ab1564cb11fcabaa3bd757bf3464fdb4
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Origin
https://www.positivepromotions.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 20:33:40 GMT
strict-transport-security
max-age=31556926
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230043-FRA
last-modified
Wed, 12 Jun 2024 19:24:10 GMT
server
cloudflare
x-timer
S1718224421.633939,VS0,VE0
etag
W/"77635cd449d4cc5793ec60a627dc6697f98d51267f90537b32ac56e935bf6240-br"
vary
x-fh-requested-host, accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dn67QAI4WeV630m8R2ONqlCqy7wjkvxNidb1UZVMFHUA4Ya2MhJqN%2FEkEWK6qB8WN6uVeI%2FrwA%2BPL%2BHQYO%2F0vVsTxsSa7EJWiNKYOQcLqdxb9CxBaafkHmF%2F3HnCfuVd6VXdHwdt"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
892c9e04d98539be-FRA
x-cache-hits
34
merriweather-regular.woff2
www.positivepromotions.com/fonts/
20 KB
20 KB
Font
General
Full URL
https://www.positivepromotions.com/fonts/merriweather-regular.woff2
Requested by
Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/catalogs/a/374/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-103.fra56.r.cloudfront.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/catalogs/a/374/
Origin
https://www.positivepromotions.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 20:00:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 e999795aa400a9b7027a66ec4ada5728.cloudfront.net (CloudFront)
last-modified
Wed, 03 May 2023 04:51:52 GMT
server
Microsoft-IIS/10.0
x-amz-cf-pop
FRA56-P9
age
1966
etag
"0a41ffa7a7dd91:0"
x-powered-by
ASP.NET
x-cache
Hit from cloudfront
content-type
application/font-woff2
cache-control
max-age=31536000
accept-ranges
bytes
content-length
20028
x-amz-cf-id
ofHBTJX7PbQDDxD91xBbBkSy0UX5qmfTJz3ZidFgDHSTDH-hJR26Ww==
merriweather-700.woff2
www.positivepromotions.com/fonts/
19 KB
20 KB
Font
General
Full URL
https://www.positivepromotions.com/fonts/merriweather-700.woff2
Requested by
Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/catalogs/a/374/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-103.fra56.r.cloudfront.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/catalogs/a/374/
Origin
https://www.positivepromotions.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 20:00:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 e999795aa400a9b7027a66ec4ada5728.cloudfront.net (CloudFront)
last-modified
Wed, 03 May 2023 04:51:52 GMT
server
Microsoft-IIS/10.0
x-amz-cf-pop
FRA56-P9
age
1967
etag
"0a41ffa7a7dd91:0"
x-powered-by
ASP.NET
x-cache
Hit from cloudfront
content-type
application/font-woff2
cache-control
max-age=31536000
accept-ranges
bytes
content-length
19740
x-amz-cf-id
OsET4Uiy_KiT8xCFlplmUsp7A8Lt4ArDMKl63LTEnVidx_-z_Hrc_Q==
fa-brands-400.woff2
www.positivepromotions.com/fonts/
74 KB
74 KB
Font
General
Full URL
https://www.positivepromotions.com/fonts/fa-brands-400.woff2
Requested by
Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/catalogs/a/374/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-103.fra56.r.cloudfront.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d3caf12591d194712facd10bca14f0a924edb59c24447a3fd994a48286db8843
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/catalogs/a/374/
Origin
https://www.positivepromotions.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 20:00:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 e999795aa400a9b7027a66ec4ada5728.cloudfront.net (CloudFront)
last-modified
Tue, 24 Sep 2019 00:53:56 GMT
server
Microsoft-IIS/10.0
x-amz-cf-pop
FRA56-P9
age
1966
etag
"02aee8a7272d51:0"
x-powered-by
ASP.NET
x-cache
Hit from cloudfront
content-type
application/font-woff2
cache-control
max-age=31536000
accept-ranges
bytes
content-length
75336
x-amz-cf-id
vf8vnavPcK_37WMv-4KYEGpL3a3gGhRPaHvgTs5-DUj_uuBPHqVbjA==
A2030358-93ee-4232-a887-68f51f27ca671.js
d.impactradius-event.com/
37 KB
16 KB
Script
General
Full URL
https://d.impactradius-event.com/A2030358-93ee-4232-a887-68f51f27ca671.js
Requested by
Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/catalogs/a/374/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.249.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
72.249.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
052382f646a1690cf560576dbd6471b2d4de2ee4c3856f3c3973df11bf6d2132

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 20:33:39 GMT
content-encoding
gzip
age
1
x-guploader-uploadid
ABPtcPqgqD1v05xnvDpx_7nSRcoSkYlsyVswh_n72sVkanknwyC51pY2Afm5pvd2KvzZhGT_1BOyc1l6bQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15388
last-modified
Fri, 22 Mar 2024 16:39:11 GMT
server
UploadServer
etag
"271ffba3c02442363ae9265209f539db"
vary
Accept-Encoding
x-goog-generation
1711125551174580
x-goog-hash
crc32c=urPT5Q==, md5=Jx/7o8AkQjY66SZSCfU52w==
access-control-allow-origin
*
content-type
text/javascript; charset=utf-8
cache-control
public,max-age=900,s-maxage=300
x-goog-stored-content-length
15388
accept-ranges
bytes
expires
Wed, 12 Jun 2024 20:38:39 GMT
33836.json
s.yimg.com/wi/config/
2 B
474 B
XHR
General
Full URL
https://s.yimg.com/wi/config/33836.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

ats-carp-promotion
1
date
Wed, 12 Jun 2024 20:33:37 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-amz-request-id
2K2AQRABY8TZXGJN
age
3
content-length
2
x-amz-id-2
x19+ohxm7tPKwL6rZi/xGHeUx5w+II6yBh3slS6osnS8ZcAgAUjDrhqqwxBR/O2ctggiDWAZmfsIpfFToTK8yg==
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public,max-age=3600
sp.pl
sp.analytics.yahoo.com/
43 B
500 B
Image
General
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Wed%2C%2012%20Jun%202024%2020%3A33%3A40%20GMT&n=-2d&b=Page%20Not%20Found&.yp=33836&f=https%3A%2F%2Fwww.positivepromotions.com%2Fcatalogs%2Fa%2F374%2F&enc=UTF-8&yv=1.15.1
Requested by
Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/catalogs/a/374/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.252.40.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-40-201.eu-west-1.compute.amazonaws.com
Software
ATS/9.1.10.112 /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 12 Jun 2024 20:33:40 GMT
via
http/1.1 traffic_server (ApacheTrafficServer/9.1.10.112)
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS/9.1.10.112
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
accept-ranges
bytes
content-length
43
expires
Wed, 12 Jun 2024 20:33:40 GMT
js
www.googletagmanager.com/gtag/
330 KB
106 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-8BCJWV5VCL&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PJD7SL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a0831ae5f2ff0589cba3ac0c3cf7eef7c1ee41c81a24de9b2c4559f76cbca1d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 20:33:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
108548
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 12 Jun 2024 20:33:40 GMT
bat.js
bat.bing.com/
45 KB
13 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PJD7SL
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Wed, 12 Jun 2024 20:33:40 GMT
last-modified
Thu, 29 Feb 2024 19:58:06 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C1A3734F3F664F8FA311282EB71CBAB9 Ref B: FRA31EDGE0512 Ref C: 2024-06-12T20:33:40Z
etag
"01b4e9c496bda1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13261
js
www.googletagmanager.com/gtag/
203 KB
74 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-10407791
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PJD7SL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
14f18e77f3fe7e07525ccadeeec8917cfeafb0f4d9fae6561520cefbc3b30872
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 20:33:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75495
x-xss-protection
0
last-modified
Wed, 12 Jun 2024 20:04:54 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 12 Jun 2024 20:33:40 GMT
ga-hook.js
kaliopositive.s3.amazonaws.com/
5 KB
5 KB
Script
General
Full URL
https://kaliopositive.s3.amazonaws.com/ga-hook.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PJD7SL
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.231.233.169 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
84daf90b5571d3dc5731f9c9cce9e8444fce6e0c7c2737425962ce5d52e13bfe

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 12 Jun 2024 20:33:41 GMT
x-amz-version-id
QAh251ii9q771hkkjya4WVeZ0lAHlq_U
Last-Modified
Thu, 22 Feb 2024 15:26:16 GMT
Server
AmazonS3
x-amz-request-id
MJAEMGB6XW4RBNTT
ETag
"5bd7feef84065fde46fadfdcc7958e2f"
x-amz-server-side-encryption
AES256
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
5027
x-amz-id-2
y1hf8tGitTUDB4gmGD7JQJmeyU0BPenRdCq8RHCbp/8s6y9lClIzN0JDULFlkPt8PMQoW0cIUUU=
js
www.googletagmanager.com/gtag/
207 KB
75 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-1042451-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8BCJWV5VCL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9fcc039de7ffc8516acb5c5f3f9b40785bbf608c8e0c39889cebc296d69eb91e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 20:33:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76329
x-xss-protection
0
last-modified
Wed, 12 Jun 2024 20:04:54 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 12 Jun 2024 20:33:40 GMT
collect
region1.analytics.google.com/g/
0
261 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-8BCJWV5VCL&gtm=45je46a0v868886699z86782808za200zb6782808&_p=1718224420381&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1408326061.1718224421&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.55%7CGoogle%2520Chrome%3B126.0.6478.55&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1718224420&sct=1&seg=0&dl=https%3A%2F%2Fwww.positivepromotions.com%2Fcatalogs%2Fa%2F374%2F&dt=Page%20Not%20Found&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1742
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8BCJWV5VCL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 12 Jun 2024 20:33:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.positivepromotions.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
261 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8BCJWV5VCL&cid=1408326061.1718224421&gtm=45je46a0v868886699z86782808za200zb6782808&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8BCJWV5VCL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0d::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 12 Jun 2024 20:33:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.positivepromotions.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8BCJWV5VCL&cid=1408326061.1718224421&gtm=45je46a0v868886699z86782808za200zb6782808&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=1494260176
Requested by
Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/catalogs/a/374/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 12 Jun 2024 20:33:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
logger-1.min.js
cdn.logr-ingest.com/
845 KB
168 KB
Script
General
Full URL
https://cdn.logr-ingest.com/logger-1.min.js
Requested by
Host: cdn.logr-ingest.com
URL: https://cdn.logr-ingest.com/LogRocket.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b49a9a5285217c3a31be5ced71654d48a8ae1b7264dedfdade2154d74770ac0
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 20:33:40 GMT
strict-transport-security
max-age=31556926
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
211
x-cache
MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230156-FRA
last-modified
Wed, 12 Jun 2024 19:24:10 GMT
server
cloudflare
x-timer
S1718220270.202973,VS0,VE49
etag
W/"21b72c6b101ec1383c61a8a17a60f3594999a5f49602691c40fe1b4404637994-br"
vary
x-fh-requested-host, accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o7UUDEKvKusvNHV7yIPpqQPdYzbQ%2BtmLZOjfqluBZD0UekO1B5gzIs2eo%2BVp3t2mocD%2F0ZXJDCvqUm6JI0UsFpBJS0e4eBtM042wJqOi79j6vrfu2xLmLzki%2BHjjetvxVRklAOrZ"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
892c9e06197d9f1e-FRA
x-cache-hits
0
pubhtml5-light-box-api.css
pubhtml5.com/plugin/LightBox/css/
673 B
538 B
Stylesheet
General
Full URL
https://pubhtml5.com/plugin/LightBox/css/pubhtml5-light-box-api.css
Requested by
Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/Javascript/LibraryGlobalDeferredJS.bundle.js?v=208
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:165c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad4c4ceedd14c9d85a094c759ea244dde244b60ae5ee77f82c6495a4208858e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 20:33:40 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 31 Aug 2020 10:47:44 GMT
server
cloudflare
age
21598
cf-polished
origSize=911
etag
W/"5f4cd550-38f"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
cf-ray
892c9e068d1d9055-FRA
expires
Wed, 12 Jun 2024 16:41:53 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/9pvHvq7kSOTqqZusUzJ6ewaF/
515 KB
205 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/9pvHvq7kSOTqqZusUzJ6ewaF/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onRecaptchaLoad&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdcf5ef19dcd3005f0369e3482b28be21a70496f2d045f5a4a15d64523018a1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Origin
https://www.positivepromotions.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 14:53:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
106829
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
209755
x-xss-protection
0
last-modified
Mon, 03 Jun 2024 04:00:47 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Jun 2025 14:53:11 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1071029284/
43 B
61 B
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1071029284/?random=1718224420765&cv=9&fst=1718224420765&num=1&label=j3f2CLrlrQUQpLja_gM&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&data=ecomm_prodid%3D%3Becomm_pagetype%3Dother%3Becomm_totalvalue%3D&frm=0&url=https%3A%2F%2Fwww.positivepromotions.com%2Fcatalogs%2Fa%2F374%2F&tiba=Page%20Not%20Found&hn=www.googleadservices.com&uaa=x86&uab=64&uam=&uap=Win32&uapv=10.0.0&uaw=0&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.55%7CGoogle%2520Chrome%3B126.0.6478.55&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 12 Jun 2024 20:33:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
seal.digicert.com/seals/cascade/
3 KB
3 KB
Image
General
Full URL
https://seal.digicert.com/seals/cascade/?tag=ZObT8Jm0&referer=www.positivepromotions.com&format=png&lang=en&an=min
Requested by
Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/catalogs/a/374/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.33.186.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-186-64.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d3ee501294d1225894748b9c70455957ac2abe06f3f8c55d7d678bbb8ea563aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 12 Jun 2024 20:33:40 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
last-modified
Wed, 12 Jun 2024 00:00:00 +0000
Server
nginx
Content-Type
image/png
cache-control
max-age=86400
x-envoy-upstream-service-time
24
Connection
keep-alive
Content-Length
2666
X-XSS-Protection
1; mode=block
expires
Thu, 13 Jun 2024 13:56:16 +0000
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-1042451-1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 12 Jun 2024 19:41:03 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
3157
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 12 Jun 2024 21:41:03 GMT
secureTrust_2020.webp
www.positivepromotions.com/images/art/
3 KB
3 KB
Image
General
Full URL
https://www.positivepromotions.com/images/art/secureTrust_2020.webp?v=2
Requested by
Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/catalogs/a/374/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-103.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e7d4f9284d29ac3653bca05ffcbbce82f72c028896f088f47b3320abe087145e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/catalogs/a/374/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 20:28:03 GMT
via
1.1 e999795aa400a9b7027a66ec4ada5728.cloudfront.net (CloudFront)
last-modified
Fri, 09 Sep 2022 15:44:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P9
age
338
etag
"cb31fbc8be95d6bb6181f1a235135bbb"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=31536000
content-length
2902
x-amz-cf-id
GpSFaQFBmuXnyJEtAQHvQBEFvufUwd3pqQQzYB5E4h_om6EwDjy6TQ==
4048868.js
bat.bing.com/p/action/
0
118 B
Script
General
Full URL
https://bat.bing.com/p/action/4048868.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Wed, 12 Jun 2024 20:33:40 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 760FB0D043A54A7CAF8ACC6B10C6BB37 Ref B: FRA31EDGE0512 Ref C: 2024-06-12T20:33:40Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/
0
287 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=4048868&tm=gtm002&Ver=2&mid=a0909ed3-7723-40ac-ba25-47f7d15f5744&sid=0e06597028fb11efb40e8bcf6054cda6&vid=0e06534028fb11ef8121c71e87811d87&vids=1&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Page%20Not%20Found&kw=Page%20Not%20Found&p=https%3A%2F%2Fwww.positivepromotions.com%2Fcatalogs%2Fa%2F374%2F&r=&lt=1792&evt=pageLoad&sv=1&rn=690680
Requested by
Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/catalogs/a/374/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 12 Jun 2024 20:33:40 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A8EDA1135AEF41DCAFD683C92FE7D99B Ref B: FRA31EDGE0512 Ref C: 2024-06-12T20:33:40Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
2 B
214 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=157382413&t=pageview&_s=1&dl=https%3A%2F%2Fwww.positivepromotions.com%2Fcatalogs%2Fa%2F374%2F&ul=de-de&de=UTF-8&dt=Page%20Not%20Found&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=320963981&gjid=215631661&cid=1408326061.1718224421&tid=UA-1042451-1&_gid=1550574277.1718224421&_r=1&gtm=457e46a0z8868886699za200zb868886699&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&jsscut=1&npa=1&z=1588258291
Requested by
Host: cdn.logr-ingest.com
URL: https://cdn.logr-ingest.com/LogRocket.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 12 Jun 2024 20:33:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.positivepromotions.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
1f8e343d-7919-49c7-8713-4ab53b372b8c
https://www.positivepromotions.com/
471 KB
0
Other
General
Full URL
blob:https://www.positivepromotions.com/1f8e343d-7919-49c7-8713-4ab53b372b8c
Requested by
Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/catalogs/a/374/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3dce596d9489c6c7b13d6f913e0246adbe3404380fc910163fca676553e1f508

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
482471
Content-Type
collect
stats.g.doubleclick.net/j/
4 B
151 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-1042451-1&cid=1408326061.1718224421&jid=320963981&gjid=215631661&_gid=1550574277.1718224421&npa=1&_u=YADAAUAAAAAAACAAI~&z=355674389
Requested by
Host: cdn.logr-ingest.com
URL: https://cdn.logr-ingest.com/LogRocket.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0d::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 12 Jun 2024 20:33:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.positivepromotions.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
zi-tag.js
js.zi-scripts.com/
9 KB
3 KB
Script
General
Full URL
https://js.zi-scripts.com/zi-tag.js
Requested by
Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/catalogs/a/374/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.150.44 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3ea3a972768896d2a84d6eb36d3f5919478ad9c091477c22a5362eb6d53aee4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 20:33:41 GMT
x-amz-version-id
4TVPkf0eH3kVl0Vjj3KPZI_FUiecs6et
content-encoding
gzip
cf-cache-status
DYNAMIC
via
1.1 f85507efbbf0b1db5950fc09efe974e2.cloudfront.net (CloudFront)
x-amz-cf-pop
WAW51-P3
age
9201
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 15 May 2024 06:37:27 GMT
server
cloudflare
etag
W/"5c7228fc2640a4dfce48217428980fe3"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
892c9e08ed67bbab-WAW
x-amz-cf-id
d9HZX08cVzcqBIXcuklISEVwr-x2zmMWyM_HllJJRnscr9nnvrzYoQ==
script.js
cdn.listrakbi.com/scripts/
173 KB
49 KB
Script
General
Full URL
https://cdn.listrakbi.com/scripts/script.js?m=O6Rldpzx7NPG&v=1
Requested by
Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/catalogs/a/374/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.130.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-130-11.fra60.r.cloudfront.net
Software
cloudflare / ASP.NET
Resource Hash
1e5d069d55f3d63d06a7675f12bd0dfc213ad00d14d29b050de7b188f681d38f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 12 Jun 2024 20:33:41 GMT
Content-Encoding
gzip
Via
1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
CF-Cache-Status
DYNAMIC
x-aspnet-version
4.0.30319
x-ltk
6/12/2024 2:17:07 PM
X-Amz-Cf-Pop
FRA60-P2
x-powered-by
ASP.NET
Age
2
X-Cache
Hit from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
Connection
keep-alive
Content-Length
48957
Last-Modified
Wed, 12 Jun 2024 16:01:17 GMT
Server
cloudflare
ETag
"RC5NIhf9VlzDhbWrs+jzUw=="
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, no-transform, max-age=3600, s-maxage=600
Accept-Ranges
bytes
CF-RAY
892bd5faddca9219-FRA
X-Amz-Cf-Id
5_0XWAqvLNwsp8Ydrg0NGpZA1jsRn6Q6_HLpE3fpQzSkOSz-tGKzHQ==
Expires
Wed, 12 Jun 2024 21:33:39 GMT
frs-next.js
emails.positivepromotions.com/js/
4 KB
5 KB
Script
General
Full URL
https://emails.positivepromotions.com/js/frs-next.js
Requested by
Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/catalogs/a/374/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.211.52.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-52-65.compute-1.amazonaws.com
Software
nginx /
Resource Hash
d423469939357099f36c34eee57442fa57084d71e5cda7f58c6b3ca5e3361948
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'unsafe-inline' 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline'; img-src *; style-src * 'unsafe-inline'; font-src *; frame-src 'self' https://www.google.com/recaptcha/; form-action 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 12 Jun 2024 20:33:41 GMT
Content-Security-Policy
default-src 'none'; script-src 'unsafe-inline' 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline'; img-src *; style-src * 'unsafe-inline'; font-src *; frame-src 'self' https://www.google.com/recaptcha/; form-action 'self'
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000
Last-Modified
Wed, 08 May 2024 19:51:58 GMT
Server
nginx
ETag
"91c4b32f81a1da1:0"
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4465
fbevents.js
connect.facebook.net/en_US/
219 KB
59 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PJD7SL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 12 Jun 2024 20:33:41 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57975
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1297, tbw=2773, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
ZYIRNupArdubRJfRiVbgkDxd/UKlfwt81NrnaXLOhd6wSwLHp3h//TOggQOKpi4+KM9fag2Gbt5vkOZ4/Yg+UA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/
47 KB
17 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PJD7SL
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:283b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 20:33:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 20 May 2024 16:52:20 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=60500
accept-ranges
bytes
content-length
16683
widget.js
staticw2.yotpo.com/klxL5FhIMNyGmwj9h6Vv9i0PhCJWnIsQu2kpimZA/
442 KB
144 KB
Script
General
Full URL
https://staticw2.yotpo.com/klxL5FhIMNyGmwj9h6Vv9i0PhCJWnIsQu2kpimZA/widget.js
Requested by
Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/catalogs/a/374/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00:3b7::1d72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5ae4248920925110966930bec4d4a4268e6ec0256451c5b1cabf29880a98724f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

ratelimit-reset
55
content-encoding
gzip
date
Wed, 12 Jun 2024 20:33:41 GMT
env
PRODUCTION
x-ratelimit-limit-minute
5000
x-ratelimit-remaining-minute
4999
ratelimit-limit
5000
server-timing
cdn-cache; desc=HIT, edge; dur=19, origin; dur=0, ak_p; desc="1718224421262_34901812_84264492_1837_8070_39_47_146";dur=1
content-length
146754
correlation-id
5feed678-6fa1-4d86-97a2-fe06bf970a3f
vary
Accept-Encoding
access-control-max-age
86400
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET,POST
cache-control
public, max-age=4902
access-control-allow-credentials
true
ratelimit-remaining
4999
D25436AC25A958.js
cdn.datasteam.io/js/
72 KB
24 KB
Script
General
Full URL
https://cdn.datasteam.io/js/D25436AC25A958.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PJD7SL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-86.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7071dcd9f849db222bdf0a53790ebb0850c46c013709af66fa701704426ff874

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 08:41:03 GMT
content-encoding
gzip
via
1.1 79a075303cab256e952b4b0679e1182c.cloudfront.net (CloudFront)
last-modified
Sat, 11 May 2024 05:00:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P5
age
42759
x-amz-server-side-encryption
AES256
etag
W/"74f90ee445e2f9e5cdc28b4ee92e3633"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=1800,s-maxage=86400
x-amz-cf-id
JWqCqIcWcNQ17Mn19h0REnZRGvkLtn_ToLzyPOOURwgsx11U2utxxA==
unbxdAnalytics.js
d21gpk1vhmjuf5.cloudfront.net/
35 KB
11 KB
Script
General
Full URL
https://d21gpk1vhmjuf5.cloudfront.net/unbxdAnalytics.js
Requested by
Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/catalogs/a/374/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-101.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a136eff86d817854b0b27804d8bb434c8bf512eba6c0cce6955ba0fa307c72c7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
iLSLNiPAQFnolQOhzCqWO9Clm0znSDZ1
Content-Encoding
gzip
Via
1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
Date
Tue, 11 Jun 2024 22:48:21 GMT
X-Amz-Cf-Pop
FRA60-P2
Age
78321
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
10402
Last-Modified
Tue, 14 Sep 2021 12:37:16 GMT
Server
AmazonS3
ETag
"a8dd2ae73577734e2c4e516fdf982fac"
Content-Type
application/javascript
Cache-Control
max-age=3600
Accept-Ranges
bytes
X-Amz-Cf-Id
Ds9cF45dUB9U2gT_sQk7hqZSqQdZacIDgvbQ5441zz56aO13nWRCJg==
w.js
d10lpsik1i8c69.cloudfront.net/
5 KB
3 KB
Script
General
Full URL
https://d10lpsik1i8c69.cloudfront.net/w.js
Requested by
Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/catalogs/a/374/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.205.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-205-137.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6cb6821219dae9fa9a21519d86d7ec7acaf0c4dd61463eb336eb92964feebef3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 20:00:27 GMT
content-encoding
gzip
via
1.1 a3c2566f9e36ad3cdf79fc6307fcf566.cloudfront.net (CloudFront)
last-modified
Thu, 25 Jan 2024 18:19:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
1995
x-amz-server-side-encryption
AES256
etag
W/"e31293f40e8a324de552ff593ee76a9b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
ZOvYitN9gDdtzlkEtNjPEHoOgHRisKx0wsFLAw0SfSCf9inNNVwnQg==
up_loader.1.1.0.js
js.adsrvr.org/
12 KB
5 KB
Script
General
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PJD7SL
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.172.103.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-103-101.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f4d1e641d47b4af1b6cb7936c59626f4dbab3933473009b447406034c34facb5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 12 Jun 2024 02:48:27 GMT
Content-Encoding
gzip
Via
1.1 725f43139b6c583d9defb7c5029a8928.cloudfront.net (CloudFront)
Last-Modified
Fri, 07 Jun 2024 09:20:53 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P8
Age
63915
x-amz-server-side-encryption
AES256
ETag
W/"a7eb6794e868fe870db350518165c868"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
EfOirQ6r0dD0Bn8T_m3Al-rYvz69XirWTkciWPhYT1b5hWCT5xGggw==
favicon.ico
www.positivepromotions.com/images/art/
5 KB
6 KB
Other
General
Full URL
https://www.positivepromotions.com/images/art/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-103.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
70f0042bd34237bd111c6a55b375b39f4fb5180066dd2f29815d4d2fed1f8667

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/catalogs/a/374/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 20:01:03 GMT
via
1.1 e999795aa400a9b7027a66ec4ada5728.cloudfront.net (CloudFront)
last-modified
Thu, 01 Apr 2021 07:49:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P9
age
1959
etag
"f2f5661c5e5038d4ac76488ee388b8df"
x-cache
Hit from cloudfront
content-type
image/x-icon
cache-control
max-age=86400
content-length
5430
x-amz-cf-id
ihOaRfqJOrIePtcLs48RGybK4yUhtBEHLakHi48TUsGu84rhlh1FjA==
ga-audiences
www.google.com/ads/
42 B
63 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1042451-1&cid=1408326061.1718224421&jid=320963981&npa=1&_u=YADAAUAAAAAAACAAI~&z=1543770871
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 12 Jun 2024 20:33:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1042451-1&cid=1408326061.1718224421&jid=320963981&npa=1&_u=YADAAUAAAAAAACAAI~&z=1543770871
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 12 Jun 2024 20:33:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
getSubscriptions
js.zi-scripts.com/unified/v1/master/
279 B
604 B
Fetch
General
Full URL
https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Requested by
Host: cdn.logr-ingest.com
URL: https://cdn.logr-ingest.com/LogRocket.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.150.44 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
3f61f49a722f8ebfbb9950545c7498241b5b44db0c629bec72cfec1d28a22e08

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Authorization
Bearer cd88d746a81679931253
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.positivepromotions.com/
visited_url
https://www.positivepromotions.com/catalogs/a/374/

Response headers

date
Wed, 12 Jun 2024 20:33:41 GMT
via
1.1 d123c73ad60ee72c80ead6362a3d00a8.cloudfront.net (CloudFront)
content-encoding
gzip
cf-cache-status
DYNAMIC
x-amz-cf-pop
WAW51-P3
x-powered-by
Express
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
apigw-requestid
ZRXl9j2jPHcES3g=
server
cloudflare
etag
W/"117-b1vRC38ajs0g0W8Z2EaBZaW5dEM"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cf-ray
892c9e0c0d66bf3c-WAW
x-amz-cf-id
P9-v5GzBmYvxUWS1_2_RMViURzz6hEx702ziMKF4fYsKHbIBzcYTRQ==
/
settings.luckyorange.net/
127 B
774 B
Fetch
General
Full URL
https://settings.luckyorange.net/?u=https%3A%2F%2Fwww.positivepromotions.com%2Fcatalogs%2Fa%2F374%2F&s=76077
Requested by
Host: cdn.logr-ingest.com
URL: https://cdn.logr-ingest.com/LogRocket.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.16 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89083c39454b754e97bdbbe97f29b223c0b049fa24d329182429b8a3f8dc644b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 20:33:41 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.positivepromotions.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j84xVrOz2zrOP2TXXhJaauh8eMZK6aDsnDHbMlmtI9v0DRWueVXdn5M1196TKNkIDhI4VUphoOM9%2BU8%2B%2B%2FN6hiIsSGBnCg0X4FvMdpjod3HQPgKYobh2GdO%2BSPR7FWFpEfGc763VHVoE%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
cf-ray
892c9e0ae9265d5f-FRA
access-control-allow-headers
Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Keep-Alive,X-Requested-With,If-Modified-Since
content-length
119
getSubscriptions
js.zi-scripts.com/unified/v1/master/ Frame
0
0
Preflight
General
Full URL
https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.150.44 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,visited_url
Access-Control-Request-Method
GET
Origin
https://www.positivepromotions.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
0
alt-svc
h3=":443"; ma=86400
apigw-requestid
ZRXl7jTCPHcES7w=
cf-cache-status
DYNAMIC
cf-ray
892c9e0a8a88bf3c-WAW
date
Wed, 12 Jun 2024 20:33:41 GMT
server
cloudflare
vary
Access-Control-Request-Headers
via
1.1 d1347b9ce80521e79364f7a40e7bb268.cloudfront.net (CloudFront)
x-amz-cf-id
XtM19UC7lnAJkyxC-u7RLDjsx3PDC_WdXTCxBMwwswhMAvvrC5Z5dw==
x-amz-cf-pop
WAW51-P3
x-cache
Miss from cloudfront
x-powered-by
Express
unbxdAnalyticsConfig.js
d21gpk1vhmjuf5.cloudfront.net/
2 KB
2 KB
Script
General
Full URL
https://d21gpk1vhmjuf5.cloudfront.net/unbxdAnalyticsConfig.js
Requested by
Host: d21gpk1vhmjuf5.cloudfront.net
URL: https://d21gpk1vhmjuf5.cloudfront.net/unbxdAnalytics.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-101.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4afdc17bc58be885b0f2f78c23db675795297e798d92f063921a8b41fdb3063f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 11 Jun 2024 12:15:35 GMT
x-amz-version-id
OGo.ogd1WQcDDmGks8OzqyTbLfQlfZqP
Via
1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P2
Age
116287
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
1746
Last-Modified
Tue, 11 Jun 2024 12:15:29 GMT
Server
AmazonS3
ETag
"e263b4edfd84529b627e327e727a71e1"
Content-Type
text/javascript
Cache-Control
public,max-age=2592000
Accept-Ranges
bytes
X-Amz-Cf-Id
5fkE0UhlOOeUZVbpPsBusb_YuuWGf8SSmwFOD9QYwg7_ac_j-HuoOA==
1p.jpg
tracker.unbxdapi.com/v2/
309 B
1 KB
Image
General
Full URL
https://tracker.unbxdapi.com/v2/1p.jpg?data=%7B%22url%22%3A%22https%3A%2F%2Fwww.positivepromotions.com%2Fcatalogs%2Fa%2F374%2F%22%2C%22referrer%22%3A%22%22%2C%22visit_type%22%3A%22first_time%22%2C%22ver%22%3A%224.0.28%22%2C%22_uf%22%3A1399427390%2C%22visitId%22%3A%22visitId-1718224421332-15795%22%7D&UnbxdKey=prod-positivepromotions-com800951496246780&action=visitor&uid=uid-1718224421328-60008&t=1718224421332|0.5404402225290226
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.169.25.8 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-169-25-8.eu-west-2.compute.amazonaws.com
Software
Wingman-v3.8.9-[1711529238] /
Resource Hash
a61d8687f980bf5ef71b178b270a9713c0bb745b73dd56fed208c103d99af846

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Unx-Region
eu-west-2-(prod)
Date
Wed, 12 Jun 2024 20:33:41 GMT
Unx-User-Id
unknown
Unx-Accept-Encoding
gzip, deflate, br, zstd
Unx-Server
Wingman-v3.8.9-[1711529238]
Unbxd-Request-Id
66f94800-ced6-4ca7-8a74-538cb11a77c0
Unx-Conn
tracker-ext-v2
Unx-Edge-Region
eu-west-2
Connection
keep-alive
Content-Length
309
X-Request-Id
66f94800-ced6-4ca7-8a74-538cb11a77c0
Unx-Request-Id
66f94800-ced6-4ca7-8a74-538cb11a77c0
Server
Wingman-v3.8.9-[1711529238]
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Request-Id,Unbxd-Request-Id,Content-Type,Content-Encoding,Vary,Unbxd-Trace-Id
Unx-Site
prod-positivepromotions-com800951496246780
Access-Control-Allow-Headers
Content-Type,unbxd-device-type,User-Agent,UserId,user-id,Accept-Encoding,Unbxd-User-Id,Authorization
Unx-Session-Id
c87ab808-55ca-4bc4-bb61-e9d63309d733
up
insight.adsrvr.org/track/ Frame 39E7
0
0
Document
General
Full URL
https://insight.adsrvr.org/track/up?adv=2o3w7sp&ref=https%3A%2F%2Fwww.positivepromotions.com%2Fcatalogs%2Fa%2F374%2F&upid=vsckpbz&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.positivepromotions.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-length
0
content-type
text/html
date
Wed, 12 Jun 2024 20:33:41 GMT
server
Kestrel
attribution_trigger
px.ads.linkedin.com/
2 B
814 B
XHR
General
Full URL
https://px.ads.linkedin.com/attribution_trigger?pid=2535298&time=1718224421510&url=https%3A%2F%2Fwww.positivepromotions.com%2Fcatalogs%2Fa%2F374%2F
Requested by
Host: cdn.logr-ingest.com
URL: https://cdn.logr-ingest.com/LogRocket.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
*
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 20:33:41 GMT
content-encoding
gzip
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: F856CCE41BAF461786E4A68A30D931E9 Ref B: FRAEDGE1205 Ref C: 2024-06-12T20:33:41Z
access-control-allow-methods
GET, OPTIONS
x-li-fabric
prod-lor1
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
content-type
application/json
x-li-proto
http/2
x-restli-protocol-version
1.0.0
access-control-allow-headers
*
x-li-uuid
AAYat0xM4lrXmqtPfN4adA==
x-fs-uuid
00061ab74c4ce25ad79aab4f7cde1a74
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2535298&time=1718224421510&url=https%3A%2F%2Fwww.positivepromotions.com%2Fcatalogs%2Fa%2F374%2F
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2535298&time=1718224421510&url=https%3A%2F%2Fwww.positivepromotions.com%2Fcatalogs%2Fa%2F374%2F&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2535298%26time%3D1718224421510%26url%3Dhttps%253A%252F%252Fwww.positivepromotions...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2535298&time=1718224421510&url=https%3A%2F%2Fwww.positivepromotions.com%2Fcatalogs%2Fa%2F374%2F&cookiesTest=true&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2535298&time=1718224421510&url=https%3A%2F%2Fwww.positivepromotions.com%2Fcatalogs%2Fa%2F374%2F&cookiesTest=true&liSync=true&e_ipv6=AQKugCAd0Na2c...
0
264 B
Image
General
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2535298&time=1718224421510&url=https%3A%2F%2Fwww.positivepromotions.com%2Fcatalogs%2Fa%2F374%2F&cookiesTest=true&liSync=true&e_ipv6=AQKugCAd0Na2cwAAAZAOKAWYUJAzpzUY7ZHymqWDbA1lnLAq5GApZNUdzcQJIeBJoev05-Ei
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.positivepromotions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 12 Jun 2024 20:33:42 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: D3D33DD999464358969EE6A0B55F61E6 Ref B: FRAEDGE1413 Ref C: 2024-06-12T20:33:42Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYat0xZrr/IS0j1dL/jeA==

Redirect headers

date
Wed, 12 Jun 2024 20:33:41 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 80AB5524F3294678A2E6BC225D1F21AD Ref B: DUS30EDGE0711 Ref C: 2024-06-12T20:33:42Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2535298&time=1718224421510&url=https%3A%2F%2Fwww.positivepromotions.com%2Fcatalogs%2Fa%2F374%2F&cookiesTest=true&liSync=true&e_ipv6=AQKugCAd0Na2cwAAAZAOKAWYUJAzpzUY7ZHymqWDbA1lnLAq5GApZNUdzcQJIeBJoev05-Ei
x-li-proto
http/2
content-length
0
x-li-uuid
AAYat0xVvmkvsOI92UOkYA==
getIds
s1.listrakbi.com/O6Rldpzx7NPG/session/
175 B
1 KB
Script
General
Full URL
https://s1.listrakbi.com/O6Rldpzx7NPG/session/getIds?callback=ltkCallback5206&gsid=&_sid=&_tid=127386&ps=null&dps=true
Requested by
Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=O6Rldpzx7NPG&v=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.49 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
741d2f04fdc1f79498c196a34d7fbeadf0d35cc6f895d2f9ced676b677b01af7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 12 Jun 2024 20:33:41 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
content-type
application/x-javascript; charset=utf-8
cache-control
no-cache
cf-ray
892c9e0b6a48bbc4-WAW
expires
-1
1197586330272709
connect.facebook.net/signals/config/
57 KB
12 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1197586330272709?v=2.9.157&r=stable&domain=www.positivepromotions.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
df30b57f3094a31319e275a7090ca43babfa913c4c7d8cc75794c4ea259ee2b6
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 12 Jun 2024 20:33:41 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
12156
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=75, rtx=0, c=36, mss=1297, tbw=63504, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
EUXCJrLZBYv6AzckIB04woYy/CQOVE1wi3Q2vUQBdHX/TPgfXKtLEMO6qXyDQI0vBT2+ppRL3PkUYYXf2xRd6g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
0
274 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1197586330272709&ev=PageView&dl=https%3A%2F%2Fwww.positivepromotions.com%2Fcatalogs%2Fa%2F374%2F&rl=&if=false&ts=1718224421603&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1718224421603.318462573821038371&ler=empty&cdl=API_unavailable&it=1718224421545&coo=false&tm=1&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=2777, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 12 Jun 2024 20:33:41 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
3 KB
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1197586330272709&ev=PageView&dl=https%3A%2F%2Fwww.positivepromotions.com%2Fcatalogs%2Fa%2F374%2F&rl=&if=false&ts=1718224421603&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1718224421603.318462573821038371&ler=empty&cdl=API_unavailable&it=1718224421545&coo=false&tm=1&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x7913159cba29e357","source_keys":["1","2"]},{"key_piece":"0xbf6c5617f97d9cb1","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Wed, 12 Jun 2024 20:33:41 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=3095, tp=-1, tpl=-1, uplat=284, ullat=0
pragma
no-cache
x-fb-debug
hdpMubXvBSo5e+AtC0HCo0jNfjyXaVk8InaVOAxFwH6/8298qazRajj8TC9XfcLWK0/bngGeDD2tQjqxgQBk0A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
animate.min.css
cdn.listrakbi.com/css/
5 KB
1 KB
Stylesheet
General
Full URL
https://cdn.listrakbi.com/css/animate.min.css
Requested by
Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=O6Rldpzx7NPG&v=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.130.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-130-11.fra60.r.cloudfront.net
Software
cloudflare / ASP.NET
Resource Hash
bb8fa5f5216fa65fb3b0cfc76de29efaf4e6ff82a281dc540fb568d4767f688e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 12 Jun 2024 20:25:36 GMT
Content-Encoding
gzip
Via
1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
CF-Cache-Status
DYNAMIC
X-Amz-Cf-Pop
FRA60-P2
Age
503
x-powered-by
ASP.NET
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Fri, 14 Oct 2022 18:03:08 GMT
Server
cloudflare
ETag
W/"2ff9137f7dfd81:0"
Vary
Accept-Encoding
Content-Type
text/css
CF-RAY
88da2bd3db8e2be8-FRA
X-Amz-Cf-Id
8v-3ZCH_oArv55nV8-iiQhNQN4w87kYuqO0la5XeOSFmw1opiA6joQ==
widget.css
staticw2.yotpo.com/klxL5FhIMNyGmwj9h6Vv9i0PhCJWnIsQu2kpimZA/
479 KB
39 KB
Stylesheet
General
Full URL
https://staticw2.yotpo.com/klxL5FhIMNyGmwj9h6Vv9i0PhCJWnIsQu2kpimZA/widget.css?widget_version=2024-05-19_11-48-07
Requested by
Host: staticw2.yotpo.com
URL: https://staticw2.yotpo.com/klxL5FhIMNyGmwj9h6Vv9i0PhCJWnIsQu2kpimZA/widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00:3b7::1d72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
866b91ef7f262869c123bc0618664f0c2c6efb3e66be6ae60afcd4033aed3c50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 20:33:42 GMT
content-encoding
br
x-content-type-options
nosniff
env
PRODUCTION
status
200 OK
server-timing
cdn-cache; desc=REVALIDATE, edge; dur=107, origin; dur=544, ak_p; desc="1718224421652_34901812_84264806_65179_8892_38_0_255";dur=1
content-length
39312
x-xss-protection
1; mode=block
x-request-id
2f9c48f76797ccbf1e390c727d930831
x-runtime
0.148785
etag
W/"88b9dff99d74f87ca1671fac8211d11a"
x-frame-options
SAMEORIGIN
access-control-max-age
86400
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET,POST
cache-control
public, max-age=10771
access-control-allow-credentials
true
access-control-allow-headers
*
i
p.yotpo.com/
35 B
280 B
Image
General
Full URL
https://p.yotpo.com/i?e=pv&page=Page%20Not%20Found&se_va=klxL5FhIMNyGmwj9h6Vv9i0PhCJWnIsQu2kpimZA&cx=eyJwdl91dWlkIjozMjg5MDE1OTUsInBpeGVsX2lkIjoiNzYwYzlmZWItZWY5NC00MWM3LWEwMGUtMDBlOTUxMmZmZGYyIn0&dtm=1718224421646&tid=909258&vp=1600x1200&ds=1600x1224&vid=1&duid=9af0b2cc2291dceb&p=web&tv=js-0.13.2&fp=3554096492&aid=onsite_v2&lang=de-DE&cs=UTF-8&tz=Europe%2FBerlin&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&url=https%3A%2F%2Fwww.positivepromotions.com%2Fcatalogs%2Fa%2F374%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.235.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-235-26.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
image/gif
date
Wed, 12 Jun 2024 20:33:41 GMT
cache-control
max-age=86400, private
server
nginx
content-length
35
expires
Thu, 13 Jun 2024 20:33:41 GMT
web-next.gif
emails.positivepromotions.com/
49 B
1016 B
Image
General
Full URL
https://emails.positivepromotions.com/web-next.gif?&v=js2.1&cid=97513&cke=&u=https%3A%2F%2Fwww.positivepromotions.com%2Fcatalogs%2Fa%2F374%2F&t=Page%20Not%20Found&l=de-DE&je=&re=1600x1200&cd=24&pd=24&os=Win32&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F126.0.0.0%20Safari%2F537.36&ref=&h=N&tz=UTC%2B0200&jsv=1.3&ss=35807c15-a8af-41aa-96ee-2e110e7a51cb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.211.52.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-52-65.compute-1.amazonaws.com
Software
nginx /
Resource Hash
8c8cb3e3e555ee218e51b16a7c33fa44957f35ec1909701633756306a3fa4fc6
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'unsafe-inline' 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline'; img-src *; style-src * 'unsafe-inline'; font-src *; frame-src 'self' https://www.google.com/recaptcha/; form-action 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 12 Jun 2024 20:33:41 GMT
Content-Security-Policy
default-src 'none'; script-src 'unsafe-inline' 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline'; img-src *; style-src * 'unsafe-inline'; font-src *; frame-src 'self' https://www.google.com/recaptcha/; form-action 'self'
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000
Server
nginx
Access-Control-Allow-Methods
GET,POST,OPTIONS
P3P
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Access-Control-Allow-Origin
*
Content-Type
images/gif
Cache-Control
private
Connection
keep-alive
Content-Length
49
5436AC25A958
api.datasteam.io/v1/C/RawData/
208 B
795 B
Script
General
Full URL
https://api.datasteam.io/v1/C/RawData/5436AC25A958?v=74835280-f85d-4d91-851e-396fd2db6098&se=050727e3-86b6-43c8-9786-c70bf7ada54f&d=eyJ2IjoiNzQ4MzUyODAtZjg1ZC00ZDkxLTg1MWUtMzk2ZmQyZGI2MDk4IiwibSI6IjQ3Yzg2N2EwLWJhYTItNGVjZS04NWM1LTIxOTI2NGUxY2E5MiIsImNzaSI6IiIsInNlIjoiMDUwNzI3ZTMtODZiNi00M2M4LTk3ODYtYzcwYmY3YWRhNTRmIiwibiI6MSwicCI6ImI4MDQzODJlLThjNzEtNDhiMC04YzkwLWQ4NmJkN2MzYzNiZCIsInUiOiJodHRwczovL3d3dy5wb3NpdGl2ZXByb21vdGlvbnMuY29tL2NhdGFsb2dzL2EvMzc0LyIsInBuIjoiL2NhdGFsb2dzL2EvMzc0LyIsInIiOiIiLCJ0IjoiUGFnZSBOb3QgRm91bmQiLCJjIjoiaHR0cHM6Ly93d3cucG9zaXRpdmVwcm9tb3Rpb25zLmNvbS9jYXRhbG9ncy9hLzM3NC8iLCJwciI6Ijk4QkQ2NCIsInMiOjEsInZzIjoxLCJoYyI6MCwibCI6IlBhZ2VMb2FkIn0%3D&callback=cb6c0c87b0c45cb
Requested by
Host: cdn.datasteam.io
URL: https://cdn.datasteam.io/js/D25436AC25A958.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.79.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-79-159.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
5be06bb7cddb30d5b42049bfc32fddcfe65b5f309acc48f74ec4a6a6093ec428

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 12 Jun 2024 20:33:41 GMT
Server
Kestrel
Connection
keep-alive
Content-Length
208
formcomplete.js
ws-assets.zoominfo.com/
90 KB
27 KB
Script
General
Full URL
https://ws-assets.zoominfo.com/formcomplete.js
Requested by
Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.118.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b1a4915e59e76e65870b9b2fe38250746fd0eaa301b836516e71bc7c6dd8ae4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 20:33:42 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
age
3539
x-guploader-uploadid
ABPtcPrT1QB8OatmdWgoTM62tjzoMnA_Wtk-QGAN-vicY80YJPDDSFXEXKO-oTgTprLqDb846eU
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 16 May 2024 10:14:37 GMT
server
cloudflare
etag
W/"006455bd44ed289ddcc403d0ecd96ab0"
x-goog-hash
crc32c=p5SAHw==, md5=AGRVvUTtKJ3cxAPQ7NlqsA==
x-goog-generation
1715854477710382
content-type
application/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
91778
cf-ray
892c9e0e0880bf6f-WAW
expires
Wed, 12 Jun 2024 20:34:43 GMT
insent
positivepromotions.widget.insent.ai/
80 KB
23 KB
Script
General
Full URL
https://positivepromotions.widget.insent.ai/insent
Requested by
Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:e600:f:7ae2:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c0e96c0f51eb10934d2022f7d30dbeaf05f748f85d32dfe71711f2dbb21621d8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
Do3I7W1ZAWXrXjTz8nc5rLMLlRnTeriu
content-encoding
gzip
via
1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
date
Tue, 11 Jun 2024 22:17:03 GMT
last-modified
Wed, 18 Oct 2023 08:56:44 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
80200
etag
"6c640d0008fb2a23a0ff942202f8657c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
binary/octet-stream
content-length
23142
x-amz-cf-id
Kk1Q416eOyam9T0MKEhuoIl5_XY3tDGcIskp6jMVPO3x7G46EQze0A==
/
ws.zoominfo.com/pixel/62b4b8c5da697e0090e2ef53/ Frame
0
0
Preflight
General
Full URL
https://ws.zoominfo.com/pixel/62b4b8c5da697e0090e2ef53/?iszitag=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.118.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
_vtok,_zitok,content-type,visited-url
Access-Control-Request-Method
GET
Origin
https://www.positivepromotions.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
access-control-allow-origin
https://www.positivepromotions.com
allow
GET,HEAD
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
892c9e0e0ef2b760-AMS
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 12 Jun 2024 20:33:42 GMT
server
cloudflare
via
1.1 google
x-content-type-options
nosniff
x-powered-by
Express
x-robots-tag
noindex, nofollow
/
ws.zoominfo.com/pixel/62b4b8c5da697e0090e2ef53/
4 KB
2 KB
Fetch
General
Full URL
https://ws.zoominfo.com/pixel/62b4b8c5da697e0090e2ef53/?iszitag=true
Requested by
Host: cdn.logr-ingest.com
URL: https://cdn.logr-ingest.com/LogRocket.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.118.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
d860cce2d136ac75afc7a6d9c334d8d8ae300daf1d311a775d9f5d356e2df661
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/javascript
visited-url
https://www.positivepromotions.com/catalogs/a/374/
Referer
https://www.positivepromotions.com/catalogs/a/374/
_vtok
ODAuMjU1LjcuMTE2
_zitok
f7bdfca11c13658909fd1718224421
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 20:33:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
x-powered-by
Express
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
https://www.positivepromotions.com
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
alt-svc
h3=":443"; ma=86400
cf-ray
892c9e0f6cb1b722-AMS
O6Rldpzx7NPG
at1.listrakbi.com/activity/
111 B
645 B
Script
General
Full URL
https://at1.listrakbi.com/activity/O6Rldpzx7NPG
Requested by
Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=O6Rldpzx7NPG&v=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.49 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
14363acc49560102682f3120f99922b4ce62e329e236fa14380a8df7fd89dcf6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 20:33:42 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/javascript; charset=utf-8
cache-control
private
cf-ray
892c9e0dde5cbbc4-WAW
PP_MAIN_ECO.webp
www.positivepromotions.com/images/art/
36 KB
37 KB
Image
General
Full URL
https://www.positivepromotions.com/images/art/PP_MAIN_ECO.webp?v=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-103.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7025d9b62ab07e77360670d5a43ee9f04354ef83410f5c92353ac87e3d7d23d0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/catalogs/a/374/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 20:33:40 GMT
via
1.1 e999795aa400a9b7027a66ec4ada5728.cloudfront.net (CloudFront)
last-modified
Thu, 04 Apr 2024 19:59:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P9
age
3
etag
"b230f5a13b9951344ce30effa7ec8a97"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=31536000
content-length
37226
x-amz-cf-id
Hk7GGvsTmFRZJoaTwtdQ359HZBjICju2zTu1mQuqdxu_y3srnwxM4Q==
Nav-marketplace-HealthcarePride.webp
www.positivepromotions.com/images/art/
31 KB
31 KB
Image
General
Full URL
https://www.positivepromotions.com/images/art/Nav-marketplace-HealthcarePride.webp?v=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-103.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
930c0eb69d9ce15aafa08c89c68319061b9cd5f1292c3c486cd90aa371c82245

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/catalogs/a/374/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 20:33:40 GMT
via
1.1 e999795aa400a9b7027a66ec4ada5728.cloudfront.net (CloudFront)
last-modified
Tue, 18 Jul 2023 13:40:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P9
age
3
etag
"cbf3d2c0b09754ab541c48a1a432edd7"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=31536000
content-length
31684
x-amz-cf-id
oFSp8p2KEsyW4AxfLacRfdM1jM_9Sfuqq9gTyIJ63AhDt_chcNZRAg==
Nav-marketplace-APPAREL.gif
www.positivepromotions.com/images/art/
348 KB
349 KB
Image
General
Full URL
https://www.positivepromotions.com/images/art/Nav-marketplace-APPAREL.gif?v=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-103.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eca065b7e5d123ac97e52dc4cf8e2eb23372be737aed857967aef27f6cabc943

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/catalogs/a/374/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 20:33:40 GMT
via
1.1 e999795aa400a9b7027a66ec4ada5728.cloudfront.net (CloudFront)
last-modified
Thu, 20 May 2021 21:33:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P9
age
3
etag
"0b096824da04c3d5db79e5966f922b46"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=31536000
content-length
356265
x-amz-cf-id
PCDDDAe-cT7y6-3xqM_tdxpGprBwH6y9DqDO2O3yYn_GjchHGQKRqg==
O6Rldpzx7NPG
at1.listrakbi.com/activity/
111 B
492 B
Script
General
Full URL
https://at1.listrakbi.com/activity/O6Rldpzx7NPG?vuid=7e21131c-4074-471b-9e5f-d2f47d6a19a9&uid=EE245688-AB46-4734-BB72-B0420AC0BDB5&gsid=5264069f-3471-4794-bb25-fae2409ac65d&sid=5711ddf8-79c3-4ec7-ad34-178a268336c3&_t_0=at&t_0=PageBrowse&k_0=https%3A%2F%2Fwww.positivepromotions.com%2Fcatalogs%2Fa%2F374%2F
Requested by
Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=O6Rldpzx7NPG&v=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.49 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
14363acc49560102682f3120f99922b4ce62e329e236fa14380a8df7fd89dcf6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 20:33:42 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/javascript; charset=utf-8
cache-control
private
cf-ray
892c9e0f0832bbc4-WAW
O6Rldpzx7NPG
at1.listrakbi.com/activity/
111 B
492 B
Script
General
Full URL
https://at1.listrakbi.com/activity/O6Rldpzx7NPG?vuid=7e21131c-4074-471b-9e5f-d2f47d6a19a9&uid=6292FFA0-BCFD-4F8F-A93F-E0068B26C53E&gsid=5264069f-3471-4794-bb25-fae2409ac65d&sid=5711ddf8-79c3-4ec7-ad34-178a268336c3&_t_0=at&t_0=Identification&k_0=3&_t_1=at&t_1=Identification&k_1=4&_t_2=at&t_2=Identification&k_2=5
Requested by
Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=O6Rldpzx7NPG&v=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.49 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
14363acc49560102682f3120f99922b4ce62e329e236fa14380a8df7fd89dcf6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 20:33:42 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/javascript; charset=utf-8
cache-control
private
cf-ray
892c9e0f0835bbc4-WAW
forms
ws.zoominfo.com/formcomplete-v2/
4 KB
1 KB
Fetch
General
Full URL
https://ws.zoominfo.com/formcomplete-v2/forms
Requested by
Host: cdn.logr-ingest.com
URL: https://cdn.logr-ingest.com/LogRocket.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.118.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
64ab16dad001c1fcd5fd5a13e3fa3c303f8b10f5319de09ceed526297259ffef
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Authorization
bearer 354df8ee764db132947276f86d36a3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.positivepromotions.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 20:33:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 google
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
server
cloudflare
etag
W/"11de-1TAlriBns9PdUPgwoAsTBUMQ3vk"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.positivepromotions.com
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,Authorization, visitorId, _zitok
cf-ray
892c9e106d67b722-AMS
forms
ws.zoominfo.com/formcomplete-v2/ Frame
0
0
Preflight
General
Full URL
https://ws.zoominfo.com/formcomplete-v2/forms
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.118.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://www.positivepromotions.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,Authorization,visitorId,_zitok
access-control-allow-origin
https://www.positivepromotions.com
allow
POST
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
892c9e0f384fb760-AMS
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 12 Jun 2024 20:33:42 GMT
server
cloudflare
via
1.1 google
x-content-type-options
nosniff
x-powered-by
Express
x-robots-tag
noindex, nofollow
g.jsonp
aa.agkn.com/adscores/
82 B
542 B
Script
General
Full URL
https://aa.agkn.com/adscores/g.jsonp?sid=9202274878&userid=98BD64-74835280-F85D-4D91-851E-396FD2DB6098
Requested by
Host: cdn.datasteam.io
URL: https://cdn.datasteam.io/js/D25436AC25A958.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.112.86 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-112-86.eu-central-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
9e446e75dc20b6dc693b247aaf7704112e55ef434588368aa0761fc76b3a29a5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 12 Jun 2024 20:33:42 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
82
expires
0
63537
i.liadm.com/s/
0
180 B
Image
General
Full URL
https://i.liadm.com/s/63537?bidder_id=242861&bidder_uuid=98BD64-74835280-F85D-4D91-851E-396FD2DB6098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.134.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-134-70.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 12 Jun 2024 20:33:42 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
0
63537
i.liadm.com/s/
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9202283468&_userID=98BD64-74835280-F85D-4D91-851E-396FD2DB6098&_takID=5436AC25A958
  • https://api.dtstmio.com/v1/visitaction/nspx?segment=000&userID=98BD64-74835280-F85D-4D91-851E-396FD2DB6098&takID=5436AC25A958&seg1=
  • https://api.datasteam.io/v1/visitaction/nspx?segment=000&userID=98BD64-74835280-F85D-4D91-851E-396FD2DB6098&takID=5436AC25A958&seg1=
  • https://i.liadm.com/s/63537?bidder_id=242861&bidder_uuid=98BD64-74835280-F85D-4D91-851E-396FD2DB6098
0
180 B
Image
General
Full URL
https://i.liadm.com/s/63537?bidder_id=242861&bidder_uuid=98BD64-74835280-F85D-4D91-851E-396FD2DB6098
Protocol
HTTP/1.1
Server
34.199.134.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-134-70.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.positivepromotions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 12 Jun 2024 20:33:43 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
0

Redirect headers

Location
https://i.liadm.com/s/63537?bidder_id=242861&bidder_uuid=98BD64-74835280-F85D-4D91-851E-396FD2DB6098
Date
Wed, 12 Jun 2024 20:33:42 GMT
Server
Kestrel
Connection
keep-alive
Content-Length
0
open_sans.css
staticw2.yotpo.com/assets/
281 B
585 B
Stylesheet
General
Full URL
https://staticw2.yotpo.com/assets/open_sans.css
Requested by
Host: staticw2.yotpo.com
URL: https://staticw2.yotpo.com/klxL5FhIMNyGmwj9h6Vv9i0PhCJWnIsQu2kpimZA/widget.css?widget_version=2024-05-19_11-48-07
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00:3b7::1d72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
adad0f387bdee702d1120265df725c20b92e9d1eaaca34557fd6208babd0cc1b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://staticw2.yotpo.com/klxL5FhIMNyGmwj9h6Vv9i0PhCJWnIsQu2kpimZA/widget.css?widget_version=2024-05-19_11-48-07
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 20:33:42 GMT
content-encoding
gzip
last-modified
Sun, 19 May 2024 13:21:58 GMT
etag
"6649fcf6-d8"
env
PRODUCTION
vary
Accept-Encoding
access-control-max-age
86400
content-type
text/css
access-control-allow-origin
*
access-control-allow-methods
GET,POST
cache-control
max-age=604800
access-control-allow-credentials
true
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1718224422362_34901812_84265402_28_7725_38_0_255";dur=1
content-length
216
expires
Wed, 19 Jun 2024 20:33:42 GMT
5436AC25A958
api.datasteam.io/v1/C/RawData/
208 B
795 B
Script
General
Full URL
https://api.datasteam.io/v1/C/RawData/5436AC25A958?v=74835280-f85d-4d91-851e-396fd2db6098&se=050727e3-86b6-43c8-9786-c70bf7ada54f&d=eyJ2IjoiNzQ4MzUyODAtZjg1ZC00ZDkxLTg1MWUtMzk2ZmQyZGI2MDk4IiwibSI6IjE2YjVmOTA0LTNlNjMtNDY5OC1hYjBkLWFjYzNmNmYwOTBiZSIsImNzaSI6IiIsInNlIjoiMDUwNzI3ZTMtODZiNi00M2M4LTk3ODYtYzcwYmY3YWRhNTRmIiwicCI6ImI4MDQzODJlLThjNzEtNDhiMC04YzkwLWQ4NmJkN2MzYzNiZCIsInUiOiJodHRwczovL3d3dy5wb3NpdGl2ZXByb21vdGlvbnMuY29tL2NhdGFsb2dzL2EvMzc0LyIsInBuIjoiL2NhdGFsb2dzL2EvMzc0LyIsInIiOiIiLCJ0IjoiUGFnZSBOb3QgRm91bmQiLCJjIjoiaHR0cHM6Ly93d3cucG9zaXRpdmVwcm9tb3Rpb25zLmNvbS9jYXRhbG9ncy9hLzM3NC8iLCJwciI6Ijk4QkQ2NCIsImVpZCI6Im5zX3NlZ18wMDAiLCJzIjoyLCJ2cyI6MSwiaGMiOjAsImwiOiJBY3Rpb24iLCJ2MDEiOiJFaWQiLCJ2MDIiOiJuc19zZWdfMDAwIn0%3D&callback=cbe34703719814f
Requested by
Host: cdn.datasteam.io
URL: https://cdn.datasteam.io/js/D25436AC25A958.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.79.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-79-159.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
33a36be6c7b69759617ed428dfa94950a98ff46a37e119b6ee1285a1879d5e19

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 12 Jun 2024 20:33:41 GMT
Server
Kestrel
Connection
keep-alive
Content-Length
208
/
idxch.rtactivate.com/tagid/50200/
43 B
132 B
Image
General
Full URL
https://idxch.rtactivate.com/tagid/50200/?d=98BD64-74835280-F85D-4D91-851E-396FD2DB6098
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.220.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-220-37.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Wed, 12 Jun 2024 20:33:42 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
17de7c5b-86c0-45f1-bbfb-fe2a07dda01f
https://www.positivepromotions.com/
4 KB
0
Script
General
Full URL
blob:https://www.positivepromotions.com/17de7c5b-86c0-45f1-bbfb-fe2a07dda01f
Requested by
Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d860cce2d136ac75afc7a6d9c334d8d8ae300daf1d311a775d9f5d356e2df661

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
3712
Content-Type
text/javascript
5436AC25A958
api.datasteam.io/v1/C/RawData/
208 B
795 B
Script
General
Full URL
https://api.datasteam.io/v1/C/RawData/5436AC25A958?v=74835280-f85d-4d91-851e-396fd2db6098&se=050727e3-86b6-43c8-9786-c70bf7ada54f&d=eyJ2IjoiNzQ4MzUyODAtZjg1ZC00ZDkxLTg1MWUtMzk2ZmQyZGI2MDk4IiwibSI6ImZjMjJiZWU0LTZjZWEtNGNiMy1hMjQ3LTdlZmJmNDliZWRmOSIsImNzaSI6IiIsInNlIjoiMDUwNzI3ZTMtODZiNi00M2M4LTk3ODYtYzcwYmY3YWRhNTRmIiwicCI6ImI4MDQzODJlLThjNzEtNDhiMC04YzkwLWQ4NmJkN2MzYzNiZCIsInUiOiJodHRwczovL3d3dy5wb3NpdGl2ZXByb21vdGlvbnMuY29tL2NhdGFsb2dzL2EvMzc0LyIsInBuIjoiL2NhdGFsb2dzL2EvMzc0LyIsInIiOiIiLCJ0IjoiUGFnZSBOb3QgRm91bmQiLCJjIjoiaHR0cHM6Ly93d3cucG9zaXRpdmVwcm9tb3Rpb25zLmNvbS9jYXRhbG9ncy9hLzM3NC8iLCJwciI6Ijk4QkQ2NCIsImVpZCI6Im5zX3NlZ18wMDAiLCJzIjozLCJ2cyI6MSwiaGMiOjAsImwiOiJBY3Rpb24iLCJ2MDEiOiJFczEifQ%3D%3D&callback=cb3256d8b458e8b
Requested by
Host: cdn.datasteam.io
URL: https://cdn.datasteam.io/js/D25436AC25A958.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.79.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-79-159.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
8abebd7676451e8df4dc6aaca9a69cc164b60552a3af0e5b4177eb5e0d6f9650

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 12 Jun 2024 20:33:41 GMT
Server
Kestrel
Connection
keep-alive
Content-Length
208
/
px.ads.linkedin.com/wa/
0
202 B
XHR
General
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: cdn.logr-ingest.com
URL: https://cdn.logr-ingest.com/LogRocket.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Accept
*
Referer
https://www.positivepromotions.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 20:33:42 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 3765EB3861F14B45801C694898451D4E Ref B: DUS30EDGE0711 Ref C: 2024-06-12T20:33:42Z
linkedin-action
1
vary
Origin
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
access-control-allow-origin
https://www.positivepromotions.com
x-li-proto
http/2
access-control-allow-credentials
true
x-li-uuid
AAYat0xcUbMw7FR6VbRuxg==
/
positivepromotions.widget.insent.ai/ Frame AE4A
0
0
Document
General
Full URL
https://positivepromotions.widget.insent.ai/?project_key=jYGBPZwgYeB3Qnzv6J3P&blog_url=www.positivepromotions.com%2Fcatalogs%2Fa%2F374%2F&event_listener=CoQLdbL6Bx7b5cz&marketo_cookies=[]&hubspot_cookies=[]&pardot_cookies=[]&eloqua_cookies=[]&parent_innerwidth=1600&parent_innerheight=1200&widgetVisibility=true&locale=undefined&user_id=f7bdfca11c13658909fd1718224421&_zitok=f7bdfca11c13658909fd1718224421
Requested by
Host: positivepromotions.widget.insent.ai
URL: https://positivepromotions.widget.insent.ai/insent
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:e600:f:7ae2:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.positivepromotions.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
17368203
cache-control
max-age=31536000
content-encoding
gzip
content-type
text/html
date
Fri, 24 Nov 2023 20:03:40 GMT
etag
W/"cea936b357d0fefbe67f396ac27ecc71"
last-modified
Wed, 18 Oct 2023 08:56:50 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
x-amz-cf-id
i0ZFN8zu7yrpoi8OaDUEeiaAX1mhF-cmr5pz0_s5QuQFxt8UFwkk5w==
x-amz-cf-pop
FRA60-P4
x-amz-version-id
wf2lJ.cKt7e1wlMSlpAOAV_K1ZPwVE5q
x-cache
Error from cloudfront
GothamBook.woff2
mediacdn.espssl.com/10297/Shared/OnsiteSolutions/Fonts/
19 KB
19 KB
Font
General
Full URL
https://mediacdn.espssl.com/10297/Shared/OnsiteSolutions/Fonts/GothamBook.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.42 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07fbc48aae3355371dfd2c2d82a5245e8fafbc6e9c3d6154d9b35a7bf8f92c18
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Origin
https://www.positivepromotions.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 20:33:43 GMT
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
cf-cache-status
HIT
age
45425
content-length
19840
last-modified
Fri, 26 Jan 2024 15:35:07 GMT
server
cloudflare
etag
"fa2763d6d50da1:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=86400, no-transform, s-maxage=86400
accept-ranges
bytes
cf-ray
892c9e188f252685-TXL
GothamBold.woff2
mediacdn.espssl.com/10297/Shared/OnsiteSolutions/Fonts/
19 KB
19 KB
Font
General
Full URL
https://mediacdn.espssl.com/10297/Shared/OnsiteSolutions/Fonts/GothamBold.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.42 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b2f25b57d75a0350ee4b53bed9216dfad6edfa2215340c2ab11a82ccf578c27
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Origin
https://www.positivepromotions.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 20:33:43 GMT
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
cf-cache-status
HIT
age
175091
content-length
19244
last-modified
Fri, 26 Jan 2024 15:35:05 GMT
server
cloudflare
etag
"333b383c6d50da1:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=86400, no-transform, s-maxage=86400
accept-ranges
bytes
cf-ray
892c9e188f212685-TXL
GothamBlack.woff2
mediacdn.espssl.com/10297/Shared/OnsiteSolutions/Fonts/
19 KB
19 KB
Font
General
Full URL
https://mediacdn.espssl.com/10297/Shared/OnsiteSolutions/Fonts/GothamBlack.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.42 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec6b35b35943767bf40b247ef23d3e5df10e093739bda12fd944ee3da9fa33e7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Origin
https://www.positivepromotions.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 20:33:43 GMT
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
cf-cache-status
HIT
age
175091
content-length
19384
last-modified
Fri, 26 Jan 2024 15:35:03 GMT
server
cloudflare
etag
"a78d1d3b6d50da1:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=86400, no-transform, s-maxage=86400
accept-ranges
bytes
cf-ray
892c9e188f242685-TXL
ModalImpression.ashx
m1.listrakbi.com/
103 B
543 B
Script
General
Full URL
https://m1.listrakbi.com/ModalImpression.ashx?callback=ltkCallback1872&t=impression&ctid=O6Rldpzx7NPG&globalSessionUID=5264069f-3471-4794-bb25-fae2409ac65d&mid=c5fd87f2-e877-4813-93e0-817b58d7a63f
Requested by
Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=O6Rldpzx7NPG&v=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.49 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
de7b1e5b2748789dd84c7631c7792a17f7756d2f86fdd4f035e5adb706edce9b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 20:33:43 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
application/javascript; charset=utf-8
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
cache-control
private
cf-ray
892c9e181d9cbbc4-WAW
logo.png
mediacdn.espssl.com/10297/Shared/OnsiteSolutions/Core/
46 KB
46 KB
Image
General
Full URL
https://mediacdn.espssl.com/10297/Shared/OnsiteSolutions/Core/logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.42 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9212c277c8cbdc9d29f0964a949bd00b9eaefd963fd309f303fae5f09738912
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 20:33:43 GMT
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
cf-cache-status
HIT
age
51243
content-length
46793
last-modified
Fri, 26 Jan 2024 15:20:50 GMT
server
cloudflare
etag
"7ebcb3e6b50da1:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400, no-transform, s-maxage=86400
accept-ranges
bytes
cf-ray
892c9e18bd19bf36-WAW
splitImg.jpg
mediacdn.espssl.com/10297/Shared/OnsiteSolutions/Core/
65 KB
65 KB
Image
General
Full URL
https://mediacdn.espssl.com/10297/Shared/OnsiteSolutions/Core/splitImg.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.42 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
616b8cbdd371d09b216f12406839f2ee82a795cdda5d68cd9197f3957668ed93
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 20:33:43 GMT
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
cf-cache-status
HIT
age
51243
content-length
66215
last-modified
Fri, 26 Jan 2024 15:20:50 GMT
server
cloudflare
etag
"236143f6b50da1:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400, no-transform, s-maxage=86400
accept-ranges
bytes
cf-ray
892c9e18cd1bbf36-WAW
i
r.logr-ingest.com/ Frame
0
0
Preflight
General
Full URL
https://r.logr-ingest.com/i?a=vy9chc%2Fpositive-promotions&r=5-8d0e52ab-105a-4bf7-b814-fb5341312ab1&t=d19da002-2d4d-4aed-81ec-ee34ea6a7cd5&s=0&rs=0%2Cu&u=4587eacc-ce43-4884-ae74-b210976fb573&is=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.23.205 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
205.23.198.104.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
x-logrocket-relay-version
Access-Control-Request-Method
POST
Origin
https://www.positivepromotions.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,X-Csrftoken,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Origin,X-Logrocket-Url,X-Logrocket-Ignore,X-Logrocket-Secret,X-LogRocket-Relay-Version
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
content-length
0
date
Wed, 12 Jun 2024 20:33:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
i
r.logr-ingest.com/
7 KB
8 KB
XHR
General
Full URL
https://r.logr-ingest.com/i?a=vy9chc%2Fpositive-promotions&r=5-8d0e52ab-105a-4bf7-b814-fb5341312ab1&t=d19da002-2d4d-4aed-81ec-ee34ea6a7cd5&s=0&rs=0%2Cu&u=4587eacc-ce43-4884-ae74-b210976fb573&is=1
Requested by
Host: cdn.logr-ingest.com
URL: https://cdn.logr-ingest.com/logger-1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.23.205 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
205.23.198.104.bc.googleusercontent.com
Software
/ Express
Resource Hash
2449c41923ee514638d3c3199a0b535b701f77d5fbfa0ea736c3739fcdd2a103
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
X-LogRocket-Relay-Version
2023.12.0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 20:33:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
etag
W/"1ce4-54c5na44FOy2BofesacLG5Z44L0"
x-powered-by
Express
access-control-max-age
1728000
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,X-Csrftoken,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Origin,X-Logrocket-Url,X-Logrocket-Ignore,X-Logrocket-Secret,X-LogRocket-Relay-Version
content-length
7396
loader.js
positive-promotions.chat.digital.ringcentral.com/chat/23a82b0389f4bbf3ab34cdb5/
43 KB
7 KB
Script
General
Full URL
https://positive-promotions.chat.digital.ringcentral.com/chat/23a82b0389f4bbf3ab34cdb5/loader.js
Requested by
Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/Javascript/LibraryGlobalDeferredJS.bundle.js?v=208
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.219.41 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
32626b980c117a9c1f2a4f44ccc7d65fd4e69f6aeb67be38ea1adee37f19b0b3
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 20:33:46 GMT
strict-transport-security
max-age=31556952; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-permitted-cross-domain-policies
none
x-xss-protection
0
x-request-id
523e9a00588c047ea09905ffdbfefbd7
x-rp-cache
HIT
referrer-policy
strict-origin-when-cross-origin
etag
W/"32626b980c117a9c1f2a4f44ccc7d65f"
x-download-options
noopen
vary
Accept-Encoding
access-control-allow-methods
POST, GET, PUT, DELETE, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-max-age
1728000
cache-control
max-age=60, public
permissions-policy
camera=(), geolocation=(), microphone=()
access-control-allow-headers
Accept, Accept-Encoding, Content-Description, Content-Disposition, Content-Range, Content-Type, Origin, X-Requested-With
expires
Wed, 12 Jun 2024 20:34:03 GMT
s
r.logr-ingest.com/
0
411 B
XHR
General
Full URL
https://r.logr-ingest.com/s
Requested by
Host: cdn.logr-ingest.com
URL: https://cdn.logr-ingest.com/logger-1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.23.205 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
205.23.198.104.bc.googleusercontent.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 12 Jun 2024 20:33:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-powered-by
Express
access-control-max-age
1728000
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,X-Csrftoken,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Origin,X-Logrocket-Url,X-Logrocket-Ignore,X-Logrocket-Secret,X-LogRocket-Relay-Version
content-length
0
messaging-2b555aaa18b43bc0692632a7d15460bb219e0f5dc35706b803925b5bb12e6aa5.js
positive-promotions.chat.digital.ringcentral.com/assets/
199 KB
0
Script
General
Full URL
https://positive-promotions.chat.digital.ringcentral.com/assets/messaging-2b555aaa18b43bc0692632a7d15460bb219e0f5dc35706b803925b5bb12e6aa5.js
Requested by
Host: positive-promotions.chat.digital.ringcentral.com
URL: https://positive-promotions.chat.digital.ringcentral.com/chat/23a82b0389f4bbf3ab34cdb5/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.219.41 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.positivepromotions.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 20:33:46 GMT
content-encoding
gzip
last-modified
Wed, 12 Jun 2024 09:46:25 GMT
etag
W/"66696e71-e16ff"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

443 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 undefined| event object| fence object| sharedStorage object| dataLayer function| gtag object| dotq boolean| isLocalUser object| __dcid function| setDefaultInputText function| SetDropdown object| default_opts object| modal_opts function| $ function| jQuery object| lazySizes object| jQBrowser function| Spinner function| getBaseUrl string| baseUrlJS object| google_tag_params object| google_conversion_id object| google_conversion_label object| google_custom_params object| google_remarketing_only string| ire_o function| ire object| YAHOO object| __Cascade object| google_tag_manager object| google_tag_data object| zi string| ZIProjectKey function| onYouTubeIframeAPIReady object| gaGlobal object| irEvent function| _lrMutationObserver function| _lr_surl_cb object| __SDKCONFIG__ object| LogRocket function| _lrXMLHttpRequest object| __sf_config boolean| initialFormLoad function| onRecaptchaLoad function| handleReCaptchaError number| start function| doc_ready function| getECommerceObjForElement__ProductPage function| roundValue function| getECommerceObjForElement__CategoryPage function| setCookie function| getCookie function| sendEventToGA4 function| getURLParameter function| removeURLParameter object| Sizer object| ImageHoverZoom object| PositivePromotions function| IntegrateWidget function| IsShippingStateAndCountryValid function| IsBillingStateAndCountryValid function| UnsetShippingMethod function| ShowCustomizationInfo function| HideCustomizationInfo function| toPointSize function| optimizeFont function| StringIsNullOrEmpty function| IsNumeric function| assemblePhoneNumber function| TrimZipCode function| nationalDays function| noWeekendsOrHolidays function| validateEventDate function| stripAlphaChars function| parseDate function| GetMinimumQuantity function| GetQuantityIncrement function| IsProductImprintable function| NoImprintConfirmResult function| IsImprintedSelected function| isStockLogo function| resolveAddToCart function| validateQuickOrder function| onclickPurchaseOrder function| copyValue function| ToggleMinimumOrderReqMsg number| giftCertificateCount function| rnd function| openPopUp function| openSizedPopUp function| EmailLink function| GCView function| GetVisitorID function| RequestRecommendedProducts function| SetDateToMidnight function| BusinessDaysBetweenDates function| ValidateShippingForInHandsDate function| InHandsDateValidation function| GetMMDDYYYYFromDate function| convertToServerTimeZone function| ConvertToServerDateMidnight function| IsCartAllOS function| GetMinimumInHandsDate function| AddToSampleBag function| CalculateAndPreviewPrice function| showErrorDialog function| showSuccessDialog function| changePicture function| areImagesEqual function| getCDNImageName function| getCDNImageSize function| IsImageLP function| GetLargestSizeImageFromImageElement function| GetLargestSizeImageFromDataSet function| DoesImageExist function| UpdateLiquidPixelHiddenSource function| InitMiniCart function| swapAltImage function| showAltImgForLPProduct function| showMainImgForLPProduct function| IsProductPage function| RePositionSizeChartButton function| validateEmail function| isProductionSite function| getAllColorOptions function| isRgbBlackOrWhite function| isStringHexColor function| getColorOptions function| rgb2hsv function| luminance function| componentToHex function| rgbToHex function| hexToRgb function| chooseProductOptions function| RGBtoXYZ function| XYZtoLAB function| RGBtoLAB function| LABtoXYZ function| XYZtoRGB function| LABtoRGB function| color function| colorDistance function| SanitizeColor function| removeOOSCodeFromAllColorSwatches function| ddlOptionsToString function| getSpecDdl function| getImprintLocationDdl function| imprintLocationDdlToString function| injectImprintLocationSpec function| injectProductSizeSpec function| getSpecBody function| splitSpecByParts function| splitSpecForHtml function| formatSpec function| formatSpecsWithParts function| injectSpec function| removeSpec function| addMissingQuoteInSpec function| sanitizeSpecs function| addMissingItemsPerPackSpec function| autoselectSingleOptionsForProduct function| moveImprintOptionsToTheTop function| isOnlyDecorationMethodIsEmbroidery function| setToggle boolean| isProductPage function| closeFloatingCart function| closeCategoryPopover function| SetFormType function| colorAllSwatches function| getAllColorSwatches function| colorImageSwatch function| getColorSwatchColorString function| getColorArrayFromColorString function| doesSwatchNeedColoring function| isColorHex function| removeOOSCodeFromColor function| removeOOSCodeFromColorSwatch function| ViewProductColor function| ResetProductColor function| choosemeProductColor number| viewportWidthForMobile number| viewportWidthForConfigurator function| getAjaxPage function| stripAjaxResponse function| getItemCount function| invertTable function| getParameterValue function| removeVisitorProductListItem function| removeAllVisitorProductListItems function| updateFavoritesHeader function| removeVisitorProductListItemByProductNumber function| removeVisitorProductListItemByCategoryNumber function| addVisitorProductListItem function| addVisitorProductListItembyCategory function| updateVisitorProductListPrivacy function| displayViewPortSize function| isMobile function| isConfiguratorable function| initializeDesktopMenu function| initializeMobileMenu function| closeNav function| moveNavigation function| refreshFloatingCart function| getAjaxResult function| sendGASearchRedirectEvent string| url_string object| url object| params undefined| date function| logClientError function| getEventFromDataLayer function| getArrayObjectByKeyValuePair object| bootstrap object| magicJS function| $mjs string| $J_TYPE number| $J_UUID function| jGetSize function| jGetScroll function| jGetFullSize function| jFetch function| jStore function| jDel function| byClass function| byTag function| jAddEvent function| jRemoveEvent function| jCallEvent function| jRaiseEvent function| jClearEvents function| $J_EXT object| MagicZoomPlus object| MagicZoom object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments string| prop number| viewportWidth string| GoogleAnalyticsObject function| ga function| UET function| UET_init function| UET_push object| ueto_5544d5b93c object| uetq boolean| google_noFurtherRedirects object| gaplugins object| gaData object| recaptcha object| regeneratorRuntime function| _LRLogger boolean| _lr_loaded function| deferFunc string| currentUrl object| match undefined| extractedString undefined| gaObject function| sendGaToEndpoint function| hookGA function| fbq function| _fbq object| _fbq_gtm_ids string| _linkedin_data_partner_id object| shareasaleSSCID function| shareasaleSetCookie function| shareasaleGetParameterByName function| shareasaleGetCookie string| UnbxdSiteName number| __lo_site_id object| zitag function| errorHandler boolean| __lo_csr_added object| Unbxd function| _MGX_LU function| _MGX_LG object| MGX object| __MGX__ object| MGX_API object| MGX_DATA function| ttd_dom_ready object| ttd_up_api function| TTDUniversalPixelApi object| ttdPixel object| unbxdconfiglist function| lintrk boolean| _already_called_lintrk function| _Utilities function| AsyncManager function| AsyncCall function| Identity function| LTK function| _Order function| _TRKT function| _Product function| _Customer function| _Client function| _Assembler function| _LTKClick function| _LTKSubscriber function| _Profile function| _ProfileItem function| _LTKSignup function| isWatermark function| SessionTracker function| SCAItem function| getCookieDomain function| _Session function| MerchandiseBlock object| OnescriptAuthClassRegistry function| initializeOnescriptAuthIntegration function| CustomEventsClassRegistry function| initializeCustomEventsIntegration function| CustomEventsApi function| CustomEventsHttpClient function| tapToJoinHandler string| _protocol object| _ltk_util string| _ltkwmt object| _ltk object| customEventsClassRegistry object| customEvent object| jQueryLoadCall number| _jQueryLoadInterval object| ltkLoadCall number| _ltkLoadInterval number| c_start string| ua object| matched object| browser object| lists number| c_end function| indexOf function| get_config function| Get_Cookie function| PrefixChar function| tzs function| hem function| frt function| EndlessScroll function| Room number| EDGE_RANGE_WIDTH function| getUserMedia object| yotpo function| Yotpo object| JSON2 object| jstz function| EXIF boolean| __MGX_E__ undefined| cb6c0c87b0c45cb object| _zi_fc string| insentCompanyDomain string| insentProjectName string| insentProjectKey object| insent boolean| isSessionActive boolean| isInsentUserWindowActive boolean| insentPauseUrlCheckInterval number| checkCookiesIntervalId string| insentPageUrl number| insentUrlChangeIntervalId object| _zi function| neustarResponse undefined| cbe34703719814f object| ziws undefined| cb3256d8b458e8b object| ORIBILI string| eventListenerName undefined| emailVal undefined| phoneVal object| emailField object| phoneField object| submitBtn object| b string| pf function| is string| title object| focused object| closeBtns function| checkInputValidity function| trapTabKey function| moveTab object| focusBox string| focusableElemStr object| focusableElem object| focusableElems object| firstTabStop object| lastTabStop function| addFloat function| removeFloat number| onescriptFocus function| wrapperFocus object| datepickerField undefined| jQueryUIcss string| insentUserId string| insentPageSessionId

61 Cookies

Domain/Path Name / Value
.at1.listrakbi.com/activity/O6Rldpzx7NPG Name: _vuid
Value: 7e21131c-4074-471b-9e5f-d2f47d6a19a9
www.positivepromotions.com/catalogs/a/374 Name: _vuid
Value: 7e21131c-4074-471b-9e5f-d2f47d6a19a9
.listrakbi.com/O6Rldpzx7NPG Name: gsid
Value: irxJo6Vctv42R8xPpFcn3QxsHDzmPfQveagRUYC4Xvc3tKH167n8Zv5mhc%2f8F2tZMB%2fO9A6iAVU%3d
.listrakbi.com/O6Rldpzx7NPG Name: scasid
Value: 5711ddf8-79c3-4ec7-ad34-178a268336c3
www.positivepromotions.com/ Name: ASP.NET_SessionId
Value: fn5k2rjzd1qcjj4drlxnctwj
www.positivepromotions.com/ Name: dmi
Value: 638538068194829026
www.positivepromotions.com/ Name: visitor_guid
Value: 64382cb0-fe47-432a-9010-5f22dbd6809a
www.positivepromotions.com/ Name: AWSALB
Value: UB2HyqXWHF8DmR+ZwHLqDXOfXvjDx/GV6vcslQf2+YOw/LEpod46iueSh+yomEEto2Yi/DBjE2iUsOQBYv8K60SKxqqiJFpuetU+/Armx4yROCmktLPptUjfREeg
www.positivepromotions.com/ Name: AWSALBCORS
Value: UB2HyqXWHF8DmR+ZwHLqDXOfXvjDx/GV6vcslQf2+YOw/LEpod46iueSh+yomEEto2Yi/DBjE2iUsOQBYv8K60SKxqqiJFpuetU+/Armx4yROCmktLPptUjfREeg
.positivepromotions.com/ Name: _gcl_au
Value: 1.1.449679433.1718224421
.positivepromotions.com/ Name: _ga_8BCJWV5VCL
Value: GS1.1.1718224420.1.0.1718224420.60.0.0
.positivepromotions.com/ Name: IR_gbd
Value: positivepromotions.com
.positivepromotions.com/ Name: IR_10889
Value: 1718224420731%7C0%7C1718224420731%7C%7C
.positivepromotions.com/ Name: _uetsid
Value: 0e06597028fb11efb40e8bcf6054cda6
.positivepromotions.com/ Name: _uetvid
Value: 0e06534028fb11ef8121c71e87811d87
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.positivepromotions.com/ Name: _ga
Value: GA1.2.1408326061.1718224421
.positivepromotions.com/ Name: _gid
Value: GA1.2.1550574277.1718224421
.positivepromotions.com/ Name: _gat_gtag_UA_1042451_1
Value: 1
.bing.com/ Name: MUID
Value: 3F507AC42BCF6AFE01726E582A446B32
www.positivepromotions.com/ Name: _lr_tabs_-vy9chc%2Fpositive-promotions
Value: {%22sessionID%22:0%2C%22recordingID%22:%225-8d0e52ab-105a-4bf7-b814-fb5341312ab1%22%2C%22webViewID%22:null%2C%22lastActivity%22:1718224421056}
www.positivepromotions.com/ Name: _lr_hb_-vy9chc%2Fpositive-promotions
Value: {%22heartbeat%22:1718224421056}
www.positivepromotions.com/ Name: _lr_uf_-vy9chc
Value: e76ea453-8723-4265-91d6-e40b5ef08dba
www.positivepromotions.com/ Name: modal_shown
Value: yes
.positivepromotions.com/ Name: unbxd.userId
Value: uid-1718224421328-60008
.positivepromotions.com/ Name: unbxd.visit
Value: first_time
.positivepromotions.com/ Name: unbxd.visitId
Value: visitId-1718224421332-15795
.positivepromotions.com/ Name: ltkSubscriber-Newsletter
Value: eyJsdGtDaGFubmVsIjoiZW1haWwiLCJsdGtUcmlnZ2VyIjoibG9hZCJ9
.positivepromotions.com/ Name: _fbp
Value: fb.1.1718224421603.318462573821038371
.positivepromotions.com/ Name: ltkpopup-session-depth
Value: 1-2
www.positivepromotions.com/ Name: yotpo_pixel
Value: 760c9feb-ef94-41c7-a00e-00e9512ffdf2
www.positivepromotions.com/ Name: _sp_id.ef96
Value: 9af0b2cc2291dceb.1718224422.1.1718224422.1718224422
www.positivepromotions.com/ Name: _sp_ses.ef96
Value: *
.yotpo.com/ Name: pixel
Value: 3333d4f3-2010-4b18-75bd-84df0fc49896
.linkedin.com/ Name: li_sugr
Value: a13e440e-917a-451c-ac27-1c793c57a161
.linkedin.com/ Name: bcookie
Value: "v=2&65a057d0-9228-4a16-82d8-87c6d30349ec"
.linkedin.com/ Name: lidc
Value: "b=VGST08:s=V:r=V:a=V:p=V:g=2939:u=1:x=1:i=1718224421:t=1718310821:v=2:sig=AQHM9uB7w0ZJdinktUNu4FRdlzdQYTXx"
s1.listrakbi.com/ Name: AWSALBCORS
Value: 9Kux/MaQasG9oJZ5rTIPX3kd1I4wFs/N77T/Vd4ZVrqJZjfR+F48oNl2jz0NtaLgJZJXowOmIkNDoDvSw5CFrYu4X+JkCN/86/L46Imnl1Rf8dLJw1r67tHpx60V
.listrakbi.com/ Name: usid
Value: 8f0d1206a7b744e29d9a8c0927f6d641
.positivepromotions.com/ Name: GSIDO6Rldpzx7NPG
Value: 5264069f-3471-4794-bb25-fae2409ac65d
.positivepromotions.com/ Name: STSID127386
Value: 5711ddf8-79c3-4ec7-ad34-178a268336c3
.linkedin.com/ Name: UserMatchHistory
Value: AQKB9zpvdGtiLwAAAZAOKAPbVfmiFZYwO1OEsBO2RzBu65F7RIQ2rp8nPfR66xFUB-5lMbe7JTTGEg
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQJ-D4_-3worVwAAAZAOKAPbGit7aEHzvMH-llVkjpYNdV_qVy93CLaWvt67Vtt_uGHUOJKYnY-sYW40GEdEMg
.www.positivepromotions.com/ Name: _zitok
Value: f7bdfca11c13658909fd1718224421
emails.positivepromotions.com/ Name: ASP.NET_SessionId
Value: 11m11olcbmynorzuymnr5fqx
.positivepromotions.com/ Name: bid
Value: b22ba60d-d5f2-4d7c-992b-b1348c95cafb
.zoominfo.com/ Name: __cf_bm
Value: NyoxTlKh6EaHszhgdSPJEp9bXUsgH3liPIC5DjTLD74-1718224422-1.0.1.1-idlehktGDJIxVhp9f9saQuDTECk6ttqeahf85ZgwccR9cJ9DXeRm5VEvhk6oa4OmH88trsKGUuW6J5QHWoQ14A
.zoominfo.com/ Name: _cfuvid
Value: cOod4z3C7wWtQBCCfkd.FQ0XamXHpkJCidgzNgZqhwg-1718224422166-0.0.1.1-604800000
.www.linkedin.com/ Name: bscookie
Value: "v=1&2024061220334221873a4e-2a51-441f-8c4e-1d8cd4fcd2bcAQG5b5wiRSGIrGTUfhFrVOUhmCOUQiTm"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MTgyMjQ0MjI7MjswMjFewIphKY53WUZ84ZMaljzoIdcZHFfUX35JIeadj3w/Sw==
.linkedin.com/ Name: __cf_bm
Value: Z2ma_E3_YTWI3qq2ktRjcUYpGqjlKSxbkBp4zAOsils-1718224422-1.0.1.1-UEMZzKnqwF1RozBCuRjG3bThuNcs3tQcA_G5pF_I74XImQsKQ6ttS9r94LbRHCUXohsmlnq4noYx8HIEf8Jl9w
.datasteam.io/ Name: MGX_U
Value: 47c867a0-baa2-4ece-85c5-219264e1ca92
.datasteam.io/ Name: MGX_5436AC25A958
Value: 74835280-f85d-4d91-851e-396fd2db6098
.datasteam.io/ Name: MGX_PX_5436AC25A958
Value: 050727e3-86b6-43c8-9786-c70bf7ada54f
at1.listrakbi.com/ Name: AWSALBCORS
Value: 9YCzDxgrBTihweKh0NvUd0BV30UDNxEQ4/kvLx2G426wSM78xNPLxMHFXdibrn4JQWxPXUtSIwdPm8ZvruGSFJeobWJTcw7xxsrYIdacCSPwoNzWzoq3/rCSRbNV
.agkn.com/ Name: ab
Value: 0001%3AQTl2USOnHdpa1CZbUmOqkFDBufKVxsnn
.positivepromotions.com/ Name: MGX_UC
Value: JTdCJTIyTUdYX1AlMjIlM0ElN0IlMjJ2JTIyJTNBJTIyNzQ4MzUyODAtZjg1ZC00ZDkxLTg1MWUtMzk2ZmQyZGI2MDk4JTIyJTJDJTIyZSUyMiUzQTE3MTg3NTAwMjEzMzklN0QlMkMlMjJNR1hfUFglMjIlM0ElN0IlMjJ2JTIyJTNBJTIyMDUwNzI3ZTMtODZiNi00M2M4LTk3ODYtYzcwYmY3YWRhNTRmJTIyJTJDJTIycyUyMiUzQXRydWUlMkMlMjJlJTIyJTNBMTcxODIyNjIyMjQ5MyU3RCUyQyUyMk1HWF9DSUQlMjIlM0ElN0IlMjJ2JTIyJTNBJTIyMzk2MDZlNDMtNTU1YS00ZGJmLThkZmItOWM5MDVmNjQ0ODZmJTIyJTJDJTIyZSUyMiUzQTE3MTg3NTAwMjEzNDAlN0QlMkMlMjJNR1hfVlMlMjIlM0ElN0IlMjJ2JTIyJTNBMSUyQyUyMnMlMjIlM0F0cnVlJTJDJTIyZSUyMiUzQTE3MTgyMjYyMjI0OTMlN0QlMkMlMjJNR1hfRUlEJTIyJTNBJTdCJTIydiUyMiUzQSUyMm5zX3NlZ18wMDAlMjIlMkMlMjJzJTIyJTNBdHJ1ZSUyQyUyMmUlMjIlM0ExNzE4MjI2MjIyNDkzJTdEJTdE
.api.dtstmio.com/ Name: MGX_EID_5436AC25A958
Value: ns_seg_000
.datasteam.io/ Name: MGX_EID_5436AC25A958
Value: ns_seg_000
.positivepromotions.com/ Name: ltkpopup-suppression-c5fd87f2-e877-4813-93e0-817b58d7a63f
Value: 1
m1.listrakbi.com/ Name: AWSALBCORS
Value: ccQxGp5Bfnx4JDRuIYaUx+ZEKVV674xq+e6vImXFKY+zBLkPzdE1wG5JCyYKYvk06FJ28f81JoBUKXa4HsZGhZkuoEgr/u0KGcZkyhnhDLBoyxuNzNFtMvWw+ui0

2 Console Messages

Source Level URL
Text
network error URL: https://www.positivepromotions.com/catalogs/a/374/
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript warning URL: https://www.googleadservices.com/pagead/conversion.js(Line 32)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
api.datasteam.io
api.dtstmio.com
at1.listrakbi.com
bat.bing.com
cdn.datasteam.io
cdn.listrakbi.com
cdn.logr-ingest.com
connect.facebook.net
d.impactradius-event.com
d10lpsik1i8c69.cloudfront.net
d21gpk1vhmjuf5.cloudfront.net
emails.positivepromotions.com
googleads.g.doubleclick.net
i.liadm.com
idxch.rtactivate.com
insight.adsrvr.org
js.adsrvr.org
js.zi-scripts.com
kaliopositive.s3.amazonaws.com
m1.listrakbi.com
mediacdn.espssl.com
p.yotpo.com
positive-promotions.chat.digital.ringcentral.com
positivepromotions.widget.insent.ai
pubhtml5.com
px.ads.linkedin.com
px4.ads.linkedin.com
r.logr-ingest.com
region1.analytics.google.com
s.yimg.com
s1.listrakbi.com
seal.digicert.com
settings.luckyorange.net
snap.licdn.com
sp.analytics.yahoo.com
staticw2.yotpo.com
stats.g.doubleclick.net
tracker.unbxdapi.com
ws-assets.zoominfo.com
ws.zoominfo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.positivepromotions.com
104.16.118.43
104.18.41.49
104.198.23.205
104.26.11.16
13.107.42.14
13.248.219.41
142.250.185.163
142.250.185.98
142.250.186.132
142.250.186.66
143.204.205.137
172.64.144.42
172.64.150.44
18.169.25.8
18.172.103.101
18.195.235.26
18.245.46.103
18.245.60.86
18.66.122.101
18.66.130.11
188.114.96.3
2001:4860:4802:32::36
2001:4860:4802:38::178
2600:9000:225e:e600:f:7ae2:7780:93a1
2606:4700:10::6816:165c
2606:4700:4400::ac40:92d7
2620:1ec:21::14
2620:1ec:c11::237
2a00:1288:80:807::1
2a00:1450:4001:80e::2008
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2004
2a00:1450:400c:c0d::9b
2a02:26f0:3100::1735:283b
2a02:26f0:ab00:3b7::1d72
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
3.127.112.86
3.33.220.150
34.199.134.70
34.232.220.37
34.252.40.201
35.186.249.72
52.5.117.245
54.209.79.159
54.211.52.65
54.231.233.169
63.33.186.64
052382f646a1690cf560576dbd6471b2d4de2ee4c3856f3c3973df11bf6d2132
07fbc48aae3355371dfd2c2d82a5245e8fafbc6e9c3d6154d9b35a7bf8f92c18
0b49f7dafd0fa6a1b16131fa00f1b627d26266355aab67651b3a147dc410921c
0bd9700c72baf940aa515c2150530bd30c57b3b913b2531e51df73da9fb847f8
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
14363acc49560102682f3120f99922b4ce62e329e236fa14380a8df7fd89dcf6
14f18e77f3fe7e07525ccadeeec8917cfeafb0f4d9fae6561520cefbc3b30872
1e5d069d55f3d63d06a7675f12bd0dfc213ad00d14d29b050de7b188f681d38f
2449c41923ee514638d3c3199a0b535b701f77d5fbfa0ea736c3739fcdd2a103
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
2b1a4915e59e76e65870b9b2fe38250746fd0eaa301b836516e71bc7c6dd8ae4
2b6c58f017bc5137f544620baae1115797521af8bd7182e22565e030b4d3e162
32626b980c117a9c1f2a4f44ccc7d65fd4e69f6aeb67be38ea1adee37f19b0b3
33a36be6c7b69759617ed428dfa94950a98ff46a37e119b6ee1285a1879d5e19
3b2f25b57d75a0350ee4b53bed9216dfad6edfa2215340c2ab11a82ccf578c27
3d1080625d3030e88357b3ac9aa377dcec23f1b529c4ad03f7a9a435ccae04be
3dce596d9489c6c7b13d6f913e0246adbe3404380fc910163fca676553e1f508
3f61f49a722f8ebfbb9950545c7498241b5b44db0c629bec72cfec1d28a22e08
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
4afdc17bc58be885b0f2f78c23db675795297e798d92f063921a8b41fdb3063f
52db5942e83502f235c57aa7efa365241b89a72a6caa8244661f75b0c3c29133
5ae4248920925110966930bec4d4a4268e6ec0256451c5b1cabf29880a98724f
5be06bb7cddb30d5b42049bfc32fddcfe65b5f309acc48f74ec4a6a6093ec428
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
616b8cbdd371d09b216f12406839f2ee82a795cdda5d68cd9197f3957668ed93
61db5ac1761fa76b052c803671e011e3bfde940c403b3a4b1d71889fd50b0f3b
64ab16dad001c1fcd5fd5a13e3fa3c303f8b10f5319de09ceed526297259ffef
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6cb6821219dae9fa9a21519d86d7ec7acaf0c4dd61463eb336eb92964feebef3
7025d9b62ab07e77360670d5a43ee9f04354ef83410f5c92353ac87e3d7d23d0
7071dcd9f849db222bdf0a53790ebb0850c46c013709af66fa701704426ff874
70f0042bd34237bd111c6a55b375b39f4fb5180066dd2f29815d4d2fed1f8667
741d2f04fdc1f79498c196a34d7fbeadf0d35cc6f895d2f9ced676b677b01af7
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
7b49a9a5285217c3a31be5ced71654d48a8ae1b7264dedfdade2154d74770ac0
81f277888d1ee510668666fb819bcf637e488b613dac15cf78cbe9d1ac41658c
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c
84daf90b5571d3dc5731f9c9cce9e8444fce6e0c7c2737425962ce5d52e13bfe
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
866b91ef7f262869c123bc0618664f0c2c6efb3e66be6ae60afcd4033aed3c50
89083c39454b754e97bdbbe97f29b223c0b049fa24d329182429b8a3f8dc644b
899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9
8abebd7676451e8df4dc6aaca9a69cc164b60552a3af0e5b4177eb5e0d6f9650
8c8cb3e3e555ee218e51b16a7c33fa44957f35ec1909701633756306a3fa4fc6
930c0eb69d9ce15aafa08c89c68319061b9cd5f1292c3c486cd90aa371c82245
96eede1e885b6b59876887f33a736929ab1564cb11fcabaa3bd757bf3464fdb4
9e446e75dc20b6dc693b247aaf7704112e55ef434588368aa0761fc76b3a29a5
9fcc039de7ffc8516acb5c5f3f9b40785bbf608c8e0c39889cebc296d69eb91e
a0831ae5f2ff0589cba3ac0c3cf7eef7c1ee41c81a24de9b2c4559f76cbca1d0
a136eff86d817854b0b27804d8bb434c8bf512eba6c0cce6955ba0fa307c72c7
a61d8687f980bf5ef71b178b270a9713c0bb745b73dd56fed208c103d99af846
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ad4c4ceedd14c9d85a094c759ea244dde244b60ae5ee77f82c6495a4208858e7
adad0f387bdee702d1120265df725c20b92e9d1eaaca34557fd6208babd0cc1b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b9f7ee560d8f612b21f001669e09721a4a0946770a7f20490088205372a9cfc1
bb8fa5f5216fa65fb3b0cfc76de29efaf4e6ff82a281dc540fb568d4767f688e
bdbd1ac1981f444b84e6e1e229267ac3038afb252d36d91684a46a70c3bf6f72
be7e9488abdbed71df4ea21c8158114fe9e425e3d79dbee06758f20b56c91073
c0e96c0f51eb10934d2022f7d30dbeaf05f748f85d32dfe71711f2dbb21621d8
c3ea3a972768896d2a84d6eb36d3f5919478ad9c091477c22a5362eb6d53aee4
c6d60d6cd9192817f0609aa5b560ea7c8b12c512d2a8425dd68913ee8625b0d7
d3caf12591d194712facd10bca14f0a924edb59c24447a3fd994a48286db8843
d3ee501294d1225894748b9c70455957ac2abe06f3f8c55d7d678bbb8ea563aa
d423469939357099f36c34eee57442fa57084d71e5cda7f58c6b3ca5e3361948
d860cce2d136ac75afc7a6d9c334d8d8ae300daf1d311a775d9f5d356e2df661
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de7b1e5b2748789dd84c7631c7792a17f7756d2f86fdd4f035e5adb706edce9b
df30b57f3094a31319e275a7090ca43babfa913c4c7d8cc75794c4ea259ee2b6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7d4f9284d29ac3653bca05ffcbbce82f72c028896f088f47b3320abe087145e
e9212c277c8cbdc9d29f0964a949bd00b9eaefd963fd309f303fae5f09738912
ec6b35b35943767bf40b247ef23d3e5df10e093739bda12fd944ee3da9fa33e7
eca065b7e5d123ac97e52dc4cf8e2eb23372be737aed857967aef27f6cabc943
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f17bd493979526d186d0a0feb3543145ff5b8d0e19ab92bbc006693e833758bb
f4d1e641d47b4af1b6cb7936c59626f4dbab3933473009b447406034c34facb5
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fdcf5ef19dcd3005f0369e3482b28be21a70496f2d045f5a4a15d64523018a1d