urlscan.io logo urlscan.io
SecurityTrails logo

positivepromotions.formstack.com Open in urlscan Pro
52.84.174.121  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://posimail.positivepromotions.com/rd/9z4znjkggjhj1mkil9vhnihpko2tdnehtu8sh9o2g58_rp22sh2s8i66p37cpj60or24no
Effective URL: https://positivepromotions.formstack.com/forms/healthcarequotesjq
Submission: On April 12 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 8 domains to perform 31 HTTP transactions. The main IP is 52.84.174.121, located in United States and belongs to AMAZON-02, US. The main domain is positivepromotions.formstack.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on March 20th 2023. Valid for: a year.
This is the only time positivepromotions.formstack.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 35.160.170.92 16509 (AMAZON-02)
17 52.84.174.121 16509 (AMAZON-02)
1 52.216.35.144 16509 (AMAZON-02)
1 52.222.158.107 16509 (AMAZON-02)
4 2606:2800:234... 15133 (EDGECAST)
1 2620:1ec:4f:1... 8075 (MICROSOFT...)
4 2a03:2880:f01... 32934 (FACEBOOK)
2 104.244.42.72 13414 (TWITTER)
1 2a03:2880:f12... 32934 (FACEBOOK)
31 9
1    35.160.170.92 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-160-170-92.us-west-2.compute.amazonaws.com
posimail.positivepromotions.com
17    52.84.174.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-174-121.cdg50.r.cloudfront.net
positivepromotions.formstack.com
static.formstack.com
www.formstack.com
1    52.216.35.144 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
1    52.222.158.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-158-107.cdg52.r.cloudfront.net
www.positivepromotions.com
4    2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    2620:1ec:4f:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
platform.linkedin.com
4    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
2    104.244.42.72 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
1    2a03:2880:f128:181:face:b00c:0:25de (Sofia, Bulgaria)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
17 formstack.com
positivepromotions.formstack.com
static.formstack.com — Cisco Umbrella Rank: 25208
www.formstack.com — Cisco Umbrella Rank: 44829
217 KB
6 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 793
syndication.twitter.com — Cisco Umbrella Rank: 1106
149 KB
2 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 760
133 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 161
88 KB
2 positivepromotions.com
posimail.positivepromotions.com — Cisco Umbrella Rank: 597880
www.positivepromotions.com — Cisco Umbrella Rank: 270886
48 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 109
15 KB
1 linkedin.com
platform.linkedin.com — Cisco Umbrella Rank: 3552
160 KB
1 amazonaws.com
s3.amazonaws.com
8 KB
31 8
Domain Requested by
13 static.formstack.com positivepromotions.formstack.com
4 platform.twitter.com positivepromotions.formstack.com
platform.twitter.com
3 positivepromotions.formstack.com positivepromotions.formstack.com
static.formstack.com
2 static.xx.fbcdn.net www.facebook.com
2 syndication.twitter.com platform.twitter.com
2 connect.facebook.net positivepromotions.formstack.com
connect.facebook.net
1 www.facebook.com connect.facebook.net
1 platform.linkedin.com positivepromotions.formstack.com
1 www.formstack.com positivepromotions.formstack.com
1 www.positivepromotions.com positivepromotions.formstack.com
1 s3.amazonaws.com positivepromotions.formstack.com
1 posimail.positivepromotions.com 1 redirects
31 12

This site contains links to these domains. Also see Links.

Domain
www.formstack.com
Subject Issuer Validity Valid
*.formstack.com
Amazon RSA 2048 M02		 2023-03-20 -
2024-04-17		 a year crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01		 2022-12-06 -
2023-12-05		 a year crt.sh
www.positivepromotions.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-10 -
2023-11-10		 a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-06 -
2023-11-06		 a year crt.sh
platform.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-02-27 -
2023-08-27		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-01-20 -
2023-04-20		 3 months crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh

This page contains 4 frames:

Primary Page: https://positivepromotions.formstack.com/forms/healthcarequotesjq
Frame ID: F114C01D093928869EDE5C153A66BE3F
Requests: 25 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fpositivepromotions.formstack.com
Frame ID: F8F11365F981F86A92F5461E728D6081
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/v2.0/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1ed4f896f5409c%26domain%3Dpositivepromotions.formstack.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpositivepromotions.formstack.com%252Fff7bc87f921d1%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fpositivepromotions.formstack.com%2Fforms%2Fhealthcarequotesjq&layout=button_count&locale=en_US&sdk=joey
Frame ID: 1BEA0FBC1CECD251DA04865711806E61
Requests: 3 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
Frame ID: 61F3F702DF1CF0C82556A0E007E4CC5B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Healthcare Quotes - John Quintana - Formstack

Page URL History Show full URLs

  1. https://posimail.positivepromotions.com/rd/9z4znjkggjhj1mkil9vhnihpko2tdnehtu8sh9o2g58_rp22sh2s8i66p37cpj60or24no HTTP 302
    https://positivepromotions.formstack.com/forms/healthcarequotesjq Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • //platform\.linkedin\.com/in\.js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

31
Requests

100 %
HTTPS

44 %
IPv6

8
Domains

12
Subdomains

9
IPs

3
Countries

817 kB
Transfer

2487 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://posimail.positivepromotions.com/rd/9z4znjkggjhj1mkil9vhnihpko2tdnehtu8sh9o2g58_rp22sh2s8i66p37cpj60or24no HTTP 302
    https://positivepromotions.formstack.com/forms/healthcarequotesjq Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request healthcarequotesjq
positivepromotions.formstack.com/forms/
Redirect Chain
  • https://posimail.positivepromotions.com/rd/9z4znjkggjhj1mkil9vhnihpko2tdnehtu8sh9o2g58_rp22sh2s8i66p37cpj60or24no
  • https://positivepromotions.formstack.com/forms/healthcarequotesjq
62 KB
62 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://positivepromotions.formstack.com/forms/healthcarequotesjq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.174.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-174-121.cdg50.r.cloudfront.net
Software
nginx /
Resource Hash
9cb313db26b68d16ce719370a73748f24d7e1e10910ef299ba5761a87ea8d74c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=5 public
content-type
text/html; charset=UTF-8
date
Wed, 12 Apr 2023 19:03:47 GMT
expires
Wed, 12 Apr 2023 19:03:52 GMT
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains
via
1.1 575cacb0734545eaea94b948deff0e06.cloudfront.net (CloudFront)
x-amz-cf-id
gM2-WFlYJvR72e-exv6L1stiyovb8vwc4jvy1YaPtW4cX9JGSeVDuQ==
x-amz-cf-pop
CDG50-P1
x-cache
Miss from cloudfront

Redirect headers

content-type
text/html; charset=UTF-8
date
Wed, 12 Apr 2023 19:03:46 GMT
location
https://PositivePromotions.formstack.com/forms/healthcarequotesjq
server
Apache
status
302 Redirect
reset_3d1cc6d59f.css
static.formstack.com/forms/css/3/ 		2 KB
878 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.formstack.com/forms/css/3/reset_3d1cc6d59f.css
Requested by
Host: positivepromotions.formstack.com
URL: https://positivepromotions.formstack.com/forms/healthcarequotesjq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.174.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-174-121.cdg50.r.cloudfront.net
Software
nginx /
Resource Hash
86d5823df9f96c928e9981519128e09bf8f745ca88e690be0b342b5ce904d394

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 12 Apr 2023 18:50:25 GMT
content-encoding
gzip
via
1.1 575cacb0734545eaea94b948deff0e06.cloudfront.net (CloudFront)
last-modified
Wed, 12 Apr 2023 13:41:45 GMT
server
nginx
x-amz-cf-pop
CDG50-P1
age
802
etag
W/"6436b519-616"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
public, s-maxage=86400
x-amz-cf-id
qFtQ4i7wnPwmvHSOQX0vKlo7mWiHWnNyT0KagdFFNka_QfJvlIMo6A==
jquery-ui_eb08fdf84b.css
static.formstack.com/forms/css/3/ 		32 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.formstack.com/forms/css/3/jquery-ui_eb08fdf84b.css
Requested by
Host: positivepromotions.formstack.com
URL: https://positivepromotions.formstack.com/forms/healthcarequotesjq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.174.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-174-121.cdg50.r.cloudfront.net
Software
nginx /
Resource Hash
4fd91864be6192916a0cdc95d51d179f9bc071b462b7cb1e9e311a4bed974f41

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 12 Apr 2023 18:50:25 GMT
content-encoding
gzip
via
1.1 575cacb0734545eaea94b948deff0e06.cloudfront.net (CloudFront)
last-modified
Mon, 10 Apr 2023 19:38:59 GMT
server
nginx
x-amz-cf-pop
CDG50-P1
age
802
etag
W/"643465d3-8052"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
public, s-maxage=86400
x-amz-cf-id
NzDSDwDuE_5vok6TrBbk-H3b6R4bbNWIYQCvUmQlSBm9o4P7SXZ0vA==
default_637050611e.css
static.formstack.com/forms/css/3/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.formstack.com/forms/css/3/default_637050611e.css
Requested by
Host: positivepromotions.formstack.com
URL: https://positivepromotions.formstack.com/forms/healthcarequotesjq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.174.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-174-121.cdg50.r.cloudfront.net
Software
nginx /
Resource Hash
8be533d533b9ca9a27c653ae2e71756be96845c84df07cb7ab9629a35741c205

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 12 Apr 2023 18:50:25 GMT
content-encoding
gzip
via
1.1 575cacb0734545eaea94b948deff0e06.cloudfront.net (CloudFront)
last-modified
Mon, 10 Apr 2023 19:31:01 GMT
server
nginx
x-amz-cf-pop
CDG50-P1
age
802
etag
W/"643463f5-51ea"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
public, s-maxage=86400
x-amz-cf-id
uWetzPRvHR8pv8roMCuPy45O7b6C9pDv3cPgyZWlqWED7WTM5K2euQ==
uil-static.css
static.formstack.com/common/css/ 		51 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.formstack.com/common/css/uil-static.css
Requested by
Host: positivepromotions.formstack.com
URL: https://positivepromotions.formstack.com/forms/healthcarequotesjq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.174.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-174-121.cdg50.r.cloudfront.net
Software
nginx /
Resource Hash
5ec11883dbd19aa91c86ade182cfe7037a9b9f954daca64f341ffd0595e429c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 12 Apr 2023 18:50:25 GMT
content-encoding
gzip
via
1.1 575cacb0734545eaea94b948deff0e06.cloudfront.net (CloudFront)
last-modified
Mon, 10 Apr 2023 19:26:14 GMT
server
nginx
x-amz-cf-pop
CDG50-P1
age
802
etag
W/"643462d6-cc55"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
public, s-maxage=86400
x-amz-cf-id
BH9VSuHpZoMYs5mRPOeug6t7TkYF0r6DLiuo2nSUbHxe0e0h2uHgEQ==
dialogs_00a7ec5f05.css
static.formstack.com/forms/css/common/ 		170 B
506 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.formstack.com/forms/css/common/dialogs_00a7ec5f05.css
Requested by
Host: positivepromotions.formstack.com
URL: https://positivepromotions.formstack.com/forms/healthcarequotesjq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.174.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-174-121.cdg50.r.cloudfront.net
Software
nginx /
Resource Hash
9fc43e8f6f26a254c4570b6ccd4e08a2a5f97bedcd1f3491ede9bbb8b5012d90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 20:34:43 GMT
via
1.1 575cacb0734545eaea94b948deff0e06.cloudfront.net (CloudFront)
last-modified
Mon, 10 Apr 2023 19:39:01 GMT
server
nginx
x-amz-cf-pop
CDG50-P1
age
80944
etag
"643465d5-aa"
x-cache
Hit from cloudfront
content-type
text/css
cache-control
public, s-maxage=86400
accept-ranges
bytes
content-length
170
x-amz-cf-id
QZeo4GqQ5nGb4tLQVWbrcbEuo1OtZaPv4CzjaxVw94F7YlkG2jrFzw==
292622_tmpl_head_6001b52c8d710.
s3.amazonaws.com/files.formstack.com/public/502701/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/files.formstack.com/public/502701/292622_tmpl_head_6001b52c8d710.
Requested by
Host: positivepromotions.formstack.com
URL: https://positivepromotions.formstack.com/forms/healthcarequotesjq
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.35.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
4315b545724305bd6f32c456d1b1757f450da398307e2795727f8f5c65a69e46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Wed, 12 Apr 2023 19:03:48 GMT
x-amz-version-id
0JMeDEb_eQaaZOMar9Un62PLatgsFsBB
Last-Modified
Fri, 15 Jan 2021 15:30:53 GMT
Server
AmazonS3
x-amz-request-id
HXH0RHE831XEK9ZP
ETag
"3921e3a6c5615cbf9a1c8a8bbe72a028"
Content-Type
image/jpeg
x-amz-replication-status
COMPLETED
Accept-Ranges
bytes
X-Robots-Tag
noindex
Content-Length
7662
x-amz-id-2
xB3aNsq1olgAMGo3PIehyERUGYx6ml98qzGusplaCE/YO96TdH6XgQTw+9EvTtuQRAzY8s2/S10=
tlvlhlc.jpg
www.positivepromotions.com/images/art/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.positivepromotions.com/images/art/tlvlhlc.jpg
Requested by
Host: positivepromotions.formstack.com
URL: https://positivepromotions.formstack.com/forms/healthcarequotesjq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.158.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-158-107.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
361b5619f5e27a76320e878f44630489569a2e666c63dee4fab7b63b1667a71a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 12 Apr 2023 18:48:18 GMT
via
1.1 10150f1f3768fd868d31d5faec2b61f8.cloudfront.net (CloudFront)
last-modified
Fri, 09 Sep 2022 15:44:56 GMT
server
AmazonS3
x-amz-cf-pop
CDG52-P2
age
930
etag
"8c701aab7ad194719f70cf8c1aff9278"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
48399
x-amz-cf-id
WBeBA1jEBghTGd7fktpi9WMGp-8t4rCK-v3sShICpTpVfwRhHZRfhA==
stacklock.png
www.formstack.com/admin/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.formstack.com/admin/images/stacklock.png
Requested by
Host: positivepromotions.formstack.com
URL: https://positivepromotions.formstack.com/forms/healthcarequotesjq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.174.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-174-121.cdg50.r.cloudfront.net
Software
nginx /
Resource Hash
7f88c7eb830e129a72668bec156be3b531f711bc03d7ed9fd15844f97f4e0ee9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 12 Apr 2023 18:50:25 GMT
via
1.1 575cacb0734545eaea94b948deff0e06.cloudfront.net (CloudFront)
last-modified
Mon, 10 Apr 2023 19:26:14 GMT
server
nginx
x-amz-cf-pop
CDG50-P1
age
802
etag
"643462d6-b73"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, s-maxage=86400
accept-ranges
bytes
content-length
2931
x-amz-cf-id
oMuTdx68YS3R-J_oRuaPscD2S-9tQcJeAppUXTE_2CSgScX53S9piA==
pre-fill-button.png
positivepromotions.formstack.com/admin/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://positivepromotions.formstack.com/admin/images/pre-fill-button.png
Requested by
Host: positivepromotions.formstack.com
URL: https://positivepromotions.formstack.com/forms/healthcarequotesjq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.174.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-174-121.cdg50.r.cloudfront.net
Software
nginx /
Resource Hash
6ae18af25b0e9b719e18530c09b5647d99b337fd12e4f75e653de8f81a7fdedd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/forms/healthcarequotesjq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 12 Apr 2023 18:50:25 GMT
via
1.1 575cacb0734545eaea94b948deff0e06.cloudfront.net (CloudFront)
last-modified
Mon, 10 Apr 2023 19:26:14 GMT
server
nginx
x-amz-cf-pop
CDG50-P1
age
802
etag
"643462d6-52d"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, s-maxage=86400
accept-ranges
bytes
content-length
1325
x-amz-cf-id
j6K3SahVnZq8Jlo6IWzBlGFvlTo0iN535KKX-K45mOfwi8umXeL25Q==
widgets.js
platform.twitter.com/ 		91 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: positivepromotions.formstack.com
URL: https://positivepromotions.formstack.com/forms/healthcarequotesjq
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67D5) /
Resource Hash
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Wed, 12 Apr 2023 19:03:47 GMT
Content-Encoding
gzip
Age
609
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27630
Last-Modified
Tue, 24 Jan 2023 21:41:51 GMT
Server
ECS (frb/67D5)
Etag
"9e99725b7a4cd730a934afba2a438bb5+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
Vary
Accept-Encoding
in.js
platform.linkedin.com/ 		509 KB
160 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.linkedin.com/in.js
Requested by
Host: positivepromotions.formstack.com
URL: https://positivepromotions.formstack.com/forms/healthcarequotesjq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cbf9c7b03d8f1efe5433622b11c1b703061f0e41852eba50f416d56f7ca168d5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 12 Apr 2023 19:03:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cdn-client-ip-version
IPV6
x-cdn
AZUR
x-cache
TCP_HIT
x-cdn-proto
HTTP2
content-length
163382
x-li-uuid
AAX5J5+yJZwVu9/7Od0tHg==
x-li-pop
prod-ltx1-x
vary
Accept-Encoding
x-azure-ref
20230412T190347Z-xuts6445695tb4v7wn41cdfw6s00000001f0000000000knh
x-li-fabric
prod-ltx1
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
x-li-proto
http/1.1
accept-ranges
bytes
expires
Wed, 12 Apr 2023 19:17:41 GMT
jquery.min_1d14cd3798.js
static.formstack.com/forms/js/3/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.formstack.com/forms/js/3/jquery.min_1d14cd3798.js
Requested by
Host: positivepromotions.formstack.com
URL: https://positivepromotions.formstack.com/forms/healthcarequotesjq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.174.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-174-121.cdg50.r.cloudfront.net
Software
nginx /
Resource Hash
04bebecfb9f7ce92cf947ce283fccf067cf6870f65af3456dd22b6c102447c83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 12 Apr 2023 18:51:56 GMT
content-encoding
gzip
via
1.1 575cacb0734545eaea94b948deff0e06.cloudfront.net (CloudFront)
last-modified
Wed, 12 Apr 2023 13:41:45 GMT
server
nginx
x-amz-cf-pop
CDG50-P1
age
711
etag
W/"6436b519-16cfa"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, s-maxage=86400
x-amz-cf-id
VIWF2_64NPdXEF0SFTKElBLvZeeU15FygTKab2GDXWSnhWqOd4FAog==
jquery-ui.min_42a497cb9f.js
static.formstack.com/forms/js/3/ 		82 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.formstack.com/forms/js/3/jquery-ui.min_42a497cb9f.js
Requested by
Host: positivepromotions.formstack.com
URL: https://positivepromotions.formstack.com/forms/healthcarequotesjq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.174.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-174-121.cdg50.r.cloudfront.net
Software
nginx /
Resource Hash
651dab4cb7bc37df2f04d730db54ee9e9bdc1f93fe9739a05c9ce07e0e335947

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 12 Apr 2023 18:51:55 GMT
content-encoding
gzip
via
1.1 575cacb0734545eaea94b948deff0e06.cloudfront.net (CloudFront)
last-modified
Mon, 10 Apr 2023 19:33:41 GMT
server
nginx
x-amz-cf-pop
CDG50-P1
age
711
etag
W/"64346495-147b6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, s-maxage=86400
x-amz-cf-id
xhcxqOOrZU0v0zXEBEVEP2_7LoXu6BfbFqzXIClgCV1PDbdhHor_5g==
scripts_0edcde2e8b.js
static.formstack.com/forms/js/3/ 		79 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.formstack.com/forms/js/3/scripts_0edcde2e8b.js
Requested by
Host: positivepromotions.formstack.com
URL: https://positivepromotions.formstack.com/forms/healthcarequotesjq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.174.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-174-121.cdg50.r.cloudfront.net
Software
nginx /
Resource Hash
74bf23cb58f15f0a5828b81f3285e56f3917d80c4834cc990645c5aa5ba4c254

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 12 Apr 2023 18:51:56 GMT
content-encoding
gzip
via
1.1 575cacb0734545eaea94b948deff0e06.cloudfront.net (CloudFront)
last-modified
Mon, 10 Apr 2023 19:36:21 GMT
server
nginx
x-amz-cf-pop
CDG50-P1
age
711
etag
W/"64346535-13d02"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, s-maxage=86400
x-amz-cf-id
DH0N02LItvqSTU7pN10jswDZPEn7CDkPTC5QKzpvVexvWFgu28mKYw==
analytics_7d49daa365.js
static.formstack.com/forms/js/3/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.formstack.com/forms/js/3/analytics_7d49daa365.js
Requested by
Host: positivepromotions.formstack.com
URL: https://positivepromotions.formstack.com/forms/healthcarequotesjq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.174.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-174-121.cdg50.r.cloudfront.net
Software
nginx /
Resource Hash
af897a5f18c00a272750446a9c34d8e024e18813260c4cfef79db22dc4fdf2bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 12 Apr 2023 18:50:25 GMT
content-encoding
gzip
via
1.1 575cacb0734545eaea94b948deff0e06.cloudfront.net (CloudFront)
last-modified
Wed, 12 Apr 2023 15:42:27 GMT
server
nginx
x-amz-cf-pop
CDG50-P1
age
802
etag
W/"6436d163-839"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, s-maxage=86400
x-amz-cf-id
Iym2av_-kGHrkYQmA0QmYlTc09f8ZX3Y4XKcc6scgWl_ZY1BGvdPuA==
libphonenumber-min_6f64debfdd.js
static.formstack.com/forms/js/3/ 		165 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.formstack.com/forms/js/3/libphonenumber-min_6f64debfdd.js
Requested by
Host: positivepromotions.formstack.com
URL: https://positivepromotions.formstack.com/forms/healthcarequotesjq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.174.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-174-121.cdg50.r.cloudfront.net
Software
nginx /
Resource Hash
be488c0f242b432e7109eebf228368139abbeff37eb8fad1b3c510d41e362bd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 12 Apr 2023 18:50:25 GMT
content-encoding
gzip
via
1.1 575cacb0734545eaea94b948deff0e06.cloudfront.net (CloudFront)
last-modified
Mon, 10 Apr 2023 19:36:19 GMT
server
nginx
x-amz-cf-pop
CDG50-P1
age
802
etag
W/"64346533-29364"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, s-maxage=86400
x-amz-cf-id
lTNhfbjd4v1SFRL6Mfoy8sgFeVRKa2giSacgfnIQGaA7V7mmHDLehw==
autocapture_b393b647ca.js
static.formstack.com/forms/js/3/plugins/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.formstack.com/forms/js/3/plugins/autocapture_b393b647ca.js
Requested by
Host: positivepromotions.formstack.com
URL: https://positivepromotions.formstack.com/forms/healthcarequotesjq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.174.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-174-121.cdg50.r.cloudfront.net
Software
nginx /
Resource Hash
ba640d33e6c4c528bc0667315dd305b76fc10c4b85416853165bfc9820d32417

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 12 Apr 2023 18:50:25 GMT
content-encoding
gzip
via
1.1 575cacb0734545eaea94b948deff0e06.cloudfront.net (CloudFront)
last-modified
Wed, 12 Apr 2023 15:42:27 GMT
server
nginx
x-amz-cf-pop
CDG50-P1
age
802
etag
W/"6436d163-17c7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, s-maxage=86400
x-amz-cf-id
UpNTxZjh0CbxWLgOJXObujRqs4qcIGnM-ZwJPHfDkql1MXrSB5Rk-w==
sharebuttons_16ee24b0ad.js
static.formstack.com/forms/js/3/plugins/ 		488 B
844 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.formstack.com/forms/js/3/plugins/sharebuttons_16ee24b0ad.js
Requested by
Host: positivepromotions.formstack.com
URL: https://positivepromotions.formstack.com/forms/healthcarequotesjq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.174.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-174-121.cdg50.r.cloudfront.net
Software
nginx /
Resource Hash
7d5af5ad676dc02d93d6a945a951688ed7b3402a04bc933090de10d614671d0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 12 Apr 2023 18:50:25 GMT
via
1.1 575cacb0734545eaea94b948deff0e06.cloudfront.net (CloudFront)
last-modified
Mon, 10 Apr 2023 19:38:59 GMT
server
nginx
x-amz-cf-pop
CDG50-P1
age
802
etag
"643465d3-1e8"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, s-maxage=86400
accept-ranges
bytes
content-length
488
x-amz-cf-id
-WWW4KbmDH7HrWLPCbWaYYsukxyjIorrGn87BJS3mQhpOWbynMrjRQ==
modernizr_60a2d5aeb5.js
static.formstack.com/forms/js/3/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.formstack.com/forms/js/3/modernizr_60a2d5aeb5.js
Requested by
Host: positivepromotions.formstack.com
URL: https://positivepromotions.formstack.com/forms/healthcarequotesjq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.174.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-174-121.cdg50.r.cloudfront.net
Software
nginx /
Resource Hash
af420c807b04fdb5136ef53f3bab83b81f2b94e43fa9856f1fad2fde88383744

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 12 Apr 2023 18:50:25 GMT
content-encoding
gzip
via
1.1 575cacb0734545eaea94b948deff0e06.cloudfront.net (CloudFront)
last-modified
Wed, 12 Apr 2023 15:42:27 GMT
server
nginx
x-amz-cf-pop
CDG50-P1
age
802
etag
W/"6436d163-33bc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, s-maxage=86400
x-amz-cf-id
SZi2IJX0E9O9dV6rmNcj6qPjP_3LbW3UBbvABjc-CExeEzDsJmDhHg==
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: positivepromotions.formstack.com
URL: https://positivepromotions.formstack.com/forms/healthcarequotesjq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3edd25676fbcf2117956251828375d8122451b17cb8b6f8f3ddad0192d07460c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 12 Apr 2023 19:03:47 GMT
content-md5
UaAKvHxsPSsQqcq55CstAg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1688
x-fb-rlafr
0
x-fb-debug
fn0hTWsqqu+P/IWFrzbPT20NNarjxwCCyvrSqTWrbUZqraqS6+ab5HwVyrefN45vV4V8Bjq3XOKyTTQUyCdcPg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
686109401
x-fb-content-md5
d047539f948526d26eba4dec23d635ab
cross-origin-opener-policy
same-origin-allow-popups
etag
"8618e47971bb495a5a789de7dc99f163"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
x-frame-options
DENY
timing-allow-origin
*
expires
Wed, 12 Apr 2023 19:05:21 GMT
widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html
platform.twitter.com/widgets/ Frame F8F1 		320 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fpositivepromotions.formstack.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/675D) /
Resource Hash
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer
https://positivepromotions.formstack.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
2412661
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105435
Content-Type
text/html; charset=utf-8
Date
Wed, 12 Apr 2023 19:03:47 GMT
Etag
"95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified
Tue, 24 Jan 2023 21:41:13 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/675D)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
settings
syndication.twitter.com/ Frame F8F1 		663 B
606 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=e9bbebf8937343cf01c3a7077573609fe7eb17b9
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fpositivepromotions.formstack.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
92747742b0d05de841880d3cad6550593fa08692d26fe086e15d4a5696606a54
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-response-time
104
date
Wed, 12 Apr 2023 19:03:47 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Wed, 12 Apr 2023 19:03:47 GMT
server
tsa_o
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
a0139d07c3c1d637
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
8d4f431e07793bff65cbb84d490ae9c5f1b57aa687c2df01b4e54e6416d0bd61
content-length
284
sdk.js
connect.facebook.net/en_US/ 		301 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=f7b423d9257fe97112361431c81cef75
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2f7e54021895f1d4d021ecd354d337bdf55a4b404f3b5d993364fb237a57e326
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://positivepromotions.formstack.com/
Origin
https://positivepromotions.formstack.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 12 Apr 2023 19:03:47 GMT
content-md5
UGhIzssjMh7CEpqS4OeQjQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87098
x-fb-rlafr
0
x-fb-debug
d8LJcpzyyIa6Uet3B08IejzMzqIy5InK8OlKt3JzAyW8Oyd6YdVz4+lSUBoF27qcnaPWvGKqwBgH99eL1l1BNA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
b80ea9bc5acf3afbae270727700bd602
cross-origin-opener-policy
same-origin-allow-popups
etag
"9e5a189d04bae168e0a9d9245f76b515"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Thu, 11 Apr 2024 15:54:56 GMT
analytics.php
positivepromotions.formstack.com/forms/ 		0
322 B 		Script
General
Check archive.org
Download Go to
Full URL
https://positivepromotions.formstack.com/forms/analytics.php?f=5173901&a=fv&m=hosted
Requested by
Host: static.formstack.com
URL: https://static.formstack.com/forms/js/3/analytics_7d49daa365.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.174.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-174-121.cdg50.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/forms/healthcarequotesjq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 12 Apr 2023 19:03:47 GMT
via
1.1 575cacb0734545eaea94b948deff0e06.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubDomains
server
nginx
x-amz-cf-pop
CDG50-P1
x-frame-options
sameorigin
x-cache
Miss from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public
x-amz-cf-id
2Q-wBTvtPWM_QhRe9BUu-aY2Cbk7EqS9d_1QXKfYZsAMBHlNpstu5A==
share_button.php
www.facebook.com/v2.0/plugins/ Frame 1BEA 		43 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.0/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1ed4f896f5409c%26domain%3Dpositivepromotions.formstack.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpositivepromotions.formstack.com%252Fff7bc87f921d1%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fpositivepromotions.formstack.com%2Fforms%2Fhealthcarequotesjq&layout=button_count&locale=en_US&sdk=joey
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=f7b423d9257fe97112361431c81cef75
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f128:181:face:b00c:0:25de Sofia, Bulgaria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fb47a3b16b7f1a04b398ec30bb2c90c4ce61d454503477834da68e7d5cd61b91
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://positivepromotions.formstack.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
date
Wed, 12 Apr 2023 19:03:47 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v10.0
origin-agent-cluster
?0
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
cWzWD2biOUJ1pfl/h9UlNqcKOay2Ro0frZHO7ma4DMVcWWuIdNqTLSh8i9G4Is7mtg0NvsueffOhZDuqcsi/og==
x-fb-rlafr
0
x-xss-protection
0
button.e7f9415a2e000feaab02c86dd5802747.js
platform.twitter.com/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/button.e7f9415a2e000feaab02c86dd5802747.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67D5) /
Resource Hash
ef116c4b154888a36784c143110b264cfe6528a4061c5dcc14e6431ecfbcac56

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Wed, 12 Apr 2023 19:03:47 GMT
Content-Encoding
gzip
Age
2412661
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
2618
Last-Modified
Tue, 24 Jan 2023 21:41:06 GMT
Server
ECS (frb/67D5)
Etag
"506673dbdb9085e7201e137e893cc152+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
platform.twitter.com/widgets/ Frame 61F3 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67D5) /
Resource Hash
a7fd41fd349db8949a256323b8d9af1f86fe14bbd84214553ca70cb488a95e7b

Request headers

Referer
https://positivepromotions.formstack.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
2412661
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
13592
Content-Type
text/html; charset=utf-8
Date
Wed, 12 Apr 2023 19:03:47 GMT
Etag
"28919252629e2fa1d4ed52f48cb66ac0+gzip"
Last-Modified
Tue, 24 Jan 2023 21:41:10 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/67D5)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
embeds
syndication.twitter.com/i/jot/ 		43 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fpositivepromotions.formstack.com%2Fforms%2Fhealthcarequotesjq%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22formstack%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1681326227762%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=e9bbebf8937343cf01c3a7077573609fe7eb17b9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-response-time
104
date
Wed, 12 Apr 2023 19:03:47 GMT
strict-transport-security
max-age=631138519
last-modified
Wed, 12 Apr 2023 19:03:47 GMT
server
tsa_o
vary
Origin
content-type
image/gif
x-transaction-id
df132125ee943d7d
cache-control
must-revalidate, max-age=600
perf
7626143928
x-connection-hash
8d4f431e07793bff65cbb84d490ae9c5f1b57aa687c2df01b4e54e6416d0bd61
content-length
43
truncated
/ Frame 61F3 		822 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/svg+xml
GzgedhmzSQa.png
static.xx.fbcdn.net/rsrc.php/v3/yn/r/ Frame 1BEA 		272 B
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/GzgedhmzSQa.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.0/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1ed4f896f5409c%26domain%3Dpositivepromotions.formstack.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpositivepromotions.formstack.com%252Fff7bc87f921d1%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fpositivepromotions.formstack.com%2Fforms%2Fhealthcarequotesjq&layout=button_count&locale=en_US&sdk=joey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0187fed1f15750c2fa9e427912bb64d209aad8b47ee4fa9576f6666b68188d36
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 12 Apr 2023 19:03:47 GMT
x-content-type-options
nosniff
content-md5
lIjeC3eJAboxVqIOEs/Auw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
272
x-fb-rlafr
0
x-fb-debug
1QtcXIvzy8sSTRtRhPP5GdWZfAJbY4UFHCQnaD4leZuu3vd0a+xpdU94D/KLKrewAmFgt1vzhNZM4+GTt/WkdQ==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 29 Mar 2024 03:38:41 GMT
j16_pH8M3c6.js
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yZ/l/en_US/ Frame 1BEA 		509 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yZ/l/en_US/j16_pH8M3c6.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.0/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1ed4f896f5409c%26domain%3Dpositivepromotions.formstack.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpositivepromotions.formstack.com%252Fff7bc87f921d1%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fpositivepromotions.formstack.com%2Fforms%2Fhealthcarequotesjq&layout=button_count&locale=en_US&sdk=joey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0617bb68ba8456128d1427785f52fc241322d5f417fb0c669e24f6322feda7d5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 12 Apr 2023 19:03:47 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
zybduloP0nOj+eRcaRH5WQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
135146
x-fb-rlafr
0
x-fb-debug
9yAxxCk8e/DL3DbQ0F76VYCJgyQ4ZPNQlQxlMO4OYxOe4H9UgIpBI2djkqoiTteNrKligVog4EdmsLYpZM+J5A==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 11 Apr 2024 05:27:33 GMT

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 boolean| credentialless object| __twttrll object| twttr object| __twttr object| __core-js_shared__ object| Sslac object| IN object| FS_FIELD_DATA_5173901 undefined| $ function| jQuery function| DP_jQuery_1681326227506 object| Formstack object| libphonenumber function| fsFacAuthCallback object| html5 object| Modernizr function| yepnope function| loadFormstack object| FB object| __buffer object| plugin string| baseUrl object| form5173901

3 Cookies

Domain/Path Name / Value
positivepromotions.formstack.com/forms/ Name: PHPSESSID
Value: 000c3dbcaf31d1a910f39ca189a52d8a
static.formstack.com/ Name: AWSALB
Value: DhGUo9HqGeKsiQWcC+J4TzEDC7se74JIHeDZhJ+zkFca/0QGcq/mU8bvfNxVE+ffMTTrdpAAqbk7s56pm5uLYGwBfrHlIPqb62t3DDAylFfis0tL3Y3UvqRaU8+i
static.formstack.com/ Name: AWSALBCORS
Value: DhGUo9HqGeKsiQWcC+J4TzEDC7se74JIHeDZhJ+zkFca/0QGcq/mU8bvfNxVE+ffMTTrdpAAqbk7s56pm5uLYGwBfrHlIPqb62t3DDAylFfis0tL3Y3UvqRaU8+i

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
platform.linkedin.com
platform.twitter.com
posimail.positivepromotions.com
positivepromotions.formstack.com
s3.amazonaws.com
static.formstack.com
static.xx.fbcdn.net
syndication.twitter.com
www.facebook.com
www.formstack.com
www.positivepromotions.com
104.244.42.72
2606:2800:234:46c:e8b:1e2f:2bd:694
2620:1ec:4f:1::45
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f128:181:face:b00c:0:25de
35.160.170.92
52.216.35.144
52.222.158.107
52.84.174.121
0187fed1f15750c2fa9e427912bb64d209aad8b47ee4fa9576f6666b68188d36
04bebecfb9f7ce92cf947ce283fccf067cf6870f65af3456dd22b6c102447c83
0617bb68ba8456128d1427785f52fc241322d5f417fb0c669e24f6322feda7d5
2f7e54021895f1d4d021ecd354d337bdf55a4b404f3b5d993364fb237a57e326
361b5619f5e27a76320e878f44630489569a2e666c63dee4fab7b63b1667a71a
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
3edd25676fbcf2117956251828375d8122451b17cb8b6f8f3ddad0192d07460c
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
4315b545724305bd6f32c456d1b1757f450da398307e2795727f8f5c65a69e46
4fd91864be6192916a0cdc95d51d179f9bc071b462b7cb1e9e311a4bed974f41
5ec11883dbd19aa91c86ade182cfe7037a9b9f954daca64f341ffd0595e429c0
651dab4cb7bc37df2f04d730db54ee9e9bdc1f93fe9739a05c9ce07e0e335947
6ae18af25b0e9b719e18530c09b5647d99b337fd12e4f75e653de8f81a7fdedd
74bf23cb58f15f0a5828b81f3285e56f3917d80c4834cc990645c5aa5ba4c254
7d5af5ad676dc02d93d6a945a951688ed7b3402a04bc933090de10d614671d0e
7f88c7eb830e129a72668bec156be3b531f711bc03d7ed9fd15844f97f4e0ee9
86d5823df9f96c928e9981519128e09bf8f745ca88e690be0b342b5ce904d394
8be533d533b9ca9a27c653ae2e71756be96845c84df07cb7ab9629a35741c205
92747742b0d05de841880d3cad6550593fa08692d26fe086e15d4a5696606a54
9cb313db26b68d16ce719370a73748f24d7e1e10910ef299ba5761a87ea8d74c
9fc43e8f6f26a254c4570b6ccd4e08a2a5f97bedcd1f3491ede9bbb8b5012d90
a7fd41fd349db8949a256323b8d9af1f86fe14bbd84214553ca70cb488a95e7b
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
af420c807b04fdb5136ef53f3bab83b81f2b94e43fa9856f1fad2fde88383744
af897a5f18c00a272750446a9c34d8e024e18813260c4cfef79db22dc4fdf2bb
ba640d33e6c4c528bc0667315dd305b76fc10c4b85416853165bfc9820d32417
be488c0f242b432e7109eebf228368139abbeff37eb8fad1b3c510d41e362bd7
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
cbf9c7b03d8f1efe5433622b11c1b703061f0e41852eba50f416d56f7ca168d5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef116c4b154888a36784c143110b264cfe6528a4061c5dcc14e6431ecfbcac56
fb47a3b16b7f1a04b398ec30bb2c90c4ce61d454503477834da68e7d5cd61b91