urlscan.io logo urlscan.io
SecurityTrails logo

positivepromotions.formstack.com Open in urlscan Pro
13.224.189.26  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://posimail.positivepromotions.com/rd/9z4zs5s5u3pagsceuu9sj21hgb6madjnlks8v31g7eg_rp22sh2s8i62pb7cdj6apb24no
Effective URL: https://positivepromotions.formstack.com/forms/healthcarequotesab
Submission: On February 27 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 8 domains to perform 31 HTTP transactions. The main IP is 13.224.189.26, located in United States and belongs to AMAZON-02, US. The main domain is positivepromotions.formstack.com.
TLS certificate: Issued by Amazon RSA 2048 M01 on February 24th 2023. Valid for: 3 months.
This is the only time positivepromotions.formstack.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 54.200.107.121 16509 (AMAZON-02)
17 13.224.189.26 16509 (AMAZON-02)
1 52.216.164.21 16509 (AMAZON-02)
1 13.224.189.37 16509 (AMAZON-02)
4 2606:2800:234... 15133 (EDGECAST)
1 2620:1ec:4e:1... 8075 (MICROSOFT...)
4 2a03:2880:f08... 32934 (FACEBOOK)
2 104.244.42.72 13414 (TWITTER)
1 2a03:2880:f17... 32934 (FACEBOOK)
31 9
1    54.200.107.121 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-200-107-121.us-west-2.compute.amazonaws.com
posimail.positivepromotions.com
17    13.224.189.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-26.fra2.r.cloudfront.net
positivepromotions.formstack.com
static.formstack.com
www.formstack.com
1    52.216.164.21 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
1    13.224.189.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-37.fra2.r.cloudfront.net
www.positivepromotions.com
4    2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    2620:1ec:4e:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
platform.linkedin.com
4    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
2    104.244.42.72 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
1    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
17 formstack.com
positivepromotions.formstack.com
static.formstack.com — Cisco Umbrella Rank: 22308
www.formstack.com — Cisco Umbrella Rank: 38162
219 KB
6 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 778
syndication.twitter.com — Cisco Umbrella Rank: 1135
149 KB
2 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 803
136 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 151
89 KB
2 positivepromotions.com
posimail.positivepromotions.com — Cisco Umbrella Rank: 264078
www.positivepromotions.com — Cisco Umbrella Rank: 177347
48 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 105
15 KB
1 linkedin.com
platform.linkedin.com — Cisco Umbrella Rank: 3065
160 KB
1 amazonaws.com
s3.amazonaws.com
8 KB
31 8
Domain Requested by
13 static.formstack.com positivepromotions.formstack.com
4 platform.twitter.com positivepromotions.formstack.com
platform.twitter.com
3 positivepromotions.formstack.com positivepromotions.formstack.com
static.formstack.com
2 static.xx.fbcdn.net www.facebook.com
2 syndication.twitter.com platform.twitter.com
positivepromotions.formstack.com
2 connect.facebook.net positivepromotions.formstack.com
connect.facebook.net
1 www.facebook.com connect.facebook.net
1 platform.linkedin.com positivepromotions.formstack.com
1 www.formstack.com positivepromotions.formstack.com
1 www.positivepromotions.com positivepromotions.formstack.com
1 s3.amazonaws.com positivepromotions.formstack.com
1 posimail.positivepromotions.com 1 redirects
31 12

This site contains links to these domains. Also see Links.

Domain
www.formstack.com
Subject Issuer Validity Valid
*.formstack.com
Amazon RSA 2048 M01		 2023-02-24 -
2023-05-18		 3 months crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01		 2022-12-06 -
2023-12-05		 a year crt.sh
www.positivepromotions.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-10 -
2023-11-10		 a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-06 -
2023-11-06		 a year crt.sh
platform.linkedin.com
DigiCert SHA2 Secure Server CA		 2022-12-16 -
2023-06-16		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-01-10 -
2023-03-07		 2 months crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh

This page contains 4 frames:

Primary Page: https://positivepromotions.formstack.com/forms/healthcarequotesab
Frame ID: 722297B53FCB6786CB34116BF3C119B6
Requests: 25 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fpositivepromotions.formstack.com
Frame ID: 79C1BAE3EFE204C32065B2A9CCF1810E
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
Frame ID: A398D3C36FD99FACEC4C114E7181CD79
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/v2.0/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df12ace623034cc4%26domain%3Dpositivepromotions.formstack.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpositivepromotions.formstack.com%252Ff36f9909d5fe3%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fpositivepromotions.formstack.com%2Fforms%2Fhealthcarequotesab&layout=button_count&locale=en_US&sdk=joey
Frame ID: A0FB2FE1816FE0326E5673801BD0B5F6
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Healthcare Appreciation - Abigail Barbero - Formstack

Page URL History Show full URLs

  1. https://posimail.positivepromotions.com/rd/9z4zs5s5u3pagsceuu9sj21hgb6madjnlks8v31g7eg_rp22sh2s8i62pb7cdj6apb24no HTTP 302
    https://positivepromotions.formstack.com/forms/healthcarequotesab Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • //platform\.linkedin\.com/in\.js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

31
Requests

100 %
HTTPS

44 %
IPv6

8
Domains

12
Subdomains

9
IPs

2
Countries

823 kB
Transfer

2509 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://posimail.positivepromotions.com/rd/9z4zs5s5u3pagsceuu9sj21hgb6madjnlks8v31g7eg_rp22sh2s8i62pb7cdj6apb24no HTTP 302
    https://positivepromotions.formstack.com/forms/healthcarequotesab Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request healthcarequotesab
positivepromotions.formstack.com/forms/
Redirect Chain
  • https://posimail.positivepromotions.com/rd/9z4zs5s5u3pagsceuu9sj21hgb6madjnlks8v31g7eg_rp22sh2s8i62pb7cdj6apb24no
  • https://positivepromotions.formstack.com/forms/healthcarequotesab
62 KB
62 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://positivepromotions.formstack.com/forms/healthcarequotesab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-26.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
18807e048e96667441838359957ac80ef444b858165b37f8f008613a31aecb30
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=5 public
content-type
text/html; charset=UTF-8
date
Mon, 27 Feb 2023 14:53:14 GMT
expires
Mon, 27 Feb 2023 14:53:19 GMT
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
y2H7ikYC2KWWIlgHtQA6EWDIr9O2y_w9_ev6gv6ztDMIB9H3EkMF9A==
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront

Redirect headers

content-type
text/html; charset=UTF-8
date
Mon, 27 Feb 2023 14:53:13 GMT
location
https://PositivePromotions.formstack.com/forms/healthcarequotesab
server
Apache
status
302 Redirect
reset_3d1cc6d59f.css
static.formstack.com/forms/css/3/ 		2 KB
879 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.formstack.com/forms/css/3/reset_3d1cc6d59f.css
Requested by
Host: positivepromotions.formstack.com
URL: https://positivepromotions.formstack.com/forms/healthcarequotesab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-26.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
86d5823df9f96c928e9981519128e09bf8f745ca88e690be0b342b5ce904d394

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:04:00 GMT
content-encoding
gzip
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
last-modified
Fri, 24 Feb 2023 15:21:20 GMT
server
nginx
x-amz-cf-pop
FRA2-C1
age
6554
etag
W/"63f8d5f0-616"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
public, s-maxage=86400
x-amz-cf-id
-No8YbUGAIxAtI_JZbHmqw-yvQZ6hXQOZ_YnTUb_tJBXR59S-g0fhw==
jquery-ui_eb08fdf84b.css
static.formstack.com/forms/css/3/ 		32 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.formstack.com/forms/css/3/jquery-ui_eb08fdf84b.css
Requested by
Host: positivepromotions.formstack.com
URL: https://positivepromotions.formstack.com/forms/healthcarequotesab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-26.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
4fd91864be6192916a0cdc95d51d179f9bc071b462b7cb1e9e311a4bed974f41

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:04:00 GMT
content-encoding
gzip
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
last-modified
Fri, 24 Feb 2023 15:16:10 GMT
server
nginx
x-amz-cf-pop
FRA2-C1
age
6554
etag
W/"63f8d4ba-8052"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
public, s-maxage=86400
x-amz-cf-id
QBjspsU-dlUm4ILEsCdvCgJ7XOJJjew-AFVstXvmanE-VtOuBZrhcw==
default_637050611e.css
static.formstack.com/forms/css/3/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.formstack.com/forms/css/3/default_637050611e.css
Requested by
Host: positivepromotions.formstack.com
URL: https://positivepromotions.formstack.com/forms/healthcarequotesab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-26.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
8be533d533b9ca9a27c653ae2e71756be96845c84df07cb7ab9629a35741c205

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:04:00 GMT
content-encoding
gzip
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
last-modified
Fri, 24 Feb 2023 15:18:46 GMT
server
nginx
x-amz-cf-pop
FRA2-C1
age
6554
etag
W/"63f8d556-51ea"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
public, s-maxage=86400
x-amz-cf-id
DSF8Ho7N_gL2lQ9JR57LQyVG48b6ziL80zZLGgTHbeaOuyRg3B-plQ==
uil-static.css
static.formstack.com/common/css/ 		51 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.formstack.com/common/css/uil-static.css
Requested by
Host: positivepromotions.formstack.com
URL: https://positivepromotions.formstack.com/forms/healthcarequotesab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-26.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
b008c844d182121bae7686813370e5794851555f29e0ffc2a3b25e6ca0639923

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:04:00 GMT
content-encoding
gzip
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
last-modified
Fri, 24 Feb 2023 15:11:04 GMT
server
nginx
x-amz-cf-pop
FRA2-C1
age
6554
etag
W/"63f8d388-cbf1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
public, s-maxage=86400
x-amz-cf-id
dBoTo_ydM5Q4R9xuxlN5LzjCUyv8wlhE0fpwUA6mq_sVSbmQLzpcuQ==
dialogs_00a7ec5f05.css
static.formstack.com/forms/css/common/ 		170 B
503 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.formstack.com/forms/css/common/dialogs_00a7ec5f05.css
Requested by
Host: positivepromotions.formstack.com
URL: https://positivepromotions.formstack.com/forms/healthcarequotesab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-26.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
9fc43e8f6f26a254c4570b6ccd4e08a2a5f97bedcd1f3491ede9bbb8b5012d90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:04:00 GMT
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
last-modified
Fri, 24 Feb 2023 15:18:45 GMT
server
nginx
x-amz-cf-pop
FRA2-C1
age
6554
etag
"63f8d555-aa"
x-cache
Hit from cloudfront
content-type
text/css
cache-control
public, s-maxage=86400
accept-ranges
bytes
content-length
170
x-amz-cf-id
GmdLCbng1R5KbrFebp2oGnNtd2auPMDVaIKoshmR9F25K7mqDBrpPw==
292622_tmpl_head_6001b52c8d710.
s3.amazonaws.com/files.formstack.com/public/502701/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/files.formstack.com/public/502701/292622_tmpl_head_6001b52c8d710.
Requested by
Host: positivepromotions.formstack.com
URL: https://positivepromotions.formstack.com/forms/healthcarequotesab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.164.21 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
4315b545724305bd6f32c456d1b1757f450da398307e2795727f8f5c65a69e46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 14:53:15 GMT
x-amz-version-id
0JMeDEb_eQaaZOMar9Un62PLatgsFsBB
Last-Modified
Fri, 15 Jan 2021 15:30:53 GMT
Server
AmazonS3
x-amz-request-id
NX2DJY4SPW5NC14T
ETag
"3921e3a6c5615cbf9a1c8a8bbe72a028"
Content-Type
image/jpeg
x-amz-replication-status
COMPLETED
Accept-Ranges
bytes
X-Robots-Tag
noindex
Content-Length
7662
x-amz-id-2
eR6ilsy8aEH6hxUSxRlXKtRKhfDIvA51g3/SyA8VF9S59tGpMolQC00VghGFHcNl0Uf9kiVOdKs=
tlvlhlc.jpg
www.positivepromotions.com/images/art/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.positivepromotions.com/images/art/tlvlhlc.jpg
Requested by
Host: positivepromotions.formstack.com
URL: https://positivepromotions.formstack.com/forms/healthcarequotesab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-37.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
361b5619f5e27a76320e878f44630489569a2e666c63dee4fab7b63b1667a71a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 14:53:15 GMT
via
1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront)
last-modified
Fri, 09 Sep 2022 15:44:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"8c701aab7ad194719f70cf8c1aff9278"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
48399
x-amz-cf-id
Spzfp6eP0MmMRFx162L9rs2AMtdDQFMegrte9HiPkWDS3rdwt-Zm-w==
stacklock.png
www.formstack.com/admin/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.formstack.com/admin/images/stacklock.png
Requested by
Host: positivepromotions.formstack.com
URL: https://positivepromotions.formstack.com/forms/healthcarequotesab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-26.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
7f88c7eb830e129a72668bec156be3b531f711bc03d7ed9fd15844f97f4e0ee9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:04:00 GMT
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
last-modified
Fri, 24 Feb 2023 15:11:04 GMT
server
nginx
x-amz-cf-pop
FRA2-C1
age
6554
etag
"63f8d388-b73"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, s-maxage=86400
accept-ranges
bytes
content-length
2931
x-amz-cf-id
sMReE5J5zWmSgjzhOrpIwvP-lexkZglGmgpfz8Q05CQRxkWfgAQQqg==
pre-fill-button.png
positivepromotions.formstack.com/admin/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://positivepromotions.formstack.com/admin/images/pre-fill-button.png
Requested by
Host: positivepromotions.formstack.com
URL: https://positivepromotions.formstack.com/forms/healthcarequotesab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-26.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
6ae18af25b0e9b719e18530c09b5647d99b337fd12e4f75e653de8f81a7fdedd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/forms/healthcarequotesab
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:04:00 GMT
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
last-modified
Fri, 24 Feb 2023 15:11:04 GMT
server
nginx
x-amz-cf-pop
FRA2-C1
age
6554
etag
"63f8d388-52d"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, s-maxage=86400
accept-ranges
bytes
content-length
1325
x-amz-cf-id
mfLbKHvt7T7acrKUEdWQSKsDL9ytJ2Jnep8Y7T-p9JSMx1Xnjd8dCg==
widgets.js
platform.twitter.com/ 		91 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: positivepromotions.formstack.com
URL: https://positivepromotions.formstack.com/forms/healthcarequotesab
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67E0) /
Resource Hash
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 14:53:14 GMT
Content-Encoding
gzip
Age
926
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27630
x-amzn-internal-status
304
Last-Modified
Tue, 24 Jan 2023 21:41:51 GMT
Server
ECS (frb/67E0)
Etag
"9e99725b7a4cd730a934afba2a438bb5+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
Vary
Accept-Encoding
in.js
platform.linkedin.com/ 		509 KB
160 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.linkedin.com/in.js
Requested by
Host: positivepromotions.formstack.com
URL: https://positivepromotions.formstack.com/forms/healthcarequotesab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4e:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Play /
Resource Hash
87d12dd6c339d7410ec29ccbd5cb4d34d3489cdbc9a56e4a19a313771c43ef32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 14:53:14 GMT
content-encoding
gzip
x-cdn-client-ip-version
IPV6
x-azure-ref-originshield
0P7b8YwAAAADKWAFfE2WyT5iG8q0/6e2cRlJBMjMxMDUwNDE4MDMxADIyMjZhM2ViLTAxZTAtNDdiZi1hY2EyLTJiMDU4ZGZlYWQ3NQ==
x-cdn
AZUR
x-cache
TCP_HIT
x-cdn-proto
HTTP2
content-length
163379
x-li-uuid
AAX1rtPpVzNSrngtL0vAqg==
server
Play
x-li-pop
prod-ltx1-x
vary
Accept-Encoding
x-azure-ref
02sP8YwAAAAD3B8ImoE+aQ6isizaqF9nNRlJBMzFFREdFMDkxNwAyMjI2YTNlYi0wMWUwLTQ3YmYtYWNhMi0yYjA1OGRmZWFkNzU=
content-type
text/javascript; charset=UTF-8
x-li-fabric
prod-ltx1
cache-control
public, max-age=3600
x-li-proto
http/1.1
expires
Mon, 27 Feb 2023 14:55:11 GMT
jquery.min_1d14cd3798.js
static.formstack.com/forms/js/3/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.formstack.com/forms/js/3/jquery.min_1d14cd3798.js
Requested by
Host: positivepromotions.formstack.com
URL: https://positivepromotions.formstack.com/forms/healthcarequotesab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-26.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
04bebecfb9f7ce92cf947ce283fccf067cf6870f65af3456dd22b6c102447c83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 14:53:14 GMT
content-encoding
gzip
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
last-modified
Mon, 27 Feb 2023 14:08:21 GMT
server
nginx
x-amz-cf-pop
FRA2-C1
etag
W/"63fcb955-16cfa"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, s-maxage=86400
x-amz-cf-id
fZG8mM0pASnd9Crq7nQcHmP0h40QvfgHvt6opWUlaqH8WxFta_WnAQ==
jquery-ui.min_42a497cb9f.js
static.formstack.com/forms/js/3/ 		82 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.formstack.com/forms/js/3/jquery-ui.min_42a497cb9f.js
Requested by
Host: positivepromotions.formstack.com
URL: https://positivepromotions.formstack.com/forms/healthcarequotesab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-26.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
651dab4cb7bc37df2f04d730db54ee9e9bdc1f93fe9739a05c9ce07e0e335947

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:04:00 GMT
content-encoding
gzip
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
last-modified
Fri, 24 Feb 2023 15:16:10 GMT
server
nginx
x-amz-cf-pop
FRA2-C1
age
6554
etag
W/"63f8d4ba-147b6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, s-maxage=86400
x-amz-cf-id
SxN3m_C9Z4xKrZLRPJr8-1ful6WpPMV4tCP4rUZLQ-gImqC1hnUq5w==
scripts_0edcde2e8b.js
static.formstack.com/forms/js/3/ 		79 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.formstack.com/forms/js/3/scripts_0edcde2e8b.js
Requested by
Host: positivepromotions.formstack.com
URL: https://positivepromotions.formstack.com/forms/healthcarequotesab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-26.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
74bf23cb58f15f0a5828b81f3285e56f3917d80c4834cc990645c5aa5ba4c254

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:04:00 GMT
content-encoding
gzip
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
last-modified
Fri, 24 Feb 2023 15:18:46 GMT
server
nginx
x-amz-cf-pop
FRA2-C1
age
6554
etag
W/"63f8d556-13d02"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, s-maxage=86400
x-amz-cf-id
GJ6Z06mlk3eZfdBcm2ci7i5PafPBo4WPBCiK3Ajhi4Di9NJzkBQJsQ==
analytics_7d49daa365.js
static.formstack.com/forms/js/3/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.formstack.com/forms/js/3/analytics_7d49daa365.js
Requested by
Host: positivepromotions.formstack.com
URL: https://positivepromotions.formstack.com/forms/healthcarequotesab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-26.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
af897a5f18c00a272750446a9c34d8e024e18813260c4cfef79db22dc4fdf2bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:04:00 GMT
content-encoding
gzip
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
last-modified
Fri, 24 Feb 2023 15:23:56 GMT
server
nginx
x-amz-cf-pop
FRA2-C1
age
6554
etag
W/"63f8d68c-839"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, s-maxage=86400
x-amz-cf-id
l1Aligi_Gfe0r_Lws0ZkyZZZVhK9T8wE1BqiKAtN9bn-a1PpHG0Wzw==
libphonenumber-min_6f64debfdd.js
static.formstack.com/forms/js/3/ 		165 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.formstack.com/forms/js/3/libphonenumber-min_6f64debfdd.js
Requested by
Host: positivepromotions.formstack.com
URL: https://positivepromotions.formstack.com/forms/healthcarequotesab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-26.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
be488c0f242b432e7109eebf228368139abbeff37eb8fad1b3c510d41e362bd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:04:00 GMT
content-encoding
gzip
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
last-modified
Fri, 24 Feb 2023 15:16:10 GMT
server
nginx
x-amz-cf-pop
FRA2-C1
age
6554
etag
W/"63f8d4ba-29364"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, s-maxage=86400
x-amz-cf-id
oPf6xYZvnkfjWMYzqNJPvLo0_HxH94Vvbc07kP1D3C-GNnI6Gmt8vg==
autocapture_b393b647ca.js
static.formstack.com/forms/js/3/plugins/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.formstack.com/forms/js/3/plugins/autocapture_b393b647ca.js
Requested by
Host: positivepromotions.formstack.com
URL: https://positivepromotions.formstack.com/forms/healthcarequotesab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-26.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
ba640d33e6c4c528bc0667315dd305b76fc10c4b85416853165bfc9820d32417

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:04:00 GMT
content-encoding
gzip
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
last-modified
Fri, 24 Feb 2023 15:16:10 GMT
server
nginx
x-amz-cf-pop
FRA2-C1
age
6554
etag
W/"63f8d4ba-17c7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, s-maxage=86400
x-amz-cf-id
kQq5sl_2Rv5MHFoNz-p2GfMnTd-jZlfj5eptRh9D6i4UvfMxzVzb8g==
sharebuttons_16ee24b0ad.js
static.formstack.com/forms/js/3/plugins/ 		488 B
842 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.formstack.com/forms/js/3/plugins/sharebuttons_16ee24b0ad.js
Requested by
Host: positivepromotions.formstack.com
URL: https://positivepromotions.formstack.com/forms/healthcarequotesab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-26.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
7d5af5ad676dc02d93d6a945a951688ed7b3402a04bc933090de10d614671d0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:04:00 GMT
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
last-modified
Fri, 24 Feb 2023 15:18:46 GMT
server
nginx
x-amz-cf-pop
FRA2-C1
age
6554
etag
"63f8d556-1e8"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, s-maxage=86400
accept-ranges
bytes
content-length
488
x-amz-cf-id
CuzHLRu9B1sWCraS-EilbrgB5NIcs6tlsxjEF2Q9yYCh-O3kTs2HVg==
modernizr_60a2d5aeb5.js
static.formstack.com/forms/js/3/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.formstack.com/forms/js/3/modernizr_60a2d5aeb5.js
Requested by
Host: positivepromotions.formstack.com
URL: https://positivepromotions.formstack.com/forms/healthcarequotesab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-26.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
af420c807b04fdb5136ef53f3bab83b81f2b94e43fa9856f1fad2fde88383744

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:04:00 GMT
content-encoding
gzip
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
last-modified
Fri, 24 Feb 2023 15:21:20 GMT
server
nginx
x-amz-cf-pop
FRA2-C1
age
6554
etag
W/"63f8d5f0-33bc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, s-maxage=86400
x-amz-cf-id
tgEftj89-sh0WoGkcfEMQRBR39qdA6wjqaw-GFhwWD75G-q-FYKSaQ==
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: positivepromotions.formstack.com
URL: https://positivepromotions.formstack.com/forms/healthcarequotesab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f17111b45ba07d69121cada2319bd80f13c1edd36b3b1bc5794535c288d6334e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 27 Feb 2023 14:53:14 GMT
content-md5
/Slz0o4WRDXQiUypGg1s1w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
x-fb-rlafr
0
x-fb-debug
3ULk2ohLTe4zG4zAiRi43O+/bQV6JdgygQUIe9P+b8fsgO+gqmz1WE4CX0GWdvx9mENmbB10dWhuCjcz99ljBw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
x-fb-content-md5
99a266e710148324524418de6e927160
cross-origin-opener-policy
same-origin-allow-popups
etag
"6f5289c6dee847a7173a3b91e1bab77c"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Mon, 27 Feb 2023 14:53:22 GMT
widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html
platform.twitter.com/widgets/ Frame 79C1 		320 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fpositivepromotions.formstack.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/669E) /
Resource Hash
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer
https://positivepromotions.formstack.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
2912994
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105435
Content-Type
text/html; charset=utf-8
Date
Mon, 27 Feb 2023 14:53:14 GMT
Etag
"95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified
Tue, 24 Jan 2023 21:41:13 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/669E)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
sdk.js
connect.facebook.net/en_US/ 		306 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=33dbbd69b03e5ab3442b27dc05be3213
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
88e6498d63b80a9096542fd77fbda08242fd2068e1d9e2095b6570e89c595d86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://positivepromotions.formstack.com/
Origin
https://positivepromotions.formstack.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 27 Feb 2023 14:53:14 GMT
content-md5
0EQBw7HD48R3+4RoSFriqA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88484
x-fb-rlafr
0
x-fb-debug
9erFNyQaXHBjt5Ldg+T4vwEBmjjNdHGjbeefbjCfcs/N0pJb8p0Ytj80dCsD1ZgAZ+1i6+Wmo+pc+dVSY5zXpw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
af082dc27968b5d40705f7db3b54346b
cross-origin-opener-policy
same-origin-allow-popups
etag
"479c82e0a69dd7fbd557abbc9149187f"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Tue, 27 Feb 2024 12:34:43 GMT
settings
syndication.twitter.com/ Frame 79C1 		663 B
604 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=1543b8c667481c126b2cca233ffec0cc6d7a18aa
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fpositivepromotions.formstack.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
92747742b0d05de841880d3cad6550593fa08692d26fe086e15d4a5696606a54
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-response-time
111
date
Mon, 27 Feb 2023 14:53:14 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Mon, 27 Feb 2023 14:53:14 GMT
server
tsa_o
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
eede406629b6fa21
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
223e7702c267f02865bcea172d54b7d7733683fbbdad37b70a1804556007bc11
content-length
284
button.e7f9415a2e000feaab02c86dd5802747.js
platform.twitter.com/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/button.e7f9415a2e000feaab02c86dd5802747.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67E0) /
Resource Hash
ef116c4b154888a36784c143110b264cfe6528a4061c5dcc14e6431ecfbcac56

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 14:53:14 GMT
Content-Encoding
gzip
Age
2912998
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
2618
Last-Modified
Tue, 24 Jan 2023 21:41:06 GMT
Server
ECS (frb/67E0)
Etag
"506673dbdb9085e7201e137e893cc152+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
platform.twitter.com/widgets/ Frame A398 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67E0) /
Resource Hash
a7fd41fd349db8949a256323b8d9af1f86fe14bbd84214553ca70cb488a95e7b

Request headers

Referer
https://positivepromotions.formstack.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
2912995
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
13592
Content-Type
text/html; charset=utf-8
Date
Mon, 27 Feb 2023 14:53:14 GMT
Etag
"28919252629e2fa1d4ed52f48cb66ac0+gzip"
Last-Modified
Tue, 24 Jan 2023 21:41:10 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/67E0)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
embeds
syndication.twitter.com/i/jot/ 		43 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fpositivepromotions.formstack.com%2Fforms%2Fhealthcarequotesab%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22formstack%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1677509594815%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=1543b8c667481c126b2cca233ffec0cc6d7a18aa
Requested by
Host: positivepromotions.formstack.com
URL: https://positivepromotions.formstack.com/forms/healthcarequotesab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-response-time
114
date
Mon, 27 Feb 2023 14:53:14 GMT
strict-transport-security
max-age=631138519
last-modified
Mon, 27 Feb 2023 14:53:14 GMT
server
tsa_o
vary
Origin
content-type
image/gif
x-transaction-id
216b89b98e8a7915
cache-control
must-revalidate, max-age=600
perf
7626143928
x-connection-hash
223e7702c267f02865bcea172d54b7d7733683fbbdad37b70a1804556007bc11
content-length
43
truncated
/ Frame A398 		822 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/svg+xml
analytics.php
positivepromotions.formstack.com/forms/ 		0
322 B 		Script
General
Check archive.org
Download Go to
Full URL
https://positivepromotions.formstack.com/forms/analytics.php?f=5173890&a=fv&m=hosted
Requested by
Host: static.formstack.com
URL: https://static.formstack.com/forms/js/3/analytics_7d49daa365.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-26.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/forms/healthcarequotesab
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 14:53:15 GMT
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubDomains
server
nginx
x-amz-cf-pop
FRA2-C1
x-frame-options
sameorigin
x-cache
Miss from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public
x-amz-cf-id
kQHINTUmarCknaY12H8HrX7W00pW-h9eLKlKWZ8IYnORDYYXujwAEw==
share_button.php
www.facebook.com/v2.0/plugins/ Frame A0FB 		43 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.0/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df12ace623034cc4%26domain%3Dpositivepromotions.formstack.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpositivepromotions.formstack.com%252Ff36f9909d5fe3%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fpositivepromotions.formstack.com%2Fforms%2Fhealthcarequotesab&layout=button_count&locale=en_US&sdk=joey
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=33dbbd69b03e5ab3442b27dc05be3213
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d9df931a481eaaef781f720b83a39f4871103cbb879ed503274f4941f00e2c19
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://positivepromotions.formstack.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
date
Mon, 27 Feb 2023 14:53:15 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v10.0
origin-agent-cluster
?0
pragma
no-cache
priority
u=3,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
uQe63ZFthhAFjoWT6Yo0lPLS9ZMnuvGxORk8DuiULgV41T5boYn0+quQtY86VFAXsQEPecx/2PeozdC37JGk0A==
x-fb-rlafr
0
x-xss-protection
0
GzgedhmzSQa.png
static.xx.fbcdn.net/rsrc.php/v3/yn/r/ Frame A0FB 		272 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/GzgedhmzSQa.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.0/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df12ace623034cc4%26domain%3Dpositivepromotions.formstack.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpositivepromotions.formstack.com%252Ff36f9909d5fe3%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fpositivepromotions.formstack.com%2Fforms%2Fhealthcarequotesab&layout=button_count&locale=en_US&sdk=joey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0187fed1f15750c2fa9e427912bb64d209aad8b47ee4fa9576f6666b68188d36
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 14:53:15 GMT
x-content-type-options
nosniff
content-md5
lIjeC3eJAboxVqIOEs/Auw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
272
x-fb-rlafr
0
x-fb-debug
yAaIU8XI1QY22b2oG1TEl+1B0U+GV2yV9Pz8A01a3s9osAV2OyojBnLlTPFdtUnpkvsiwlBO7OToptP5mdksTw==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 14 Feb 2024 13:49:26 GMT
dDnSFnCpiX9.js
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yJ/l/en_US/ Frame A0FB 		526 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yJ/l/en_US/dDnSFnCpiX9.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.0/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df12ace623034cc4%26domain%3Dpositivepromotions.formstack.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpositivepromotions.formstack.com%252Ff36f9909d5fe3%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fpositivepromotions.formstack.com%2Fforms%2Fhealthcarequotesab&layout=button_count&locale=en_US&sdk=joey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7562aedf5cbf08a7b3679bcefde341057a68688dc3d54d296dc1b24fc35eea0d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 14:53:15 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
BL+ykp4pbIS0Wk0oTlN6Bg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
138357
x-fb-rlafr
0
x-fb-debug
gOjzi2oYZ4tnbMZWSRasS3qAMmBMwYpu0LFK3tD+0ziGhFQcgCEMlhloO+8fpeyff66PZ5TSVP9CFIKv8khfcQ==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 24 Feb 2024 23:00:25 GMT

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 boolean| credentialless object| __twttrll object| twttr object| __twttr object| __core-js_shared__ object| Sslac object| IN object| FS_FIELD_DATA_5173890 undefined| $ function| jQuery function| DP_jQuery_1677509594581 object| Formstack object| libphonenumber function| fsFacAuthCallback object| html5 object| Modernizr function| yepnope function| loadFormstack object| FB object| __buffer object| plugin string| baseUrl object| form5173890

7 Cookies

Domain/Path Name / Value
positivepromotions.formstack.com/forms/ Name: PHPSESSID
Value: 8d378467aacf249347770c464ead36a1
static.formstack.com/ Name: AWSALB
Value: kRhkK1pTHLCOKrSSbVoMUP4CSB83mNxE5U+e5qQhQ9LfccY0O7pdfZPK0TgJxJpeXmBG79CSO7pvna8HDj167Ot+btBrlFA5SaXkGSwnlk4V+kPNWYWkyRJeMkDU
static.formstack.com/ Name: AWSALBCORS
Value: kRhkK1pTHLCOKrSSbVoMUP4CSB83mNxE5U+e5qQhQ9LfccY0O7pdfZPK0TgJxJpeXmBG79CSO7pvna8HDj167Ot+btBrlFA5SaXkGSwnlk4V+kPNWYWkyRJeMkDU
positivepromotions.formstack.com/ Name: AWSALB
Value: PrOTh9bNAuJP9Iszc8HK9+61qJANF2EsF8GbFFiBzMIocAVQQk37v8ZT2xG/uPHIAJjYqvH7NLs3enUmnStpw+Q6lcDqemI19jTff8rYg0at/DveuiWeBsSH6h4u
positivepromotions.formstack.com/ Name: AWSALBCORS
Value: PrOTh9bNAuJP9Iszc8HK9+61qJANF2EsF8GbFFiBzMIocAVQQk37v8ZT2xG/uPHIAJjYqvH7NLs3enUmnStpw+Q6lcDqemI19jTff8rYg0at/DveuiWeBsSH6h4u
www.formstack.com/ Name: AWSALB
Value: qwOhaVDgFzsWnTlkEZG3scKkewEkjPqWBvCXAyQGHV56jCRc49tK+yYmPFaBcwDAOERU+sMKXx0PRYun8JpKInl3p0b26bWZUI94jRBhyJMDuHwUDSt8c2tHDkCk
www.formstack.com/ Name: AWSALBCORS
Value: qwOhaVDgFzsWnTlkEZG3scKkewEkjPqWBvCXAyQGHV56jCRc49tK+yYmPFaBcwDAOERU+sMKXx0PRYun8JpKInl3p0b26bWZUI94jRBhyJMDuHwUDSt8c2tHDkCk

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
platform.linkedin.com
platform.twitter.com
posimail.positivepromotions.com
positivepromotions.formstack.com
s3.amazonaws.com
static.formstack.com
static.xx.fbcdn.net
syndication.twitter.com
www.facebook.com
www.formstack.com
www.positivepromotions.com
104.244.42.72
13.224.189.26
13.224.189.37
2606:2800:234:46c:e8b:1e2f:2bd:694
2620:1ec:4e:1::45
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
52.216.164.21
54.200.107.121
0187fed1f15750c2fa9e427912bb64d209aad8b47ee4fa9576f6666b68188d36
04bebecfb9f7ce92cf947ce283fccf067cf6870f65af3456dd22b6c102447c83
18807e048e96667441838359957ac80ef444b858165b37f8f008613a31aecb30
361b5619f5e27a76320e878f44630489569a2e666c63dee4fab7b63b1667a71a
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
4315b545724305bd6f32c456d1b1757f450da398307e2795727f8f5c65a69e46
4fd91864be6192916a0cdc95d51d179f9bc071b462b7cb1e9e311a4bed974f41
651dab4cb7bc37df2f04d730db54ee9e9bdc1f93fe9739a05c9ce07e0e335947
6ae18af25b0e9b719e18530c09b5647d99b337fd12e4f75e653de8f81a7fdedd
74bf23cb58f15f0a5828b81f3285e56f3917d80c4834cc990645c5aa5ba4c254
7562aedf5cbf08a7b3679bcefde341057a68688dc3d54d296dc1b24fc35eea0d
7d5af5ad676dc02d93d6a945a951688ed7b3402a04bc933090de10d614671d0e
7f88c7eb830e129a72668bec156be3b531f711bc03d7ed9fd15844f97f4e0ee9
86d5823df9f96c928e9981519128e09bf8f745ca88e690be0b342b5ce904d394
87d12dd6c339d7410ec29ccbd5cb4d34d3489cdbc9a56e4a19a313771c43ef32
88e6498d63b80a9096542fd77fbda08242fd2068e1d9e2095b6570e89c595d86
8be533d533b9ca9a27c653ae2e71756be96845c84df07cb7ab9629a35741c205
92747742b0d05de841880d3cad6550593fa08692d26fe086e15d4a5696606a54
9fc43e8f6f26a254c4570b6ccd4e08a2a5f97bedcd1f3491ede9bbb8b5012d90
a7fd41fd349db8949a256323b8d9af1f86fe14bbd84214553ca70cb488a95e7b
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
af420c807b04fdb5136ef53f3bab83b81f2b94e43fa9856f1fad2fde88383744
af897a5f18c00a272750446a9c34d8e024e18813260c4cfef79db22dc4fdf2bb
b008c844d182121bae7686813370e5794851555f29e0ffc2a3b25e6ca0639923
ba640d33e6c4c528bc0667315dd305b76fc10c4b85416853165bfc9820d32417
be488c0f242b432e7109eebf228368139abbeff37eb8fad1b3c510d41e362bd7
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
d9df931a481eaaef781f720b83a39f4871103cbb879ed503274f4941f00e2c19
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef116c4b154888a36784c143110b264cfe6528a4061c5dcc14e6431ecfbcac56
f17111b45ba07d69121cada2319bd80f13c1edd36b3b1bc5794535c288d6334e