www.positivepromotions.com Open in urlscan Pro
52.85.121.33 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://e.positivepromotions.com/t/l?ssid=36410&subscriber_id=byxsujxeqjaghcyzukxrogvyritgbpf&delivery_id=borsjucspzazikokzlstphn...
Effective URL:
https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=br...
Submission: On November 20 via manual (November 20th 2020, 6:12:11 pm UTC) from US

Summary HTTP 198 Redirects Behaviour Indicators

Summary

This website contacted 72 IPs in 10 countries across 54 domains to perform 198 HTTP transactions. The main IP is 52.85.121.33, located in Seattle, United States and belongs to AMAZON-02, US. The main domain is www.positivepromotions.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on August 25th 2020. Valid for: a year.

This is the only time www.positivepromotions.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	216.27.63.7 216.27.63.7	7349 (AS-TIERP-...) (AS-TIERP-7349)
53	52.85.121.33 52.85.121.33	16509 (AMAZON-02) (AMAZON-02)
3	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
2	209.197.3.15 209.197.3.15	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2a00:1450:400... 2a00:1450:4001:820::200a	15169 (GOOGLE) (GOOGLE)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:3b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a00:1450:400... 2a00:1450:4001:816::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:818::2008	15169 (GOOGLE) (GOOGLE)
3 5	2a00:1288:f03... 2a00:1288:f03d:1fa::2000	10310 (YAHOO-1) (YAHOO-1)
5	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
1	151.101.14.133 151.101.14.133	54113 (FASTLY) (FASTLY)
2	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	143.204.201.28 143.204.201.28	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:6c0... 2a02:26f0:6c00:295::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	143.204.50.165 143.204.50.165	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
7	2a02:26f0:170... 2a02:26f0:1700:182::1d72	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	143.204.201.51 143.204.201.51	16509 (AMAZON-02) (AMAZON-02)
1	54.192.229.4 54.192.229.4	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::ac43:cc2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	165.254.56.41 165.254.56.41	393259 (YOTTAA-AS-1) (YOTTAA-AS-1)
3	2a00:1450:400... 2a00:1450:4001:820::2003	15169 (GOOGLE) (GOOGLE)
4	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1	2a02:26f0:6c0... 2a02:26f0:6c00:280::3a7c	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
9	18.193.63.93 18.193.63.93	16509 (AMAZON-02) (AMAZON-02)
2	52.45.119.234 52.45.119.234	14618 (AMAZON-AES) (AMAZON-AES)
2 3	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	54.192.229.43 54.192.229.43	16509 (AMAZON-02) (AMAZON-02)
8	192.229.233.223 192.229.233.223	15133 (EDGECAST) (EDGECAST)
3	34.196.165.166 34.196.165.166	14618 (AMAZON-AES) (AMAZON-AES)
1	52.57.76.228 52.57.76.228	16509 (AMAZON-02) (AMAZON-02)
2 2	54.88.44.13 54.88.44.13	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:444... 2600:1f18:444a:4603:2849:916e:e24c:631d	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:816::2003	15169 (GOOGLE) (GOOGLE)
1	52.219.132.112 52.219.132.112	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:818::2002	15169 (GOOGLE) (GOOGLE)
1	35.186.249.72 35.186.249.72	15169 (GOOGLE) (GOOGLE)
1	52.71.121.107 52.71.121.107	14618 (AMAZON-AES) (AMAZON-AES)
1 7	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
1	54.192.229.110 54.192.229.110	16509 (AMAZON-02) (AMAZON-02)
2	54.91.222.103 54.91.222.103	14618 (AMAZON-AES) (AMAZON-AES)
1	173.199.53.103 173.199.53.103	16815 (GOTO-PRIM...) (GOTO-PRIMARY-AS)
1	122.248.248.129 122.248.248.129	16509 (AMAZON-02) (AMAZON-02)
1	34.240.31.203 34.240.31.203	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	34.247.125.34 34.247.125.34	16509 (AMAZON-02) (AMAZON-02)
3 4	185.33.221.52 185.33.221.52	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	46.228.164.13 46.228.164.13	56396 (TURN) (TURN)
1 2	64.202.112.159 64.202.112.159	23352 (SERVERCEN...) (SERVERCENTRAL)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	104.75.88.112 104.75.88.112	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	18.196.136.126 18.196.136.126	16509 (AMAZON-02) (AMAZON-02)
1	54.194.87.101 54.194.87.101	16509 (AMAZON-02) (AMAZON-02)
3 3	35.156.153.71 35.156.153.71	16509 (AMAZON-02) (AMAZON-02)
1	143.204.55.118 143.204.55.118	16509 (AMAZON-02) (AMAZON-02)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	184.51.9.98 184.51.9.98	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	54.93.159.18 54.93.159.18	16509 (AMAZON-02) (AMAZON-02)
1	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.18.68.31 2.18.68.31	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	18.185.180.173 18.185.180.173	16509 (AMAZON-02) (AMAZON-02)
1 1	162.210.196.208 162.210.196.208	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
2	173.199.53.106 173.199.53.106	16815 (GOTO-PRIM...) (GOTO-PRIMARY-AS)
1	35.157.117.111 35.157.117.111	16509 (AMAZON-02) (AMAZON-02)
1	34.120.207.148 34.120.207.148	15169 (GOOGLE) (GOOGLE)
2	216.27.63.9 216.27.63.9	7349 (AS-TIERP-...) (AS-TIERP-7349)
12 12	143.204.55.69 143.204.55.69	16509 (AMAZON-02) (AMAZON-02)
198	72

1 216.27.63.7 (United States) 1 redirects

ASN7349 (AS-TIERP-7349, US)
PTR: www002.bronto.com

e.positivepromotions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

53 52.85.121.33 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-121-33.bud50.r.cloudfront.net

www.positivepromotions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.197.3.15 (Phoenix, United States)

ASN20446 (HIGHWINDS3, US)
PTR: vip0x00f.map2.ssl.hwcdn.net

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1288:f03d:1fa::2000 (United Kingdom) 3 redirects

ASN10310 (YAHOO-1, US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.yottaa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 143.204.201.28 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-201-28.fra53.r.cloudfront.net

d21gpk1vhmjuf5.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:295::1931 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

assets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.50.165 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-50-165.osl50.r.cloudfront.net

d2vxgxvhgubbj8.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:26f0:1700:182::1d72 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

staticw2.yotpo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.201.51 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-201-51.fra53.r.cloudfront.net

cdn.datasteam.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.192.229.4 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-229-4.waw50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:cc2 (United States)

ASN13335 (CLOUDFLARENET, US)

pubhtml5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 165.254.56.41 (United States)

ASN393259 (YOTTAA-AS-1, US)

qoe-1.yottaa.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 212.82.100.181 (Switzerland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:280::3a7c (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

snip.bronto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 18.193.63.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-63-93.eu-central-1.compute.amazonaws.com

p.yotpo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.45.119.234 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-119-234.compute-1.amazonaws.com

tracker.unbxdapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::13 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.192.229.43 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-229-43.waw50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 192.229.233.223 (Los Angeles, United States)

ASN15133 (EDGECAST, US)

cdn-yotpo-images-production.yotpo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.196.165.166 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-165-166.compute-1.amazonaws.com

api.datasteam.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.76.228 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-76-228.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.88.44.13 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:444a:4603:2849:916e:e24c:631d (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.219.132.112 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: s3-ap-southeast-1-w.amazonaws.com

unbxd.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.249.72 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 72.249.186.35.bc.googleusercontent.com

d.impactradius-event.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.71.121.107 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-121-107.compute-1.amazonaws.com

sc.liveclicker.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 178.250.2.151 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.192.229.110 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-229-110.waw50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.91.222.103 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-91-222-103.compute-1.amazonaws.com

emails.positivepromotions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.199.53.103 (United States)

ASN16815 (GOTO-PRIMARY-AS, US)
PTR: b-app14-35.boldchat.com

vmss.boldchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 122.248.248.129 (Ulu Bedok, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-122-248-248-129.ap-southeast-1.compute.amazonaws.com

recommendations.unbxdapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.240.31.203 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.156.0.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.247.125.34 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

partner.mediawallahscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.221.52 (Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.164.13 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.159 (United States) 1 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.75.88.112 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-112.deploy.static.akamaitechnologies.com

cw.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.196.136.126 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-136-126.eu-central-1.compute.amazonaws.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.87.101 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-87-101.eu-west-1.compute.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.156.153.71 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.55.118 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-55-118.osl50.r.cloudfront.net

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.51.9.98 (United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-9-98.deploy.static.akamaitechnologies.com

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.93.159.18 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.242.245 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.68.31 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-68-31.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.185.180.173 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-180-173.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.210.196.208 (Arlington, United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.199.53.106 (United States)

ASN16815 (GOTO-PRIMARY-AS, US)
PTR: b-app14-36.boldchat.com

vms.boldchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.117.111 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-117-111.eu-central-1.compute.amazonaws.com

visitor-services.boldchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.207.148 (United States)

ASN15169 (GOOGLE, US)

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.27.63.9 (United States)

ASN7349 (AS-TIERP-7349, US)
PTR: lb-vip-216-27-63-9.bronto.com

maw.bronto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 143.204.55.69 (Seattle, United States) 12 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-55-69.osl50.r.cloudfront.net

positivepromotions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
68	positivepromotions.com 13 redirects e.positivepromotions.com www.positivepromotions.com emails.positivepromotions.com positivepromotions.com	2 MB
24	yotpo.com staticw2.yotpo.com p.yotpo.com cdn-yotpo-images-production.yotpo.com	229 KB
11	criteo.com 3 redirects gum.criteo.com sslwidget.criteo.com widget.us.criteo.com dis.criteo.com	7 KB
10	yahoo.com 3 redirects sp.analytics.yahoo.com ads.yahoo.com ups.analytics.yahoo.com	7 KB
10	cloudfront.net d21gpk1vhmjuf5.cloudfront.net d2vxgxvhgubbj8.cloudfront.net	63 KB
9	google-analytics.com www.google-analytics.com	72 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	186 KB
4	adnxs.com 3 redirects secure.adnxs.com	4 KB
4	boldchat.com vmss.boldchat.com vms.boldchat.com visitor-services.boldchat.com	19 KB
4	doubleclick.net 1 redirects stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	4 KB
4	hotjar.com static.hotjar.com vars.hotjar.com script.hotjar.com in.hotjar.com	60 KB
4	datasteam.io cdn.datasteam.io api.datasteam.io	25 KB
4	google.com www.google.com	2 KB
4	bootstrapcdn.com maxcdn.bootstrapcdn.com	112 KB
3	bidswitch.net 1 redirects x.bidswitch.net	1 KB
3	advertising.com 3 redirects pixel.advertising.com	1 KB
3	liadm.com 2 redirects i.liadm.com i6.liadm.com	1 KB
3	unbxdapi.com tracker.unbxdapi.com recommendations.unbxdapi.com	7 KB
3	bronto.com snip.bronto.com maw.bronto.com	20 KB
3	google.de www.google.de	1 KB
3	bing.com bat.bing.com c.bing.com	9 KB
3	googletagmanager.com www.googletagmanager.com	141 KB
3	googleapis.com fonts.googleapis.com ajax.googleapis.com	10 KB
3	fontawesome.com use.fontawesome.com	132 KB
2	openx.net 1 redirects us-u.openx.net	493 B
2	casalemedia.com 1 redirects r.casalemedia.com	2 KB
2	3lift.com 1 redirects eb2.3lift.com	732 B
2	outbrain.com 1 redirects sync.outbrain.com	828 B
2	yottaa.net qoe-1.yottaa.net	1 KB
2	cloudflare.com cdnjs.cloudflare.com	9 KB
2	yimg.com s.yimg.com	7 KB
1	rlcdn.com idsync.rlcdn.com	417 B
1	aralego.com 1 redirects sync.aralego.com	759 B
1	media.net contextual.media.net	713 B
1	teads.tv criteo-sync.teads.tv	172 B
1	sharethrough.com match.sharethrough.com	262 B
1	pubmatic.com simage2.pubmatic.com	997 B
1	smaato.net s.ad.smaato.net	237 B
1	revcontent.com trends.revcontent.com	336 B
1	addthis.com cw.addthis.com	426 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	turn.com 1 redirects d.turn.com	437 B
1	mediawallahscript.com partner.mediawallahscript.com	367 B
1	facebook.com www.facebook.com	377 B
1	liveclicker.net sc.liveclicker.net	530 B
1	impactradius-event.com d.impactradius-event.com	13 KB
1	amazonaws.com unbxd.s3.amazonaws.com	6 KB
1	agkn.com aa.agkn.com	394 B
1	pubhtml5.com pubhtml5.com	819 B
1	facebook.net connect.facebook.net	24 KB
1	googleadservices.com www.googleadservices.com	12 KB
1	criteo.net static.criteo.net	12 KB
1	pinterest.com assets.pinterest.com	431 B
1	yottaa.com cdn.yottaa.com	20 KB
198	54

	Domain	Requested by
53	www.positivepromotions.com	www.positivepromotions.com
12	positivepromotions.com	12 redirects
9	p.yotpo.com	www.positivepromotions.com
9	www.google-analytics.com	www.positivepromotions.com www.google-analytics.com www.googletagmanager.com cdn.yottaa.com
8	cdn-yotpo-images-production.yotpo.com	www.positivepromotions.com
8	d21gpk1vhmjuf5.cloudfront.net	www.positivepromotions.com cdn.yottaa.com
7	staticw2.yotpo.com	www.positivepromotions.com cdn.yottaa.com staticw2.yotpo.com
6	dis.criteo.com
5	fonts.gstatic.com	fonts.googleapis.com
4	secure.adnxs.com	3 redirects
4	sp.analytics.yahoo.com	s.yimg.com
4	www.google.com	www.positivepromotions.com
4	maxcdn.bootstrapcdn.com	www.positivepromotions.com maxcdn.bootstrapcdn.com
3	x.bidswitch.net	1 redirects
3	pixel.advertising.com	3 redirects
3	ups.analytics.yahoo.com
3	ads.yahoo.com	3 redirects
3	api.datasteam.io	cdn.datasteam.io
3	gum.criteo.com	2 redirects static.criteo.net
3	www.google.de	www.positivepromotions.com
3	www.googletagmanager.com	www.positivepromotions.com www.googletagmanager.com
3	use.fontawesome.com	www.positivepromotions.com use.fontawesome.com
2	maw.bronto.com	snip.bronto.com
2	vms.boldchat.com	vmss.boldchat.com cdn.yottaa.com
2	us-u.openx.net	1 redirects
2	r.casalemedia.com	1 redirects
2	eb2.3lift.com	1 redirects
2	sync.outbrain.com	1 redirects
2	emails.positivepromotions.com	cdn.yottaa.com
2	i.liadm.com	2 redirects
2	tracker.unbxdapi.com	www.positivepromotions.com
2	qoe-1.yottaa.net	cdn.yottaa.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	bat.bing.com	www.googletagmanager.com www.positivepromotions.com
2	d2vxgxvhgubbj8.cloudfront.net	www.positivepromotions.com
2	cdnjs.cloudflare.com	www.positivepromotions.com
2	s.yimg.com	www.positivepromotions.com s.yimg.com
2	fonts.googleapis.com	www.positivepromotions.com staticw2.yotpo.com
1	idsync.rlcdn.com
1	visitor-services.boldchat.com	vmss.boldchat.com
1	sync.aralego.com	1 redirects
1	contextual.media.net
1	criteo-sync.teads.tv
1	match.sharethrough.com
1	simage2.pubmatic.com
1	s.ad.smaato.net
1	trends.revcontent.com
1	cw.addthis.com
1	pixel.rubiconproject.com
1	d.turn.com	1 redirects
1	c.bing.com
1	partner.mediawallahscript.com
1	cm.g.doubleclick.net	1 redirects
1	www.facebook.com
1	in.hotjar.com	script.hotjar.com
1	recommendations.unbxdapi.com	cdn.yottaa.com
1	vmss.boldchat.com	cdn.yottaa.com
1	script.hotjar.com	cdn.yottaa.com
1	widget.us.criteo.com
1	sslwidget.criteo.com	1 redirects
1	sc.liveclicker.net	cdn.yottaa.com
1	d.impactradius-event.com	cdn.yottaa.com
1	googleads.g.doubleclick.net	cdn.yottaa.com
1	unbxd.s3.amazonaws.com	cdn.yottaa.com
1	www.gstatic.com	cdn.yottaa.com
1	i6.liadm.com	www.positivepromotions.com
1	aa.agkn.com	cdn.datasteam.io
1	vars.hotjar.com	static.hotjar.com
1	snip.bronto.com	www.positivepromotions.com
1	pubhtml5.com	www.positivepromotions.com
1	static.hotjar.com	www.positivepromotions.com
1	cdn.datasteam.io	www.googletagmanager.com
1	connect.facebook.net	www.googletagmanager.com
1	www.googleadservices.com	www.positivepromotions.com
1	static.criteo.net	www.positivepromotions.com
1	assets.pinterest.com	www.positivepromotions.com
1	cdn.yottaa.com	www.positivepromotions.com
1	ajax.googleapis.com	www.positivepromotions.com
1	e.positivepromotions.com	1 redirects
198	79

This site contains no links.

Subject Issuer	Validity	Valid
www.positivepromotions.com DigiCert SHA2 Secure Server CA	`2020-08-25` - `2021-11-17`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-22` - `2021-10-12`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-11-15` - `2020-12-29`	a month	crt.sh
*.gstatic.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.yottaa.com GlobalSign RSA OV SSL CA 2018	`2020-05-05` - `2022-07-28`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
*.pinterest.com DigiCert SHA2 High Assurance Server CA	`2020-07-16` - `2021-08-04`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2020-11-17` - `2021-02-14`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-11-02` - `2021-01-30`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2020-10-27` - `2021-04-27`	6 months	crt.sh
*.yotpo.com DigiCert SHA2 Secure Server CA	`2020-04-24` - `2021-07-24`	a year	crt.sh
cdn.datasteam.io Amazon	`2020-11-19` - `2021-12-18`	a year	crt.sh
*.hotjar.com Amazon	`2020-01-22` - `2021-02-22`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.pubhtml5.com Go Daddy Secure Certificate Authority - G2	`2020-02-14` - `2022-04-14`	2 years	crt.sh
*.yottaa.net GlobalSign RSA OV SSL CA 2018	`2020-08-03` - `2022-10-03`	2 years	crt.sh
*.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-08-01` - `2021-01-28`	6 months	crt.sh
bronto.oracle.com DigiCert Secure Site ECC CA-1	`2020-03-09` - `2021-05-08`	a year	crt.sh
*.unbxd.io Amazon	`2020-08-21` - `2021-09-20`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2020-11-17` - `2021-02-14`	3 months	crt.sh
*.datasteam.io Amazon	`2020-08-28` - `2021-09-28`	a year	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2020-07-25` - `2022-09-18`	2 years	crt.sh
*.liadm.com Amazon	`2019-12-28` - `2021-01-28`	a year	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2019-11-09` - `2021-03-12`	a year	crt.sh
*.impactradius-event.com COMODO RSA Domain Validation Secure Server CA	`2019-01-08` - `2021-01-20`	2 years	crt.sh
sc.liveclicker.net Thawte TLS RSA CA G1	`2019-06-12` - `2021-06-11`	2 years	crt.sh
*.us.criteo.com DigiCert ECC Secure Server CA	`2020-10-27` - `2021-01-24`	3 months	crt.sh
emails.positivepromotions.com RapidSSL RSA CA 2018	`2020-03-03` - `2022-03-03`	2 years	crt.sh
*.boldchat.com GlobalSign Organization Validation CA - SHA256 - G2	`2019-02-05` - `2021-04-03`	2 years	crt.sh
*.unbxdapi.com Amazon	`2020-08-14` - `2021-09-14`	a year	crt.sh
*.google.de GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-10-24` - `2021-04-20`	6 months	crt.sh
*.mediawallahscript.com Amazon	`2020-06-03` - `2021-07-03`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2019-10-29` - `2021-11-23`	2 years	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
odc-prod-01.oracle.com DigiCert Secure Site ECC CA-1	`2020-07-22` - `2021-10-13`	a year	crt.sh
*.3lift.com Amazon	`2020-07-04` - `2021-08-05`	a year	crt.sh
revcontent.com Amazon	`2020-07-08` - `2021-08-08`	a year	crt.sh
s.ad.smaato.net Amazon	`2020-04-15` - `2021-05-15`	a year	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.sharethrough.com Amazon	`2020-09-09` - `2021-10-11`	a year	crt.sh
teads.tv Let's Encrypt Authority X3	`2020-11-19` - `2021-02-17`	3 months	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2020-02-25` - `2021-05-26`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-14` - `2021-04-23`	a year	crt.sh
*.bronto.com DigiCert SHA2 Secure Server CA	`2019-04-24` - `2021-06-22`	2 years	crt.sh

This page contains 5 frames:

Primary Page: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Frame ID: 020D9732095588C5B2D7668CDED97C72
Requests: 164 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.positivepromotions.com
Frame ID: E7C3270791D26CEFD5CDA3A6FB728C92
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 0B4B9ADAC77B371582C24FA755B782AA
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/?id=489976674733735&ev=ViewContent&cd[content_type]=product&cd[content_ids]=%5B%22-6940745018134828429%22%5D&cd[product_catalog_id]=2082113585363375&cd[product_category]=0&cd[criteo_audience_3_0]=A3&cd[external_id]=80112261-5161-4f54-8fc2-ce5d95de4964&cd[application_id]=423936147658676
Frame ID: 729363710C148CD9A6D820C10EDE0CCC
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/rightmedia/cookiematch.aspx?xid=E0
Frame ID: C3CEB0F408ED8ED065C94511659B30AB
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://e.positivepromotions.com/t/l?ssid=36410&subscriber_id=byxsujxeqjaghcyzukxrogvyritgbpf&delivery_id=bor... HTTP 307
https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid... Page URL

Detected technologies

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Page Statistics

198
Requests

100 %
HTTPS

32 %
IPv6

54
Domains

79
Subdomains

72
IPs

10
Countries

2844 kB
Transfer

7503 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://e.positivepromotions.com/t/l?ssid=36410&subscriber_id=byxsujxeqjaghcyzukxrogvyritgbpf&delivery_id=borsjucspzazikokzlstphnvzutgbod&td=_dkr94LAJhLENhzYW3G0UQJT0s6sLarwJZ9vR1L1dqcp6qgIiv7PhkEN0xwk9DvWztB6S2NuUtXkXveZjrwmCBhR0JtgPTyUh-QAxld5PdD5-O6AGh9k0AFtYZn8zfLEsHrLWyjXt-X3y5LpLJFONGuvql5d6ObGrA48eUInAz41h1P1dZzaXgwuDZ_jfnQNH0TOZJlgFlsVLdCs3mJ9incsYX_2VCXwjocc1FqG63UGyvGx2hHEJjQdRHChQA43WlbRXbPqwnwSMMVxpL6obDQV3pJnyP7vP0vOc02zswtiKDTMbw9tThDGbkeGTTC7PNWXRJOZckpoj3GmJRgQu6vIgMIXXKf6VOMhmv4_Lu76KUTufvONvykA HTTP 307
https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 116

https://i.liadm.com/s/63537?bidder_id=242861&bidder_uuid=98BD64-054CD456-CE37-4166-8994-0D1A2565F026 HTTP 303
https://i.liadm.com/s/63537?bidder_id=242861&bidder_uuid=98BD64-054CD456-CE37-4166-8994-0D1A2565F026&_li_chk=true&previous_uuid=e5f79f2cdf3441a79c70d7530cd08713 HTTP 303
https://i6.liadm.com/s/63537?bidder_id=242861&bidder_uuid=98BD64-054CD456-CE37-4166-8994-0D1A2565F026

Request Chain 129

https://sslwidget.criteo.com/event?a=50039&v=5.6.2&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvp%26p%3DVP-9026&p3=e%3Ddis&adce=1&tld=positivepromotions.com&dtycbr=52318 HTTP 302
https://widget.us.criteo.com/event?a=50039&v=5.6.2&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvp%26p%3DVP-9026&p3=e%3Ddis&adce=1&tld=positivepromotions.com&dtycbr=52318

Request Chain 145

https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1 HTTP 302
https://dis.criteo.com/dis/rtb/rightmedia/cookiematch.aspx?xid=E0

Request Chain 148

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay0tMjBLa2NNTFBLdk5tWlo0N29zRXdMTjlkdTE2dkxUQVNVbFZadw HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0

Request Chain 150

https://secure.adnxs.com/setuid?entity=52&code=k-URNEB8MLPKvNmZZ47osEwLN9du2wjQMMybsuLA&seg=95287 HTTP 307
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-URNEB8MLPKvNmZZ47osEwLN9du2wjQMMybsuLA%26seg%3D95287

Request Chain 152

https://gum.criteo.com/sync?c=383&r=1&a=1&u=https%3A%2F%2Fd.turn.com%2Fr%2Fdd%2Fid%2FL2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI%2Fdpuid%2F%40USERID%40%2Furl%2Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fcdb%252Fcookiematch.aspx%253F%2526extid%253D%2524!%7BTURN_UUID%7D HTTP 302
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI/dpuid/_Ck43-6Lcy6xhOqhAH1nSBYs59AjXYFG/url/https%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fcdb%2Fcookiematch.aspx%3F%26extid%3D%24!%7BTURN_UUID%7D HTTP 302
https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=8546603763465062209

Request Chain 153

https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-NhVkOcMLPKvNmZZ47osEwLN9du0Rtpllzxm9ew HTTP 302
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-NhVkOcMLPKvNmZZ47osEwLN9du0Rtpllzxm9ew&rdrctExp=true

Request Chain 156

https://eb2.3lift.com/xuid?mid=2711&xuid=k-6DqEVsMLPKvNmZZ47osEwLN9du3Q_uaDaZ-1xQ&dongle=013b HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-6DqEVsMLPKvNmZZ47osEwLN9du3Q_uaDaZ-1xQ&dongle=013b&gdpr=1&cmp_cs=&us_privacy=

Request Chain 158

https://pixel.advertising.com/ups/55945/sync?uid=k-jFlSEsMLPKvNmZZ47osEwLN9du3tn5Qfgd7aLQ&_origin=1 HTTP 302
https://pixel.advertising.com/ups/55945/sync?uid=k-jFlSEsMLPKvNmZZ47osEwLN9du3tn5Qfgd7aLQ&_origin=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-jFlSEsMLPKvNmZZ47osEwLN9du3tn5Qfgd7aLQ&_origin=1&apid=UPd6a18550-2b5b-11eb-9c42-06b79851ae8e

Request Chain 161

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k--hSqM8MLPKvNmZZ47osEwLN9du0ou7en-Mpdpw HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k--hSqM8MLPKvNmZZ47osEwLN9du0ou7en-Mpdpw&C=1

Request Chain 162

https://us-u.openx.net/w/1.0/sd?id=537072953&val=k-XXuOX8MLPKvNmZZ47osEwLN9du13iWdNgpgEOA&c=us HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072953&val=k-XXuOX8MLPKvNmZZ47osEwLN9du13iWdNgpgEOA&c=us

Request Chain 166

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-Owb5n8MLPKvNmZZ47osEwLN9du1IFeHHLw7JFQ&expires=30&user_group=5 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-Owb5n8MLPKvNmZZ47osEwLN9du1IFeHHLw7JFQ&expires=30&user_group=5

Request Chain 167

https://sync.aralego.com/idSync/?ucf_nid=dsp-833DD22BEB97673FB4E8B8DBB882B99&ucf_user_id=k-fRhZNMMLPKvNmZZ47osEwLN9du1F62-YPTxTGQ HTTP 302
https://x.bidswitch.net/sync?ssp=ucfunnel&user_id=8101b4f2-dad5-3c58-8057-95551a353bbf&gdpr=1&gdpr_consent=

Request Chain 171

https://ads.yahoo.com/cms/v1?esig=2~d70585acac52c040f8b2016b9137859f8ce8814d&nwid=10022892938&sigv=1 HTTP 302
https://dis.criteo.com/dis/rtb/yahoogemini/cookiematch.aspx?xid=E0

Request Chain 172

https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40 HTTP 302
https://idsync.rlcdn.com/397596.gif?partner_uid=THEeHgWI5Pa9bDCzXqBnNLWVmwhFA1fv

Request Chain 174

https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=9102930065395456261

Request Chain 175

https://pixel.advertising.com/ups/55945/sync?uid=k-qwrmEcMLPKvNmZZ47osEwLN9du2w8AxR_ignwg&_origin=1 HTTP 302
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-qwrmEcMLPKvNmZZ47osEwLN9du2w8AxR_ignwg&_origin=1&apid=UPd6a18550-2b5b-11eb-9c42-06b79851ae8e

Request Chain 179

https://ads.yahoo.com/cms/v1?esig=2~53ef8d479c22b2f64b38b7c8ed96f504cd8e84c6&nwid=10033892938&sigv=1 HTTP 302
https://dis.criteo.com/dis/rtb/yahoogemini/cookiematch.aspx?xid=E0

Request Chain 184

https://positivepromotions.com/images/350/VPP2077.jpg?n=232 HTTP 301
https://www.positivepromotions.com/images/350/VPP2077.jpg?n=232

Request Chain 185

https://positivepromotions.com/images/350/VPP2076.jpg?n=232 HTTP 301
https://www.positivepromotions.com/images/350/VPP2076.jpg?n=232

Request Chain 186

https://positivepromotions.com/images/350/VP-9023.jpg?n=232 HTTP 301
https://www.positivepromotions.com/images/350/VP-9023.jpg?n=232

Request Chain 187

https://positivepromotions.com/images/350/VPP2082.jpg?n=232 HTTP 301
https://www.positivepromotions.com/images/350/VPP2082.jpg?n=232

Request Chain 188

https://positivepromotions.com/images/350/VPP2081.jpg?n=232 HTTP 301
https://www.positivepromotions.com/images/350/VPP2081.jpg?n=232

Request Chain 189

https://positivepromotions.com/images/350/VPP2080.jpg?n=232 HTTP 301
https://www.positivepromotions.com/images/350/VPP2080.jpg?n=232

Request Chain 190

https://positivepromotions.com/images/350/VPP2070.jpg?n=232 HTTP 301
https://www.positivepromotions.com/images/350/VPP2070.jpg?n=232

Request Chain 191

https://positivepromotions.com/images/350/VPP2068.jpg?n=232 HTTP 301
https://www.positivepromotions.com/images/350/VPP2068.jpg?n=232

Request Chain 192

https://positivepromotions.com/images/350/VPP2067.jpg?n=232 HTTP 301
https://www.positivepromotions.com/images/350/VPP2067.jpg?n=232

Request Chain 193

https://positivepromotions.com/images/350/VP-9127.jpg?n=232 HTTP 301
https://www.positivepromotions.com/images/350/VP-9127.jpg?n=232

Request Chain 194

https://positivepromotions.com/images/350/VP-9061.jpg?n=232 HTTP 301
https://www.positivepromotions.com/images/350/VP-9061.jpg?n=232

Request Chain 195

https://positivepromotions.com/images/350/VP-9076.jpg?n=232 HTTP 301
https://www.positivepromotions.com/images/350/VP-9076.jpg?n=232

198 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/
Redirect Chain

https://e.positivepromotions.com/t/l?ssid=36410&subscriber_id=byxsujxeqjaghcyzukxrogvyritgbpf&delivery_id=borsjucspzazikokzlstphnvzutgbod&td=_dkr94LAJhLENhzYW3G0UQJT0s6sLarwJZ9vR1L1dqcp6qgIiv7PhkEN...
https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&...

270 KB
38 KB

1091ms
985ms

Document
text/html

52.85.121.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.121.33 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-121-33.bud50.r.cloudfront.net

Software

Resource Hash

c46f157338fa2d85f86a825a4c72feca9a6008d02670bf30364dd54d659dd7cb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.positivepromotions.com
:scheme: https
:path: /thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: bs_t_4733e771205131bf900e7ef5a6ae5a41=YTo3OntzOjE6InMiO3M6MzI6IjQ3MzNlNzcxMjA1MTMxYmY5MDBlN2VmNWE2YWU1YTQxIjtzOjE6ImMiO3M6MzI6ImViY2IwYWRmZjRhMjllMzBlYjhhYjA2YmQ4MzQ2YjVjIjtzOjE6ImQiO3M6MzI6ImJjNjg3NzRkNGUyYzhiY2Y2OWI0MzA0NmUyZjEwNGRjIjtzOjM6Im12bCI7czozMjoiM2JjZjI0ZDZhMjRhZjE4ODJjOTIzYTY5ODFhZDEyMWYiO3M6MzoiY2lkIjtzOjI5OiJjcWRvc2U5Y2NkNGdxc3VvcXIzZDR3MmJyMDZsdCI7czozOiJ0aWQiO3M6MTA0OiIxMjc1MjY4NTM1NTQ3NjQwOTM5ODA3NjkzODQ0NjMwMTU0NzgyNDU0NTkwODE3NjA1NjMyODc4MTAwMDExMTUxNDQ5MDgwMjQ5ODYyNjI0NDc1NjMxMDM5MzU4ODgyOTkzNjc4Mjg1NiI7czoxOiJlIjtzOjEwOiIxNjA3MTA1NDkxIjt9; bs_t_bc_4733e771205131bf900e7ef5a6ae5a41=1; tid_amwtzrfvzctxhsxubkucbkausjngbeo=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856; du_amwtzrfvzctxhsxubkucbkausjngbeo=ebcb0adff4a29e30eb8ab06bd8346b5c
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
vary: Accept-Encoding
date: Fri, 20 Nov 2020 18:11:31 GMT
set-cookie: AWSALB=IaHfcmS6Wl03ydm8Gk3ESyQFhYabl0ZRhTxMhUhSjWiIfTzVDAJuB8JgGICujVA5wmfuYDEgasEd3CbeWavopBurdmJJGzTrWnl0nsXYozIZLjyo+ZQRmERQAjjs; Expires=Fri, 27 Nov 2020 18:11:31 GMT; Path=/ AWSALBCORS=IaHfcmS6Wl03ydm8Gk3ESyQFhYabl0ZRhTxMhUhSjWiIfTzVDAJuB8JgGICujVA5wmfuYDEgasEd3CbeWavopBurdmJJGzTrWnl0nsXYozIZLjyo+ZQRmERQAjjs; Expires=Fri, 27 Nov 2020 18:11:31 GMT; Path=/; SameSite=None; Secure ASP.NET_SessionId=qpmmr10mwr0xkwe3kbrnoxma; path=/; secure; HttpOnly; SameSite=Lax dmi=637414746918532637; expires=Tue, 05-Nov-2080 18:11:31 GMT; path=/; secure; HttpOnly visitor_guid=41eacd96-86bf-4a42-a629-9a66ba409fe0; expires=Tue, 05-Nov-2080 18:11:31 GMT; path=/; secure; HttpOnly
cache-control: private
x-frame-options: SAMEORIGIN
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 5a8c07b858d219acd503ad0cde74e54b.cloudfront.net (CloudFront)
x-amz-cf-pop: BUD50-C1
x-amz-cf-id: BjJjgGlPLKMkg6L7Ts7Qklb08CwT6dGc2Q--pqgIxI1d9RCyTbjKjA==

Redirect headers

Location: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Set-Cookie: bs_t_4733e771205131bf900e7ef5a6ae5a41=YTo3OntzOjE6InMiO3M6MzI6IjQ3MzNlNzcxMjA1MTMxYmY5MDBlN2VmNWE2YWU1YTQxIjtzOjE6ImMiO3M6MzI6ImViY2IwYWRmZjRhMjllMzBlYjhhYjA2YmQ4MzQ2YjVjIjtzOjE6ImQiO3M6MzI6ImJjNjg3NzRkNGUyYzhiY2Y2OWI0MzA0NmUyZjEwNGRjIjtzOjM6Im12bCI7czozMjoiM2JjZjI0ZDZhMjRhZjE4ODJjOTIzYTY5ODFhZDEyMWYiO3M6MzoiY2lkIjtzOjI5OiJjcWRvc2U5Y2NkNGdxc3VvcXIzZDR3MmJyMDZsdCI7czozOiJ0aWQiO3M6MTA0OiIxMjc1MjY4NTM1NTQ3NjQwOTM5ODA3NjkzODQ0NjMwMTU0NzgyNDU0NTkwODE3NjA1NjMyODc4MTAwMDExMTUxNDQ5MDgwMjQ5ODYyNjI0NDc1NjMxMDM5MzU4ODgyOTkzNjc4Mjg1NiI7czoxOiJlIjtzOjEwOiIxNjA3MTA1NDkxIjt9;Version=1;Comment=;Domain=positivepromotions.com;Path=/;Max-Age=631139040;SameSite=Lax bs_t_bc_4733e771205131bf900e7ef5a6ae5a41=1;Version=1;Comment=;Domain=positivepromotions.com;Path=/;SameSite=Lax tid_amwtzrfvzctxhsxubkucbkausjngbeo=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856;Version=1;Comment=;Domain=positivepromotions.com;Path=/;Max-Age=1209600;SameSite=Lax du_amwtzrfvzctxhsxubkucbkausjngbeo=ebcb0adff4a29e30eb8ab06bd8346b5c;Version=1;Comment=;Domain=positivepromotions.com;Path=/;Max-Age=631139040;SameSite=Lax
Connection: keep-alive
Date: Fri, 20 Nov 2020 18:11:30 GMT
Content-Length: 0

GET
H2 200 all.css
use.fontawesome.com/releases/v5.1.0/css/ 45 KB
11 KB 144ms
35ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550

Request headers

Origin: https://www.positivepromotions.com
Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 18:11:32 GMT
content-encoding: gzip
last-modified: Wed, 20 Jun 2018 20:19:16 GMT
server: NetDNA-cache/2.2
etag: W/"826c57385f3d35cfed5478ba7b1f5c03"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 391ms
30ms Stylesheet
text/css 209.197.3.15
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

vip0x00f.map2.ssl.hwcdn.net

Software

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 18:11:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:35:20 GMT
etag: "1544639720"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 7050

GET
H2 200 css
fonts.googleapis.com/ 7 KB
888 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather:400,700|Roboto:400,700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d62816747176a4f2fa04097fa1978864d6129f18f1c15490efb0170aef8da7ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 20 Nov 2020 18:11:32 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
date: Fri, 20 Nov 2020 18:11:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Fri, 20 Nov 2020 18:11:32 GMT

GET
H2 200 base-kalio.css
www.positivepromotions.com/Styles/ 379 KB
67 KB 88ms
87ms Stylesheet
text/css 52.85.121.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.positivepromotions.com/Styles/base-kalio.css?v=1
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.121.33 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-121-33.bud50.r.cloudfront.net
Software: /
Resource Hash: 88f006c6f5d06d3e9b0d4f7bec0be8c719b5aff7ba046ef77a64f944d90834a1

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 21:08:58 GMT
content-encoding: gzip
last-modified: Tue, 06 Nov 2018 12:02:54 GMT
age: 248554
etag: W/"9ef695a6c875d41:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 5a8c07b858d219acd503ad0cde74e54b.cloudfront.net (CloudFront)
cache-control: max-age=2678400
x-amz-cf-pop: BUD50-C1
x-amz-cf-id: 2cy3HgHCIOnTrkhKRdhOTm8lr0x2ztb7EkPmzh6zk0NeFr_zRjgaWg==

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
20 KB 5040ms
11ms Stylesheet
text/css 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.positivepromotions.com
Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 18:11:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:34:07 GMT
etag: "1544639647"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 19740

GET
H2 200 theme.css
www.positivepromotions.com/Styles/ 343 KB
43 KB 76ms
75ms Stylesheet
text/css 52.85.121.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.positivepromotions.com/Styles/theme.css?v=1297
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.121.33 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-121-33.bud50.r.cloudfront.net
Software: /
Resource Hash: 775f86d27c4ae98dd4fcdcdb8bb19232bf5d2cf703db9c9300e5264eff3e2a62

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 21:09:02 GMT
content-encoding: gzip
last-modified: Mon, 16 Nov 2020 15:27:41 GMT
age: 248550
etag: W/"2e842b62dbcd61:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 5a8c07b858d219acd503ad0cde74e54b.cloudfront.net (CloudFront)
cache-control: max-age=2678400
x-amz-cf-pop: BUD50-C1
x-amz-cf-id: pWfccktPlcqEWViScxr1hCqB83Y6nkqsHgf3OuJ2axLJ6-B9hwsFlg==

GET
H2 200 EMAIL_modal.jpg
www.positivepromotions.com/images/art/ 23 KB
24 KB 57ms
56ms Image
image/jpeg 52.85.121.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/EMAIL_modal.jpg?v=102182673711-1
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.121.33 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-121-33.bud50.r.cloudfront.net
Software: /
Resource Hash: 9b8a5d4db37bad156daaf56eff1bf0eb83ddddf909e11518dc87bc560233ed2d

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 18:53:55 GMT
via: 1.1 5a8c07b858d219acd503ad0cde74e54b.cloudfront.net (CloudFront)
last-modified: Tue, 06 Mar 2018 21:11:19 GMT
age: 83857
etag: "80671fac8fb5d31:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=86400
x-amz-cf-pop: BUD50-C1
accept-ranges: bytes
content-length: 23894
x-amz-cf-id: cy9D11Cl_b-7RzCW9S2bHj1WOGOuHDpgq126Lgcj7Pb50C6ougrpGQ==

GET
H2 200 cartMenuItem.png
www.positivepromotions.com/images/art/ 21 KB
21 KB 50ms
49ms Image
image/png 52.85.121.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/cartMenuItem.png?v=102183024803-2
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.121.33 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-121-33.bud50.r.cloudfront.net
Software: /
Resource Hash: c917f69d8194a8ef256fc8e05cbf8e4e0b68c04280cc445d05e81f7318e4ddfd

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 18:53:55 GMT
via: 1.1 5a8c07b858d219acd503ad0cde74e54b.cloudfront.net (CloudFront)
last-modified: Tue, 21 Aug 2018 14:56:31 GMT
age: 83857
etag: "11e074255f39d41:0"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=86400
x-amz-cf-pop: BUD50-C1
accept-ranges: bytes
content-length: 21405
x-amz-cf-id: bei2a5_mdVRj4nOfsfTcakh54-Qu9eICtnwDml2AMgPWMTBV_laLvg==

GET
H2 200 logo_800x200.png
www.positivepromotions.com/images/art/ 26 KB
27 KB 51ms
51ms Image
image/png 52.85.121.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/logo_800x200.png?v=102183002559-2
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.121.33 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-121-33.bud50.r.cloudfront.net
Software: /
Resource Hash: 5a05f9db9da75445577638a9c3b553deb28b09c07c4759234a9ad20297da0ca3

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 18:11:27 GMT
via: 1.1 5a8c07b858d219acd503ad0cde74e54b.cloudfront.net (CloudFront)
last-modified: Fri, 06 Jul 2018 21:35:33 GMT
age: 12197
etag: "478c4f457115d41:0"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=86400
x-amz-cf-pop: BUD50-C1
accept-ranges: bytes
content-length: 26870
x-amz-cf-id: 9DapwHGt0nP-vmZfZK8YOxLBF2OfayD6TdowVaBhAQxgkviybizvGw==

GET
H2 200 Nav-marketplace-BuildYourBrand.jpg
www.positivepromotions.com/images/art/ 41 KB
41 KB 50ms
49ms Image
image/jpeg 52.85.121.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/Nav-marketplace-BuildYourBrand.jpg?v=102183363166-2
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.121.33 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-121-33.bud50.r.cloudfront.net
Software: /
Resource Hash: dc4920dd2a007ae5d6c24fa68a7e524524176489397b764e29f531bf593fdb47

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 18:11:28 GMT
via: 1.1 5a8c07b858d219acd503ad0cde74e54b.cloudfront.net (CloudFront)
last-modified: Wed, 09 Sep 2020 17:03:19 GMT
age: 12197
etag: "80e5c51dcb86d61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=86400
x-amz-cf-pop: BUD50-C1
accept-ranges: bytes
content-length: 41474
x-amz-cf-id: _-1jPW_aG5Qck-K79tosmRwE8STchZSWmLZTu-_kyfKhaSWXsmDGdg==

GET
H2 200 Nav-marketplace-EcoAnimation.gif
www.positivepromotions.com/images/art/ 74 KB
74 KB 50ms
49ms Image
image/gif 52.85.121.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/Nav-marketplace-EcoAnimation.gif?v=102183363167-2
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.121.33 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-121-33.bud50.r.cloudfront.net
Software: /
Resource Hash: 5e58fa4b27e7f3531d9233bae7270845e9910428b1676e113a0ee20f612c3484

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 18:53:58 GMT
via: 1.1 5a8c07b858d219acd503ad0cde74e54b.cloudfront.net (CloudFront)
last-modified: Wed, 09 Sep 2020 17:03:19 GMT
age: 83853
etag: "80e5c51dcb86d61:0"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=86400
x-amz-cf-pop: BUD50-C1
accept-ranges: bytes
content-length: 75778
x-amz-cf-id: mkMZsHYz4Ctu2xfDZG64kUnOTC2kDjcORWbgUwVvmTS32bHhWDongQ==

GET
H2 200 Nav-marketplace-APPAREL-winter.jpg
www.positivepromotions.com/images/art/ 52 KB
52 KB 51ms
50ms Image
image/jpeg 52.85.121.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/Nav-marketplace-APPAREL-winter.jpg?v=102183511133-3
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.121.33 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-121-33.bud50.r.cloudfront.net
Software: /
Resource Hash: f95fecebb1bc1c42ad5007417d7bfbecb4e7b931031eb622defe57eeee35e6af

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 21:24:23 GMT
via: 1.1 5a8c07b858d219acd503ad0cde74e54b.cloudfront.net (CloudFront)
last-modified: Mon, 26 Oct 2020 21:34:17 GMT
age: 74829
etag: "3eeed2c1dfabd61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=86400
x-amz-cf-pop: BUD50-C1
accept-ranges: bytes
content-length: 52980
x-amz-cf-id: 3AefFRnRVB-cQHBDu6MHbDxmBtKxUG0tF4l_Dd70yJETqGeU_MZ5jQ==

GET
H2 200 Nav-marketplace-AcademicA.jpg
www.positivepromotions.com/images/art/ 53 KB
54 KB 51ms
51ms Image
image/jpeg 52.85.121.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/Nav-marketplace-AcademicA.jpg?v=102183228166-5
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.121.33 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-121-33.bud50.r.cloudfront.net
Software: /
Resource Hash: ca94205bd925fecd979d7b5714b5f69a64d2a3d28116a7181fabcfa4b7f593ae

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 18:11:28 GMT
via: 1.1 5a8c07b858d219acd503ad0cde74e54b.cloudfront.net (CloudFront)
last-modified: Thu, 10 Sep 2020 15:46:19 GMT
age: 12198
etag: "809773868987d61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=86400
x-amz-cf-pop: BUD50-C1
accept-ranges: bytes
content-length: 54418
x-amz-cf-id: Ve3VkzLud9lxYpnoZITxCyxbHBAS7dNaFO6YPmT3lmNwV8GsCPvvwQ==

GET
H2 200 Nav-marketplace-Diabetes.jpg
www.positivepromotions.com/images/art/ 42 KB
42 KB 50ms
50ms Image
image/jpeg 52.85.121.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/Nav-marketplace-Diabetes.jpg?v=102183521126-3
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.121.33 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-121-33.bud50.r.cloudfront.net
Software: /
Resource Hash: 08fbce48b13234b967a121fe1850fe0667b18ad5aefee7030652ced0a7b54f6c

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 18:53:59 GMT
via: 1.1 5a8c07b858d219acd503ad0cde74e54b.cloudfront.net (CloudFront)
last-modified: Mon, 09 Nov 2020 22:19:56 GMT
age: 83854
etag: "1ca42f74e6b6d61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=86400
x-amz-cf-pop: BUD50-C1
accept-ranges: bytes
content-length: 42578
x-amz-cf-id: 8hc5fnrpSYWMCikzPIxco7_uN6jyoI5Gy_YHwl0DqJpD02DZclkzTg==

GET
H2 200 Nav-marketplace-Recognition.jpg
www.positivepromotions.com/images/art/ 56 KB
57 KB 52ms
51ms Image
image/jpeg 52.85.121.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/Nav-marketplace-Recognition.jpg?v=102183389544-7
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.121.33 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-121-33.bud50.r.cloudfront.net
Software: /
Resource Hash: 2a6366a176cf231de28fa0bbf2487f542fad91487888c063813d6f6136e2544a

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 02:54:05 GMT
via: 1.1 5a8c07b858d219acd503ad0cde74e54b.cloudfront.net (CloudFront)
last-modified: Mon, 26 Oct 2020 21:34:18 GMT
age: 55048
etag: "3f4b7bc2dfabd61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=86400
x-amz-cf-pop: BUD50-C1
accept-ranges: bytes
content-length: 57747
x-amz-cf-id: TcXUGLvqgri9bH7WwZfN8q0LCs9Wz37dT7MGgKQ9WW9Ebq86lcGTeg==

GET
H2 200 Nav-marketplace-FireSafety.jpg
www.positivepromotions.com/images/art/ 61 KB
61 KB 54ms
54ms Image
image/jpeg 52.85.121.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/Nav-marketplace-FireSafety.jpg?v=102183281640-3
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.121.33 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-121-33.bud50.r.cloudfront.net
Software: /
Resource Hash: 36f6dd7fabb60d574597ec2e636e71e99805a35c34b8fa1e2fa9e508023b5326

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 18:53:59 GMT
via: 1.1 5a8c07b858d219acd503ad0cde74e54b.cloudfront.net (CloudFront)
last-modified: Mon, 12 Oct 2020 19:34:32 GMT
age: 83854
etag: "5df4a3b5cea0d61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=86400
x-amz-cf-pop: BUD50-C1
accept-ranges: bytes
content-length: 62444
x-amz-cf-id: paTRQAihG0qy6BCA2kL1pF5jJZ_TvhDLIHou-3lXVN4IEhsl9i6mUw==

GET
H2 200 Nav-marketplace-WorkSafety.jpg
www.positivepromotions.com/images/art/ 51 KB
52 KB 51ms
51ms Image
image/jpeg 52.85.121.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/Nav-marketplace-WorkSafety.jpg?v=102183158283-7
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.121.33 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-121-33.bud50.r.cloudfront.net
Software: /
Resource Hash: ca89b95a7c6dca869b156d92189aab844075a3b43c8181346c9ace73adbbcfc1

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 21:53:37 GMT
via: 1.1 5a8c07b858d219acd503ad0cde74e54b.cloudfront.net (CloudFront)
last-modified: Wed, 11 Nov 2020 19:30:48 GMT
age: 73076
etag: "064362861b8d61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=86400
x-amz-cf-pop: BUD50-C1
accept-ranges: bytes
content-length: 52617
x-amz-cf-id: rsmx-rQxajGMovUw_F5Na64J9J0i_keb87MIhxM5hVkR-wIn66P2Dw==

GET
H2 200 Nav-marketplace-Christmas.jpg
www.positivepromotions.com/images/art/ 62 KB
62 KB 51ms
51ms Image
image/jpeg 52.85.121.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/Nav-marketplace-Christmas.jpg?v=102183248857-10
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.121.33 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-121-33.bud50.r.cloudfront.net
Software: /
Resource Hash: 67433a7229caf2ee18364fb8a70d2081e59818d78b03bcfb21241fb1f30a352a

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 18:53:59 GMT
via: 1.1 5a8c07b858d219acd503ad0cde74e54b.cloudfront.net (CloudFront)
last-modified: Tue, 20 Oct 2020 18:04:20 GMT
age: 83854
etag: "0ead56eba7d61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=86400
x-amz-cf-pop: BUD50-C1
accept-ranges: bytes
content-length: 63406
x-amz-cf-id: rG2DgSFQSCWeU18N_5LwBNKl8YOl1qDW3FcEDuvvZDZghqtszdqqYQ==

GET
H2 200 Nav-marketplace-Gourmet.jpg
www.positivepromotions.com/images/art/ 57 KB
57 KB 51ms
51ms Image
image/jpeg 52.85.121.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/Nav-marketplace-Gourmet.jpg?v=102183501201-2
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.121.33 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-121-33.bud50.r.cloudfront.net
Software: /
Resource Hash: 0b3ae07e03b3a34168a239cacf67b8580d2cf6662ba6e1d305e0bfc84bf9bc12

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 18:53:59 GMT
via: 1.1 5a8c07b858d219acd503ad0cde74e54b.cloudfront.net (CloudFront)
last-modified: Fri, 16 Oct 2020 14:07:06 GMT
age: 83854
etag: "0e1ea1c5a3d61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=86400
x-amz-cf-pop: BUD50-C1
accept-ranges: bytes
content-length: 58163
x-amz-cf-id: LLCu9fQdjFPWMF-jUtBvlb5vP381Ko4zbkff-1F6bIp9mJFUgsD4Ag==

GET
H2 200 jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/smoothness/ 36 KB
9 KB 25ms
5ms Stylesheet
text/css 2a00:1450:4001:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/smoothness/jquery-ui.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9b751c1cd0d2b0f91862db987fed9dda48758b15e6f42ca67796b45f4b21702

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 12:19:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21102
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8422
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Nov 2021 12:19:50 GMT

GET
H2 200 VP-9026.jpg
www.positivepromotions.com/images/1000/ 119 KB
120 KB 228ms
227ms Image
image/jpeg 52.85.121.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/1000/VP-9026.jpg?v=102183476803-2
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.121.33 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-121-33.bud50.r.cloudfront.net
Software: /
Resource Hash: 9f1fa7c5d7d90af0170ab027221a8d79fe75fc463c1bef3784537d605c0c8d9c

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 18:11:33 GMT
via: 1.1 5a8c07b858d219acd503ad0cde74e54b.cloudfront.net (CloudFront)
last-modified: Tue, 01 Sep 2020 20:07:46 GMT
x-amz-cf-pop: BUD50-C1
etag: "58b9188f9b80d61:0"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 122043
x-amz-cf-id: GZ0EuXEthZwjEJMFLXV-tYVGwoOcBiR5-F1qj2Hq7m2LKQ06LgR0dw==

GET
H2 200 VP-9026.jpg
www.positivepromotions.com/images/350/ 20 KB
20 KB 94ms
94ms Image
image/jpeg 52.85.121.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/350/VP-9026.jpg
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.121.33 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-121-33.bud50.r.cloudfront.net
Software: /
Resource Hash: f08568f47a9d0c7e5f7decc54ec94de8107461ada8e3dedb32fc0302c1af03ad

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 22:56:23 GMT
via: 1.1 5a8c07b858d219acd503ad0cde74e54b.cloudfront.net (CloudFront)
last-modified: Tue, 01 Sep 2020 20:07:46 GMT
age: 69310
etag: "dc297c8f9b80d61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=86400
x-amz-cf-pop: BUD50-C1
accept-ranges: bytes
content-length: 20640
x-amz-cf-id: fGMCQMimluofSte63PaHGhvNpAINnBCoWiLLdt90DfhO8xuit3LN3w==

GET
H2 200 VP-9026_1.jpg
www.positivepromotions.com/images/350/ 22 KB
22 KB 237ms
237ms Image
image/jpeg 52.85.121.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/350/VP-9026_1.jpg
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.121.33 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-121-33.bud50.r.cloudfront.net
Software: /
Resource Hash: de4eff3088a4dd74dbd6ba4650b7c616422120e98fa51c8b9509328b5c4ae89a

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 18:11:34 GMT
via: 1.1 5a8c07b858d219acd503ad0cde74e54b.cloudfront.net (CloudFront)
last-modified: Tue, 01 Sep 2020 20:12:48 GMT
x-amz-cf-pop: BUD50-C1
etag: "43871439c80d61:0"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 22348
x-amz-cf-id: OrKK_fPmTWvjFf1rtHNP2J9H6u8NoibTLABFeQcb05Y06AsoPJ2_5w==

GET
H2 200 VP-9026_2.jpg
www.positivepromotions.com/images/350/ 34 KB
34 KB 228ms
228ms Image
image/jpeg 52.85.121.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/350/VP-9026_2.jpg
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.121.33 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-121-33.bud50.r.cloudfront.net
Software: /
Resource Hash: 68c33d9bebbaec2df4f0baaa7184238134fc71b3546bb491e9c61dd830db5f58

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 18:11:34 GMT
via: 1.1 5a8c07b858d219acd503ad0cde74e54b.cloudfront.net (CloudFront)
last-modified: Tue, 01 Sep 2020 20:12:52 GMT
x-amz-cf-pop: BUD50-C1
etag: "bb38dd459c80d61:0"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 34542
x-amz-cf-id: T0beNKgcEX805HbaDoni28aABD0XcjpwaAgzXd9fQIdF6CyUNZrnRA==

GET
H2 200 VP-9026_3.jpg
www.positivepromotions.com/images/350/ 23 KB
23 KB 230ms
230ms Image
image/jpeg 52.85.121.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/350/VP-9026_3.jpg
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.121.33 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-121-33.bud50.r.cloudfront.net
Software: /
Resource Hash: f4b91a0241e4f29a08084f3afe156065361bb7fd31800ef4ddc5a8afbff2dbca

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 18:11:34 GMT
via: 1.1 5a8c07b858d219acd503ad0cde74e54b.cloudfront.net (CloudFront)
last-modified: Tue, 01 Sep 2020 20:12:53 GMT
x-amz-cf-pop: BUD50-C1
etag: "76b97a469c80d61:0"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 23430
x-amz-cf-id: p-sFW8NSuJmdPNzyQfU5loTRDhPJJ2M7ECPSmez4BnDeGpLFPqn_Ng==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 1333
date: Fri, 20 Nov 2020 17:49:24 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Fri, 20 Nov 2020 19:49:24 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 160 KB
52 KB 28ms
27ms Script
application/javascript 2a00:1450:4001:818::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PJD7SL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f6bc0d522efb5785bdc255e76ea2769aa24ce92d87c0a58e8e5f79f341861389

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 18:11:37 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52985
x-xss-protection: 0
expires: Fri, 20 Nov 2020 18:11:37 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 15 KB
6 KB 61ms
20ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

63896532a7015ab5b7288359c02124980a5075e9267f0ba3fbfc7c3f5038b478

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 17:53:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1103
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 5581
x-amz-id-2: qFByrBsxrJeaCBR6ahCrxFKK4oPMoi5EgKFK0mOSx5JJjuQB0VmaNb2gJmfi/q5S4NhOcSpNLEU=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Sat, 30 Oct 2021 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Thu, 24 Sep 2020 23:08:16 GMT
server: ATS
etag: "49db10c8315384e8dad2e92a6841ed81-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: 1A7A63FF91A8149B
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
x-amz-version-id: swANRqp_TdPZf97XDKuCKoVnrp7c.h.0
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
75 KB 9ms
8ms Font
font/woff2 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.positivepromotions.com
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 18:11:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:36:18 GMT
etag: "1544639778"
vary: Accept-Encoding
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 77171

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,700|Roboto:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.positivepromotions.com
Referer: https://fonts.googleapis.com/css?family=Merriweather:400,700|Roboto:400,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 17:20:23 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 3074
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Sat, 20 Nov 2021 17:20:23 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,700|Roboto:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.positivepromotions.com
Referer: https://fonts.googleapis.com/css?family=Merriweather:400,700|Roboto:400,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 23:06:16 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 327921
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Tue, 16 Nov 2021 23:06:16 GMT

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.1.0/webfonts/ 58 KB
59 KB 37ms
36ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.1.0/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9

Request headers

Origin: https://www.positivepromotions.com
Referer: https://use.fontawesome.com/releases/v5.1.0/css/all.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 18:11:37 GMT
last-modified: Wed, 20 Jun 2018 20:19:36 GMT
server: NetDNA-cache/2.2
etag: "18d2347ab2a9f40ca2247cdb03303d84"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 59572

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52xwNZWMf6hPvhPQ.woff2
fonts.gstatic.com/s/merriweather/v22/ 12 KB
12 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v22/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6hPvhPQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,700|Roboto:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b986fbc59b4f9794ff0d1bd475093053df31b2b79b545daf4125f0abf912716b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.positivepromotions.com
Referer: https://fonts.googleapis.com/css?family=Merriweather:400,700|Roboto:400,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 10:06:12 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:11:15 GMT
server: sffe
age: 547525
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12192
x-xss-protection: 0
expires: Sun, 14 Nov 2021 10:06:12 GMT

GET
H3-Q050 200 u-440qyriQwlOrhSvowK_l5-fCZMdeX3rg.woff2
fonts.gstatic.com/s/merriweather/v22/ 12 KB
12 KB 34ms
20ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v22/u-440qyriQwlOrhSvowK_l5-fCZMdeX3rg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,700|Roboto:400,700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4fa437e044d3f739bd5e4aa2d1bd94e3952e888baec655763cd7969576001da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.positivepromotions.com
Referer: https://fonts.googleapis.com/css?family=Merriweather:400,700|Roboto:400,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 12:31:09 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:10:13 GMT
server: sffe
age: 106828
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12256
x-xss-protection: 0
expires: Fri, 19 Nov 2021 12:31:09 GMT

GET
H2 200 norton_seal_2020.jpg
www.positivepromotions.com/images/art/ 5 KB
6 KB 71ms
66ms Image
image/jpeg 52.85.121.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/norton_seal_2020.jpg?v=102183489859-2
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.121.33 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-121-33.bud50.r.cloudfront.net
Software: /
Resource Hash: b1bf5741c95d01d3270f5624dfd90abdcee36c353a79f939ebdc6eea4a139950

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 02:30:58 GMT
via: 1.1 5a8c07b858d219acd503ad0cde74e54b.cloudfront.net (CloudFront)
last-modified: Fri, 18 Sep 2020 21:07:13 GMT
age: 56439
etag: "41dc9daeff8dd61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=86400
x-amz-cf-pop: BUD50-C1
accept-ranges: bytes
content-length: 5416
x-amz-cf-id: BeRVwvp19LxnzwgaYKl6nrM5-g0dk_xzY4-B3AyMrvzuswc1kWOMew==

GET
H2 200 secureTrust_2020.png
www.positivepromotions.com/images/art/ 8 KB
9 KB 71ms
67ms Image
image/png 52.85.121.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/secureTrust_2020.png?v=102183491306-2
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.121.33 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-121-33.bud50.r.cloudfront.net
Software: /
Resource Hash: 95fcbf9082db907fc86c76cb568511cef921457eea70de75ace15e8466d9359f

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 18:54:05 GMT
via: 1.1 5a8c07b858d219acd503ad0cde74e54b.cloudfront.net (CloudFront)
last-modified: Mon, 21 Sep 2020 18:40:21 GMT
age: 83852
etag: "2c1114a94690d61:0"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=86400
x-amz-cf-pop: BUD50-C1
accept-ranges: bytes
content-length: 8387
x-amz-cf-id: qrVpvYUJNf_sYzJNFhYfvd4xmA3V1N_CMh7DpdpRjfcF_sjv3yTIyg==

GET
H2 200 yui-combined-min.js Show response
www.positivepromotions.com/Javascript/ 115 KB
33 KB 56ms
53ms Script
application/javascript 52.85.121.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.positivepromotions.com/Javascript/yui-combined-min.js?v=4
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.121.33 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-121-33.bud50.r.cloudfront.net
Software: /
Resource Hash: a68fb593517e9392c683c99acaa64459ace8f8e3592e93612b5af603ff2bf671

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 13:17:24 GMT
content-encoding: gzip
last-modified: Mon, 07 May 2018 15:23:57 GMT
age: 104052
etag: W/"a96b9e6a17e6d31:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5a8c07b858d219acd503ad0cde74e54b.cloudfront.net (CloudFront)
cache-control: max-age=2678400
x-amz-cf-pop: BUD50-C1
x-amz-cf-id: 6phUTxh8g74rDMGWjv8_tT4yG-Lv8IJry2h4v12vaNq582ZEgsPmgg==

GET
H2 200 library-kalio-autocomplete.js Show response
www.positivepromotions.com/Javascript/ 60 KB
8 KB 60ms
57ms Script
application/javascript 52.85.121.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.positivepromotions.com/Javascript/library-kalio-autocomplete.js?v=1
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.121.33 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-121-33.bud50.r.cloudfront.net
Software: /
Resource Hash: e510d6ab6cd40e2c523ad1503c775a98ae322e935c976962f3d1fd97f12ee5c7

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 13:17:24 GMT
content-encoding: gzip
last-modified: Tue, 16 Jan 2018 19:07:02 GMT
age: 104052
etag: W/"a93fe630fd8ed31:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5a8c07b858d219acd503ad0cde74e54b.cloudfront.net (CloudFront)
cache-control: max-age=2678400
x-amz-cf-pop: BUD50-C1
x-amz-cf-id: fpgAxZCiJmzHU1ggpnr9l0wIPGsfNqLhVmnuGqbY9dA0hEQyiY-QKg==

GET
H2 200 library-kalio-ajax.js Show response
www.positivepromotions.com/Javascript/ 21 KB
3 KB 61ms
58ms Script
application/javascript 52.85.121.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.positivepromotions.com/Javascript/library-kalio-ajax.js?v=1
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.121.33 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-121-33.bud50.r.cloudfront.net
Software: /
Resource Hash: a1f35edd40f07d4300aaeebab334a72ac340a464204d1c6c7458163f594f30c1

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 13:17:24 GMT
content-encoding: gzip
last-modified: Tue, 16 Jan 2018 19:07:02 GMT
age: 104052
etag: W/"a93fe630fd8ed31:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5a8c07b858d219acd503ad0cde74e54b.cloudfront.net (CloudFront)
cache-control: max-age=2678400
x-amz-cf-pop: BUD50-C1
x-amz-cf-id: luVBwt8NeIPdnwmTXIVIWA5IBjB27l6ed0-2J_x0J1vTq9vz9UxGvA==

GET
H2 200 jquery-min.js Show response
www.positivepromotions.com/Javascript/ 190 KB
40 KB 65ms
61ms Script
application/javascript 52.85.121.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.positivepromotions.com/Javascript/jquery-min.js?v=2
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.121.33 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-121-33.bud50.r.cloudfront.net
Software: /
Resource Hash: 3ae5d8b5a2806b811378107313b19f0b05baae4b2bbe85e19e9cd223391a0fe3

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 13:17:24 GMT
content-encoding: gzip
last-modified: Thu, 09 Nov 2017 21:42:15 GMT
age: 104052
etag: W/"6fb4d09ba359d31:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5a8c07b858d219acd503ad0cde74e54b.cloudfront.net (CloudFront)
cache-control: max-age=2678400
x-amz-cf-pop: BUD50-C1
x-amz-cf-id: S2Ictty6Nmr5IEPK7ARm6gPh4rKzg3XBi-7J1YZlmjGOwL0fkIw05A==

GET
H2 200 posi-plugins.js Show response
www.positivepromotions.com/Javascript/ 636 KB
103 KB 48ms
48ms Script
application/javascript 52.85.121.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.positivepromotions.com/Javascript/posi-plugins.js?v=7
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.121.33 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-121-33.bud50.r.cloudfront.net
Software: /
Resource Hash: 8e1a0e7cd9f369f2809b2bb6a727b3195220dc6ee0bc120453ad413aeb7a4f3b

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 13:17:24 GMT
content-encoding: gzip
last-modified: Wed, 07 Oct 2020 19:49:34 GMT
age: 104052
etag: W/"d6664fbe29cd61:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5a8c07b858d219acd503ad0cde74e54b.cloudfront.net (CloudFront)
cache-control: max-age=2678400
x-amz-cf-pop: BUD50-C1
x-amz-cf-id: n-QIVVP3qjKJQBb0qnCFAaDj836NGk9W9Qxc6O4Z06qSKxlrXbjibw==

GET
H2 200 page-all.js Show response
www.positivepromotions.com/Javascript/ 254 KB
36 KB 62ms
62ms Script
application/javascript 52.85.121.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.positivepromotions.com/Javascript/page-all.js?v=464
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.121.33 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-121-33.bud50.r.cloudfront.net
Software: /
Resource Hash: d2583eaf60409a8e16678d78c9642342bc2a7da05c6df472691006562fce098f

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 13:17:24 GMT
content-encoding: gzip
last-modified: Wed, 04 Nov 2020 23:32:57 GMT
age: 104052
etag: W/"4e1781d32b3d61:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5a8c07b858d219acd503ad0cde74e54b.cloudfront.net (CloudFront)
cache-control: max-age=2678400
x-amz-cf-pop: BUD50-C1
x-amz-cf-id: A_6nkr23YqNBziE29b1UfRIarK0_a0UbLXPAP_b3JyZVSDvCHcf-SA==

GET
H2 200 dmPlugins.js Show response
www.positivepromotions.com/Javascript/ 57 KB
11 KB 68ms
68ms Script
application/javascript 52.85.121.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.positivepromotions.com/Javascript/dmPlugins.js?v=5
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.121.33 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-121-33.bud50.r.cloudfront.net
Software: /
Resource Hash: 81eaa133a55ba1861e7e784354a8ddbed3cafc3419e74f1f05ae87aac8caaf0d

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 13:17:24 GMT
content-encoding: gzip
last-modified: Tue, 06 Feb 2018 23:23:07 GMT
age: 104052
etag: W/"8d373a72a19fd31:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5a8c07b858d219acd503ad0cde74e54b.cloudfront.net (CloudFront)
cache-control: max-age=2678400
x-amz-cf-pop: BUD50-C1
x-amz-cf-id: ZiuRek2Cto8nYUdQpRqs0qudfwbPnPcQP_vkDOCJHc0Sh0kwEMV9TQ==

GET
H2 200 jqueryplugins.js Show response
www.positivepromotions.com/Javascript/ 389 KB
63 KB 63ms
62ms Script
application/javascript 52.85.121.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.positivepromotions.com/Javascript/jqueryplugins.js?v=84
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.121.33 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-121-33.bud50.r.cloudfront.net
Software: /
Resource Hash: aacc7e5e5f670d3794700fdb09d4522fc37b40f4f8be3853ad19e8ace9ea974d

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 13:17:24 GMT
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 14:02:26 GMT
age: 104052
etag: W/"d731d5a2a0abd61:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5a8c07b858d219acd503ad0cde74e54b.cloudfront.net (CloudFront)
cache-control: max-age=2678400
x-amz-cf-pop: BUD50-C1
x-amz-cf-id: wlgeoLkEQm8yK5cLb1IWF2Am1tdb0B71EWsMKeU0-cBMql9NBFW7Wg==

GET
H2 200 recaptcha-form.js Show response
www.positivepromotions.com/Javascript/ 760 B
1 KB 71ms
70ms Script
application/javascript 52.85.121.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.positivepromotions.com/Javascript/recaptcha-form.js?v=49
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.121.33 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-121-33.bud50.r.cloudfront.net
Software: /
Resource Hash: 56f95ff21e2ed3afd665ab3f1f9d311b9365b3629ffc3fea1f8713bd8e376398

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 13:17:24 GMT
via: 1.1 5a8c07b858d219acd503ad0cde74e54b.cloudfront.net (CloudFront)
last-modified: Thu, 25 Jun 2020 18:32:01 GMT
age: 104053
etag: "fc26f8ea1e4bd61:0"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=2678400
x-amz-cf-pop: BUD50-C1
accept-ranges: bytes
content-length: 760
x-amz-cf-id: RJOb5inwjClNw_mjZOfLBZXObZd3ugChHvvP7WRj-75Jlca_xhqgkQ==

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 910 B
994 B 37ms
15ms Script
text/javascript 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onRecaptchaLoad&render=explicit

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0cdaf1959d8e642aaeea05378f3e74ed0df72ec3c9e01a569d22952c86583fc3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 18:11:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 577
x-xss-protection: 1; mode=block
expires: Fri, 20 Nov 2020 18:11:37 GMT

GET
H2 200 rapid.min.js Show response
cdn.yottaa.com/ 64 KB
20 KB 108ms
29ms Script
application/javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.yottaa.com/rapid.min.js
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 13c170450fd97d42287db6b538f1aa603b052e7713e0b04a1f8268ea4503f85b

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 18:11:37 GMT
content-encoding: gzip
age: 99
x-cache: HIT
content-length: 20240
x-amz-id-2: Of5MwFj5ZpHOtgH+pBla/j+UbB9Ltzw8da6WzEDjjBMJtcB63w+U8J/7+2J9kxRW33Nv1gHVNZU=
x-served-by: cache-fra19174-FRA
timing-allow-origin: *
last-modified: Wed, 26 Aug 2020 18:01:49 GMT
server: AmazonS3
x-timer: S1605895898.533113,VS0,VE0
etag: "43f11ed8de025dbcc4413d55b0263b48"
vary: Accept-Encoding
x-amz-request-id: 8H8QBS3RDM3HDYBJ
via: 1.1 varnish
cache-control: max-age=640800
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 6

GET
H2 200 slickmin.js Show response
www.positivepromotions.com/Javascript/ 81 KB
12 KB 70ms
69ms Script
application/javascript 52.85.121.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.positivepromotions.com/Javascript/slickmin.js?v=4
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.121.33 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-121-33.bud50.r.cloudfront.net
Software: /
Resource Hash: 3c24b215ca07aff5472816af0532da3c1689b4599f1347297b97e2b6a118a1e0

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 13:17:24 GMT
content-encoding: gzip
last-modified: Tue, 03 Sep 2019 16:55:42 GMT
age: 104052
etag: W/"ae84116c7862d51:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5a8c07b858d219acd503ad0cde74e54b.cloudfront.net (CloudFront)
cache-control: max-age=2678400
x-amz-cf-pop: BUD50-C1
x-amz-cf-id: 0V4JVLqBCFrsFPcJsfUEWrmdftZ7yWQWQ0HEp_NARqSXrCd1ZE8aFw==

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
10 KB 32ms
30ms Script
text/javascript 209.197.3.15
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

vip0x00f.map2.ssl.hwcdn.net

Software

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 18:11:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:33:51 GMT
etag: "1544639631"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 9832

GET
H2 200 enhancedecommerce2.js Show response
www.positivepromotions.com/Javascript/ 31 KB
4 KB 48ms
47ms Script
application/javascript 52.85.121.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.positivepromotions.com/Javascript/enhancedecommerce2.js?v=10
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.121.33 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-121-33.bud50.r.cloudfront.net
Software: /
Resource Hash: 242d5967416ff7741af7f6a02be2ecaec3bdbb8575eb379a8ba65562d8e39446

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 13:17:24 GMT
content-encoding: gzip
last-modified: Thu, 17 Jan 2019 14:17:58 GMT
age: 104052
etag: W/"772f9c726faed41:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5a8c07b858d219acd503ad0cde74e54b.cloudfront.net (CloudFront)
cache-control: max-age=2678400
x-amz-cf-pop: BUD50-C1
x-amz-cf-id: qsGsk97_RUKTNNonla7nKgsjZwCik5imNrX7EfVXsvRNNFyIXtf6FA==

GET
H2 200 es5-shim.min.js Show response
cdnjs.cloudflare.com/ajax/libs/es5-shim/4.1.1/ 15 KB
5 KB 22ms
20ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/es5-shim/4.1.1/es5-shim.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ced7e817b2e92e1c3ef51e66ea4ff33aaf248786c319a079d7da46f8a97bc408

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 18:11:37 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 25961
x-via: cfworker/kv
cross-origin-resource-policy: cross-origin
content-length: 5026
cf-request-id: 068873d96700002bce13bbe000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:56 GMT
server: cloudflare
etag: "5eb03e54-3b2b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=q2KLSm6CwxqydtV1vkiQ68yNGD8YSfHz7PY0KwUgxvRG0tn16wxPNnaPRjCkY7ff%2B4YSCztqgcJp76i53%2Fnh3gNvsUdYos8p2fqm1J12hqPo4d9%2BFDNK4C16woc4ZIP6lQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5f54226f0e562bce-FRA
expires: Wed, 10 Nov 2021 18:11:37 GMT

GET
H2 200 json3.min.js Show response
cdnjs.cloudflare.com/ajax/libs/json3/3.3.2/ 8 KB
4 KB 17ms
15ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/json3/3.3.2/json3.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c3e64ef84e5290feef3e6e6943c4618cd3b609995b6d7bde6e898b06bbf5d5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 18:11:37 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 26002
x-via: cfworker/kv
cross-origin-resource-policy: cross-origin
content-length: 3209
cf-request-id: 068873d96800002bce41342000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:53 GMT
server: cloudflare
etag: "5eb03ec9-1fd1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Bi2ef3lvhgvun72xES0FAsE3Z0KsB0bUWWBrnQIDGDQPYh5grYGm5CbkM3L0YllKIHYQePMuxG4FqkD%2FXWgqjQ9WD9I45BwhZ9TnUt7Dn4nz8egWsNQIFZkvRXjhZ3eC3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5f54226f0e662bce-FRA
expires: Wed, 10 Nov 2021 18:11:37 GMT

GET
H/1.1 200
OK prod-positivepromotions-com_autosuggest.js Show response
d21gpk1vhmjuf5.cloudfront.net/ 105 KB
29 KB 110ms
32ms Script
application/javascript 143.204.201.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d21gpk1vhmjuf5.cloudfront.net/prod-positivepromotions-com_autosuggest.js
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.28 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-28.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 20c3292613359e9cbaf417c980d497e8df6efee9d9124e0eebe1792fa38b04e3

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 141VqvK6k5nAjP54pPwm4AkV2In7nagj
Content-Encoding: gzip
ETag: "fe307b83dd1b0bd6ce0272f2907aac04"
Age: 16563
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 28916
Last-Modified: Tue, 28 Jul 2020 07:22:45 GMT
Server: AmazonS3
Date: Fri, 20 Nov 2020 13:35:35 GMT
Content-Type: application/javascript
Via: 1.1 48391c4ed2c51e95dcabcb70cf613127.cloudfront.net (CloudFront)
Cache-Control: max-age=3600
X-Amz-Cf-Pop: FRA53-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: jdcxCELufkzQC2sw-35xhFlnbGJOHDxpVmpGUIYKIfjw0T5RdOS5bQ==

GET
H/1.1 200
OK prod-positivepromotions-com_autosuggest.css
d21gpk1vhmjuf5.cloudfront.net/ 9 KB
2 KB 110ms
34ms Stylesheet
text/css 143.204.201.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d21gpk1vhmjuf5.cloudfront.net/prod-positivepromotions-com_autosuggest.css
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.28 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-28.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 004af2f1118416e6152e6bcbe984ef0fc077e950422377223e046a86bcc14466

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: aDvSQoMtiPHKTmDW0PCyE5VjjCmxytsX
Content-Encoding: gzip
ETag: "9dad32043c854373a9ae476d500d0908"
Age: 19727
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 1767
Last-Modified: Tue, 14 Jan 2020 09:08:00 GMT
Server: AmazonS3
Date: Fri, 20 Nov 2020 12:42:51 GMT
Content-Type: text/css
Via: 1.1 15d3b4db3728feaae1780610a1bac86e.cloudfront.net (CloudFront)
Cache-Control: max-age=3600
X-Amz-Cf-Pop: FRA53-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: Opt2rS49nyuI7GuKsKgF6iXSp1SzoHOKCysbLHHCaDyo7tEJu3Aw7A==

GET
H2 200 page-product.js Show response
www.positivepromotions.com/Javascript/ 126 KB
17 KB 50ms
49ms Script
application/javascript 52.85.121.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.positivepromotions.com/Javascript/page-product.js?v=512
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.121.33 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-121-33.bud50.r.cloudfront.net
Software: /
Resource Hash: 0bfb9327fa097a73cb4b9fc92a93fda13859a1504fd1fd497f7a0a06975b679a

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 13:17:24 GMT
content-encoding: gzip
last-modified: Fri, 06 Nov 2020 17:03:44 GMT
age: 104052
etag: W/"a886dcc85eb4d61:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5a8c07b858d219acd503ad0cde74e54b.cloudfront.net (CloudFront)
cache-control: max-age=2678400
x-amz-cf-pop: BUD50-C1
x-amz-cf-id: GBziOjEZm6OPNG_IbevjpAy9YYJi-z5u9cbu6p-U7inyVQ3t4FnUhw==

GET
H2 200 pinit.js Show response
assets.pinterest.com/js/ 361 B
431 B 111ms
47ms Script
application/javascript 2a02:26f0:6c00:295::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit.js
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:295::1931 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: 3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-encoding: br
x-cdn: akamai
etag: "62d32c28f14783b94192cd8d35bc010d"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=219
accept-ranges: bytes
content-length: 203
access-control-expose-headers: X-CDN

GET
H/1.1 200
OK jquery.liveclicker-latest_c.js Show response
d2vxgxvhgubbj8.cloudfront.net/scripts/ 22 KB
7 KB 96ms
27ms Script
application/javascript 143.204.50.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2vxgxvhgubbj8.cloudfront.net/scripts/jquery.liveclicker-latest_c.js
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.50.165 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-50-165.osl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dc5743edf7da98127434d8712c328f31114e12aae9b930aa7dcc14dc5e890f9a

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: null
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Tue, 17 Nov 2015 23:07:21 GMT
Server: AmazonS3
Age: 15517
ETag: "598fb5d626c9ac96a3a1d02ccdb54805"
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
Connection: keep-alive
Date: Fri, 20 Nov 2020 13:53:01 GMT
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: MPHl1NyLybixvNduIhbzQUU_r3tEauvdKLiNBYAfi-qMjZPkt4N6Wg==

GET
H/1.1 200
OK pp_lc_pdp_1.0.0.js Show response
d2vxgxvhgubbj8.cloudfront.net/scripts/client/1398/ 13 KB
4 KB 58ms
50ms Script
application/javascript 143.204.50.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2vxgxvhgubbj8.cloudfront.net/scripts/client/1398/pp_lc_pdp_1.0.0.js
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.50.165 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-50-165.osl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d6fe0fc8198d6180b3dc1f568492688374c4a1d14b65b2e811bd1c37168c6f8f

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: W.hblx6Iaov0uDaAdY4Wae7e5vRd3otY
Content-Encoding: gzip
ETag: "765c215b6a026834dfc789a255046889"
Age: 17341
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 14 May 2020 21:50:36 GMT
Server: AmazonS3
Date: Fri, 20 Nov 2020 13:22:37 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
x-amz-meta-version-id: null
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ziR15nhyPBMOvtP-k6YDVGysKHOlb5I0zfSFMQIY3YijRzlM-s_Yug==

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 36 KB
12 KB 54ms
22ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/ld.js
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 0f6204713c11eeb6d7648e3401617e22f8e88f96cd517a538dc018ac2ab7bdf2

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 18:11:37 GMT
content-encoding: gzip
last-modified: Mon, 14 Sep 2020 13:03:43 GMT
server: nginx
etag: W/"5f5f6a2f-90a2"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Sat, 21 Nov 2020 18:11:37 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 29 KB
12 KB 116ms
42ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e4055fd84425e3545c1c91b2d9a2ac5ffbb2aa53a1ab5510c19ca6277bca1571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 18:11:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11440
x-xss-protection: 0
server: cafe
etag: 18316426844545619554
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 20 Nov 2020 18:11:37 GMT

GET
H2 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.1.0/webfonts/ 62 KB
62 KB 48ms
48ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.1.0/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 62b5e7ae9e2ed60dcd7cb2e0823dd0884575f2176aff629f2df1e912dfae20e1

Request headers

Origin: https://www.positivepromotions.com
Referer: https://use.fontawesome.com/releases/v5.1.0/css/all.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 18:11:37 GMT
last-modified: Wed, 20 Jun 2018 20:19:30 GMT
server: NetDNA-cache/2.2
etag: "f319eac1c755f9929fd856720ce1695e"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 63376

GET
H2 200 33836.json Show response
s.yimg.com/wi/config/ 2 B
492 B 190ms
151ms XHR
application/json 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/33836.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 18:11:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: A310D51BB240C3E0
x-amz-id-2: 0jiolDUNvJPW72+k4ayc9lCHMcaWu/SQf5PasmG3Cj3r7anka6BjwjNZtUbsiGaRLFa+OjqXcpM=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 22

GET
H3-Q050 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 34ms
20ms Script
text/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 17:42:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 1738
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Fri, 20 Nov 2020 18:42:39 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 132 KB
51 KB 55ms
41ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8BCJWV5VCL&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PJD7SL

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

90226255fe77c52038b9f10c58bb054d421a5ffa67f9750407ef67c947b0903e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 18:11:37 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51843
x-xss-protection: 0
expires: Fri, 20 Nov 2020 18:11:37 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 89 KB
24 KB 19ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PJD7SL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4620c7cc7faa4ded84a43c1c0a8623d2fa293fe1b821790911229aa02601f7c0

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23272
x-xss-protection: 0
pragma: public
x-fb-debug: 8fasl8lHhIYsY6MOsu1+vKbUP55HAwcZf6SK+0miUzObpE/lq1IcOogHBvy8dnkhusOHWXGsXDuNCxvOmrx5eQ==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Fri, 20 Nov 2020 18:11:37 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 27 KB
9 KB 46ms
29ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PJD7SL
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 18:11:36 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 22:19:32 GMT
x-msedge-ref: Ref A: E27089EA85D64F95AD02E6AFE0CEF9F5 Ref B: FRAEDGE1212 Ref C: 2020-11-20T18:11:37Z
etag: "0b27f152fa7d61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8454

GET
H2 200 widget.js Show response
staticw2.yotpo.com/klxL5FhIMNyGmwj9h6Vv9i0PhCJWnIsQu2kpimZA/ 438 KB
120 KB 24ms
6ms Script
text/javascript 2a02:26f0:1700:182::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/klxL5FhIMNyGmwj9h6Vv9i0PhCJWnIsQu2kpimZA/widget.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:182::1d72 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

66cc4c922b74954b2b25232185e37cf7502756b0257cd8bb00a795445bac9e2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 18:11:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT", CP="CAO PSA OUR"
status: 200 OK
server-timing: cdn-cache; desc=HIT, edge; dur=1
vary: Accept-Encoding
content-length: 121644
x-xss-protection: 1; mode=block
x-request-id: 1839735a-896a-4422-a903-74d05fa17c2d
x-runtime: 0.019135
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"571d73f79f5980830f36dd0922c28b72"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=7759
access-control-allow-credentials: true
access-control-allow-headers: *

GET
H2 200 D25436AC25A958.js Show response
cdn.datasteam.io/js/ 71 KB
23 KB 120ms
35ms Script
application/x-javascript 143.204.201.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.datasteam.io/js/D25436AC25A958.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PJD7SL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.51 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-51.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1ea63e94c42b336e908205c3f5d0dbe7b892838c4b971c69242c01cc38748003

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 12:09:19 GMT
content-encoding: gzip
last-modified: Tue, 17 Nov 2020 01:46:10 GMT
server: AmazonS3
age: 21739
etag: W/"ef8af202b4122a3061664493871ad7b9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 7549433a09d06354ea864d169b689e51.cloudfront.net (CloudFront)
cache-control: max-age=1800,s-maxage=86400
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: JdNZBBHD1tFk05FQzxzrzkfu0nKHlTMeW6T94ed8J3xW7K0oUfvN3Q==

GET
H/1.1 200
OK unbxdAnalytics.js Show response
d21gpk1vhmjuf5.cloudfront.net/ 35 KB
11 KB 34ms
34ms Script
application/javascript 143.204.201.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d21gpk1vhmjuf5.cloudfront.net/unbxdAnalytics.js
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.28 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-28.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ff1e7839d2cb72b8e951d3e09b2d2b35841165e84fab1dd40d121dc8602a6471

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: F8jwLf8YnCqWBdiQgN30fwnIOl_RU7EY
Content-Encoding: gzip
ETag: "8a8bf94b4549ebba25eef7c81e17efb9"
Age: 20689
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 10296
Last-Modified: Tue, 28 Jul 2020 08:41:54 GMT
Server: AmazonS3
Date: Fri, 20 Nov 2020 12:26:51 GMT
Content-Type: application/javascript
Via: 1.1 48391c4ed2c51e95dcabcb70cf613127.cloudfront.net (CloudFront)
Cache-Control: max-age=3600
X-Amz-Cf-Pop: FRA53-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: ylaU9MoyCu0WZBHSQ1XWzIbUAXTX_YkS0JFG1nRUdZve6tco-pbHNQ==

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 41ms
38ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-10407791

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PJD7SL

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aa2b0f36912c49a95ef5c4e0e6a06bcd92aefbf8d0fe380f4ffd8820336e98fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 18:11:37 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38722
x-xss-protection: 0
expires: Fri, 20 Nov 2020 18:11:37 GMT

GET
H2 200 hotjar-2076251.js Show response
static.hotjar.com/c/ 3 KB
2 KB 198ms
101ms Script
application/javascript 54.192.229.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2076251.js?sv=6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.229.4 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-229-4.waw50.r.cloudfront.net

Software

Resource Hash

8777837e58a72b2a0b253a61247f03572931998e5e9acc63ac9091d646d460ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 18:11:37 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: WAW50-C1
etag: W/231ed2a26c988c18f8a10c851519fb51
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
x-cache-hit: 1
content-length: 1549
via: 1.1 dfc3a7bfbc818f103aa0634d79f28907.cloudfront.net (CloudFront)
x-amz-cf-id: ZJ-u2pQKRXVMhmiJVXybAxfmB5BgJASTF93W4FPEgSwXiKj5A0lA_w==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
453 B 41ms
14ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-1042451-1&cid=366357947.1605895898&jid=1561808548&gjid=1516100097&_gid=1161513004.1605895898&_u=aGBAgEIhQAAAAE~&z=360225828

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 20 Nov 2020 18:11:37 GMT
content-type: text/plain
access-control-allow-origin: https://www.positivepromotions.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 js Show response
www.google-analytics.com/gtm/ 82 KB
32 KB 22ms
21ms Script
application/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=OPT-TXS9VN9&t=gtm2&cid=366357947.1605895898

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cac3e542778a9751e04b2061226042f43fc6948ccfbddf9c988858f1d8e3b0e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 18:11:37 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33055
x-xss-protection: 0
expires: Fri, 20 Nov 2020 18:11:37 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
190 B 7ms
6ms Image
image/gif 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=586685924&t=pageview&_s=1&dl=https%3A%2F%2Fwww.positivepromotions.com%2Fthanks-for-making-a-difference-sonoma-mug-with-socks%2Fp%2Fvp-9026%2F%3F%26cohcid%3D%26sid%3DEM466%26utm_source%3Dbronto%26utm_medium%3Demail%26utm_content%3DEM466-1107%26utm_campaign%3Dholiday%26_bta_tid%3D12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856&ul=en-us&de=UTF-8&dt=Thanks%20For%20Making%20A%20Difference%20Sonoma%20Mug%20%26%20Buffalo%20Plaid%20Socks%20Gift%20Set%20In%20Holiday%20Gift%20Box%20%7C%20Positive%20Promotions&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEIhQ~&jid=1561808548&gjid=1516100097&cid=366357947.1605895898&tid=UA-1042451-1&_gid=1161513004.1605895898&cd2=control&cd3=yo-not-present&z=1600839783

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Nov 2020 19:27:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 81833
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubhtml5-light-box-api.css
pubhtml5.com/plugin/LightBox/css/ 673 B
819 B 43ms
24ms Stylesheet
text/css 2606:4700:10::ac43:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pubhtml5.com/plugin/LightBox/css/pubhtml5-light-box-api.css

Requested by

Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/Javascript/page-all.js?v=464

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:cc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad4c4ceedd14c9d85a094c759ea244dde244b60ae5ee77f82c6495a4208858e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 18:11:37 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 7298
cf-polished: origSize=911
cf-bgj: minify
cf-request-id: 068873da640000c286a69bc000000001
last-modified: Mon, 31 Aug 2020 02:47:44 GMT
server: cloudflare
etag: W/"5f4c64d0-38f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: text/css
cache-control: max-age=43200
cf-ray: 5f542270ac14c286-FRA
expires: Fri, 20 Nov 2020 18:29:59 GMT

GET
H2 200 configure.rapid.js Show response
qoe-1.yottaa.net/api/v1/ 2 KB
873 B 116ms
38ms XHR
text/javascript 165.254.56.41
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://qoe-1.yottaa.net/api/v1/configure.rapid.js?key=HoeUAIgp9Kcjhg&ul=en-US&dl=https%3A%2F%2Fwww.positivepromotions.com%2Fthanks-for-making-a-difference-sonoma-mug-with-socks%2Fp%2Fvp-9026%2F%3F%26cohcid%3D%26sid%3DEM466%26utm_source%3Dbronto%26utm_medium%3Demail%26utm_content%3DEM466-1107%26utm_campaign%3Dholiday%26_bta_tid%3D12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856&dt=Thanks%20For%20Making%20A%20Difference%20Sonoma%20Mug%20%26%20Buffalo%20Plaid%20Socks%20Gift%20Set%20In%20Holiday%20Gift%20Box%20%7C%20Positive%20Promotions&sd=24&sr=1600,1200&vp=1600,1200&ct=4g&rtt=0
Requested by: Host: cdn.yottaa.com
URL: https://cdn.yottaa.com/rapid.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.254.56.41 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 0f22b246b5b3a1a62d2500e37fbdc4a88ad55b83f033f9350adf44097aaf4ef1

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 18:11:37 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
x-yottaa-optstate: active
timing-allow-origin: *

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
483 B 58ms
43ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-1042451-1&cid=366357947.1605895898&jid=1561808548&_u=aGBAgEIhQAAAAE~&z=383433908

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Nov 2020 18:11:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
505 B 50ms
31ms Image
image/gif 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-1042451-1&cid=366357947.1605895898&jid=1561808548&_u=aGBAgEIhQAAAAE~&z=383433908

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Nov 2020 18:11:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sp.pl
sp.analytics.yahoo.com/ 0
935 B 707ms
333ms Script
application/x-javascript 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Fri%2C%2020%20Nov%202020%2018%3A11%3A37%20GMT&n=-1&b=Thanks%20For%20Making%20A%20Difference%20Sonoma%20Mug%20%26%20Buffalo%20Plaid%20Socks%20Gift%20Set%20In%20Holiday%20Gift%20Box%20%7C%20Positive%20Promotions&.yp=33836&f=https%3A%2F%2Fwww.positivepromotions.com%2Fthanks-for-making-a-difference-sonoma-mug-with-socks%2Fp%2Fvp-9026%2F%3F%26cohcid%3D%26sid%3DEM466%26utm_source%3Dbronto%26utm_medium%3Demail%26utm_content%3DEM466-1107%26utm_campaign%3Dholiday%26_bta_tid%3D12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856&enc=UTF-8&tagmgr=gtm

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 , Switzerland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 18:11:38 GMT
X-Content-Type-Options: nosniff
Age: 0
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: ATS
X-Frame-Options: DENY
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Content-Type: application/x-javascript
Cache-Control: no-cache, private, must-revalidate
Accept-Ranges: bytes
Expires: Fri, 20 Nov 2020 18:11:38 GMT

GET
H2 200 widget.css
staticw2.yotpo.com/klxL5FhIMNyGmwj9h6Vv9i0PhCJWnIsQu2kpimZA/ 481 KB
49 KB 8ms
8ms Stylesheet
text/css 2a02:26f0:1700:182::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/klxL5FhIMNyGmwj9h6Vv9i0PhCJWnIsQu2kpimZA/widget.css?widget_version=2020-10-28_10-42-10

Requested by

Host: cdn.yottaa.com
URL: https://cdn.yottaa.com/rapid.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:182::1d72 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 18:11:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT", CP="CAO PSA OUR"
status: 200 OK
server-timing: cdn-cache; desc=HIT, edge; dur=1
vary: Accept-Encoding
content-length: 49552
x-xss-protection: 1; mode=block
x-request-id: aad823e4-d4dc-4487-b4c9-8fd6c6ed9c76
x-runtime: 0.119182
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"3ce0285a3c787a72c948d0c207b40a03"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=7782
access-control-allow-credentials: true
access-control-allow-headers: *

GET
H2 200 bundle.js
snip.bronto.com/v2/sites/eyJ0eXBlIjoic2l0ZWhhc2giLCJpZCI6IjI5YTY5ZmRhMzliMWYxNGI3ZTAxOTY5M2Y0NGYxM2U4ZjhkYjMxMTUzZGE1Yjg5ODNjMzU1MTAyMGQzODg1N2IifQ==/assets/ 52 KB
20 KB 603ms
584ms Script
application/javascript 2a02:26f0:6c00:280::3a7c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snip.bronto.com/v2/sites/eyJ0eXBlIjoic2l0ZWhhc2giLCJpZCI6IjI5YTY5ZmRhMzliMWYxNGI3ZTAxOTY5M2Y0NGYxM2U4ZjhkYjMxMTUzZGE1Yjg5ODNjMzU1MTAyMGQzODg1N2IifQ==/assets/bundle.js
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:280::3a7c , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-runtime: 5
date: Fri, 20 Nov 2020 18:11:38 GMT
content-encoding: gzip
x-trace: 8e8afa23-1c59-451c-a51c-7c1a5579bada
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300, s-maxage=900
content-length: 20545

GET
H2 200 placeHolder175.gif
www.positivepromotions.com/images/art/ 5 KB
5 KB 52ms
50ms Image
image/gif 52.85.121.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/placeHolder175.gif
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.121.33 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-121-33.bud50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 18:11:28 GMT
via: 1.1 5a8c07b858d219acd503ad0cde74e54b.cloudfront.net (CloudFront)
last-modified: Fri, 06 Sep 2019 14:09:39 GMT
age: 14984
etag: "377f3b8bc64d51:0"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=86400
x-amz-cf-pop: BUD50-C1
accept-ranges: bytes
content-length: 5049
x-amz-cf-id: Laqoy7qmIsJTMlpRLlS5bTVTViCINfm4DdbORum2kPNldUNli-UchA==

GET
H2 200 ECO_Reusable.png
www.positivepromotions.com/images/art/ 2 KB
2 KB 52ms
50ms Image
image/png 52.85.121.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/ECO_Reusable.png?v=102183391223-4
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.121.33 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-121-33.bud50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 02:31:00 GMT
via: 1.1 5a8c07b858d219acd503ad0cde74e54b.cloudfront.net (CloudFront)
last-modified: Sat, 11 Apr 2020 12:00:10 GMT
age: 56437
etag: "95f263c0f8fd61:0"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=86400
x-amz-cf-pop: BUD50-C1
accept-ranges: bytes
content-length: 2018
x-amz-cf-id: 9zbQiIitf5NSo1Zufh-gCfwi3eTKK7vRHKm4oEUUwb3jaHjEkewzlQ==

GET
H2 200 VP-9026.jpg
www.positivepromotions.com/images/80/ 2 KB
3 KB 228ms
227ms Image
image/jpeg 52.85.121.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/80/VP-9026.jpg
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.121.33 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-121-33.bud50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 18:11:38 GMT
via: 1.1 5a8c07b858d219acd503ad0cde74e54b.cloudfront.net (CloudFront)
last-modified: Tue, 01 Sep 2020 20:07:45 GMT
x-amz-cf-pop: BUD50-C1
etag: "22c17d8e9b80d61:0"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 2286
x-amz-cf-id: fHUElByCVGi5OOByQbEYjhHXC_g-J7Z7QGwOTPki_dUx2YqRWh8Xiw==

GET
H2 200 VP-9026_1.jpg
www.positivepromotions.com/images/80/ 3 KB
3 KB 227ms
226ms Image
image/jpeg 52.85.121.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/80/VP-9026_1.jpg
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.121.33 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-121-33.bud50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 18:11:38 GMT
via: 1.1 5a8c07b858d219acd503ad0cde74e54b.cloudfront.net (CloudFront)
last-modified: Tue, 01 Sep 2020 20:12:49 GMT
x-amz-cf-pop: BUD50-C1
etag: "441a2449c80d61:0"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 2637
x-amz-cf-id: jSd7JKuFqEB8oGvFwDUPMXezTDnc9vPGNlrnl0kHQ3Qx-ZmIxwBhHg==

GET
H2 200 VP-9026_2.jpg
www.positivepromotions.com/images/80/ 3 KB
3 KB 235ms
234ms Image
image/jpeg 52.85.121.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/80/VP-9026_2.jpg
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.121.33 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-121-33.bud50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 18:11:38 GMT
via: 1.1 5a8c07b858d219acd503ad0cde74e54b.cloudfront.net (CloudFront)
last-modified: Tue, 01 Sep 2020 20:12:51 GMT
x-amz-cf-pop: BUD50-C1
etag: "609bb5449c80d61:0"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 3106
x-amz-cf-id: S8XvO8UCHC8SAQkPj6XaOBqbWULQk1QmiBgNGqbr8W9UhAT5lQtSpQ==

GET
H2 200 VP-9026_3.jpg
www.positivepromotions.com/images/80/ 3 KB
3 KB 228ms
227ms Image
image/jpeg 52.85.121.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/80/VP-9026_3.jpg
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.121.33 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-121-33.bud50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 18:11:38 GMT
via: 1.1 5a8c07b858d219acd503ad0cde74e54b.cloudfront.net (CloudFront)
last-modified: Tue, 01 Sep 2020 20:12:53 GMT
x-amz-cf-pop: BUD50-C1
etag: "616f2e469c80d61:0"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 2829
x-amz-cf-id: KAVUV0RY0YCEYIZS0pSJD03mNX5FMbiyFZqbQWUzHjr5u8YD9C0yDA==

POST
H2 200 VP-9026
staticw2.yotpo.com/batch/klxL5FhIMNyGmwj9h6Vv9i0PhCJWnIsQu2kpimZA/ 53 B
696 B 112ms
112ms XHR
application/json 2a02:26f0:1700:182::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/batch/klxL5FhIMNyGmwj9h6Vv9i0PhCJWnIsQu2kpimZA/VP-9026

Requested by

Host: staticw2.yotpo.com
URL: https://staticw2.yotpo.com/klxL5FhIMNyGmwj9h6Vv9i0PhCJWnIsQu2kpimZA/widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:182::1d72 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 20 Nov 2020 18:11:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT", CP="CAO PSA OUR"
status: 200 OK
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=6, origin; dur=99
vary: Accept-Encoding
content-length: 70
x-xss-protection: 1; mode=block
x-request-id: 5be929b7-0d37-425b-afae-76f5f0d53919
x-runtime: 0.008948
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"a5e9e2bafcac771ad8337b09979fc306"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.positivepromotions.com
cache-control: public, max-age=10767
access-control-allow-credentials: true
access-control-allow-headers: *

POST
H2 200 VP-9026
staticw2.yotpo.com/batch/klxL5FhIMNyGmwj9h6Vv9i0PhCJWnIsQu2kpimZA/ 50 KB
7 KB 294ms
293ms XHR
application/json 2a02:26f0:1700:182::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/batch/klxL5FhIMNyGmwj9h6Vv9i0PhCJWnIsQu2kpimZA/VP-9026

Requested by

Host: staticw2.yotpo.com
URL: https://staticw2.yotpo.com/klxL5FhIMNyGmwj9h6Vv9i0PhCJWnIsQu2kpimZA/widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:182::1d72 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 20 Nov 2020 18:11:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT", CP="CAO PSA OUR"
status: 200 OK
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=4, origin; dur=284
vary: Accept-Encoding
content-length: 6538
x-xss-protection: 1; mode=block
x-request-id: 43ebc5f0-8361-405b-abe1-16b054972ce9
x-runtime: 0.192031
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"70831b233dd6fa8277438cdda7cfb386"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.positivepromotions.com
cache-control: public, max-age=10800
access-control-allow-credentials: true
access-control-allow-headers: *

POST
H2 200 VP-9026
staticw2.yotpo.com/batch/klxL5FhIMNyGmwj9h6Vv9i0PhCJWnIsQu2kpimZA/ 951 B
947 B 135ms
134ms XHR
application/json 2a02:26f0:1700:182::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/batch/klxL5FhIMNyGmwj9h6Vv9i0PhCJWnIsQu2kpimZA/VP-9026

Requested by

Host: staticw2.yotpo.com
URL: https://staticw2.yotpo.com/klxL5FhIMNyGmwj9h6Vv9i0PhCJWnIsQu2kpimZA/widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:182::1d72 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 20 Nov 2020 18:11:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT", CP="CAO PSA OUR"
status: 200 OK
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=6, origin; dur=122
vary: Accept-Encoding
content-length: 322
x-xss-protection: 1; mode=block
x-request-id: 95aef933-7a1d-44de-9d1b-701542df910b
x-runtime: 0.021160
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"8ada7277c6429b95cf6243a5615ea66f"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.positivepromotions.com
cache-control: public, max-age=10800
access-control-allow-credentials: true
access-control-allow-headers: *

GET
H/1.1 200
OK i
p.yotpo.com/ 35 B
402 B 135ms
33ms Image
image/gif 18.193.63.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.yotpo.com/i?e=pv&page=Thanks%20For%20Making%20A%20Difference%20Sonoma%20Mug%20%26%20Buffalo%20Plaid%20Socks%20Gift%20Set%20In%20Holiday%20Gift%20Box%20%7C%20Positive%20Promotions&se_psk=VP-9026&se_va=klxL5FhIMNyGmwj9h6Vv9i0PhCJWnIsQu2kpimZA&cx=eyJwdl91dWlkIjo4MDgyMDM1MzV9&dtm=1605895898065&tid=334916&vp=1600x1200&ds=1600x2896&vid=1&duid=29f2f2c6831b3357&p=web&tv=js-0.13.2&fp=606422418&aid=onsite_v2&lang=en-US&cs=UTF-8&tz=Europe%2FBerlin&res=1600x1200&cd=24&cookie=1&url=https%3A%2F%2Fwww.positivepromotions.com%2Fthanks-for-making-a-difference-sonoma-mug-with-socks%2Fp%2Fvp-9026%2F%3F%26cohcid%3D%26sid%3DEM466%26utm_source%3Dbronto%26utm_medium%3Demail%26utm_content%3DEM466-1107%26utm_campaign%3Dholiday%26_bta_tid%3D12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.63.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-63-93.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 18:11:38 GMT
Cache-Control: max-age=86400, private
Expires: Sat, 21 Nov 2020 18:11:38 GMT
Server: nginx
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 204 0
bat.bing.com/action/ 0
170 B 32ms
32ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=4048868&Ver=2&mid=9348934b-b03f-4f0d-83c4-858d3aae7504&sid=d505d8402b5b11ebb9284f41ea76d1dc&vid=d505fd702b5b11eb9d3bc52e5d395382&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Thanks%20For%20Making%20A%20Difference%20Sonoma%20Mug%20%26%20Buffalo%20Plaid%20Socks%20Gift%20Set%20In%20Holiday%20Gift%20Box%20%7C%20Positive%20Promotions&p=https%3A%2F%2Fwww.positivepromotions.com%2Fthanks-for-making-a-difference-sonoma-mug-with-socks%2Fp%2Fvp-9026%2F%3F%26cohcid%3D%26sid%3DEM466%26utm_source%3Dbronto%26utm_medium%3Demail%26utm_content%3DEM466-1107%26utm_campaign%3Dholiday%26_bta_tid%3D12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856&r=&lt=7487&evt=pageLoad&msclkid=N&sv=1&rn=341875
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 20 Nov 2020 18:11:37 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 1ED550CEDFA74D40A531B243465820C1 Ref B: FRAEDGE1212 Ref C: 2020-11-20T18:11:38Z
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 1p.jpg
tracker.unbxdapi.com/v2/ 309 B
726 B 448ms
109ms Image
image/jpeg 52.45.119.234
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tracker.unbxdapi.com/v2/1p.jpg?data=%7B%22url%22%3A%22https%3A%2F%2Fwww.positivepromotions.com%2Fthanks-for-making-a-difference-sonoma-mug-with-socks%2Fp%2Fvp-9026%2F%3F%26cohcid%3D%26sid%3DEM466%26utm_source%3Dbronto%26utm_medium%3Demail%26utm_content%3DEM466-1107%26utm_campaign%3Dholiday%26_bta_tid%3D12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856%22%2C%22referrer%22%3A%22%22%2C%22visit_type%22%3A%22first_time%22%2C%22ver%22%3A%224.0.27%22%2C%22_uf%22%3A3774163923%2C%22visitId%22%3A%22visitId-1605895898105-34832%22%7D&UnbxdKey=prod-positivepromotions-com800951496246780&action=visitor&uid=uid-1605895898101-34990&t=1605895898106|0.23215793831985643
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.119.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-119-234.compute-1.amazonaws.com
Software: Wingman-3.4.6-hotfix1-[1604770521] /
Resource Hash

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 18:11:38 GMT
Content-Encoding: gzip
Server: Wingman-3.4.6-hotfix1-[1604770521]
Unx-Accept-Encoding: gzip, deflate, br
Vary: Accept-Encoding
Content-Type: image/jpeg; charset=utf-8
Region: us-east-1-(prod)
Unx-Server: Wingman-3.4.6-hotfix1-[1604770521]
Unx-Conn: tracker-ext-v2
Connection: keep-alive
X-Request-Id: 7614b1fd-5d71-418c-8c93-cfff9d688fc6
Content-Length: 137
Unbxd-Request-Id: 7614b1fd-5d71-418c-8c93-cfff9d688fc6
Unx-Site: prod-positivepromotions-com800951496246780
Unx-Request-Id: 7614b1fd-5d71-418c-8c93-cfff9d688fc6

POST
H3-Q050 204 collect
www.google-analytics.com/g/ 0
102 B 13ms
13ms Other
text/plain 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-8BCJWV5VCL&gtm=2oeb41&_p=586685924&sr=1600x1200&ul=en-us&cid=366357947.1605895898&_s=1&dl=https%3A%2F%2Fwww.positivepromotions.com%2Fthanks-for-making-a-difference-sonoma-mug-with-socks%2Fp%2Fvp-9026%2F%3F%26cohcid%3D%26sid%3DEM466%26utm_source%3Dbronto%26utm_medium%3Demail%26utm_content%3DEM466-1107%26utm_campaign%3Dholiday%26_bta_tid%3D12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856&dr=&dt=Thanks%20For%20Making%20A%20Difference%20Sonoma%20Mug%20%26%20Buffalo%20Plaid%20Socks%20Gift%20Set%20In%20Holiday%20Gift%20Box%20%7C%20Positive%20Promotions&sid=1605895897&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8BCJWV5VCL&l=dataLayer&cx=c
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 20 Nov 2020 18:11:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.positivepromotions.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe
gum.criteo.com/ Frame E7C3 0
0 39ms
12ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.positivepromotions.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=www.positivepromotions.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
server-processing-duration-in-ticks: 600
date: Fri, 20 Nov 2020 18:11:37 GMT
content-length: 0

GET
H2 200 css
fonts.googleapis.com/ 2 KB
645 B 22ms
21ms Stylesheet
text/css 2a00:1450:4001:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: staticw2.yotpo.com
URL: https://staticw2.yotpo.com/klxL5FhIMNyGmwj9h6Vv9i0PhCJWnIsQu2kpimZA/widget.css?widget_version=2020-10-28_10-42-10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://staticw2.yotpo.com/klxL5FhIMNyGmwj9h6Vv9i0PhCJWnIsQu2kpimZA/widget.css?widget_version=2020-10-28_10-42-10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 20 Nov 2020 17:46:42 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
date: Fri, 20 Nov 2020 18:11:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Fri, 20 Nov 2020 18:11:38 GMT

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 0B4B 0
0 148ms
55ms Document
text/html 54.192.229.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2076251.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.229.43 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-229-43.waw50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856

Response headers

content-type: text/html
content-length: 851
date: Mon, 05 Oct 2020 13:02:45 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
last-modified: Mon, 05 Oct 2020 11:02:22 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1c140222cf7df6d0df745770e90c311a.cloudfront.net (CloudFront)
x-amz-cf-pop: WAW50-C1
x-amz-cf-id: 244owyQ7IpTp3ZQF4ftOUITKgkPItrKdlVX2hT26eBgEjl8ajktPyQ==
age: 3992933

GET
H2 200 yotpo-widget-font.woff
staticw2.yotpo.com/assets/ 12 KB
12 KB 20ms
6ms Font
application/font-woff 2a02:26f0:1700:182::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://staticw2.yotpo.com/assets/yotpo-widget-font.woff?version=2020-10-28_10-42-10
Requested by: Host: staticw2.yotpo.com
URL: https://staticw2.yotpo.com/klxL5FhIMNyGmwj9h6Vv9i0PhCJWnIsQu2kpimZA/widget.css?widget_version=2020-10-28_10-42-10
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:182::1d72 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Origin: https://www.positivepromotions.com
Referer: https://staticw2.yotpo.com/klxL5FhIMNyGmwj9h6Vv9i0PhCJWnIsQu2kpimZA/widget.css?widget_version=2020-10-28_10-42-10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 18:11:38 GMT
env: PRODUCTION
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT", CP="CAO PSA OUR"
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 12148
last-modified: Wed, 11 Nov 2020 15:00:25 GMT
server: nginx
etag: "5fabfc89-2f74"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Fri, 27 Nov 2020 18:11:38 GMT

GET
H3-Q050 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.positivepromotions.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 19:32:25 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 81553
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Fri, 19 Nov 2021 19:32:25 GMT

GET
H2 200 sign_in_url
staticw2.yotpo.com/sessions/ 197 B
820 B 102ms
102ms XHR
application/json 2a02:26f0:1700:182::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/sessions/sign_in_url

Requested by

Host: staticw2.yotpo.com
URL: https://staticw2.yotpo.com/klxL5FhIMNyGmwj9h6Vv9i0PhCJWnIsQu2kpimZA/widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:182::1d72 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 18:11:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT", CP="CAO PSA OUR"
status: 200 OK
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=3, origin; dur=93
vary: Accept-Encoding
content-length: 183
x-xss-protection: 1; mode=block
x-request-id: 3ba7f72a-cce6-406f-b45b-264550157858
x-runtime: 0.002236
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"cdc61d16f6e1c038481cbfef6af9f6c6"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.positivepromotions.com
cache-control: private, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: *

GET
H2 200 square.jpg
cdn-yotpo-images-production.yotpo.com/Product/189591155/132141238/ 2 KB
3 KB 504ms
413ms Image
image/jpeg 192.229.233.223
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-yotpo-images-production.yotpo.com/Product/189591155/132141238/square.jpg?1600379652
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.223 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 18:11:39 GMT
last-modified: Thu, 17 Sep 2020 21:54:18 GMT
server: AmazonS3
x-amz-request-id: 7Y4X2N0HEPCW2Y2W
etag: "18136557e00ae9def57a135b2221456b"
x-cache: HIT
content-type: image/jpeg
x-amz-version-id: MWu5id7xaI35iv51xTBuWpeAV2am_Q5.
accept-ranges: bytes
content-length: 2349
x-amz-id-2: 0CI2xOLP/HydH936nNamSmtHumD/3P22E3Ql0O5hhfJ2RXX0eS75cvJvvMSY8mJSnDpARSyB/c0=

GET
H2 200 square.jpg
cdn-yotpo-images-production.yotpo.com/Product/189597415/132145187/ 5 KB
5 KB 544ms
454ms Image
image/jpeg 192.229.233.223
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-yotpo-images-production.yotpo.com/Product/189597415/132145187/square.jpg?1605724329
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.223 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 18:11:39 GMT
last-modified: Wed, 18 Nov 2020 18:32:12 GMT
server: AmazonS3
x-amz-request-id: 43BD848E51464223
etag: "477f10f7f148eb186f7985c581ff0a88"
content-type: image/jpeg
x-amz-version-id: 6WRA.5raM1khtO81aNBEY6XYmjDm9Ru.
accept-ranges: bytes
content-length: 5320
x-amz-id-2: m+PrjwOIdC8UFD+va4dUr4rB1+1WKU3h77UT/EqBell9j9uP7en8E932f9NnHxkivb7jYYtdf/Y=

GET
H2 200 square.jpg
cdn-yotpo-images-production.yotpo.com/Product/189600670/132147129/ 5 KB
5 KB 533ms
443ms Image
image/jpeg 192.229.233.223
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-yotpo-images-production.yotpo.com/Product/189600670/132147129/square.jpg?1600949052
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.223 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 18:11:39 GMT
last-modified: Thu, 24 Sep 2020 12:04:16 GMT
server: AmazonS3
x-amz-request-id: 442EA866F9E10865
etag: "fa8ca65ad6cbe88c5cdc9da2de901301"
x-cache: HIT
content-type: image/jpeg
x-amz-version-id: gxLUb10rODd10v4EziS0G2zo7fWvRvw.
accept-ranges: bytes
content-length: 5025
x-amz-id-2: LtF+HXXySRdRnxUP5ZFttQIJEQ7xrGXuNPDCQhW1KshpRmob9dDlxvl42irZE3fJlfZg7yEUk4c=

GET
H2 200 square.jpg
cdn-yotpo-images-production.yotpo.com/Product/189599994/132146680/ 4 KB
5 KB 118ms
28ms Image
image/jpeg 192.229.233.223
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-yotpo-images-production.yotpo.com/Product/189599994/132146680/square.jpg?1604417530
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.223 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (ska/F6FC) /
Resource Hash

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 18:11:38 GMT
last-modified: Tue, 03 Nov 2020 15:32:14 GMT
server: ECS (ska/F6FC)
age: 333162
etag: "8d19e0a9a373aab828c9a25d93886ec5"
x-cache: HIT
content-type: image/jpeg
x-amz-request-id: 4256AE1BB6A22345
x-amz-version-id: DbWaCbitzCPm3KI87y.kG4PtWUcGAvgz
accept-ranges: bytes
content-length: 4334
x-amz-id-2: FGl8DRQl0eDDGOAAytrzMAErDpiM0h78D21QhOD0HZ9TYEG/U96k8du6IQrWI+M6LbO+brfUz/c=

GET
H2 200 square.jpg
cdn-yotpo-images-production.yotpo.com/Product/189593163/132142542/ 4 KB
4 KB 558ms
468ms Image
image/jpeg 192.229.233.223
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-yotpo-images-production.yotpo.com/Product/189593163/132142542/square.jpg?1599681929
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.223 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 18:11:39 GMT
last-modified: Wed, 09 Sep 2020 20:05:34 GMT
server: AmazonS3
x-amz-request-id: 2J9QEG6N4QENDZAJ
etag: "53168b6a1f6b19f766e2400aa8ff3e51"
content-type: image/jpeg
x-amz-version-id: Adf_pjErxdSnEzzeK7hW02ugS4hQuf3q
accept-ranges: bytes
content-length: 3834
x-amz-id-2: 0fR7dRHQ1RoU4u+b40soFWdWgJqBBx98v6HaBFeG5VN2dhxptDUYlEYOUVAK4y5BAsRNo8RMHZs=

GET
H2 200 square.jpg
cdn-yotpo-images-production.yotpo.com/Product/189600604/132147073/ 4 KB
5 KB 559ms
469ms Image
image/jpeg 192.229.233.223
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-yotpo-images-production.yotpo.com/Product/189600604/132147073/square.jpg?1605268820
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.223 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 18:11:39 GMT
last-modified: Fri, 13 Nov 2020 12:00:23 GMT
server: AmazonS3
x-amz-request-id: 466A576D4D7EA6C3
etag: "06d5c718f8b55d130db1e741341b9d17"
content-type: image/jpeg
x-amz-version-id: SxCGOamLVotnspBBnQsGtAiPJnxpeh5S
accept-ranges: bytes
content-length: 4497
x-amz-id-2: KOUTx+HxGK2iJLvR03CQZqVjenz6hC4Ma454HEwKNh5LA8MIloQdOBAW2lrvPvq4WanHaECDDBs=

GET
H2 200 square.jpg
cdn-yotpo-images-production.yotpo.com/Product/193047487/134948339/ 5 KB
5 KB 456ms
455ms Image
image/jpeg 192.229.233.223
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-yotpo-images-production.yotpo.com/Product/193047487/134948339/square.jpg?1604154657
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.223 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 18:11:39 GMT
last-modified: Sat, 31 Oct 2020 14:31:02 GMT
server: AmazonS3
x-amz-request-id: 60B16912640DD33A
etag: "45471c6598af740e0ecf2423b669368d"
x-cache: HIT
content-type: image/jpeg
x-amz-version-id: f6KJa7.zIY2h46bejZZpDTsJIVNuqBko
accept-ranges: bytes
content-length: 5238
x-amz-id-2: fPKgt3uDef8pRuzlqAUEUOpD68ksrxgeMm/El4FG2qFPqqwcvq8QnMhYBQOt6UKIpfzxc6w/cm4=

GET
H2 200 square.jpg
cdn-yotpo-images-production.yotpo.com/Product/193236705/135083960/ 4 KB
4 KB 438ms
438ms Image
image/jpeg 192.229.233.223
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-yotpo-images-production.yotpo.com/Product/193236705/135083960/square.jpg?1600457675
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.223 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 18:11:39 GMT
last-modified: Fri, 18 Sep 2020 19:34:39 GMT
server: AmazonS3
x-amz-request-id: 652BDEA055224D93
etag: "03df051cb765ed197f293ee0218951f8"
content-type: image/jpeg
x-amz-version-id: FxI37af_jrwWdC7ZBbAFvSZwZccRT1Gg
accept-ranges: bytes
content-length: 3816
x-amz-id-2: XBQVttqtH9c6vT6g5WG6ast6r3uJ59qa0moKPMvoCX/O11F8w8kfioqe7Q9pfcctRAf1JdpEaPg=

GET
H/1.1 200
OK i
p.yotpo.com/ 35 B
402 B 33ms
32ms Image
image/gif 18.193.63.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.yotpo.com/i?e=se&se_ca=pictures_in_reviews&se_ac=loaded&se_la=media&se_psk=VP-9026&se_va=klxL5FhIMNyGmwj9h6Vv9i0PhCJWnIsQu2kpimZA&cx=eyJwdl91dWlkIjo4MDgyMDM1MzUsImltYWdlc19pZCI6W10sImNvdW50X3BpY3R1cmVzIjowLCJ2aWRlb3NfaWQiOltdLCJjb3VudF92aWRlb3MiOjB9&dtm=1605895898375&tid=637822&vp=1600x1200&ds=1600x3148&vid=1&duid=29f2f2c6831b3357&p=web&tv=js-0.13.2&fp=606422418&aid=onsite_v2&lang=en-US&cs=UTF-8&tz=Europe%2FBerlin&res=1600x1200&cd=24&cookie=1&url=https%3A%2F%2Fwww.positivepromotions.com%2Fthanks-for-making-a-difference-sonoma-mug-with-socks%2Fp%2Fvp-9026%2F%3F%26cohcid%3D%26sid%3DEM466%26utm_source%3Dbronto%26utm_medium%3Demail%26utm_content%3DEM466-1107%26utm_campaign%3Dholiday%26_bta_tid%3D12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.63.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-63-93.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 18:11:38 GMT
Cache-Control: max-age=86400, private
Expires: Sat, 21 Nov 2020 18:11:38 GMT
Server: nginx
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H/1.1 200
OK i
p.yotpo.com/ 35 B
402 B 33ms
32ms Image
image/gif 18.193.63.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.yotpo.com/i?e=se&se_ca=reviews&se_ac=loaded&se_la=review&se_psk=VP-9026&se_va=klxL5FhIMNyGmwj9h6Vv9i0PhCJWnIsQu2kpimZA&cx=eyJwdl91dWlkIjo4MDgyMDM1MzUsInJldmlld19pZCI6W10sImNvdW50X3Jldmlld3MiOjB9&dtm=1605895898388&tid=395108&vp=1600x1200&ds=1600x3148&vid=1&duid=29f2f2c6831b3357&p=web&tv=js-0.13.2&fp=606422418&aid=onsite_v2&lang=en-US&cs=UTF-8&tz=Europe%2FBerlin&res=1600x1200&cd=24&cookie=1&url=https%3A%2F%2Fwww.positivepromotions.com%2Fthanks-for-making-a-difference-sonoma-mug-with-socks%2Fp%2Fvp-9026%2F%3F%26cohcid%3D%26sid%3DEM466%26utm_source%3Dbronto%26utm_medium%3Demail%26utm_content%3DEM466-1107%26utm_campaign%3Dholiday%26_bta_tid%3D12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.63.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-63-93.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 18:11:38 GMT
Cache-Control: max-age=86400, private
Expires: Sat, 21 Nov 2020 18:11:38 GMT
Server: nginx
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H/1.1 200
OK i
p.yotpo.com/ 35 B
402 B 33ms
33ms Image
image/gif 18.193.63.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.yotpo.com/i?e=se&se_ca=reviews&se_ac=loaded&se_la=no_reviews&se_pr=2020-10-28_10-42-10&se_psk=VP-9026&se_va=klxL5FhIMNyGmwj9h6Vv9i0PhCJWnIsQu2kpimZA&cx=eyJwdl91dWlkIjo4MDgyMDM1MzUsImRhdGFfc291cmNlIjoiZGVmYXVsdCJ9&dtm=1605895898389&tid=497078&vp=1600x1200&ds=1600x3148&vid=1&duid=29f2f2c6831b3357&p=web&tv=js-0.13.2&fp=606422418&aid=onsite_v2&lang=en-US&cs=UTF-8&tz=Europe%2FBerlin&res=1600x1200&cd=24&cookie=1&url=https%3A%2F%2Fwww.positivepromotions.com%2Fthanks-for-making-a-difference-sonoma-mug-with-socks%2Fp%2Fvp-9026%2F%3F%26cohcid%3D%26sid%3DEM466%26utm_source%3Dbronto%26utm_medium%3Demail%26utm_content%3DEM466-1107%26utm_campaign%3Dholiday%26_bta_tid%3D12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.63.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-63-93.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 18:11:38 GMT
Cache-Control: max-age=86400, private
Expires: Sat, 21 Nov 2020 18:11:38 GMT
Server: nginx
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H/1.1 200
OK i
p.yotpo.com/ 35 B
402 B 33ms
33ms Image
image/gif 18.193.63.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.yotpo.com/i?e=se&se_ca=questions&se_ac=loaded&se_la=no_reviews&se_pr=2020-10-28_10-42-10&se_psk=VP-9026&se_va=klxL5FhIMNyGmwj9h6Vv9i0PhCJWnIsQu2kpimZA&cx=eyJwdl91dWlkIjo4MDgyMDM1MzUsImRhdGFfc291cmNlIjoiZGVmYXVsdCJ9&dtm=1605895898390&tid=302551&vp=1600x1200&ds=1600x3148&vid=1&duid=29f2f2c6831b3357&p=web&tv=js-0.13.2&fp=606422418&aid=onsite_v2&lang=en-US&cs=UTF-8&tz=Europe%2FBerlin&res=1600x1200&cd=24&cookie=1&url=https%3A%2F%2Fwww.positivepromotions.com%2Fthanks-for-making-a-difference-sonoma-mug-with-socks%2Fp%2Fvp-9026%2F%3F%26cohcid%3D%26sid%3DEM466%26utm_source%3Dbronto%26utm_medium%3Demail%26utm_content%3DEM466-1107%26utm_campaign%3Dholiday%26_bta_tid%3D12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.63.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-63-93.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 18:11:38 GMT
Cache-Control: max-age=86400, private
Expires: Sat, 21 Nov 2020 18:11:38 GMT
Server: nginx
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H/1.1 200
OK i
p.yotpo.com/ 35 B
402 B 49ms
32ms Image
image/gif 18.193.63.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.yotpo.com/i?e=se&se_ca=promoted_products&se_ac=loaded&se_psk=VP-9026&se_va=klxL5FhIMNyGmwj9h6Vv9i0PhCJWnIsQu2kpimZA&cx=eyJwdl91dWlkIjo4MDgyMDM1MzV9&dtm=1605895898394&tid=986526&vp=1600x1200&ds=1600x3148&vid=1&duid=29f2f2c6831b3357&p=web&tv=js-0.13.2&fp=606422418&aid=onsite_v2&lang=en-US&cs=UTF-8&tz=Europe%2FBerlin&res=1600x1200&cd=24&cookie=1&url=https%3A%2F%2Fwww.positivepromotions.com%2Fthanks-for-making-a-difference-sonoma-mug-with-socks%2Fp%2Fvp-9026%2F%3F%26cohcid%3D%26sid%3DEM466%26utm_source%3Dbronto%26utm_medium%3Demail%26utm_content%3DEM466-1107%26utm_campaign%3Dholiday%26_bta_tid%3D12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.63.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-63-93.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 18:11:38 GMT
Cache-Control: max-age=86400, private
Expires: Sat, 21 Nov 2020 18:11:38 GMT
Server: nginx
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H/1.1 200
OK i
p.yotpo.com/ 35 B
402 B 71ms
33ms Image
image/gif 18.193.63.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.yotpo.com/i?e=se&se_ca=promoted_products&se_ac=loaded&se_la=product&se_psk=VP-9026&se_va=klxL5FhIMNyGmwj9h6Vv9i0PhCJWnIsQu2kpimZA&cx=eyJwdl91dWlkIjo4MDgyMDM1MzUsImxwcGlkIjoiMTg5MzgzMzU5IiwiZG9tYWluX2tleSI6WyIxODU3Mzc4NzUiLCIxODU3NDQxMzUiLCIxODU3NDczOTAiLCIxODU3NDY3MTQiLCIxODU3Mzk4ODIiLCIxODU3NDczMjQiLCIxODkxOTQxNDYiLCIxODkzODMzNTkiXSwiY291bnRfcHJvZHVjdHMiOjh9&dtm=1605895898395&tid=790123&vp=1600x1200&ds=1600x3148&vid=1&duid=29f2f2c6831b3357&p=web&tv=js-0.13.2&fp=606422418&aid=onsite_v2&lang=en-US&cs=UTF-8&tz=Europe%2FBerlin&res=1600x1200&cd=24&cookie=1&url=https%3A%2F%2Fwww.positivepromotions.com%2Fthanks-for-making-a-difference-sonoma-mug-with-socks%2Fp%2Fvp-9026%2F%3F%26cohcid%3D%26sid%3DEM466%26utm_source%3Dbronto%26utm_medium%3Demail%26utm_content%3DEM466-1107%26utm_campaign%3Dholiday%26_bta_tid%3D12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.63.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-63-93.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 18:11:38 GMT
Cache-Control: max-age=86400, private
Expires: Sat, 21 Nov 2020 18:11:38 GMT
Server: nginx
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H/1.1 200
OK 5436AC25A958
api.datasteam.io/v1/C/RawData/ 207 B
794 B 461ms
116ms Script
text/plain 34.196.165.166
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.datasteam.io/v1/C/RawData/5436AC25A958?v=054cd456-ce37-4166-8994-0d1a2565f026&m=e0bb502b-07fe-4d97-a03c-da1ade72de2f&se=332a6873-7a49-42a2-aa05-6fd474a3122f&d=eyJ2IjoiMDU0Y2Q0NTYtY2UzNy00MTY2LTg5OTQtMGQxYTI1NjVmMDI2IiwibSI6ImUwYmI1MDJiLTA3ZmUtNGQ5Ny1hMDNjLWRhMWFkZTcyZGUyZiIsImNzaSI6IiIsInNlIjoiMzMyYTY4NzMtN2E0OS00MmEyLWFhMDUtNmZkNDc0YTMxMjJmIiwibiI6MSwicCI6Ijc3NzVkNTEyLTRmMjMtNGE0NC1hYmZkLTNiMzYzMzVmZmJlYSIsInUiOiJodHRwczovL3d3dy5wb3NpdGl2ZXByb21vdGlvbnMuY29tL3RoYW5rcy1mb3ItbWFraW5nLWEtZGlmZmVyZW5jZS1zb25vbWEtbXVnLXdpdGgtc29ja3MvcC92cC05MDI2Lz8mY29oY2lkPSZzaWQ9RU00NjYmdXRtX3NvdXJjZT1icm9udG8mdXRtX21lZGl1bT1lbWFpbCZ1dG1fY29udGVudD1FTTQ2Ni0xMTA3JnV0bV9jYW1wYWlnbj1ob2xpZGF5Jl9idGFfdGlkPTEyNzUyNjg1MzU1NDc2NDA5Mzk4MDc2OTM4NDQ2MzAxNTQ3ODI0NTQ1OTA4MTc2MDU2MzI4NzgxMDAwMTExNTE0NDkwODAyNDk4NjI2MjQ0NzU2MzEwMzkzNTg4ODI5OTM2NzgyODU2IiwicG4iOiIvdGhhbmtzLWZvci1tYWtpbmctYS1kaWZmZXJlbmNlLXNvbm9tYS1tdWctd2l0aC1zb2Nrcy9wL3ZwLTkwMjYvIiwiciI6IiIsInQiOiJUaGFua3MgRm9yIE1ha2luZyBBIERpZmZlcmVuY2UgU29ub21hIE11ZyAmIEJ1ZmZhbG8gUGxhaWQgU29ja3MgR2lmdCBTZXQgSW4gSG9saWRheSBHaWZ0IEJveCB8IFBvc2l0aXZlIFByb21vdGlvbnMiLCJjIjoiaHR0cHM6Ly93d3cucG9zaXRpdmVwcm9tb3Rpb25zLmNvbS90aGFua3MtZm9yLW1ha2luZy1hLWRpZmZlcmVuY2Utc29ub21hLW11Zy13aXRoLXNvY2tzL3AvdnAtOTAyNi8iLCJwciI6Ijk4QkQ2NCIsInV0bV9zIjoiYnJvbnRvIiwidXRtX20iOiJlbWFpbCIsInV0bV9jIjoiaG9saWRheSIsInMiOjEsInZzIjoxLCJoYyI6MCwibCI6IlByb2R1Y3QiLCJ2MDEiOiIvdGhhbmtzLWZvci1tYWtpbmctYS1kaWZmZXJlbmNlLXNvbm9tYS1tdWctd2l0aC1zb2Nrcy9wL3ZwLTkwMjYvIiwidjAyIjoiVGhhbmtzIEZvciBNYWtpbmcgQSBEaWZmZXJlbmNlIFNvbm9tYSBNdWcgJiBCdWZmYWxvIFBsYWlkIFNvY2tzIEdpZnQgU2V0IEluIEhvbGlkYXkgR2lmdCBCb3giLCJ2MDMiOiJWUC05MDI2IiwidjA0IjoiaHR0cHM6Ly93d3cucG9zaXRpdmVwcm9tb3Rpb25zLmNvbS9pbWFnZXMvMTAwMC9WUC05MDI2LmpwZz92PTEwMjE4MzQ3NjgwMy0yIiwidjA1IjoiIiwidjA2IjoiOS45OSJ9&callback=cbec44ce3a09f8
Requested by: Host: cdn.datasteam.io
URL: https://cdn.datasteam.io/js/D25436AC25A958.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.165.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-196-165-166.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 18:11:38 GMT
Server: Kestrel
Connection: keep-alive
Content-Length: 207

GET
H2 200 g.jsonp
aa.agkn.com/adscores/ 82 B
394 B 100ms
32ms Script
application/json 52.57.76.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aa.agkn.com/adscores/g.jsonp?sid=9202274878&userid=98BD64-054CD456-CE37-4166-8994-0D1A2565F026
Requested by: Host: cdn.datasteam.io
URL: https://cdn.datasteam.io/js/D25436AC25A958.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.76.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-76-228.eu-central-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Nov 2020 18:11:39 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control: no-cache, no-store, must-revalidate
content-type: application/json
content-length: 82
expires: 0

GET
H/1.1

200
OK

63537
i6.liadm.com/s/
Redirect Chain

https://i.liadm.com/s/63537?bidder_id=242861&bidder_uuid=98BD64-054CD456-CE37-4166-8994-0D1A2565F026
https://i.liadm.com/s/63537?bidder_id=242861&bidder_uuid=98BD64-054CD456-CE37-4166-8994-0D1A2565F026&_li_chk=true&previous_uuid=e5f79f2cdf3441a79c70d7530cd08713
https://i6.liadm.com/s/63537?bidder_id=242861&bidder_uuid=98BD64-054CD456-CE37-4166-8994-0D1A2565F026

43 B
419 B

274ms
98ms

Image
image/gif

2600:1f18:444a:4603:2849:916e:e24c:631d
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/63537?bidder_id=242861&bidder_uuid=98BD64-054CD456-CE37-4166-8994-0D1A2565F026

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:444a:4603:2849:916e:e24c:631d Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 18:11:39 GMT
Cache-Control: no-store
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/63537?bidder_id=242861&bidder_uuid=98BD64-054CD456-CE37-4166-8994-0D1A2565F026
Date: Fri, 20 Nov 2020 18:11:39 GMT
Connection: keep-alive
Content-Length: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H/1.1 200
OK i
p.yotpo.com/ 35 B
402 B 33ms
33ms Image
image/gif 18.193.63.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.yotpo.com/i?e=se&se_ca=star_rating&se_ac=loaded&se_la=product_page&se_psk=VP-9026&se_va=klxL5FhIMNyGmwj9h6Vv9i0PhCJWnIsQu2kpimZA&cx=eyJwdl91dWlkIjo4MDgyMDM1MzUsImRvbWFpbl9rZXkiOlsiVlAtOTAyNiJdLCJjb3VudF9wcm9kdWN0cyI6MSwiZGF0YV9zb3VyY2UiOiJkZWZhdWx0In0&dtm=1605895899224&tid=657218&vp=1600x1200&ds=1600x3148&vid=1&duid=29f2f2c6831b3357&p=web&tv=js-0.13.2&fp=606422418&aid=onsite_v2&lang=en-US&cs=UTF-8&tz=Europe%2FBerlin&res=1600x1200&cd=24&cookie=1&url=https%3A%2F%2Fwww.positivepromotions.com%2Fthanks-for-making-a-difference-sonoma-mug-with-socks%2Fp%2Fvp-9026%2F%3F%26cohcid%3D%26sid%3DEM466%26utm_source%3Dbronto%26utm_medium%3Demail%26utm_content%3DEM466-1107%26utm_campaign%3Dholiday%26_bta_tid%3D12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.63.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-63-93.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 18:11:39 GMT
Cache-Control: max-age=86400, private
Expires: Sat, 21 Nov 2020 18:11:39 GMT
Server: nginx
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H/1.1 200
OK 5436AC25A958
api.datasteam.io/v1/C/RawData/ 208 B
795 B 116ms
115ms Script
text/plain 34.196.165.166
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.datasteam.io/v1/C/RawData/5436AC25A958?v=054cd456-ce37-4166-8994-0d1a2565f026&m=e0bb502b-07fe-4d97-a03c-da1ade72de2f&se=332a6873-7a49-42a2-aa05-6fd474a3122f&d=eyJ2IjoiMDU0Y2Q0NTYtY2UzNy00MTY2LTg5OTQtMGQxYTI1NjVmMDI2IiwibSI6ImUwYmI1MDJiLTA3ZmUtNGQ5Ny1hMDNjLWRhMWFkZTcyZGUyZiIsImNzaSI6IiIsInNlIjoiMzMyYTY4NzMtN2E0OS00MmEyLWFhMDUtNmZkNDc0YTMxMjJmIiwicCI6Ijc3NzVkNTEyLTRmMjMtNGE0NC1hYmZkLTNiMzYzMzVmZmJlYSIsInUiOiJodHRwczovL3d3dy5wb3NpdGl2ZXByb21vdGlvbnMuY29tL3RoYW5rcy1mb3ItbWFraW5nLWEtZGlmZmVyZW5jZS1zb25vbWEtbXVnLXdpdGgtc29ja3MvcC92cC05MDI2Lz8mY29oY2lkPSZzaWQ9RU00NjYmdXRtX3NvdXJjZT1icm9udG8mdXRtX21lZGl1bT1lbWFpbCZ1dG1fY29udGVudD1FTTQ2Ni0xMTA3JnV0bV9jYW1wYWlnbj1ob2xpZGF5Jl9idGFfdGlkPTEyNzUyNjg1MzU1NDc2NDA5Mzk4MDc2OTM4NDQ2MzAxNTQ3ODI0NTQ1OTA4MTc2MDU2MzI4NzgxMDAwMTExNTE0NDkwODAyNDk4NjI2MjQ0NzU2MzEwMzkzNTg4ODI5OTM2NzgyODU2IiwicG4iOiIvdGhhbmtzLWZvci1tYWtpbmctYS1kaWZmZXJlbmNlLXNvbm9tYS1tdWctd2l0aC1zb2Nrcy9wL3ZwLTkwMjYvIiwiciI6IiIsInQiOiJUaGFua3MgRm9yIE1ha2luZyBBIERpZmZlcmVuY2UgU29ub21hIE11ZyAmIEJ1ZmZhbG8gUGxhaWQgU29ja3MgR2lmdCBTZXQgSW4gSG9saWRheSBHaWZ0IEJveCB8IFBvc2l0aXZlIFByb21vdGlvbnMiLCJjIjoiaHR0cHM6Ly93d3cucG9zaXRpdmVwcm9tb3Rpb25zLmNvbS90aGFua3MtZm9yLW1ha2luZy1hLWRpZmZlcmVuY2Utc29ub21hLW11Zy13aXRoLXNvY2tzL3AvdnAtOTAyNi8iLCJwciI6Ijk4QkQ2NCIsImVpZCI6Im5zX3NlZ18wMDAiLCJ1dG1fcyI6ImJyb250byIsInV0bV9tIjoiZW1haWwiLCJ1dG1fYyI6ImhvbGlkYXkiLCJzIjoyLCJ2cyI6MSwiaGMiOjAsImwiOiJBY3Rpb24iLCJ2MDEiOiJFaWQiLCJ2MDIiOiJuc19zZWdfMDAwIn0%3D&callback=cba28943cde5ab1
Requested by: Host: cdn.datasteam.io
URL: https://cdn.datasteam.io/js/D25436AC25A958.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.165.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-196-165-166.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 18:11:38 GMT
Server: Kestrel
Connection: keep-alive
Content-Length: 208

GET
H/1.1 200
OK 5436AC25A958
api.datasteam.io/v1/C/RawData/ 208 B
795 B 117ms
117ms Script
text/plain 34.196.165.166
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.datasteam.io/v1/C/RawData/5436AC25A958?v=054cd456-ce37-4166-8994-0d1a2565f026&m=e0bb502b-07fe-4d97-a03c-da1ade72de2f&se=332a6873-7a49-42a2-aa05-6fd474a3122f&d=eyJ2IjoiMDU0Y2Q0NTYtY2UzNy00MTY2LTg5OTQtMGQxYTI1NjVmMDI2IiwibSI6ImUwYmI1MDJiLTA3ZmUtNGQ5Ny1hMDNjLWRhMWFkZTcyZGUyZiIsImNzaSI6IiIsInNlIjoiMzMyYTY4NzMtN2E0OS00MmEyLWFhMDUtNmZkNDc0YTMxMjJmIiwicCI6Ijc3NzVkNTEyLTRmMjMtNGE0NC1hYmZkLTNiMzYzMzVmZmJlYSIsInUiOiJodHRwczovL3d3dy5wb3NpdGl2ZXByb21vdGlvbnMuY29tL3RoYW5rcy1mb3ItbWFraW5nLWEtZGlmZmVyZW5jZS1zb25vbWEtbXVnLXdpdGgtc29ja3MvcC92cC05MDI2Lz8mY29oY2lkPSZzaWQ9RU00NjYmdXRtX3NvdXJjZT1icm9udG8mdXRtX21lZGl1bT1lbWFpbCZ1dG1fY29udGVudD1FTTQ2Ni0xMTA3JnV0bV9jYW1wYWlnbj1ob2xpZGF5Jl9idGFfdGlkPTEyNzUyNjg1MzU1NDc2NDA5Mzk4MDc2OTM4NDQ2MzAxNTQ3ODI0NTQ1OTA4MTc2MDU2MzI4NzgxMDAwMTExNTE0NDkwODAyNDk4NjI2MjQ0NzU2MzEwMzkzNTg4ODI5OTM2NzgyODU2IiwicG4iOiIvdGhhbmtzLWZvci1tYWtpbmctYS1kaWZmZXJlbmNlLXNvbm9tYS1tdWctd2l0aC1zb2Nrcy9wL3ZwLTkwMjYvIiwiciI6IiIsInQiOiJUaGFua3MgRm9yIE1ha2luZyBBIERpZmZlcmVuY2UgU29ub21hIE11ZyAmIEJ1ZmZhbG8gUGxhaWQgU29ja3MgR2lmdCBTZXQgSW4gSG9saWRheSBHaWZ0IEJveCB8IFBvc2l0aXZlIFByb21vdGlvbnMiLCJjIjoiaHR0cHM6Ly93d3cucG9zaXRpdmVwcm9tb3Rpb25zLmNvbS90aGFua3MtZm9yLW1ha2luZy1hLWRpZmZlcmVuY2Utc29ub21hLW11Zy13aXRoLXNvY2tzL3AvdnAtOTAyNi8iLCJwciI6Ijk4QkQ2NCIsImVpZCI6Im5zX3NlZ18wMDAiLCJ1dG1fcyI6ImJyb250byIsInV0bV9tIjoiZW1haWwiLCJ1dG1fYyI6ImhvbGlkYXkiLCJzIjozLCJ2cyI6MSwiaGMiOjAsImwiOiJBY3Rpb24iLCJ2MDEiOiJFczEifQ%3D%3D&callback=cb8abf630012bfa
Requested by: Host: cdn.datasteam.io
URL: https://cdn.datasteam.io/js/D25436AC25A958.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.165.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-196-165-166.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 18:11:38 GMT
Server: Kestrel
Connection: keep-alive
Content-Length: 208

GET
H/1.1 200
OK i
p.yotpo.com/ 35 B
402 B 34ms
33ms Image
image/gif 18.193.63.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.yotpo.com/i?e=se&se_ca=star_rating&se_ac=shown&se_pr=VP-9026&se_psk=VP-9026&se_va=klxL5FhIMNyGmwj9h6Vv9i0PhCJWnIsQu2kpimZA&cx=eyJwdl91dWlkIjo4MDgyMDM1MzV9&dtm=1605895899392&tid=771262&vp=1600x1200&ds=1600x3148&vid=1&duid=29f2f2c6831b3357&p=web&tv=js-0.13.2&fp=606422418&aid=onsite_v2&lang=en-US&cs=UTF-8&tz=Europe%2FBerlin&res=1600x1200&cd=24&cookie=1&url=https%3A%2F%2Fwww.positivepromotions.com%2Fthanks-for-making-a-difference-sonoma-mug-with-socks%2Fp%2Fvp-9026%2F%3F%26cohcid%3D%26sid%3DEM466%26utm_source%3Dbronto%26utm_medium%3Demail%26utm_content%3DEM466-1107%26utm_campaign%3Dholiday%26_bta_tid%3D12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.63.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-63-93.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 18:11:39 GMT
Cache-Control: max-age=86400, private
Expires: Sat, 21 Nov 2020 18:11:39 GMT
Server: nginx
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 200 recaptcha__en.js
www.gstatic.com/recaptcha/releases/UFwvoDBMjc8LiYc1DKXiAomK/ 335 KB
131 KB 42ms
5ms Script
text/javascript 2a00:1450:4001:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/UFwvoDBMjc8LiYc1DKXiAomK/recaptcha__en.js

Requested by

Host: cdn.yottaa.com
URL: https://cdn.yottaa.com/rapid.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.positivepromotions.com
Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 17:40:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1895
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133988
x-xss-protection: 0
last-modified: Mon, 16 Nov 2020 01:06:46 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Nov 2021 17:40:05 GMT

GET
H/1.1 200
OK embed.js
unbxd.s3.amazonaws.com/ 6 KB
6 KB 782ms
208ms Script
application/javascript 52.219.132.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://unbxd.s3.amazonaws.com/embed.js
Requested by: Host: cdn.yottaa.com
URL: https://cdn.yottaa.com/rapid.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.132.112 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 18:11:41 GMT
Last-Modified: Mon, 04 Feb 2019 12:17:39 GMT
Server: AmazonS3
x-amz-request-id: 4458B5DB48DE02C1
ETag: "cbd18052ee4d48d2b020f0e3750e03e6"
Content-Type: application/javascript
x-amz-version-id: 806XLmY7btbOmzuFTDWqhWzCXdID5KXf
Accept-Ranges: bytes
Content-Length: 5662
x-amz-id-2: iqfxf+AyRovvFdjSItqvsbOEeudUex+MPcJX3xSIQzyBGmifEto31Qt1mr5G/LfuuB16zw0eE0g=

GET
H/1.1 200
OK embed.js
d21gpk1vhmjuf5.cloudfront.net/ 6 KB
6 KB 37ms
34ms Script
application/javascript 143.204.201.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d21gpk1vhmjuf5.cloudfront.net/embed.js
Requested by: Host: cdn.yottaa.com
URL: https://cdn.yottaa.com/rapid.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.28 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-28.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 806XLmY7btbOmzuFTDWqhWzCXdID5KXf
Via: 1.1 48391c4ed2c51e95dcabcb70cf613127.cloudfront.net (CloudFront)
Last-Modified: Mon, 04 Feb 2019 12:17:39 GMT
Server: AmazonS3
Age: 20673
ETag: "cbd18052ee4d48d2b020f0e3750e03e6"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
Date: Fri, 20 Nov 2020 12:27:08 GMT
X-Amz-Cf-Pop: FRA53-C1
Accept-Ranges: bytes
Content-Length: 5662
X-Amz-Cf-Id: JbNhFVVA2_XFObWabsGeQL004F4MVY3db3MWWY033yzMojJ_kcRmJw==

GET
H2 200 /
googleads.g.doubleclick.net/pagead/viewthroughconversion/1071029284/ 3 KB
2 KB 54ms
19ms Script
text/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1071029284/?random=1605895897916&cv=9&fst=1605895897916&num=1&label=j3f2CLrlrQUQpLja_gM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&data=ecomm_prodid%3DVP-9026%3Becomm_pagetype%3Dproduct%3Becomm_totalvalue%3D9.99&frm=0&url=https%3A%2F%2Fwww.positivepromotions.com%2Fthanks-for-making-a-difference-sonoma-mug-with-socks%2Fp%2Fvp-9026%2F%3F%26cohcid%3D%26sid%3DEM466%26utm_source%3Dbronto%26utm_medium%3Demail%26utm_content%3DEM466-1107%26utm_campaign%3Dholiday%26_bta_tid%3D12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856&tiba=Thanks%20For%20Making%20A%20Difference%20Sonoma%20Mug%20%26%20Buffalo%20Plaid%20Socks%20Gift%20Set%20In%20Holiday%20Gift%20Box%20%7C%20Positive%20Promotions&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: cdn.yottaa.com
URL: https://cdn.yottaa.com/rapid.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Nov 2020 18:11:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1354
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 A2030358-93ee-4232-a887-68f51f27ca671.js
d.impactradius-event.com/ 41 KB
13 KB 507ms
448ms Script
text/javascript 35.186.249.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.impactradius-event.com/A2030358-93ee-4232-a887-68f51f27ca671.js
Requested by: Host: cdn.yottaa.com
URL: https://cdn.yottaa.com/rapid.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.249.72 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 72.249.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 18:11:40 GMT
content-encoding: gzip
x-guploader-uploadid: ABg5-Uws3D0EMdbWqUyavT7NbYncH2QFWnoU4T5jzQYEyg8w2F30hwaCpVUUuv-EnJys4IchR1sjjN0hRikkaGWo7OGesr_OUw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 13030
last-modified: Fri, 13 Nov 2020 02:45:11 GMT
server: UploadServer
etag: "30b2e3754cbb5796327c28af66ed33a1"
vary: Accept-Encoding
x-goog-hash: crc32c=qt9uVQ==, md5=MLLjdUy7V5YyfCivZu0zoQ==
x-goog-generation: 1605235511700951
cache-control: public,max-age=900,s-maxage=300
x-goog-stored-content-length: 13030
accept-ranges: bytes
content-type: text/javascript; charset=utf-8
expires: Fri, 20 Nov 2020 18:16:40 GMT

GET
H3-Q050 200 ec.js
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: cdn.yottaa.com
URL: https://cdn.yottaa.com/rapid.min.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 17:26:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 2710
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
expires: Fri, 20 Nov 2020 18:26:30 GMT

GET
H3-Q050 200 analytics.js
www.google-analytics.com/ 46 KB
19 KB 31ms
28ms Script
text/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cdn.yottaa.com
URL: https://cdn.yottaa.com/rapid.min.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 3352
date: Fri, 20 Nov 2020 17:15:48 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Fri, 20 Nov 2020 19:15:48 GMT

GET
H2 200 api
sc.liveclicker.net/service/ 61 B
530 B 373ms
111ms Script
application/json 52.71.121.107
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sc.liveclicker.net/service/api?method=liveclicker.widget.getList&account_id=1398&&extra_options=%7B%22include_description%22%3A%22true%22%2C%22return_dimensions%22%3A%226%22%7D&dim5=VP-9026&status=online&format=json&var=liveclicker.api_res[0]
Requested by: Host: cdn.yottaa.com
URL: https://cdn.yottaa.com/rapid.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.71.121.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-71-121-107.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 18:11:40 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
content-length: 70
vary: Accept-Encoding
content-type: application/json;charset=utf-8

GET
H2

200

event
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=50039&v=5.6.2&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvp%26p%3DVP-9026&p3=e%3Ddis&adce=1&tld=positivepromotions.com&dtycbr=52318
https://widget.us.criteo.com/event?a=50039&v=5.6.2&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvp%26p%3DVP-9026&p3=e%3Ddis&adce=1&tld=positivepromotions.com&dtycbr=52318

8 KB
4 KB

371ms
145ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.us.criteo.com/event?a=50039&v=5.6.2&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvp%26p%3DVP-9026&p3=e%3Ddis&adce=1&tld=positivepromotions.com&dtycbr=52318
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Nov 2020 18:11:39 GMT
content-encoding: gzip
content-type: application/x-javascript
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
server-processing-duration-in-ticks: 57869
timing-allow-origin: *
content-length: 4153
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 20 Nov 2020 18:11:39 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
location: https://widget.us.criteo.com/event?a=50039&v=5.6.2&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvp%26p%3DVP-9026&p3=e%3Ddis&adce=1&tld=positivepromotions.com&dtycbr=52318
cache-control: no-cache
server-processing-duration-in-ticks: 2005
timing-allow-origin: *
content-length: 0
expires: 0

GET
H/1.1 200
OK unbxdAnalyticsConfig.js
d21gpk1vhmjuf5.cloudfront.net/ 2 KB
2 KB 34ms
32ms Script
application/javascript 143.204.201.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d21gpk1vhmjuf5.cloudfront.net/unbxdAnalyticsConfig.js
Requested by: Host: cdn.yottaa.com
URL: https://cdn.yottaa.com/rapid.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.28 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-28.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: sl1yq0eqCizhSK0LQtvwSLVieDUkuokv
Via: 1.1 15d3b4db3728feaae1780610a1bac86e.cloudfront.net (CloudFront)
Last-Modified: Thu, 29 Oct 2020 07:14:26 GMT
Server: AmazonS3
Age: 20686
ETag: "b94724f8edeedf928d7a98b469abb496"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
Date: Fri, 20 Nov 2020 12:26:54 GMT
X-Amz-Cf-Pop: FRA53-C1
Accept-Ranges: bytes
Content-Length: 1558
X-Amz-Cf-Id: mbW-B-qV3AF8fDYL3jIcMCKeKnwLoOcpESnKSAFDd6VdTbxnuFrwaQ==

GET
H2 200 modules.ae930258b2386dc57451.js
script.hotjar.com/ 220 KB
58 KB 171ms
49ms Script
application/javascript 54.192.229.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.ae930258b2386dc57451.js

Requested by

Host: cdn.yottaa.com
URL: https://cdn.yottaa.com/rapid.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.229.110 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-229-110.waw50.r.cloudfront.net

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 14:20:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13872
x-cache: Hit from cloudfront
content-length: 58824
access-control-allow-origin: *
last-modified: Fri, 20 Nov 2020 14:16:32 GMT
etag: "5c86201fc1e47bb4ea49b0f25bd401ed"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 ec3c5df6777270d9633f0082bf016380.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: WAW50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: kvtdEyOVaKvf__f4dTcO1BnQ2KWGq9aNNpJcZiQmEWxWwwZw4kiC8A==

GET
H/1.1 200
OK frs-next.js
emails.positivepromotions.com/js/ 4 KB
5 KB 544ms
167ms Script
application/x-javascript 54.91.222.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://emails.positivepromotions.com/js/frs-next.js

Requested by

Host: cdn.yottaa.com
URL: https://cdn.yottaa.com/rapid.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.222.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-222-103.compute-1.amazonaws.com

Software

nginx / ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 18:11:40 GMT
ETag: "e17a6dd54cfad11:0"
Last-Modified: Fri, 19 Aug 2016 19:06:47 GMT
Server: nginx
X-Powered-By: ASP.NET
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4306

GET
H/1.1 200
OK vms.js
vmss.boldchat.com/aid/367279686880837180/bc.vms4/ 53 KB
18 KB 502ms
125ms Script
text/javascript 173.199.53.103
GOTO-PRIMARY-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://vmss.boldchat.com/aid/367279686880837180/bc.vms4/vms.js

Requested by

Host: cdn.yottaa.com
URL: https://cdn.yottaa.com/rapid.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

173.199.53.103 , United States, ASN16815 (GOTO-PRIMARY-AS, US),

Reverse DNS

b-app14-35.boldchat.com

Software

BoldChat/8002 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 18:11:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: BoldChat/8002
ETag: "01C51E11F9CEE4138D621C8F110A261D"
P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM", policyref="http://my.boldchat.com/w3c/p3p.xml"
Cache-Control: max-age=7200, public
Content-Type: text/javascript;charset=UTF-8
Content-Length: 18039

POST
H3-Q050 200 collect
www.google-analytics.com/j/ 2 B
50 B 14ms
13ms XHR
text/plain 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=586685924&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.positivepromotions.com%2Fthanks-for-making-a-difference-sonoma-mug-with-socks%2Fp%2Fvp-9026%2F%3F%26cohcid%3D%26sid%3DEM466%26utm_source%3Dbronto%26utm_medium%3Demail%26utm_content%3DEM466-1107%26utm_campaign%3Dholiday%26_bta_tid%3D12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856&ul=en-us&de=UTF-8&dt=Thanks%20For%20Making%20A%20Difference%20Sonoma%20Mug%20%26%20Buffalo%20Plaid%20Socks%20Gift%20Set%20In%20Holiday%20Gift%20Box%20%7C%20Positive%20Promotions&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=eCommerce%20Event&ea=Product%20Page&el=Product%20Impression&_u=aGDAAEIrQAAAAG~&jid=1772650652&gjid=1084334743&cid=366357947.1605895898&tid=UA-1042451-1&_gid=1161513004.1605895898&_r=1&cd3=active&gtm=2wgb41PJD7SL&cd5=2020-11-20T19%3A11%3A38.22%2B01%3A00&pa=detail&pr1nm=Thanks%20For%20Making%20A%20Difference%20Sonoma%20Mug%20%26%20Buffalo%20Plaid%20Socks%20Gift%20Set%20In%20Holiday%20Gift%20Box&pr1id=VP-9026&pr1ca=Holiday%20essentials&pr1ps=1&z=913701058

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Nov 2020 18:11:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.positivepromotions.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
63 B 6ms
5ms Image
image/gif 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=586685924&t=event&ni=true&_s=2&dl=https%3A%2F%2Fwww.positivepromotions.com%2Fthanks-for-making-a-difference-sonoma-mug-with-socks%2Fp%2Fvp-9026%2F%3F%26cohcid%3D%26sid%3DEM466%26utm_source%3Dbronto%26utm_medium%3Demail%26utm_content%3DEM466-1107%26utm_campaign%3Dholiday%26_bta_tid%3D12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856&ul=en-us&de=UTF-8&dt=Thanks%20For%20Making%20A%20Difference%20Sonoma%20Mug%20%26%20Buffalo%20Plaid%20Socks%20Gift%20Set%20In%20Holiday%20Gift%20Box%20%7C%20Positive%20Promotions&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=EmailModal&ea=Show&el=Displayed&_u=aGDAgEIrQAAAAG~&jid=&gjid=&cid=366357947.1605895898&tid=UA-1042451-1&_gid=1161513004.1605895898&cd2=control&cd3=yo-not-present&z=946019152

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Nov 2020 19:27:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 81836
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
recommendations.unbxdapi.com/v1.0/64601147214db18d63b681068f9a6b28/prod-positivepromotions-com800951496246780/more-like-these/VP-9026/ 40 KB
5 KB 1807ms
1217ms Script
application/javascript 122.248.248.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://recommendations.unbxdapi.com/v1.0/64601147214db18d63b681068f9a6b28/prod-positivepromotions-com800951496246780/more-like-these/VP-9026/?cont=unbxd_more_like_these&uid=uid-1605895898101-34990&screenWidth=1600
Requested by: Host: cdn.yottaa.com
URL: https://cdn.yottaa.com/rapid.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 122.248.248.129 Ulu Bedok, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-122-248-248-129.ap-southeast-1.compute.amazonaws.com
Software: / Express
Resource Hash

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 18:11:41 GMT
Content-Encoding: gzip
X-Powered-By: Express
ETag: W/"a0e5-Czj/OGauDRCAG+oJH/yEdw"
Vary: X-HTTP-Method-Override, Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive
Content-Length: 5094
x-request-id: bee8db49-9348-4b9e-8451-009460c260f5

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/1071029284/ 42 B
135 B 37ms
37ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1071029284/?random=1605895897916&cv=9&fst=1605895200000&num=1&label=j3f2CLrlrQUQpLja_gM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=ecomm_prodid%3DVP-9026%3Becomm_pagetype%3Dproduct%3Becomm_totalvalue%3D9.99&frm=0&url=https%3A%2F%2Fwww.positivepromotions.com%2Fthanks-for-making-a-difference-sonoma-mug-with-socks%2Fp%2Fvp-9026%2F%3F%26cohcid%3D%26sid%3DEM466%26utm_source%3Dbronto%26utm_medium%3Demail%26utm_content%3DEM466-1107%26utm_campaign%3Dholiday%26_bta_tid%3D12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856&tiba=Thanks%20For%20Making%20A%20Difference%20Sonoma%20Mug%20%26%20Buffalo%20Plaid%20Socks%20Gift%20Set%20In%20Holiday%20Gift%20Box%20%7C%20Positive%20Promotions&fmt=3&is_vtc=1&random=2704315798&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Nov 2020 18:11:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/1071029284/ 42 B
530 B 49ms
35ms Image
image/gif 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1071029284/?random=1605895897916&cv=9&fst=1605895200000&num=1&label=j3f2CLrlrQUQpLja_gM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=ecomm_prodid%3DVP-9026%3Becomm_pagetype%3Dproduct%3Becomm_totalvalue%3D9.99&frm=0&url=https%3A%2F%2Fwww.positivepromotions.com%2Fthanks-for-making-a-difference-sonoma-mug-with-socks%2Fp%2Fvp-9026%2F%3F%26cohcid%3D%26sid%3DEM466%26utm_source%3Dbronto%26utm_medium%3Demail%26utm_content%3DEM466-1107%26utm_campaign%3Dholiday%26_bta_tid%3D12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856&tiba=Thanks%20For%20Making%20A%20Difference%20Sonoma%20Mug%20%26%20Buffalo%20Plaid%20Socks%20Gift%20Set%20In%20Holiday%20Gift%20Box%20%7C%20Positive%20Promotions&fmt=3&is_vtc=1&random=2704315798&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Nov 2020 18:11:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect
stats.g.doubleclick.net/j/ 4 B
431 B 40ms
14ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-1042451-1&cid=366357947.1605895898&jid=1772650652&gjid=1084334743&_gid=1161513004.1605895898&_u=aGDAAEIrQAAAAG~&z=287555696

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 20 Nov 2020 18:11:40 GMT
content-type: text/plain
access-control-allow-origin: https://www.positivepromotions.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 event
qoe-1.yottaa.net/log-nt/ 3 B
191 B 112ms
36ms Other
text/json 165.254.56.41
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://qoe-1.yottaa.net/log-nt/event
Requested by: Host: cdn.yottaa.com
URL: https://cdn.yottaa.com/rapid.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.254.56.41 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 20 Nov 2020 18:11:40 GMT
cache-control: no-cache
access-control-allow-credentials: true
content-type: text/json
timing-allow-origin: *
access-control-expose-headers: X-Results-Data-Source

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
65 B 37ms
37ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-1042451-1&cid=366357947.1605895898&jid=1772650652&_u=aGDAAEIrQAAAAG~&z=1093041185

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Nov 2020 18:11:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.de/ads/ 42 B
65 B 31ms
30ms Image
image/gif 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-1042451-1&cid=366357947.1605895898&jid=1772650652&_u=aGDAAEIrQAAAAG~&z=1093041185

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Nov 2020 18:11:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 visit-data
in.hotjar.com/api/v2/client/sites/2076251/ 178 B
321 B 162ms
58ms XHR
application/json 34.240.31.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/2076251/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.ae930258b2386dc57451.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.240.31.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 20 Nov 2020 18:11:40 GMT
content-encoding: br
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json

GET
H2 200 /
www.facebook.com/tr/ Frame 7293 44 B
377 B 20ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=489976674733735&ev=ViewContent&cd[content_type]=product&cd[content_ids]=%5B%22-6940745018134828429%22%5D&cd[product_catalog_id]=2082113585363375&cd[product_category]=0&cd[criteo_audience_3_0]=A3&cd[external_id]=80112261-5161-4f54-8fc2-ce5d95de4964&cd[application_id]=423936147658676

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 18:11:40 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 20 Nov 2020 18:11:40 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/rightmedia/ Frame C3CE
Redirect Chain

https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1
https://dis.criteo.com/dis/rtb/rightmedia/cookiematch.aspx?xid=E0

43 B
333 B

34ms
32ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dis.criteo.com/dis/rtb/rightmedia/cookiematch.aspx?xid=E0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Nov 2020 18:11:40 GMT
server: Microsoft-IIS/10.0
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
x-powered-by: ASP.NET
content-type: image/gif
cache-control: no-cache
server-processing-duration-in-ticks: 3108
timing-allow-origin: *
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Fri, 20 Nov 2020 18:11:40 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
location: https://dis.criteo.com/dis/rtb/rightmedia/cookiematch.aspx?xid=E0
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H/1.1 200
OK spp.pl
sp.analytics.yahoo.com/ Frame C3CE 43 B
964 B 132ms
129ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=10028862&js=no

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 , Switzerland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 18:11:40 GMT
X-Content-Type-Options: nosniff
Age: 0
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: ATS
X-Frame-Options: DENY
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: no-cache, private, must-revalidate
Accept-Ranges: bytes
Expires: Fri, 20 Nov 2020 18:11:40 GMT

GET
H/1.1 204
No Content sync
ups.analytics.yahoo.com/ups/58301/ Frame C3CE 0
657 B 117ms
35ms Image
text/plain 18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-10_qHMMLPKvNmZZ47osEwLN9du3gtZLhEuaUmg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.128 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 18:11:40 GMT
Server: ATS/7.1.2.128
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame C3CE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay0tMjBLa2NNTFBLdk5tWlo0N29zRXdMTjlkdTE2dkxUQVNVbFZadw
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0

43 B
332 B

31ms
31ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Nov 2020 18:11:40 GMT
server: Microsoft-IIS/10.0
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
x-powered-by: ASP.NET
content-type: image/gif
cache-control: no-cache
server-processing-duration-in-ticks: 464
timing-allow-origin: *
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 20 Nov 2020 18:11:40 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 279
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
partner.mediawallahscript.com/ Frame C3CE 32 B
367 B 214ms
47ms Image
image/png 34.247.125.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k--20KkcMLPKvNmZZ47osEwLN9du16vLTASUlVZw&custom=&tag_format=img&tag_action=sync&custom=&cb=a936adc0-e371-4431-981b-3c649ed37ae2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.125.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 18:11:40 GMT
Server: nginx/1.12.1
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: private, no-cache, must-revalidate, no-store, max-age=0
Connection: keep-alive
Content-Type: image/png
Content-Length: 32
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame C3CE
Redirect Chain

https://secure.adnxs.com/setuid?entity=52&code=k-URNEB8MLPKvNmZZ47osEwLN9du2wjQMMybsuLA&seg=95287
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-URNEB8MLPKvNmZZ47osEwLN9du2wjQMMybsuLA%26seg%3D95287

43 B
1 KB

110ms
109ms

Image
image/gif

185.33.221.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-URNEB8MLPKvNmZZ47osEwLN9du2wjQMMybsuLA%26seg%3D95287

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.52 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Nov 2020 18:11:40 GMT
X-Proxy-Origin: 82.102.20.211; 82.102.20.211; 725.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.108:80
AN-X-Request-Uuid: 43b45a75-590f-4676-ac03-5bbcf2603eb2
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 20 Nov 2020 18:11:40 GMT
X-Proxy-Origin: 82.102.20.211; 82.102.20.211; 725.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.155:80
AN-X-Request-Uuid: 924c7663-7408-48ee-9f39-38a58f0a3058
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-URNEB8MLPKvNmZZ47osEwLN9du2wjQMMybsuLA%26seg%3D95287
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 c.gif
c.bing.com/ Frame C3CE 42 B
318 B 29ms
28ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-URNEB8MLPKvNmZZ47osEwLN9du2wjQMMybsuLA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Nov 2020 18:11:39 GMT
etag: "4ac1f9bd94acd61:0"
last-modified: Tue, 27 Oct 2020 19:09:49 GMT
x-msedge-ref: Ref A: C631C8556E5E436AB597961C1788763E Ref B: FRAEDGE1212 Ref C: 2020-11-20T18:11:40Z
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/cdb/ Frame C3CE
Redirect Chain

https://gum.criteo.com/sync?c=383&r=1&a=1&u=https%3A%2F%2Fd.turn.com%2Fr%2Fdd%2Fid%2FL2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI%2Fdpuid%2F%40USERID%40%2Furl%2Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%25...
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI/dpuid/_Ck43-6Lcy6xhOqhAH1nSBYs59AjXYFG/url/https%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fcdb%2Fcookiematch.aspx%3F%26extid%3D%24!%7BTURN_...
https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=8546603763465062209

43 B
333 B

32ms
31ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=8546603763465062209
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Nov 2020 18:11:40 GMT
server: Microsoft-IIS/10.0
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
x-powered-by: ASP.NET
content-type: image/gif
cache-control: no-cache
server-processing-duration-in-ticks: 2717
timing-allow-origin: *
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=8546603763465062209
pragma: no-cache
date: Fri, 20 Nov 2020 18:11:40 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
server: Apache-Coyote/1.1
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame C3CE
Redirect Chain

https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-NhVkOcMLPKvNmZZ47osEwLN9du0Rtpllzxm9ew
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-NhVkOcMLPKvNmZZ47osEwLN9du0Rtpllzxm9ew&rdrctExp=true

0
476 B

108ms
108ms

Image
text/plain

64.202.112.159
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-NhVkOcMLPKvNmZZ47osEwLN9du0Rtpllzxm9ew&rdrctExp=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 18:11:41 GMT
Cache-Control: no-cache
X-TraceId: e81484a36a3f3be26052289a22e7e889
Content-Length: 0

Redirect headers

Location: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-NhVkOcMLPKvNmZZ47osEwLN9du0Rtpllzxm9ew&rdrctExp=true
Date: Fri, 20 Nov 2020 18:11:40 GMT
X-TraceId: ecd670709e24fe79a112e9718cff8fff
Content-Length: 0

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame C3CE 0
239 B 129ms
33ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-ljZz58MLPKvNmZZ47osEwLN9du12yGCd3q_-xw&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/gif

GET
H2 204 t.gif
cw.addthis.com/ Frame C3CE 0
426 B 212ms
142ms Image
text/plain 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cw.addthis.com/t.gif?pid=113&pdid=k-ljZz58MLPKvNmZZ47osEwLN9du12yGCd3q_-xw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-112.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Nov 2020 18:11:40 GMT
cache-control: max-age=0, no-cache, no-store
expires: Fri, 20 Nov 2020 18:11:40 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame C3CE
Redirect Chain

https://eb2.3lift.com/xuid?mid=2711&xuid=k-6DqEVsMLPKvNmZZ47osEwLN9du3Q_uaDaZ-1xQ&dongle=013b
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-6DqEVsMLPKvNmZZ47osEwLN9du3Q_uaDaZ-1xQ&dongle=013b&gdpr=1&cmp_cs=&us_privacy=

37 B
351 B

33ms
33ms

Image
image/gif

18.196.136.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-6DqEVsMLPKvNmZZ47osEwLN9du3Q_uaDaZ-1xQ&dongle=013b&gdpr=1&cmp_cs=&us_privacy=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.136.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-136-126.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 18:11:40 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=2711&xuid=k-6DqEVsMLPKvNmZZ47osEwLN9du3Q_uaDaZ-1xQ&dongle=013b&gdpr=1&cmp_cs=&us_privacy=
date: Fri, 20 Nov 2020 18:11:40 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 pixel_sync
trends.revcontent.com/cm/ Frame C3CE 35 B
336 B 155ms
54ms Image
image/gif 54.194.87.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?bidder=151&bidder_uid=k-0_EAecMLPKvNmZZ47osEwLN9du3tt8OaoKcpIw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.87.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-87-101.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 18:11:40 GMT
x-powered-by: Express
content-length: 35
content-type: image/gif

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/55945/ Frame C3CE
Redirect Chain

https://pixel.advertising.com/ups/55945/sync?uid=k-jFlSEsMLPKvNmZZ47osEwLN9du3tn5Qfgd7aLQ&_origin=1
https://pixel.advertising.com/ups/55945/sync?uid=k-jFlSEsMLPKvNmZZ47osEwLN9du3tn5Qfgd7aLQ&_origin=1&verify=true
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-jFlSEsMLPKvNmZZ47osEwLN9du3tn5Qfgd7aLQ&_origin=1&apid=UPd6a18550-2b5b-11eb-9c42-06b79851ae8e

0
976 B

35ms
35ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-jFlSEsMLPKvNmZZ47osEwLN9du3tn5Qfgd7aLQ&_origin=1&apid=UPd6a18550-2b5b-11eb-9c42-06b79851ae8e

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.128 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 18:11:40 GMT
Server: ATS/7.1.2.128
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-jFlSEsMLPKvNmZZ47osEwLN9du3tn5Qfgd7aLQ&_origin=1&apid=UPd6a18550-2b5b-11eb-9c42-06b79851ae8e
date: Fri, 20 Nov 2020 18:11:40 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 /
s.ad.smaato.net/c/ Frame C3CE 0
237 B 128ms
72ms Image
text/plain 143.204.55.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-aLo1IsMLPKvNmZZ47osEwLN9du0nbgqHD3zdiQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.55.118 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-55-118.osl50.r.cloudfront.net
Software: CloudFront /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 18:11:40 GMT
via: 1.1 6cb1d4b545e7beb4ead790454f4807c7.cloudfront.net (CloudFront)
server: CloudFront
cache-control: no-cache, must-revalidate
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: WOlXOBfCVTmZ9kJFJr3WPCe5LmiM3LY5ioSstGrU6KbYQQ9CCZkjhw==
x-cache: Miss from cloudfront

GET
H/1.1 200
OK Pug
simage2.pubmatic.com/AdServer/ Frame C3CE 42 B
997 B 154ms
38ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-IxHv6MMLPKvNmZZ47osEwLN9du3LZmMTj453Tw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Fri, 20 Nov 2020 18:11:40 GMT
X-lat: Pug23004:0:306
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame C3CE
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k--hSqM8MLPKvNmZZ47osEwLN9du0ou7en-Mpdpw
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k--hSqM8MLPKvNmZZ47osEwLN9du0ou7en-Mpdpw&C=1

43 B
1 KB

66ms
66ms

Image
image/gif

184.51.9.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k--hSqM8MLPKvNmZZ47osEwLN9du0ou7en-Mpdpw&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.98 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-98.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Nov 2020 18:11:40 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Nov 2020 18:11:40 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 20 Nov 2020 18:11:40 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k--hSqM8MLPKvNmZZ47osEwLN9du0ou7en-Mpdpw&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 296
Expires: Fri, 20 Nov 2020 18:11:40 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame C3CE
Redirect Chain

https://us-u.openx.net/w/1.0/sd?id=537072953&val=k-XXuOX8MLPKvNmZZ47osEwLN9du13iWdNgpgEOA&c=us
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072953&val=k-XXuOX8MLPKvNmZZ47osEwLN9du13iWdNgpgEOA&c=us

43 B
180 B

56ms
56ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072953&val=k-XXuOX8MLPKvNmZZ47osEwLN9du13iWdNgpgEOA&c=us
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.198.0 /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Nov 2020 18:11:40 GMT
via: 1.1 google
server: OXGW/16.198.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072953&val=k-XXuOX8MLPKvNmZZ47osEwLN9du13iWdNgpgEOA&c=us
date: Fri, 20 Nov 2020 18:11:40 GMT
via: 1.1 google
server: OXGW/16.198.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2 200 v1
match.sharethrough.com/sync/ Frame C3CE 68 B
262 B 101ms
32ms Image
image/png 54.93.159.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-hItOQcMLPKvNmZZ47osEwLN9du03Z8S8Q21oSw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.159.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 18:11:40 GMT
content-length: 68
content-type: image/png

GET
H2 200 um
criteo-sync.teads.tv/ Frame C3CE 23 B
172 B 151ms
79ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-V5StJcMLPKvNmZZ47osEwLN9du2zw6fER6HJSA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.1.9 /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Nov 2020 18:11:40 GMT
cache-control: max-age=0, no-cache, no-store
expires: Fri, 20 Nov 2020 18:11:40 GMT
server: akka-http/10.1.9
content-length: 23
content-type: image/gif

GET
H2 200 cksync.php
contextual.media.net/ Frame C3CE 46 B
713 B 159ms
67ms Image
image/gif 2.18.68.31
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-A3tBe8MLPKvNmZZ47osEwLN9du2qPryR7hisIw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.68.31 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-68-31.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Fri, 20 Nov 2020 18:11:40 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 46
x-mnet-hl2: E
expires: Fri, 20 Nov 2020 18:11:40 GMT

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame C3CE
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-Owb5n8MLPKvNmZZ47osEwLN9du1IFeHHLw7JFQ&expires=30&user_group=5
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-Owb5n8MLPKvNmZZ47osEwLN9du1IFeHHLw7JFQ&expires=30&user_group=5

43 B
411 B

33ms
33ms

Image
image/gif

18.185.180.173
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-Owb5n8MLPKvNmZZ47osEwLN9du1IFeHHLw7JFQ&expires=30&user_group=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.180.173 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-180-173.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 18:11:40 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-Owb5n8MLPKvNmZZ47osEwLN9du1IFeHHLw7JFQ&expires=30&user_group=5
date: Fri, 20 Nov 2020 18:11:40 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

sync
x.bidswitch.net/ Frame C3CE
Redirect Chain

https://sync.aralego.com/idSync/?ucf_nid=dsp-833DD22BEB97673FB4E8B8DBB882B99&ucf_user_id=k-fRhZNMMLPKvNmZZ47osEwLN9du1F62-YPTxTGQ
https://x.bidswitch.net/sync?ssp=ucfunnel&user_id=8101b4f2-dad5-3c58-8057-95551a353bbf&gdpr=1&gdpr_consent=

43 B
212 B

32ms
32ms

Image
image/gif

18.185.180.173
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=ucfunnel&user_id=8101b4f2-dad5-3c58-8057-95551a353bbf&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.180.173 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-180-173.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 18:11:41 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://x.bidswitch.net/sync?ssp=ucfunnel&user_id=8101b4f2-dad5-3c58-8057-95551a353bbf&gdpr=1&gdpr_consent=
date: Fri, 20 Nov 2020 18:11:41 GMT
connection: close
content-length: 129
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8

GET
H/1.1 200
OK spp.pl
sp.analytics.yahoo.com/ Frame C3CE 43 B
964 B 137ms
137ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=39872&js=no

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 , Switzerland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 18:11:40 GMT
X-Content-Type-Options: nosniff
Age: 0
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: ATS
X-Frame-Options: DENY
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: no-cache, private, must-revalidate
Accept-Ranges: bytes
Expires: Fri, 20 Nov 2020 18:11:40 GMT

GET
H/1.1 200
OK setup
vms.boldchat.com/aid/367279686880837180/api/v1/extendedvisitorinfo/ 24 B
234 B 501ms
128ms XHR
application/json 173.199.53.106
GOTO-PRIMARY-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://vms.boldchat.com/aid/367279686880837180/api/v1/extendedvisitorinfo/setup

Requested by

Host: vmss.boldchat.com
URL: https://vmss.boldchat.com/aid/367279686880837180/bc.vms4/vms.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

173.199.53.106 , United States, ASN16815 (GOTO-PRIMARY-AS, US),

Reverse DNS

b-app14-36.boldchat.com

Software

BoldChat/8002 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 20 Nov 2020 18:11:40 GMT
X-Content-Type-Options: nosniff
Server: BoldChat/8002
Content-Length: 24
Content-Type: application/json;charset=UTF-8

GET
H2 200 visitor-token
visitor-services.boldchat.com/visitor-token-service/ 38 B
379 B 100ms
33ms XHR
application/json 35.157.117.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://visitor-services.boldchat.com/visitor-token-service/visitor-token
Requested by: Host: vmss.boldchat.com
URL: https://vmss.boldchat.com/aid/367279686880837180/bc.vms4/vms.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.117.111 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-117-111.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-response-time: 0.142637ms
date: Fri, 20 Nov 2020 18:11:40 GMT
x-correlation-id: ff14844a-9a5a-43b4-8075-4d01c6f7f52d
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.positivepromotions.com
access-control-allow-credentials: true
content-length: 38

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/yahoogemini/ Frame C3CE
Redirect Chain

https://ads.yahoo.com/cms/v1?esig=2~d70585acac52c040f8b2016b9137859f8ce8814d&nwid=10022892938&sigv=1
https://dis.criteo.com/dis/rtb/yahoogemini/cookiematch.aspx?xid=E0

43 B
333 B

31ms
31ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dis.criteo.com/dis/rtb/yahoogemini/cookiematch.aspx?xid=E0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Nov 2020 18:11:40 GMT
server: Microsoft-IIS/10.0
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
x-powered-by: ASP.NET
content-type: image/gif
cache-control: no-cache
server-processing-duration-in-ticks: 2018
timing-allow-origin: *
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Fri, 20 Nov 2020 18:11:40 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
location: https://dis.criteo.com/dis/rtb/yahoogemini/cookiematch.aspx?xid=E0
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H2

200

397596.gif
idsync.rlcdn.com/ Frame C3CE
Redirect Chain

https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
https://idsync.rlcdn.com/397596.gif?partner_uid=THEeHgWI5Pa9bDCzXqBnNLWVmwhFA1fv

42 B
417 B

116ms
56ms

Image
image/gif

34.120.207.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/397596.gif?partner_uid=THEeHgWI5Pa9bDCzXqBnNLWVmwhFA1fv
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.207.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Nov 2020 18:11:40 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

location: https://idsync.rlcdn.com/397596.gif?partner_uid=THEeHgWI5Pa9bDCzXqBnNLWVmwhFA1fv
strict-transport-security: max-age=31536000
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1173
date: Fri, 20 Nov 2020 18:11:40 GMT
content-length: 197
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK bc.pv
vms.boldchat.com/aid/367279686880837180/ 194 B
390 B 498ms
127ms Script
text/javascript 173.199.53.106
GOTO-PRIMARY-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://vms.boldchat.com/aid/367279686880837180/bc.pv?script=true&securevm=true&&blur=false&vm=false&poll=65000&swidth=1600&sheight=1200&sdpi=96&url=https%3A%2F%2Fwww.positivepromotions.com%2Fthanks-for-making-a-difference-sonoma-mug-with-socks%2Fp%2Fvp-9026%2F%3F%26cohcid%3D%26sid%3DEM466%26utm_source%3Dbronto%26utm_medium%3Demail%26utm_content%3DEM466-1107%26utm_campaign%3Dholiday%26_bta_tid%3D12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856&wdid=2449079818214097220&1605895900758&visitorToken=6735615600054611968&tabIdentifier=4695508020657201349&clientScheme=https&_bcvm_vrid_=true&_bcvm_vid_2449079818214097220=1605895900759Sundefined&_bcvm_vrid_2449079818214097220=1605895900759Sundefined&&hasbutton=false&tcwdid=0.4760522248450074,365376214178398913,,

Requested by

Host: cdn.yottaa.com
URL: https://cdn.yottaa.com/rapid.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

173.199.53.106 , United States, ASN16815 (GOTO-PRIMARY-AS, US),

Reverse DNS

b-app14-36.boldchat.com

Software

BoldChat/8002 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 18:11:41 GMT
X-Content-Type-Options: nosniff
Server: BoldChat/8002
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame C3CE
Redirect Chain

https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=9102930065395456261

43 B
333 B

33ms
32ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=9102930065395456261
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Nov 2020 18:11:40 GMT
server: Microsoft-IIS/10.0
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
x-powered-by: ASP.NET
content-type: image/gif
cache-control: no-cache
server-processing-duration-in-ticks: 3402
timing-allow-origin: *
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 20 Nov 2020 18:11:41 GMT
X-Proxy-Origin: 82.102.20.211; 82.102.20.211; 725.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.150:80
AN-X-Request-Uuid: b0d9c57a-04f7-409b-bb31-c66c6ec697c9
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=9102930065395456261
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/55945/ Frame C3CE
Redirect Chain

https://pixel.advertising.com/ups/55945/sync?uid=k-qwrmEcMLPKvNmZZ47osEwLN9du2w8AxR_ignwg&_origin=1
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-qwrmEcMLPKvNmZZ47osEwLN9du2w8AxR_ignwg&_origin=1&apid=UPd6a18550-2b5b-11eb-9c42-06b79851ae8e

0
976 B

36ms
35ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-qwrmEcMLPKvNmZZ47osEwLN9du2w8AxR_ignwg&_origin=1&apid=UPd6a18550-2b5b-11eb-9c42-06b79851ae8e

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.128 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 18:11:40 GMT
Server: ATS/7.1.2.128
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-qwrmEcMLPKvNmZZ47osEwLN9du2w8AxR_ignwg&_origin=1&apid=UPd6a18550-2b5b-11eb-9c42-06b79851ae8e
date: Fri, 20 Nov 2020 18:11:40 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK web-next.gif
emails.positivepromotions.com/ 49 B
690 B 185ms
184ms Image
images/gif 54.91.222.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://emails.positivepromotions.com/web-next.gif?&v=js2.1&cid=97513&cke=&u=https%3A%2F%2Fwww.positivepromotions.com%2Fthanks-for-making-a-difference-sonoma-mug-with-socks%2Fp%2Fvp-9026%2F%3F%26cohcid%3D%26sid%3DEM466%26utm_source%3Dbronto%26utm_medium%3Demail%26utm_content%3DEM466-1107%26utm_campaign%3Dholiday%26_bta_tid%3D12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856&t=Thanks%20For%20Making%20A%20Difference%20Sonoma%20Mug%20%26%20Buffalo%20Plaid%20Socks%20Gift%20Set%20In%20Holiday%20Gift%20Box%20%7C%20Positive%20Promotions&l=en-US&je=&re=1600x1200&cd=24&pd=24&os=Linux%20x86_64&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&ref=&h=N&tz=UTC%2B0100&jsv=1.3&ss=35807c15-a8af-41aa-96ee-2e110e7a51cb

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.222.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-222-103.compute-1.amazonaws.com

Software

nginx / ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 18:11:41 GMT
Server: nginx
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Methods: GET,POST,OPTIONS
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Access-Control-Allow-Origin: *
Cache-Control: private
Connection: keep-alive
Content-Type: images/gif
Content-Length: 49

POST
H/1.1 202
Accepted 46d90c21-46a9-4a44-9005-600fee0c3187
maw.bronto.com/csites/eyJ0eXBlIjoic2l0ZWhhc2giLCJpZCI6IjI5YTY5ZmRhMzliMWYxNGI3ZTAxOTY5M2Y0NGYxM2U4ZjhkYjMxMTUzZGE1Yjg5ODNjMzU1MTAyMGQzODg1N2IifQ==/shoppers/ 0
0 128ms
128ms Fetch
text/plain 216.27.63.9
AS-TIERP-7349

General

Check archive.org

Show headers Download Go to

Full URL: https://maw.bronto.com/csites/eyJ0eXBlIjoic2l0ZWhhc2giLCJpZCI6IjI5YTY5ZmRhMzliMWYxNGI3ZTAxOTY5M2Y0NGYxM2U4ZjhkYjMxMTUzZGE1Yjg5ODNjMzU1MTAyMGQzODg1N2IifQ==/shoppers/46d90c21-46a9-4a44-9005-600fee0c3187
Requested by: Host: snip.bronto.com
URL: https://snip.bronto.com/v2/sites/eyJ0eXBlIjoic2l0ZWhhc2giLCJpZCI6IjI5YTY5ZmRhMzliMWYxNGI3ZTAxOTY5M2Y0NGYxM2U4ZjhkYjMxMTUzZGE1Yjg5ODNjMzU1MTAyMGQzODg1N2IifQ==/assets/bundle.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.27.63.9 , United States, ASN7349 (AS-TIERP-7349, US),
Reverse DNS: lb-vip-216-27-63-9.bronto.com
Software: /
Resource Hash

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
X-Ref-Url: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
x-shopper-id: 46d90c21-46a9-4a44-9005-600fee0c3187
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: https://www.positivepromotions.com
Date: Fri, 20 Nov 2020 18:11:41 GMT
Access-Control-Allow-Credentials: true
X-Trace: 802593b6-3496-4dc1-8a7f-fb2c93898043
Content-Length: 0
Content-Type: text/plain

OPTIONS
H/1.1 204
No Content 46d90c21-46a9-4a44-9005-600fee0c3187
maw.bronto.com/csites/eyJ0eXBlIjoic2l0ZWhhc2giLCJpZCI6IjI5YTY5ZmRhMzliMWYxNGI3ZTAxOTY5M2Y0NGYxM2U4ZjhkYjMxMTUzZGE1Yjg5ODNjMzU1MTAyMGQzODg1N2IifQ==/shoppers/ Frame 0
0 496ms
124ms Other 216.27.63.9
AS-TIERP-7349

General

Check archive.org

Show headers Download Go to

Full URL: https://maw.bronto.com/csites/eyJ0eXBlIjoic2l0ZWhhc2giLCJpZCI6IjI5YTY5ZmRhMzliMWYxNGI3ZTAxOTY5M2Y0NGYxM2U4ZjhkYjMxMTUzZGE1Yjg5ODNjMzU1MTAyMGQzODg1N2IifQ==/shoppers/46d90c21-46a9-4a44-9005-600fee0c3187
Protocol: HTTP/1.1
Server: 216.27.63.9 , United States, ASN7349 (AS-TIERP-7349, US),
Reverse DNS: lb-vip-216-27-63-9.bronto.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-ref-url,x-shopper-id
Origin: https://www.positivepromotions.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Allow: POST,OPTIONS
Access-Control-Allow-Origin: https://www.positivepromotions.com
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET,PUT,POST,OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept,Origin,X-Biscuit,X-Mx-ReqToken,Keep-Alive,X-Trolley,x-shopper-id,X-Ref-Url
Date: Fri, 20 Nov 2020 18:11:40 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/yahoogemini/ Frame C3CE
Redirect Chain

https://ads.yahoo.com/cms/v1?esig=2~53ef8d479c22b2f64b38b7c8ed96f504cd8e84c6&nwid=10033892938&sigv=1
https://dis.criteo.com/dis/rtb/yahoogemini/cookiematch.aspx?xid=E0

43 B
333 B

32ms
32ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dis.criteo.com/dis/rtb/yahoogemini/cookiematch.aspx?xid=E0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Nov 2020 18:11:40 GMT
server: Microsoft-IIS/10.0
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
x-powered-by: ASP.NET
content-type: image/gif
cache-control: no-cache
server-processing-duration-in-ticks: 1832
timing-allow-origin: *
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Fri, 20 Nov 2020 18:11:41 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
location: https://dis.criteo.com/dis/rtb/yahoogemini/cookiematch.aspx?xid=E0
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H/1.1 200
OK spp.pl
sp.analytics.yahoo.com/ Frame C3CE 43 B
964 B 134ms
134ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10028862

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 , Switzerland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 18:11:41 GMT
X-Content-Type-Options: nosniff
Age: 0
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: ATS
X-Frame-Options: DENY
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: no-cache, private, must-revalidate
Accept-Ranges: bytes
Expires: Fri, 20 Nov 2020 18:11:41 GMT

GET
H/1.1 200
OK embed.css
d21gpk1vhmjuf5.cloudfront.net/ 2 KB
1 KB 52ms
52ms Stylesheet
text/css 143.204.201.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d21gpk1vhmjuf5.cloudfront.net/embed.css
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/Javascript/jquery-min.js?v=2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.28 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-28.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 02:14:51 GMT
Content-Encoding: gzip
Age: 57411
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 793
Last-Modified: Fri, 05 Jun 2015 10:51:08 GMT
Server: AmazonS3
ETag: "c1296dceb5ad2174c804321deb2b10f5"
x-amz-version-id: null
Via: 1.1 48391c4ed2c51e95dcabcb70cf613127.cloudfront.net (CloudFront)
Cache-Control: max-age=3600
X-Amz-Cf-Pop: FRA53-C1
Accept-Ranges: bytes
Content-Type: text/css
X-Amz-Cf-Id: 0Omr2n_8ycgr1sTtiNYF80LCpj46bBK9bkFVPm2zuu7B6Cy195Ed_A==
Expires: Sun, 05 Jun 2016 10:50:07 GMT

GET
H/1.1 200
OK arrow_left.png
d21gpk1vhmjuf5.cloudfront.net/ 393 B
907 B 36ms
34ms Image
image/png 143.204.201.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d21gpk1vhmjuf5.cloudfront.net/arrow_left.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.28 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-28.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 06:34:16 GMT
Via: 1.1 15d3b4db3728feaae1780610a1bac86e.cloudfront.net (CloudFront)
Last-Modified: Tue, 29 Aug 2017 12:08:49 GMT
Server: AmazonS3
Age: 41845
ETag: "e33beab2ab71f5f0e0c50d3842c2f947"
X-Cache: Hit from cloudfront
x-amz-version-id: efFdNBZULQKFmqg0okjOnODsds_brbIN
Connection: keep-alive
X-Amz-Cf-Pop: FRA53-C1
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 393
X-Amz-Cf-Id: y3_Ly9EJBiMxn0rsACIScz4avyybH3fSNXrTSwJ8tW5kgANd8HDnjw==

GET
H/1.1 200
OK arrow_right.png
d21gpk1vhmjuf5.cloudfront.net/ 401 B
915 B 81ms
44ms Image
image/png 143.204.201.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d21gpk1vhmjuf5.cloudfront.net/arrow_right.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.28 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-28.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: GnaWRr_3FR73PVZQVVWgyy4wN1wZmvsy
Via: 1.1 15d3b4db3728feaae1780610a1bac86e.cloudfront.net (CloudFront)
Last-Modified: Tue, 29 Aug 2017 12:08:48 GMT
Server: AmazonS3
Age: 68563
ETag: "686389ac3cfea3411a95b43511637cfd"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Date: Thu, 19 Nov 2020 23:08:58 GMT
X-Amz-Cf-Pop: FRA53-C1
Accept-Ranges: bytes
Content-Length: 401
X-Amz-Cf-Id: Bsp3AvXHLKTnjg2zFQUcj9PF9p46WTVF4l99ei_dL8RGqgTNTlDFPg==

GET
H2

200

VPP2077.jpg
www.positivepromotions.com/images/350/
Redirect Chain

https://positivepromotions.com/images/350/VPP2077.jpg?n=232
https://www.positivepromotions.com/images/350/VPP2077.jpg?n=232

20 KB
20 KB

84ms
83ms

Image
image/jpeg

52.85.121.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/350/VPP2077.jpg?n=232
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.121.33 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-121-33.bud50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 22:59:26 GMT
via: 1.1 5a8c07b858d219acd503ad0cde74e54b.cloudfront.net (CloudFront)
last-modified: Wed, 23 Sep 2020 21:22:19 GMT
age: 69136
etag: "99f3259eef91d61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=86400
x-amz-cf-pop: BUD50-C1
accept-ranges: bytes
content-length: 20410
x-amz-cf-id: SPkOHrwbDxbXX4zKYAM2hSB01EVIsfsSSoTFz31nCnvsUzC7OKcg2Q==

Redirect headers

date: Fri, 20 Nov 2020 18:11:42 GMT
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b91.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-cache: Miss from cloudfront
content-type: text/html
location: https://www.positivepromotions.com/images/350/VPP2077.jpg?n=232
content-length: 273
x-amz-cf-id: HDhLyXZOqTTrbm-14QlChWrPEnGLfkm9FbXwt6QmqVHpBWky3JW-8Q==

GET
H2

200

VPP2076.jpg
www.positivepromotions.com/images/350/
Redirect Chain

https://positivepromotions.com/images/350/VPP2076.jpg?n=232
https://www.positivepromotions.com/images/350/VPP2076.jpg?n=232

22 KB
23 KB

86ms
86ms

Image
image/jpeg

52.85.121.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/350/VPP2076.jpg?n=232
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.121.33 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-121-33.bud50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 22:56:18 GMT
via: 1.1 5a8c07b858d219acd503ad0cde74e54b.cloudfront.net (CloudFront)
last-modified: Mon, 12 Oct 2020 16:05:42 GMT
age: 69324
etag: "3e244189b1a0d61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=86400
x-amz-cf-pop: BUD50-C1
accept-ranges: bytes
content-length: 22787
x-amz-cf-id: olNdb6Q-PDM0Dps8IXUS0n2A_OaW8VkOtyqXmiTEaA5iiZBI3YHVIw==

Redirect headers

date: Fri, 20 Nov 2020 18:11:42 GMT
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b91.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-cache: Miss from cloudfront
content-type: text/html
location: https://www.positivepromotions.com/images/350/VPP2076.jpg?n=232
content-length: 273
x-amz-cf-id: 34y31SosBZHC9fe42IDNyxPjLeKYaw3KM9v7DZQAD36TiQPyL0qn_w==

GET
H2

200

VP-9023.jpg
www.positivepromotions.com/images/350/
Redirect Chain

https://positivepromotions.com/images/350/VP-9023.jpg?n=232
https://www.positivepromotions.com/images/350/VP-9023.jpg?n=232

23 KB
23 KB

86ms
85ms

Image
image/jpeg

52.85.121.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/350/VP-9023.jpg?n=232
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.121.33 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-121-33.bud50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 17:08:26 GMT
via: 1.1 5a8c07b858d219acd503ad0cde74e54b.cloudfront.net (CloudFront)
last-modified: Mon, 05 Oct 2020 22:07:08 GMT
age: 3796
etag: "a66720de639bd61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=86400
x-amz-cf-pop: BUD50-C1
accept-ranges: bytes
content-length: 23270
x-amz-cf-id: nYbx9_3Ls342fXCRFcKU5Q-NQZyYCVRE8glc_-lRheDqsLTaQNztkg==

Redirect headers

date: Thu, 19 Nov 2020 21:06:08 GMT
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b91.cloudfront.net (CloudFront)
age: 75933
x-cache: Hit from cloudfront
content-type: text/html
location: https://www.positivepromotions.com/images/350/VP-9023.jpg?n=232
x-amz-cf-pop: OSL50-C1
content-length: 273
x-amz-cf-id: ho3LJ2v6j45nHWE6y76XL4thhlNzNUqEY641_ftTrdwIjJuoy63ALQ==

GET
H2

200

VPP2082.jpg
www.positivepromotions.com/images/350/
Redirect Chain

https://positivepromotions.com/images/350/VPP2082.jpg?n=232
https://www.positivepromotions.com/images/350/VPP2082.jpg?n=232

20 KB
20 KB

82ms
81ms

Image
image/jpeg

52.85.121.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/350/VPP2082.jpg?n=232
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.121.33 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-121-33.bud50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 22:59:30 GMT
via: 1.1 5a8c07b858d219acd503ad0cde74e54b.cloudfront.net (CloudFront)
last-modified: Fri, 30 Oct 2020 21:02:11 GMT
age: 69132
etag: "4c5bbbefffaed61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=86400
x-amz-cf-pop: BUD50-C1
accept-ranges: bytes
content-length: 20504
x-amz-cf-id: mNEQmEAcAPB4Yb7TeRtsO3EmFYloaZXvP-dbx-J-igTL063xXKXAMg==

Redirect headers

date: Fri, 20 Nov 2020 18:11:42 GMT
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b91.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-cache: Miss from cloudfront
content-type: text/html
location: https://www.positivepromotions.com/images/350/VPP2082.jpg?n=232
content-length: 273
x-amz-cf-id: mrc1kVzyRCy0uSKqIreq14w7MkdgS6uXr2qsHt3038mv5bvGA-ALVg==

GET
H2

200

VPP2081.jpg
www.positivepromotions.com/images/350/
Redirect Chain

https://positivepromotions.com/images/350/VPP2081.jpg?n=232
https://www.positivepromotions.com/images/350/VPP2081.jpg?n=232

25 KB
25 KB

83ms
82ms

Image
image/jpeg

52.85.121.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/350/VPP2081.jpg?n=232
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.121.33 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-121-33.bud50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 22:59:30 GMT
via: 1.1 5a8c07b858d219acd503ad0cde74e54b.cloudfront.net (CloudFront)
last-modified: Fri, 30 Oct 2020 21:02:07 GMT
age: 69132
etag: "b04e94edffaed61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=86400
x-amz-cf-pop: BUD50-C1
accept-ranges: bytes
content-length: 25292
x-amz-cf-id: XgqAZ7h-3Nv5om4qnKCm5YrZfcSNTbzoGMZReo1Uvaa7Ffmu9dKKtA==

Redirect headers

date: Fri, 20 Nov 2020 18:11:42 GMT
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b91.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-cache: Miss from cloudfront
content-type: text/html
location: https://www.positivepromotions.com/images/350/VPP2081.jpg?n=232
content-length: 273
x-amz-cf-id: qid1dQ3PhaUilgNji43-Z2c2bHNHlHeLukb3XKviId_jRGrZcdcmAw==

GET
H2

200

VPP2080.jpg
www.positivepromotions.com/images/350/
Redirect Chain

https://positivepromotions.com/images/350/VPP2080.jpg?n=232
https://www.positivepromotions.com/images/350/VPP2080.jpg?n=232

22 KB
22 KB

83ms
82ms

Image
image/jpeg

52.85.121.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/350/VPP2080.jpg?n=232
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.121.33 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-121-33.bud50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 22:59:30 GMT
via: 1.1 5a8c07b858d219acd503ad0cde74e54b.cloudfront.net (CloudFront)
last-modified: Fri, 30 Oct 2020 21:02:02 GMT
age: 69132
etag: "a7106ceaffaed61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=86400
x-amz-cf-pop: BUD50-C1
accept-ranges: bytes
content-length: 22293
x-amz-cf-id: RT5QELKvr5y9TfZ-yOxPxe0jHW6ccV-ZXIKaiYfRq7Qc9tvJgyaBOQ==

Redirect headers

date: Fri, 20 Nov 2020 18:11:42 GMT
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b91.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-cache: Miss from cloudfront
content-type: text/html
location: https://www.positivepromotions.com/images/350/VPP2080.jpg?n=232
content-length: 273
x-amz-cf-id: CHi_Pu2h2LFOfWUX_v0sSWseR78lrRvK2I4WbqAW1GFGSM1-kc5_-w==

GET
H2

200

VPP2070.jpg
www.positivepromotions.com/images/350/
Redirect Chain

https://positivepromotions.com/images/350/VPP2070.jpg?n=232
https://www.positivepromotions.com/images/350/VPP2070.jpg?n=232

22 KB
22 KB

86ms
86ms

Image
image/jpeg

52.85.121.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/350/VPP2070.jpg?n=232
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.121.33 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-121-33.bud50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 16:27:59 GMT
via: 1.1 5a8c07b858d219acd503ad0cde74e54b.cloudfront.net (CloudFront)
last-modified: Mon, 12 Oct 2020 16:05:36 GMT
age: 6223
etag: "1a5f9185b1a0d61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=86400
x-amz-cf-pop: BUD50-C1
accept-ranges: bytes
content-length: 22688
x-amz-cf-id: 1m4faL8nHP2MzGkD8mkCZ18XKS4pe02kyBt4HqodMYpmam9d-KAmsQ==

Redirect headers

date: Fri, 20 Nov 2020 18:11:42 GMT
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b91.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-cache: Miss from cloudfront
content-type: text/html
location: https://www.positivepromotions.com/images/350/VPP2070.jpg?n=232
content-length: 273
x-amz-cf-id: x2UG5dU5ZyTpgl0Y-oEqW2_GClpczWkxOf1gRfO7BAQQe8FoaJDmdg==

GET
H2

200

VPP2068.jpg
www.positivepromotions.com/images/350/
Redirect Chain

https://positivepromotions.com/images/350/VPP2068.jpg?n=232
https://www.positivepromotions.com/images/350/VPP2068.jpg?n=232

15 KB
15 KB

86ms
85ms

Image
image/jpeg

52.85.121.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/350/VPP2068.jpg?n=232
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.121.33 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-121-33.bud50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 16:56:45 GMT
via: 1.1 5a8c07b858d219acd503ad0cde74e54b.cloudfront.net (CloudFront)
last-modified: Fri, 30 Oct 2020 21:01:57 GMT
age: 4497
etag: "589096e7ffaed61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=86400
x-amz-cf-pop: BUD50-C1
accept-ranges: bytes
content-length: 15098
x-amz-cf-id: bBI8h9rZMFQX7T0zHXpaqmmZqNjBj97ZQOT_SKnSetYZ1j9_p5eW9w==

Redirect headers

date: Thu, 19 Nov 2020 20:58:47 GMT
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b91.cloudfront.net (CloudFront)
age: 76374
x-cache: Hit from cloudfront
content-type: text/html
location: https://www.positivepromotions.com/images/350/VPP2068.jpg?n=232
x-amz-cf-pop: OSL50-C1
content-length: 273
x-amz-cf-id: n3aVlsY6PbwBhnFBaLkYQ3XQJWB2NhafMpc6gv_F7YzPYqm1RJ0urA==

GET
H2

200

VPP2067.jpg
www.positivepromotions.com/images/350/
Redirect Chain

https://positivepromotions.com/images/350/VPP2067.jpg?n=232
https://www.positivepromotions.com/images/350/VPP2067.jpg?n=232

18 KB
18 KB

84ms
83ms

Image
image/jpeg

52.85.121.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/350/VPP2067.jpg?n=232
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.121.33 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-121-33.bud50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 21:36:34 GMT
via: 1.1 5a8c07b858d219acd503ad0cde74e54b.cloudfront.net (CloudFront)
last-modified: Thu, 24 Sep 2020 19:20:35 GMT
age: 74107
etag: "1fb970c7a792d61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=86400
x-amz-cf-pop: BUD50-C1
accept-ranges: bytes
content-length: 17955
x-amz-cf-id: SoTogy1ZJXSokM2DpUDdTC_ZRd_AvjcGrZ9n5obKXCPFm8ojDgRq3Q==

Redirect headers

date: Fri, 20 Nov 2020 18:11:42 GMT
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b91.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-cache: Miss from cloudfront
content-type: text/html
location: https://www.positivepromotions.com/images/350/VPP2067.jpg?n=232
content-length: 273
x-amz-cf-id: mQAKBTXQMw4gTTv5OprvaTqIOs_20NPMwyjmAl4LKcmX3sZevliGqw==

GET
H2

200

VP-9127.jpg
www.positivepromotions.com/images/350/
Redirect Chain

https://positivepromotions.com/images/350/VP-9127.jpg?n=232
https://www.positivepromotions.com/images/350/VP-9127.jpg?n=232

23 KB
23 KB

90ms
90ms

Image
image/jpeg

52.85.121.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/350/VP-9127.jpg?n=232
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.121.33 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-121-33.bud50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 16:28:04 GMT
via: 1.1 5a8c07b858d219acd503ad0cde74e54b.cloudfront.net (CloudFront)
last-modified: Mon, 12 Oct 2020 16:05:28 GMT
age: 6217
etag: "22dd9f80b1a0d61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=86400
x-amz-cf-pop: BUD50-C1
accept-ranges: bytes
content-length: 23128
x-amz-cf-id: 1eMjN-AjfvUPmexuMb7GixtuqTZ01oO27R7sogJ6Eah_io_jPyzd7A==

Redirect headers

date: Fri, 20 Nov 2020 18:11:42 GMT
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b91.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-cache: Miss from cloudfront
content-type: text/html
location: https://www.positivepromotions.com/images/350/VP-9127.jpg?n=232
content-length: 273
x-amz-cf-id: bHJjflVzJRJOkF_DTVc2CmyyA7s2LiT8LWJNvAzATmBYIccPprk4GQ==

GET
H2

200

VP-9061.jpg
www.positivepromotions.com/images/350/
Redirect Chain

https://positivepromotions.com/images/350/VP-9061.jpg?n=232
https://www.positivepromotions.com/images/350/VP-9061.jpg?n=232

31 KB
31 KB

85ms
84ms

Image
image/jpeg

52.85.121.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/350/VP-9061.jpg?n=232
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.121.33 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-121-33.bud50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 22:59:32 GMT
via: 1.1 5a8c07b858d219acd503ad0cde74e54b.cloudfront.net (CloudFront)
last-modified: Fri, 30 Oct 2020 21:01:47 GMT
age: 69130
etag: "bbe888e1ffaed61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=86400
x-amz-cf-pop: BUD50-C1
accept-ranges: bytes
content-length: 31568
x-amz-cf-id: w1wnI59JuftzhPPuoPHe9u1eFmH_ahbsIr4Znzou9etU12tgSBB-eA==

Redirect headers

date: Fri, 20 Nov 2020 18:11:42 GMT
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b91.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-cache: Miss from cloudfront
content-type: text/html
location: https://www.positivepromotions.com/images/350/VP-9061.jpg?n=232
content-length: 273
x-amz-cf-id: jP2CgqtQsxs4S7eC6zKCXqJitb8-Hpq-V9OFKJOWyU30Bm6QfYB5iA==

GET
H2

200

VP-9076.jpg
www.positivepromotions.com/images/350/
Redirect Chain

https://positivepromotions.com/images/350/VP-9076.jpg?n=232
https://www.positivepromotions.com/images/350/VP-9076.jpg?n=232

20 KB
20 KB

227ms
227ms

Image
image/jpeg

52.85.121.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/350/VP-9076.jpg?n=232
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.121.33 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-121-33.bud50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 18:11:42 GMT
via: 1.1 5a8c07b858d219acd503ad0cde74e54b.cloudfront.net (CloudFront)
last-modified: Tue, 15 Sep 2020 20:24:34 GMT
x-amz-cf-pop: BUD50-C1
etag: "502c99399e8bd61:0"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 20041
x-amz-cf-id: KFY2eHoiSpatJbXHD_-RXEKFMAkeBpGn2uMt_GBXAs9WQj2s2XC5vw==

Redirect headers

date: Fri, 20 Nov 2020 18:11:42 GMT
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b91.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-cache: Miss from cloudfront
content-type: text/html
location: https://www.positivepromotions.com/images/350/VP-9076.jpg?n=232
content-length: 273
x-amz-cf-id: CK9NeZo6uNmk2zWBal1VG6AB9XcnyTZ8sH1Sm7I5GI9FUgZcffmz6w==

GET
H/1.1 200
OK 1p.jpg
tracker.unbxdapi.com/v2/ 309 B
726 B 112ms
112ms Image
image/jpeg 52.45.119.234
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tracker.unbxdapi.com/v2/1p.jpg?data=%7B%22box_type%22%3A%22MORE_LIKE_THESE%22%2C%22path%22%3A%22%2Fthanks-for-making-a-difference-sonoma-mug-with-socks%2Fp%2Fvp-9026%2F%22%2C%22identifier%22%3A%22VP-9026%22%2C%22pids_list%22%3A%5B%22VPP2077%22%2C%22VPP2076%22%2C%22VP-9023%22%2C%22VPP2082%22%2C%22VPP2081%22%2C%22VPP2080%22%2C%22VPP2070%22%2C%22VPP2068%22%2C%22VPP2067%22%2C%22VP-9127%22%2C%22VP-9061%22%2C%22VP-9076%22%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.positivepromotions.com%2Fthanks-for-making-a-difference-sonoma-mug-with-socks%2Fp%2Fvp-9026%2F%3F%26cohcid%3D%26sid%3DEM466%26utm_source%3Dbronto%26utm_medium%3Demail%26utm_content%3DEM466-1107%26utm_campaign%3Dholiday%26_bta_tid%3D12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856%22%2C%22referrer%22%3A%22%22%2C%22visit_type%22%3A%22first_time%22%2C%22ver%22%3A%224.0.27%22%2C%22_uf%22%3A3774163923%2C%22visitId%22%3A%22visitId-1605895898105-34832%22%7D&UnbxdKey=prod-positivepromotions-com800951496246780&action=impression&uid=uid-1605895898101-34990&t=1605895902059|0.8023075524647101
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.119.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-119-234.compute-1.amazonaws.com
Software: Wingman-3.4.6-hotfix1-[1604770521] /
Resource Hash

Request headers

Referer: https://www.positivepromotions.com/thanks-for-making-a-difference-sonoma-mug-with-socks/p/vp-9026/?&cohcid=&sid=EM466&utm_source=bronto&utm_medium=email&utm_content=EM466-1107&utm_campaign=holiday&_bta_tid=12752685355476409398076938446301547824545908176056328781000111514490802498626244756310393588829936782856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 20 Nov 2020 18:11:42 GMT
Content-Encoding: gzip
Server: Wingman-3.4.6-hotfix1-[1604770521]
Unx-Accept-Encoding: gzip, deflate, br
Vary: Accept-Encoding
Content-Type: image/jpeg; charset=utf-8
Region: us-east-1-(prod)
Unx-Server: Wingman-3.4.6-hotfix1-[1604770521]
Unx-Conn: tracker-ext-v2
Connection: keep-alive
X-Request-Id: c0a45245-d985-4cf1-a209-0262f5e9d167
Content-Length: 137
Unbxd-Request-Id: c0a45245-d985-4cf1-a209-0262f5e9d167
Unx-Site: prod-positivepromotions-com800951496246780
Unx-Request-Id: c0a45245-d985-4cf1-a209-0262f5e9d167

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
ads.yahoo.com
ajax.googleapis.com
api.datasteam.io
assets.pinterest.com
bat.bing.com
c.bing.com
cdn-yotpo-images-production.yotpo.com
cdn.datasteam.io
cdn.yottaa.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-sync.teads.tv
cw.addthis.com
d.impactradius-event.com
d.turn.com
d21gpk1vhmjuf5.cloudfront.net
d2vxgxvhgubbj8.cloudfront.net
dis.criteo.com
e.positivepromotions.com
eb2.3lift.com
emails.positivepromotions.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
i.liadm.com
i6.liadm.com
idsync.rlcdn.com
in.hotjar.com
match.sharethrough.com
maw.bronto.com
maxcdn.bootstrapcdn.com
p.yotpo.com
partner.mediawallahscript.com
pixel.advertising.com
pixel.rubiconproject.com
positivepromotions.com
pubhtml5.com
qoe-1.yottaa.net
r.casalemedia.com
recommendations.unbxdapi.com
s.ad.smaato.net
s.yimg.com
sc.liveclicker.net
script.hotjar.com
secure.adnxs.com
simage2.pubmatic.com
snip.bronto.com
sp.analytics.yahoo.com
sslwidget.criteo.com
static.criteo.net
static.hotjar.com
staticw2.yotpo.com
stats.g.doubleclick.net
sync.aralego.com
sync.outbrain.com
tracker.unbxdapi.com
trends.revcontent.com
unbxd.s3.amazonaws.com
ups.analytics.yahoo.com
us-u.openx.net
use.fontawesome.com
vars.hotjar.com
visitor-services.boldchat.com
vms.boldchat.com
vmss.boldchat.com
widget.us.criteo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.positivepromotions.com
x.bidswitch.net
104.111.242.245
104.75.88.112
122.248.248.129
142.250.74.194
143.204.201.28
143.204.201.51
143.204.50.165
143.204.55.118
143.204.55.69
151.101.14.133
162.210.196.208
165.254.56.41
173.199.53.103
173.199.53.106
178.250.2.151
18.156.0.31
18.185.180.173
18.193.63.93
18.196.136.126
184.51.9.98
185.33.221.52
185.64.190.80
192.229.233.223
2.18.68.31
2001:4de0:ac19::1:b:3b
209.197.3.15
212.82.100.181
216.27.63.7
216.27.63.9
23.111.9.35
2600:1f18:444a:4603:2849:916e:e24c:631d
2606:4700:10::ac43:cc2
2606:4700::6810:125e
2620:1ec:c11::200
2a00:1288:f03d:1fa::2000
2a00:1450:4001:802::2004
2a00:1450:4001:806::2008
2a00:1450:4001:80b::200e
2a00:1450:4001:816::2003
2a00:1450:4001:816::200a
2a00:1450:4001:818::2002
2a00:1450:4001:818::2008
2a00:1450:4001:819::2003
2a00:1450:4001:820::2003
2a00:1450:4001:820::200a
2a00:1450:4001:824::200e
2a00:1450:400c:c0c::9a
2a02:2638:1::13
2a02:2638::3
2a02:26f0:1700:182::1d72
2a02:26f0:6c00:280::3a7c
2a02:26f0:6c00:295::1931
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.120.207.148
34.196.165.166
34.240.31.203
34.247.125.34
34.98.64.218
35.156.153.71
35.157.117.111
35.186.249.72
46.228.164.13
52.219.132.112
52.45.119.234
52.57.76.228
52.71.121.107
52.85.121.33
54.192.229.110
54.192.229.4
54.192.229.43
54.194.87.101
54.88.44.13
54.91.222.103
54.93.159.18
64.202.112.159
69.173.144.165
74.119.119.150
004af2f1118416e6152e6bcbe984ef0fc077e950422377223e046a86bcc14466
08fbce48b13234b967a121fe1850fe0667b18ad5aefee7030652ced0a7b54f6c
0b3ae07e03b3a34168a239cacf67b8580d2cf6662ba6e1d305e0bfc84bf9bc12
0bfb9327fa097a73cb4b9fc92a93fda13859a1504fd1fd497f7a0a06975b679a
0cdaf1959d8e642aaeea05378f3e74ed0df72ec3c9e01a569d22952c86583fc3
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0f22b246b5b3a1a62d2500e37fbdc4a88ad55b83f033f9350adf44097aaf4ef1
0f6204713c11eeb6d7648e3401617e22f8e88f96cd517a538dc018ac2ab7bdf2
13c170450fd97d42287db6b538f1aa603b052e7713e0b04a1f8268ea4503f85b
1ea63e94c42b336e908205c3f5d0dbe7b892838c4b971c69242c01cc38748003
20c3292613359e9cbaf417c980d497e8df6efee9d9124e0eebe1792fa38b04e3
242d5967416ff7741af7f6a02be2ecaec3bdbb8575eb379a8ba65562d8e39446
2a6366a176cf231de28fa0bbf2487f542fad91487888c063813d6f6136e2544a
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
36f6dd7fabb60d574597ec2e636e71e99805a35c34b8fa1e2fa9e508023b5326
3ae5d8b5a2806b811378107313b19f0b05baae4b2bbe85e19e9cd223391a0fe3
3c24b215ca07aff5472816af0532da3c1689b4599f1347297b97e2b6a118a1e0
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4620c7cc7faa4ded84a43c1c0a8623d2fa293fe1b821790911229aa02601f7c0
4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
56f95ff21e2ed3afd665ab3f1f9d311b9365b3629ffc3fea1f8713bd8e376398
5a05f9db9da75445577638a9c3b553deb28b09c07c4759234a9ad20297da0ca3
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5e58fa4b27e7f3531d9233bae7270845e9910428b1676e113a0ee20f612c3484
62b5e7ae9e2ed60dcd7cb2e0823dd0884575f2176aff629f2df1e912dfae20e1
63896532a7015ab5b7288359c02124980a5075e9267f0ba3fbfc7c3f5038b478
66cc4c922b74954b2b25232185e37cf7502756b0257cd8bb00a795445bac9e2a
67433a7229caf2ee18364fb8a70d2081e59818d78b03bcfb21241fb1f30a352a
68c33d9bebbaec2df4f0baaa7184238134fc71b3546bb491e9c61dd830db5f58
775f86d27c4ae98dd4fcdcdb8bb19232bf5d2cf703db9c9300e5264eff3e2a62
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7c3e64ef84e5290feef3e6e6943c4618cd3b609995b6d7bde6e898b06bbf5d5a
81eaa133a55ba1861e7e784354a8ddbed3cafc3419e74f1f05ae87aac8caaf0d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8777837e58a72b2a0b253a61247f03572931998e5e9acc63ac9091d646d460ad
88f006c6f5d06d3e9b0d4f7bec0be8c719b5aff7ba046ef77a64f944d90834a1
8e1a0e7cd9f369f2809b2bb6a727b3195220dc6ee0bc120453ad413aeb7a4f3b
90226255fe77c52038b9f10c58bb054d421a5ffa67f9750407ef67c947b0903e
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
95fcbf9082db907fc86c76cb568511cef921457eea70de75ace15e8466d9359f
9b8a5d4db37bad156daaf56eff1bf0eb83ddddf909e11518dc87bc560233ed2d
9f1fa7c5d7d90af0170ab027221a8d79fe75fc463c1bef3784537d605c0c8d9c
a1f35edd40f07d4300aaeebab334a72ac340a464204d1c6c7458163f594f30c1
a68fb593517e9392c683c99acaa64459ace8f8e3592e93612b5af603ff2bf671
a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9
aa2b0f36912c49a95ef5c4e0e6a06bcd92aefbf8d0fe380f4ffd8820336e98fb
aacc7e5e5f670d3794700fdb09d4522fc37b40f4f8be3853ad19e8ace9ea974d
ad4c4ceedd14c9d85a094c759ea244dde244b60ae5ee77f82c6495a4208858e7
b1bf5741c95d01d3270f5624dfd90abdcee36c353a79f939ebdc6eea4a139950
b986fbc59b4f9794ff0d1bd475093053df31b2b79b545daf4125f0abf912716b
c46f157338fa2d85f86a825a4c72feca9a6008d02670bf30364dd54d659dd7cb
c917f69d8194a8ef256fc8e05cbf8e4e0b68c04280cc445d05e81f7318e4ddfd
ca89b95a7c6dca869b156d92189aab844075a3b43c8181346c9ace73adbbcfc1
ca94205bd925fecd979d7b5714b5f69a64d2a3d28116a7181fabcfa4b7f593ae
cac3e542778a9751e04b2061226042f43fc6948ccfbddf9c988858f1d8e3b0e1
ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550
ced7e817b2e92e1c3ef51e66ea4ff33aaf248786c319a079d7da46f8a97bc408
d2583eaf60409a8e16678d78c9642342bc2a7da05c6df472691006562fce098f
d62816747176a4f2fa04097fa1978864d6129f18f1c15490efb0170aef8da7ae
d6fe0fc8198d6180b3dc1f568492688374c4a1d14b65b2e811bd1c37168c6f8f
dc4920dd2a007ae5d6c24fa68a7e524524176489397b764e29f531bf593fdb47
dc5743edf7da98127434d8712c328f31114e12aae9b930aa7dcc14dc5e890f9a
de4eff3088a4dd74dbd6ba4650b7c616422120e98fa51c8b9509328b5c4ae89a
e4055fd84425e3545c1c91b2d9a2ac5ffbb2aa53a1ab5510c19ca6277bca1571
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e4fa437e044d3f739bd5e4aa2d1bd94e3952e888baec655763cd7969576001da
e510d6ab6cd40e2c523ad1503c775a98ae322e935c976962f3d1fd97f12ee5c7
f08568f47a9d0c7e5f7decc54ec94de8107461ada8e3dedb32fc0302c1af03ad
f4b91a0241e4f29a08084f3afe156065361bb7fd31800ef4ddc5a8afbff2dbca
f6bc0d522efb5785bdc255e76ea2769aa24ce92d87c0a58e8e5f79f341861389
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f95fecebb1bc1c42ad5007417d7bfbecb4e7b931031eb622defe57eeee35e6af
f9b751c1cd0d2b0f91862db987fed9dda48758b15e6f42ca67796b45f4b21702
ff1e7839d2cb72b8e951d3e09b2d2b35841165e84fab1dd40d121dc8602a6471

www.positivepromotions.com Open in urlscan Pro 52.85.121.33 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

198 Requests

100 %HTTPS

32 %IPv6

54 Domains

79 Subdomains

72 IPs

10 Countries

2844 kBTransfer

7503 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

198 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.positivepromotions.com Open in urlscan Pro
52.85.121.33 Public Scan

Screenshot
Live screenshot

Full Image

198
Requests

100 %
HTTPS

32 %
IPv6

54
Domains

79
Subdomains

72
IPs

10
Countries

2844 kB
Transfer

7503 kB
Size

0
Cookies

198 HTTP transactions
0 data transactions