www.positivepromotions.com Open in urlscan Pro
99.86.7.61 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.positivepromotions.com/
Effective URL:
https://www.positivepromotions.com/
Submission: On September 22 via api (September 22nd 2020, 3:32:50 pm UTC) from US

Summary HTTP 186 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 63 IPs in 11 countries across 51 domains to perform 186 HTTP transactions. The main IP is 99.86.7.61, located in Seattle, United States and belongs to AMAZON-02, US. The main domain is www.positivepromotions.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on August 25th 2020. Valid for: a year.

This is the only time www.positivepromotions.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11 90	99.86.7.61 99.86.7.61	16509 (AMAZON-02) (AMAZON-02)
3	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:3b	20446 (HIGHWINDS3) (HIGHWINDS3)
5	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81a::2008	15169 (GOOGLE) (GOOGLE)
3 5	2a00:1288:f03... 2a00:1288:f03d:1fa::4000	10310 (YAHOO-1) (YAHOO-1)
2	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81b::2003	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a02:26f0:f1:... 2a02:26f0:f1:296::1d72	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	99.86.7.44 99.86.7.44	16509 (AMAZON-02) (AMAZON-02)
8	99.84.144.51 99.84.144.51	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c07::9d	15169 (GOOGLE) (GOOGLE)
4	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
3	2a00:1450:400... 2a00:1450:4001:824::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	54.210.170.56 54.210.170.56	14618 (AMAZON-AES) (AMAZON-AES)
1	68.232.35.206 68.232.35.206	15133 (EDGECAST) (EDGECAST)
2	2606:4700::68... 2606:4700::6811:4f6b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::ac43:cc2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	204.2.131.14 204.2.131.14	393259 (YOTTAA-AS-1) (YOTTAA-AS-1)
1	2a02:26f0:6c0... 2a02:26f0:6c00:280::3a7c	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	18.194.7.207 18.194.7.207	16509 (AMAZON-02) (AMAZON-02)
2 3	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
1	52.219.125.32 52.219.125.32	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE)
1	35.186.249.72 35.186.249.72	15169 (GOOGLE) (GOOGLE)
1 1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
2	54.91.222.103 54.91.222.103	14618 (AMAZON-AES) (AMAZON-AES)
1	173.199.53.100 173.199.53.100	16815 (GOTO-PRIM...) (GOTO-PRIMARY-AS)
1	122.248.251.30 122.248.251.30	16509 (AMAZON-02) (AMAZON-02)
3	52.73.66.205 52.73.66.205	14618 (AMAZON-AES) (AMAZON-AES)
7	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	34.247.125.34 34.247.125.34	16509 (AMAZON-02) (AMAZON-02)
1 2	66.225.223.31 66.225.223.31	3949 (NTTA-3946) (NTTA-3946)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	23.210.248.44 23.210.248.44	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	18.196.236.3 18.196.236.3	16509 (AMAZON-02) (AMAZON-02)
3 4	37.252.173.62 37.252.173.62	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::13	56396 (TURN) (TURN)
3 3	52.59.102.119 52.59.102.119	16509 (AMAZON-02) (AMAZON-02)
1	99.84.144.107 99.84.144.107	16509 (AMAZON-02) (AMAZON-02)
1 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	63.32.81.121 63.32.81.121	16509 (AMAZON-02) (AMAZON-02)
1 2	23.210.249.164 23.210.249.164	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	92.122.253.103 92.122.253.103	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.9.74.36 52.9.74.36	16509 (AMAZON-02) (AMAZON-02)
1	104.109.66.25 104.109.66.25	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	54.93.35.217 54.93.35.217	16509 (AMAZON-02) (AMAZON-02)
1 2	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	35.193.67.164 35.193.67.164	15169 (GOOGLE) (GOOGLE)
1	35.176.88.2 35.176.88.2	16509 (AMAZON-02) (AMAZON-02)
2	173.199.53.22 173.199.53.22	16815 (GOTO-PRIM...) (GOTO-PRIMARY-AS)
1	52.29.222.110 52.29.222.110	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
186	63

90 99.86.7.61 (Seattle, United States) 11 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-61.fra6.r.cloudfront.net

www.positivepromotions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
positivepromotions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1288:f03d:1fa::4000 (United Kingdom) 3 redirects

ASN10310 (YAHOO-1, US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:f1:296::1d72 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

staticw2.yotpo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.7.44 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-44.fra6.r.cloudfront.net

cdn.datasteam.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 99.84.144.51 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-144-51.txl52.r.cloudfront.net

d21gpk1vhmjuf5.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 212.82.100.181 (Switzerland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:824::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.210.170.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-170-56.compute-1.amazonaws.com

tracker.unbxdapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.232.35.206 (United States)

ASN15133 (EDGECAST, US)

cdn.yottaa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:4f6b (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:cc2 (United States)

ASN13335 (CLOUDFLARENET, US)

pubhtml5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 204.2.131.14 (United States)

ASN393259 (YOTTAA-AS-1, US)

qoe-1.yottaa.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:280::3a7c (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

snip.bronto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.194.7.207 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-7-207.eu-central-1.compute.amazonaws.com

p.yotpo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638::1c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.219.125.32 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)

unbxd.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.249.72 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 72.249.186.35.bc.googleusercontent.com

d.impactradius-event.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.91.222.103 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-91-222-103.compute-1.amazonaws.com

emails.positivepromotions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.199.53.100 (United States)

ASN16815 (GOTO-PRIMARY-AS, US)
PTR: b-app14-34.boldchat.com

vmss.boldchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 122.248.251.30 (Ulu Bedok, Singapore)

ASN16509 (AMAZON-02, US)

recommendations.unbxdapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.73.66.205 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-66-205.compute-1.amazonaws.com

api.datasteam.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.156.0.31 (United States)

ASN16509 (AMAZON-02, US)

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.247.125.34 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-125-34.eu-west-1.compute.amazonaws.com

partner.mediawallahscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.225.223.31 (Chicago, United States) 1 redirects

ASN3949 (NTTA-3946, US)
PTR: sa.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.248.44 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-44.deploy.static.akamaitechnologies.com

cw.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.196.236.3 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.173.62 (Ascension Island) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::13 (None, ) 1 redirects

ASN56396 (TURN, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.59.102.119 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-102-119.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.144.107 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-144-107.txl52.r.cloudfront.net

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.32.81.121 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.210.249.164 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-164.deploy.static.akamaitechnologies.com

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.122.253.103 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a92-122-253-103.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.9.74.36 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-9-74-36.us-west-1.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.109.66.25 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a104-109-66-25.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.93.35.217 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.228.48 (Netherlands) 1 redirects

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.193.67.164 (United States)

ASN15169 (GOOGLE, US)
PTR: 164.67.193.35.bc.googleusercontent.com

p.alcmpn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.176.88.2 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.199.53.22 (United States)

ASN16815 (GOTO-PRIMARY-AS, US)

vms.boldchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.222.110 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-222-110.eu-central-1.compute.amazonaws.com

visitor-services.boldchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
92	positivepromotions.com 11 redirects www.positivepromotions.com emails.positivepromotions.com positivepromotions.com	2 MB
12	criteo.com 3 redirects gum.criteo.com sslwidget.criteo.com widget.us.criteo.com dis.criteo.com	7 KB
10	yahoo.com 3 redirects sp.analytics.yahoo.com ads.yahoo.com ups.analytics.yahoo.com	7 KB
8	cloudfront.net d21gpk1vhmjuf5.cloudfront.net	53 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	179 KB
5	google-analytics.com www.google-analytics.com	51 KB
4	adnxs.com 3 redirects secure.adnxs.com	4 KB
4	boldchat.com vmss.boldchat.com vms.boldchat.com visitor-services.boldchat.com	19 KB
4	datasteam.io cdn.datasteam.io api.datasteam.io	25 KB
4	bootstrapcdn.com maxcdn.bootstrapcdn.com	112 KB
3	advertising.com 3 redirects pixel.advertising.com	1 KB
3	unbxdapi.com tracker.unbxdapi.com recommendations.unbxdapi.com	6 KB
3	google.com www.google.com	1 KB
3	doubleclick.net 1 redirects stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	2 KB
3	yotpo.com staticw2.yotpo.com p.yotpo.com	169 KB
3	facebook.net connect.facebook.net	177 KB
3	fontawesome.com use.fontawesome.com	132 KB
2	taboola.com 1 redirects sync-t1.taboola.com	534 B
2	casalemedia.com 1 redirects r.casalemedia.com	2 KB
2	openx.net 1 redirects us-u.openx.net	494 B
2	3lift.com 1 redirects eb2.3lift.com	733 B
2	outbrain.com 1 redirects sync.outbrain.com	828 B
2	yottaa.net qoe-1.yottaa.net	1 KB
2	cloudflare.com cdnjs.cloudflare.com	9 KB
2	facebook.com www.facebook.com	522 B
2	google.de www.google.de	644 B
2	bing.com bat.bing.com	8 KB
2	yimg.com s.yimg.com	7 KB
2	googletagmanager.com www.googletagmanager.com	49 KB
2	googleapis.com fonts.googleapis.com	2 KB
1	rlcdn.com idsync.rlcdn.com	417 B
1	agkn.com aa.agkn.com	390 B
1	alcmpn.com p.alcmpn.com	185 B
1	sharethrough.com match.sharethrough.com	262 B
1	teads.tv criteo-sync.teads.tv	172 B
1	postrelease.com jadserve.postrelease.com	426 B
1	media.net contextual.media.net	713 B
1	pubmatic.com simage2.pubmatic.com	873 B
1	revcontent.com trends.revcontent.com	335 B
1	smaato.net s.ad.smaato.net	237 B
1	turn.com 1 redirects d.turn.com	437 B
1	addthis.com cw.addthis.com	426 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	mediawallahscript.com partner.mediawallahscript.com	367 B
1	impactradius-event.com d.impactradius-event.com	13 KB
1	amazonaws.com unbxd.s3.amazonaws.com	6 KB
1	bronto.com snip.bronto.com	20 KB
1	pubhtml5.com pubhtml5.com	565 B
1	googleadservices.com www.googleadservices.com	12 KB
1	criteo.net static.criteo.net	12 KB
1	yottaa.com cdn.yottaa.com	20 KB
186	51

	Domain	Requested by
80	www.positivepromotions.com	1 redirects www.positivepromotions.com
10	positivepromotions.com	10 redirects
8	d21gpk1vhmjuf5.cloudfront.net	www.positivepromotions.com d21gpk1vhmjuf5.cloudfront.net cdn.yottaa.com
7	dis.criteo.com
5	www.google-analytics.com	www.positivepromotions.com www.google-analytics.com
4	secure.adnxs.com	3 redirects
4	sp.analytics.yahoo.com	s.yimg.com
4	fonts.gstatic.com	fonts.googleapis.com
4	maxcdn.bootstrapcdn.com	www.positivepromotions.com maxcdn.bootstrapcdn.com
3	pixel.advertising.com	3 redirects
3	ups.analytics.yahoo.com
3	ads.yahoo.com	3 redirects
3	api.datasteam.io	cdn.yottaa.com
3	gum.criteo.com	2 redirects static.criteo.net
3	www.google.com	www.positivepromotions.com
3	connect.facebook.net	www.googletagmanager.com connect.facebook.net
3	use.fontawesome.com	www.positivepromotions.com use.fontawesome.com
2	vms.boldchat.com	vmss.boldchat.com cdn.yottaa.com
2	sync-t1.taboola.com	1 redirects
2	r.casalemedia.com	1 redirects
2	us-u.openx.net	1 redirects
2	eb2.3lift.com	1 redirects
2	sync.outbrain.com	1 redirects
2	emails.positivepromotions.com	cdn.yottaa.com
2	qoe-1.yottaa.net	cdn.yottaa.com
2	cdnjs.cloudflare.com	www.positivepromotions.com
2	tracker.unbxdapi.com	www.positivepromotions.com
2	www.facebook.com	www.positivepromotions.com
2	www.google.de	www.positivepromotions.com
2	staticw2.yotpo.com	www.positivepromotions.com staticw2.yotpo.com
2	bat.bing.com	www.googletagmanager.com www.positivepromotions.com
2	s.yimg.com	www.positivepromotions.com s.yimg.com
2	www.googletagmanager.com	www.positivepromotions.com
2	fonts.googleapis.com	www.positivepromotions.com staticw2.yotpo.com
1	idsync.rlcdn.com
1	visitor-services.boldchat.com	vmss.boldchat.com
1	aa.agkn.com	cdn.yottaa.com
1	p.alcmpn.com
1	match.sharethrough.com
1	criteo-sync.teads.tv
1	jadserve.postrelease.com
1	contextual.media.net
1	simage2.pubmatic.com
1	trends.revcontent.com
1	s.ad.smaato.net
1	d.turn.com	1 redirects
1	cw.addthis.com
1	pixel.rubiconproject.com
1	partner.mediawallahscript.com
1	cm.g.doubleclick.net	1 redirects
1	recommendations.unbxdapi.com	cdn.yottaa.com
1	vmss.boldchat.com	cdn.yottaa.com
1	widget.us.criteo.com
1	sslwidget.criteo.com	1 redirects
1	d.impactradius-event.com	cdn.yottaa.com
1	googleads.g.doubleclick.net	cdn.yottaa.com
1	www.gstatic.com	cdn.yottaa.com
1	unbxd.s3.amazonaws.com	cdn.yottaa.com
1	p.yotpo.com	www.positivepromotions.com
1	snip.bronto.com	www.positivepromotions.com
1	pubhtml5.com	www.positivepromotions.com
1	www.googleadservices.com	www.positivepromotions.com
1	static.criteo.net	www.positivepromotions.com
1	cdn.yottaa.com	www.positivepromotions.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	cdn.datasteam.io	www.googletagmanager.com
186	66

This site contains links to these domains. Also see Links.

Domain
blog.positivepromotions.com
www2.appone.com
video.positivepromotions.com
www.facebook.com
twitter.com
www.pinterest.com
www.instagram.com
www.youtube.com
www.linkedin.com
trustsealinfo.websecurity.norton.com
sealserver.trustkeeper.net

Subject Issuer	Validity	Valid
www.positivepromotions.com DigiCert SHA2 Secure Server CA	`2020-08-25` - `2021-11-17`	a year	crt.sh
*.fontawesome.com DigiCert SHA2 Secure Server CA	`2019-10-28` - `2020-12-23`	a year	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-14` - `2020-10-13`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-09-10` - `2020-10-28`	2 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-09-11` - `2020-12-10`	3 months	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
*.yotpo.com DigiCert SHA2 Secure Server CA	`2020-04-24` - `2021-07-24`	a year	crt.sh
cdn.datasteam.io Amazon	`2019-12-17` - `2021-01-17`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-08-01` - `2021-01-28`	6 months	crt.sh
www.google.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.unbxd.io Amazon	`2020-08-21` - `2021-09-20`	a year	crt.sh
*.yottaa.com DigiCert SHA2 Secure Server CA	`2020-05-12` - `2021-04-13`	a year	crt.sh
cdnjs.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-12` - `2022-08-17`	2 years	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2020-09-04` - `2020-12-03`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.pubhtml5.com Go Daddy Secure Certificate Authority - G2	`2020-02-14` - `2022-04-14`	2 years	crt.sh
*.yottaa.net GlobalSign RSA OV SSL CA 2018	`2020-08-03` - `2022-10-03`	2 years	crt.sh
bronto.oracle.com DigiCert Secure Site ECC CA-1	`2020-03-09` - `2021-05-08`	a year	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2020-09-04` - `2020-12-03`	3 months	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2019-11-09` - `2021-03-12`	a year	crt.sh
*.impactradius-event.com COMODO RSA Domain Validation Secure Server CA	`2019-01-08` - `2021-01-20`	2 years	crt.sh
*.us.criteo.com DigiCert ECC Secure Server CA	`2020-08-14` - `2020-11-12`	3 months	crt.sh
emails.positivepromotions.com RapidSSL RSA CA 2018	`2020-03-03` - `2022-03-03`	2 years	crt.sh
*.boldchat.com GlobalSign Organization Validation CA - SHA256 - G2	`2019-02-05` - `2021-04-03`	2 years	crt.sh
*.google.de GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.unbxdapi.com Amazon	`2020-08-14` - `2021-09-14`	a year	crt.sh
*.datasteam.io Amazon	`2020-08-28` - `2021-09-28`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-05-27` - `2020-11-23`	6 months	crt.sh
*.mediawallahscript.com Amazon	`2020-06-03` - `2021-07-03`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2019-10-29` - `2021-11-23`	2 years	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
odc-prod-01.oracle.com DigiCert Secure Site ECC CA-1	`2020-07-22` - `2021-10-13`	a year	crt.sh
*.3lift.com Amazon	`2020-07-04` - `2021-08-05`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
s.ad.smaato.net Amazon	`2020-04-15` - `2021-05-15`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
revcontent.com Amazon	`2020-07-08` - `2021-08-08`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2020-02-25` - `2021-05-26`	a year	crt.sh
*.postrelease.com Amazon	`2020-02-28` - `2021-03-28`	a year	crt.sh
teads.tv Let's Encrypt Authority X3	`2020-09-01` - `2020-11-30`	3 months	crt.sh
*.sharethrough.com Amazon	`2020-09-09` - `2021-10-11`	a year	crt.sh
*.alcmpn.com Let's Encrypt Authority X3	`2020-08-06` - `2020-11-04`	3 months	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2020-07-25` - `2022-09-18`	2 years	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-14` - `2021-04-23`	a year	crt.sh
*.taboola.com DigiCert SHA2 Secure Server CA	`2020-08-11` - `2021-12-31`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.positivepromotions.com/
Frame ID: 4A4FE52CD555041C17E44B0F1355A005
Requests: 155 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.positivepromotions.com
Frame ID: 2BD980704853AD36346900DC65793AFF
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/rightmedia/cookiematch.aspx?xid=E0
Frame ID: 105E89036864E82A2B71947F0515AE7F
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.positivepromotions.com/ HTTP 301
https://www.positivepromotions.com/ Page URL

Detected technologies

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Page Statistics

186
Requests

100 %
HTTPS

36 %
IPv6

51
Domains

66
Subdomains

63
IPs

11
Countries

3244 kB
Transfer

7780 kB
Size

22
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://blog.positivepromotions.com/
Title: Positively Inspiring Blog

Search URL Search Domain Scan URL

URL: https://www2.appone.com/Search/Search.aspx?ServerVar=positivepromotionsinc.appone.com
Title: Careers

Search URL Search Domain Scan URL

URL: https://video.positivepromotions.com/
Title: Videos

Search URL Search Domain Scan URL

URL: https://www.facebook.com/positivepromotion
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/PositivePromos
Title:

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/positivepromos/
Title:

Search URL Search Domain Scan URL

URL: https://www.instagram.com/positive_promotions/
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/PositivePromotions
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/positive-promotions
Title:

Search URL Search Domain Scan URL

URL: https://trustsealinfo.websecurity.norton.com/splash?form_file=fdf/splash.fdf&dn=www.positivepromotions.com&lang=en

Search URL Search Domain Scan URL

URL: https://sealserver.trustkeeper.net/cert.php?customerId=x4ivtZufDpqO4gUNVXmBsViTpDGgvC&size=105x54&style=invert

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.positivepromotions.com/ HTTP 301
https://www.positivepromotions.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 124

https://sslwidget.criteo.com/event?a=50039&v=5.6.2&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&tld=positivepromotions.com&dtycbr=53196 HTTP 302
https://widget.us.criteo.com/event?a=50039&v=5.6.2&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&tld=positivepromotions.com&dtycbr=53196

Request Chain 134

https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1 HTTP 302
https://dis.criteo.com/dis/rtb/rightmedia/cookiematch.aspx?xid=E0

Request Chain 137

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=VaBeJH5IdUGKDUSnE7I8SQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0

Request Chain 139

https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-hM6nwi8I6Eg7Zkli6V7t-lfDEh5Myadc5HmANg HTTP 302
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-hM6nwi8I6Eg7Zkli6V7t-lfDEh5Myadc5HmANg&rdrctExp=true

Request Chain 142

https://eb2.3lift.com/xuid?mid=2711&xuid=k-QJPv3y8I6Eg7Zkli6V7t-lfDEh7ld6rHS7dQMA&dongle=013b HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-QJPv3y8I6Eg7Zkli6V7t-lfDEh7ld6rHS7dQMA&dongle=013b&gdpr=1&cmp_cs=&us_privacy=

Request Chain 143

https://secure.adnxs.com/setuid?entity=52&code=k-mjYo8i8I6Eg7Zkli6V7t-lfDEh5wv57uWaDIGQ&seg=95287 HTTP 307
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-mjYo8i8I6Eg7Zkli6V7t-lfDEh5wv57uWaDIGQ%26seg%3D95287

Request Chain 144

https://gum.criteo.com/sync?c=383&r=1&a=1&u=https%3A%2F%2Fd.turn.com%2Fr%2Fdd%2Fid%2FL2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI%2Fdpuid%2F%40USERID%40%2Furl%2Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fcdb%252Fcookiematch.aspx%253F%2526extid%253D%2524!%7BTURN_UUID%7D HTTP 302
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI/dpuid/ItdWsi_Wdha-3l-GToNfSXYXpBfmDh0E/url/https%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fcdb%2Fcookiematch.aspx%3F%26extid%3D%24!%7BTURN_UUID%7D HTTP 302
https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=2564390133719697621

Request Chain 145

https://pixel.advertising.com/ups/55945/sync?uid=k-RPQcJi8I6Eg7Zkli6V7t-lfDEh4seP6zWs3qqw&_origin=1 HTTP 302
https://pixel.advertising.com/ups/55945/sync?uid=k-RPQcJi8I6Eg7Zkli6V7t-lfDEh4seP6zWs3qqw&_origin=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-RPQcJi8I6Eg7Zkli6V7t-lfDEh4seP6zWs3qqw&_origin=1&apid=UPd648aa83-fce8-11ea-8f20-06dea3b5a23a

Request Chain 147

https://us-u.openx.net/w/1.0/sd?id=537072953&val=k-xSE9bC8I6Eg7Zkli6V7t-lfDEh7yX_NISJMGOQ&c=us HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072953&val=k-xSE9bC8I6Eg7Zkli6V7t-lfDEh7yX_NISJMGOQ&c=us

Request Chain 149

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-OSHl5S8I6Eg7Zkli6V7t-lfDEh4VyL24Ot2LWg HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-OSHl5S8I6Eg7Zkli6V7t-lfDEh4VyL24Ot2LWg&C=1

Request Chain 155

https://sync-t1.taboola.com/sg/criteo/1/rtb HTTP 302
https://dis.criteo.com/dis/rtb/taboola/cookiematch.aspx?partner_uid=f68617dc-7a2e-44c0-984e-787dcd19f592-tuct6639e92

Request Chain 161

https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40 HTTP 302
https://idsync.rlcdn.com/397596.gif?partner_uid=zBAzKiqhDHRjWfZGh7J6srtK_FF3ucXI

Request Chain 162

https://ads.yahoo.com/cms/v1?esig=2~d70585acac52c040f8b2016b9137859f8ce8814d&nwid=10022892938&sigv=1 HTTP 302
https://dis.criteo.com/dis/rtb/yahoogemini/cookiematch.aspx?xid=E0

Request Chain 163

https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8565154968457851672

Request Chain 164

https://pixel.advertising.com/ups/55945/sync?uid=k-nq5jIy8I6Eg7Zkli6V7t-lfDEh67hcwVY_FpLw&_origin=1 HTTP 302
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-nq5jIy8I6Eg7Zkli6V7t-lfDEh67hcwVY_FpLw&_origin=1&apid=UPd648aa83-fce8-11ea-8f20-06dea3b5a23a

Request Chain 167

https://ads.yahoo.com/cms/v1?esig=2~53ef8d479c22b2f64b38b7c8ed96f504cd8e84c6&nwid=10033892938&sigv=1 HTTP 302
https://dis.criteo.com/dis/rtb/yahoogemini/cookiematch.aspx?xid=E0

Request Chain 174

https://positivepromotions.com/images/350/OSW9759.jpg HTTP 301
https://www.positivepromotions.com/images/350/OSW9759.jpg

Request Chain 175

https://positivepromotions.com/images/350/OSV1533.jpg HTTP 301
https://www.positivepromotions.com/images/350/OSV1533.jpg

Request Chain 176

https://positivepromotions.com/images/350/OS-2153.jpg HTTP 301
https://www.positivepromotions.com/images/350/OS-2153.jpg

Request Chain 177

https://positivepromotions.com/images/350/OST1098.jpg HTTP 301
https://www.positivepromotions.com/images/350/OST1098.jpg

Request Chain 178

https://positivepromotions.com/images/350/G-617.jpg HTTP 301
https://www.positivepromotions.com/images/350/G-617.jpg

Request Chain 179

https://positivepromotions.com/images/350/ITP-52S.jpg HTTP 301
https://www.positivepromotions.com/images/350/ITP-52S.jpg

Request Chain 180

https://positivepromotions.com/images/350/PNP-553.jpg HTTP 301
https://www.positivepromotions.com/images/350/PNP-553.jpg

Request Chain 181

https://positivepromotions.com/images/350/GP-116.jpg HTTP 301
https://www.positivepromotions.com/images/350/GP-116.jpg

Request Chain 182

https://positivepromotions.com/images/350/OS-1022.jpg HTTP 301
https://www.positivepromotions.com/images/350/OS-1022.jpg

Request Chain 183

https://positivepromotions.com/images/350/OST-600.jpg HTTP 301
https://www.positivepromotions.com/images/350/OST-600.jpg

186 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.positivepromotions.com/
Redirect Chain

http://www.positivepromotions.com/
https://www.positivepromotions.com/

232 KB
29 KB

800ms
701ms

Document
text/html

99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.positivepromotions.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-7-61.fra6.r.cloudfront.net

Software

Resource Hash

b46dc1673faa2af5843564d4e298a4397d760c6274b10da9ee1463e41bee35ac

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.positivepromotions.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
content-type: text/html; charset=utf-8
vary: Accept-Encoding
date: Tue, 22 Sep 2020 15:32:31 GMT
set-cookie: AWSALB=f/iXCNCDn/Pvoj3vSKDs9TQihFOj/2N2rltTSZ16m5k2tR7C6PNlrpvjHcRIFzKmqHZHGgQ4stexKq2iOFw0THl1mc/0co3HlaR506s/M0l3swYWGcQ/xeUeAuac; Expires=Tue, 29 Sep 2020 15:32:30 GMT; Path=/ AWSALBCORS=f/iXCNCDn/Pvoj3vSKDs9TQihFOj/2N2rltTSZ16m5k2tR7C6PNlrpvjHcRIFzKmqHZHGgQ4stexKq2iOFw0THl1mc/0co3HlaR506s/M0l3swYWGcQ/xeUeAuac; Expires=Tue, 29 Sep 2020 15:32:30 GMT; Path=/; SameSite=None; Secure ASP.NET_SessionId=bziod5vzgq5oyuq2ggozx5lg; path=/; secure; HttpOnly; SameSite=Lax dmi=637363711509365491; expires=Sat, 07-Sep-2080 15:32:30 GMT; path=/; secure; HttpOnly visitor_guid=afb22eaf-b75f-41bf-a817-c24a13619043; expires=Sat, 07-Sep-2080 15:32:30 GMT; path=/; secure; HttpOnly
cache-control: private
x-frame-options: SAMEORIGIN
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: 9YEkkpUqa04nRISMqd4gdpslVTZjM_elv99uT2hU3x7hm-GIalsQFw==

Redirect headers

Content-Type: text/html
Content-Length: 245
Connection: keep-alive
Date: Tue, 22 Sep 2020 15:32:30 GMT
Location: https://www.positivepromotions.com/
X-Cache: Miss from cloudfront
Via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA6-C1
X-Amz-Cf-Id: T9k1-TGD-EfbM3CLN9Plusm4E8zM0KMwcpYadr_owin00CVmEXsnmQ==

GET
H2 200 all.css
use.fontawesome.com/releases/v5.1.0/css/ 45 KB
11 KB 51ms
49ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550

Request headers

Origin: https://www.positivepromotions.com
Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 15:32:31 GMT
content-encoding: gzip
last-modified: Wed, 20 Jun 2018 20:19:16 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"826c57385f3d35cfed5478ba7b1f5c03"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 10ms
8ms Stylesheet
text/css 2001:4de0:ac19::1:b:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 15:32:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:35:20 GMT
status: 200
etag: "1544639720"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 7050

GET
H2 200 css
fonts.googleapis.com/ 8 KB
946 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather:400,700|Roboto:400,700

Requested by

Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4162687ac2d243d20ab4152f80551a0adcd810c77b891661ea5b95af7e704ec2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 22 Sep 2020 15:30:32 GMT
server: ESF
date: Tue, 22 Sep 2020 15:32:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 22 Sep 2020 15:32:31 GMT

GET
H2 200 base-kalio.css
www.positivepromotions.com/Styles/ 379 KB
67 KB 100ms
98ms Stylesheet
text/css 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.positivepromotions.com/Styles/base-kalio.css?v=1
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: 88f006c6f5d06d3e9b0d4f7bec0be8c719b5aff7ba046ef77a64f944d90834a1

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 20:39:26 GMT
content-encoding: gzip
last-modified: Tue, 06 Nov 2018 12:02:54 GMT
age: 327185
etag: W/"9ef695a6c875d41:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
status: 200
cache-control: max-age=2678400
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: uGrdvxj9v6lb_M8tUJd8AtdPmwyej0ZirqqV6pntPA8y4q75CpTYqQ==
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
20 KB 24ms
8ms Stylesheet
text/css 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.positivepromotions.com
Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 15:32:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:34:07 GMT
status: 200
etag: "1544639647"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 19740

GET
H2 200 theme.css
www.positivepromotions.com/Styles/ 345 KB
43 KB 60ms
59ms Stylesheet
text/css 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.positivepromotions.com/Styles/theme.css?v=1218
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: ee6ba5d5ebbe884f25b17c712e018bcc31ddc08c7baa49611a553b61a034a85e

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 20:45:33 GMT
content-encoding: gzip
last-modified: Fri, 18 Sep 2020 20:36:24 GMT
age: 326818
etag: W/"62895660fb8dd61:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
status: 200
cache-control: max-age=2678400
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: 6sMaQDGaCh6pjyvFQggdMI1L5uHk0kRVx1LCFv_6vFBVDMymD1UXKA==
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)

GET
H2 200 EMAIL_modal.jpg
www.positivepromotions.com/images/art/ 23 KB
24 KB 81ms
81ms Image
image/jpeg 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/EMAIL_modal.jpg?v=102182673711-1
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: 9b8a5d4db37bad156daaf56eff1bf0eb83ddddf909e11518dc87bc560233ed2d

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 19:28:48 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Tue, 06 Mar 2018 21:11:19 GMT
age: 72223
etag: "80671fac8fb5d31:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 23894
x-amz-cf-id: DTyKLBJUETTYPAn2g2qMTEeO4n3_rmtIu3_8qPav11Zfmxq9Syd_TA==

GET
H2 200 ico_phone_x100blue.png
www.positivepromotions.com/images/art/ 4 KB
4 KB 48ms
48ms Image
image/png 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/ico_phone_x100blue.png?v=102183012152-2
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: ea1a77513a2d2393b3f6d7229cdfabecb328a94b4381d1229f3e9ae98ff286c1

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 18:42:40 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Tue, 17 Jul 2018 14:08:21 GMT
age: 74991
etag: "7d3d509ed71dd41:0"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 3665
x-amz-cf-id: wj-SYN67FugKMyYqKZug6B8In3QNugNt5GDKUVKj17360nkPbSyLLw==

GET
H2 200 ico_livechat_x100blue.png
www.positivepromotions.com/images/art/ 2 KB
2 KB 49ms
48ms Image
image/png 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/ico_livechat_x100blue.png?v=102183012150-2
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: 8f5efeb8e7184d30d948891117232917ba9285e4307203293959175fc11e63b3

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 09:10:12 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Tue, 17 Jul 2018 14:07:57 GMT
age: 22939
etag: "dcd74490d71dd41:0"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 1646
x-amz-cf-id: oWKXJrPbmab2t7rM3iUsei9BXyNnEByvM9P3aCymW-iEE9LLiSDH3Q==

GET
H2 200 ico_deals_x100blue.png
www.positivepromotions.com/images/art/ 3 KB
3 KB 52ms
50ms Image
image/png 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/ico_deals_x100blue.png?v=102183012153-2
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: 9a462d310893abdf754e05dd5511e92c5a984b16525de7ade6977e5b49649fd4

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 10:12:27 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Tue, 17 Jul 2018 14:15:42 GMT
age: 19204
etag: "80e438a5d81dd41:0"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 2575
x-amz-cf-id: TiM6Widx8VzWqPVuFKiDwv31xffX7jyh74ifdz9L2pSAWGQM-pbdSQ==

GET
H2 200 ico_accounts_x100blue.png
www.positivepromotions.com/images/art/ 4 KB
4 KB 52ms
50ms Image
image/png 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/ico_accounts_x100blue.png?v=102183012149-2
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: e6de96b686567ff3e6731fa6c24827b77c9beb4a252c1518935c4750f847cc3f

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 02:39:14 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Tue, 17 Jul 2018 14:07:57 GMT
age: 46397
etag: "f14f2890d71dd41:0"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 3999
x-amz-cf-id: rwvpKwoM7-ukL0vJ_rQsUCmVk2vWOLBAWYVoJORbHUN3hCDpZ-I6ag==

GET
H2 200 cartMenuItem.png
www.positivepromotions.com/images/art/ 21 KB
21 KB 54ms
52ms Image
image/png 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/cartMenuItem.png?v=102183024803-2
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: c917f69d8194a8ef256fc8e05cbf8e4e0b68c04280cc445d05e81f7318e4ddfd

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 06:29:32 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Tue, 21 Aug 2018 14:56:31 GMT
age: 32579
etag: "11e074255f39d41:0"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 21405
x-amz-cf-id: K32Rg0iP78oCeGSfvBLDm9m7NhUb3cYwFkGb64EZxBJLJI9Nxu9s9w==

GET
H2 200 logo_800x200.png
www.positivepromotions.com/images/art/ 26 KB
27 KB 59ms
58ms Image
image/png 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/logo_800x200.png?v=102183002559-2
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: 5a05f9db9da75445577638a9c3b553deb28b09c07c4759234a9ad20297da0ca3

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 12:56:42 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Fri, 06 Jul 2018 21:35:33 GMT
age: 9349
etag: "478c4f457115d41:0"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 26870
x-amz-cf-id: UECgjdLfAUrVfFo6lsnGnfDC7v-BqwN6oBgdOSilS--cxhIKqGX0ow==

GET
H2 200 ico_cart_x100blue.png
www.positivepromotions.com/images/art/ 3 KB
3 KB 56ms
55ms Image
image/png 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/ico_cart_x100blue.png?v=102183014173-4
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: ff4d0c2b64f4d9e704d0742dc74cd75606d9e15734fd8741f9d0ab5a8c5b7f16

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 18:42:40 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Tue, 24 Jul 2018 16:28:04 GMT
age: 74991
etag: "8c9ce14b6b23d41:0"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 2763
x-amz-cf-id: pTMmslE8AvEC5E3uc1trgr0HqNMZWQyBXEIzMJSF887_-DdAwvRTWw==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 1011
date: Tue, 22 Sep 2020 15:15:40 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Tue, 22 Sep 2020 17:15:40 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 152 KB
49 KB 29ms
28ms Script
application/javascript 2a00:1450:4001:81a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PJD7SL

Requested by

Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5cc1e8acb9c5eb53e9bca6081f9aaef89670617aae4362c820ceee43426d771f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 15:32:31 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49997
x-xss-protection: 0
last-modified: Tue, 22 Sep 2020 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 22 Sep 2020 15:32:31 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 15 KB
6 KB 50ms
17ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

88cf2c9a4c4bcef2aa64fb6ea0f337f78e9a7dc61d87993441369fa5cb429d32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 15:00:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1937
x-amz-server-side-encryption: AES256
status: 200
vary: Origin, Accept-Encoding
x-amz-request-id: F55B702BA0871F3D
x-amz-id-2: vw9P+Ve+8f0/dCJrnZCK58cqT5T0hRohtzk8oM2YpbD68ELVPi2aM3iPjFbbVq+yIqYavwMssFI=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 16 Sep 2021 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 11 Aug 2020 09:21:22 GMT
server: ATS
etag: "4af30fdfb3f25202fae672877237b12e-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-version-id: v0T4VwTcSKojm0k.rRPUA2jezlg4p0ZC
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 5573
content-type: application/javascript

GET
H2 200 ico_search_x100blue.png
www.positivepromotions.com/images/art/ 4 KB
4 KB 51ms
51ms Image
image/png 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/ico_search_x100blue.png
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/Styles/theme.css?v=1218
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: f332d2f3ac637ee74d969509c8267cb20c5e06083801c6b33d4031a08fe4855f

Request headers

Referer: https://www.positivepromotions.com/Styles/theme.css?v=1218
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 12:24:43 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Tue, 17 Jul 2018 15:09:50 GMT
age: 15363
etag: "92f33535e01dd41:0"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 3983
x-amz-cf-id: Q5ahpC4iRUYlmgfJyAgFTrDeH0ShKv_zUOLXxwN6UAEmtRHZ-FJJVw==

GET
H2 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
75 KB 9ms
9ms Font
font/woff2 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.positivepromotions.com
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 15:32:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:36:18 GMT
status: 200
etag: "1544639778"
vary: Accept-Encoding
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 77171

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,700|Roboto:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.positivepromotions.com
Referer: https://fonts.googleapis.com/css?family=Merriweather:400,700|Roboto:400,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 09:06:19 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 109572
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Tue, 21 Sep 2021 09:06:19 GMT

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.1.0/webfonts/ 58 KB
59 KB 55ms
55ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.1.0/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9

Request headers

Origin: https://www.positivepromotions.com
Referer: https://use.fontawesome.com/releases/v5.1.0/css/all.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 15:32:31 GMT
last-modified: Wed, 20 Jun 2018 20:19:36 GMT
server: NetDNA-cache/2.2
status: 200
etag: "18d2347ab2a9f40ca2247cdb03303d84"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 59572

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,700|Roboto:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.positivepromotions.com
Referer: https://fonts.googleapis.com/css?family=Merriweather:400,700|Roboto:400,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 09:06:15 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 109576
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Tue, 21 Sep 2021 09:06:15 GMT

GET
H2 200 Nav-marketplace-BuildYourBrand.jpg
www.positivepromotions.com/images/art/ 41 KB
41 KB 52ms
50ms Image
image/jpeg 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/Nav-marketplace-BuildYourBrand.jpg?v=102183363166-2
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: dc4920dd2a007ae5d6c24fa68a7e524524176489397b764e29f531bf593fdb47

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 10:34:29 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Wed, 09 Sep 2020 17:03:19 GMT
age: 17882
etag: "80e5c51dcb86d61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 41474
x-amz-cf-id: W6HMDFOMXRlzznAglhEeh8EuSb8O1BLRnw_zJ-Hp_-unwDFcpjG-cw==

GET
H2 200 Nav-marketplace-EcoAnimation.gif
www.positivepromotions.com/images/art/ 74 KB
74 KB 61ms
59ms Image
image/gif 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/Nav-marketplace-EcoAnimation.gif?v=102183363167-2
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: 5e58fa4b27e7f3531d9233bae7270845e9910428b1676e113a0ee20f612c3484

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 21:04:39 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Wed, 09 Sep 2020 17:03:19 GMT
age: 66472
etag: "80e5c51dcb86d61:0"
x-cache: Hit from cloudfront
content-type: image/gif
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 75778
x-amz-cf-id: jg3y4qKGcoc5H5Amz7a8xuGNckXct9pykCNorYY2vdBKl7RPXyiBrg==

GET
H2 200 Nav-marketplace-APPAREL-fall.jpg
www.positivepromotions.com/images/art/ 55 KB
55 KB 65ms
64ms Image
image/jpeg 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/Nav-marketplace-APPAREL-fall.jpg?v=102183483852-1
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: 2551a2873aa0ce6dbf0c40e163499e893a782edc4fde8456f09cafa05b668944

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 13:41:37 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Tue, 15 Sep 2020 15:17:53 GMT
age: 16261
etag: "8066a961738bd61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 55927
x-amz-cf-id: Cfwpz70h-SPVpqLpPyDaTQE1pL1lByAY1G4OeDWH8kC7L6cu5fl4Hw==

GET
H2 200 Nav-marketplace-AcademicA.jpg
www.positivepromotions.com/images/art/ 53 KB
54 KB 86ms
85ms Image
image/jpeg 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/Nav-marketplace-AcademicA.jpg?v=102183228166-5
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: ca94205bd925fecd979d7b5714b5f69a64d2a3d28116a7181fabcfa4b7f593ae

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 17:48:07 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Thu, 10 Sep 2020 15:46:19 GMT
age: 78264
etag: "809773868987d61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 54418
x-amz-cf-id: aCY4GE886zx0GrTaeePstXpzyikKJ64flIxoynFIDjH1BuI_qYl2Fw==

GET
H2 200 Nav-marketplace-RedRibbon.jpg
www.positivepromotions.com/images/art/ 53 KB
54 KB 65ms
65ms Image
image/jpeg 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/Nav-marketplace-RedRibbon.jpg?v=102183480344-1
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: 1020ebd7e59a7ce616ba2a6e533485c5bbc98053add7b12a1c95e1b5e5ca4725

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 08:30:38 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Thu, 10 Sep 2020 15:46:19 GMT
age: 25313
etag: "809773868987d61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 54513
x-amz-cf-id: VdtoGue1JrKpYoAjgW-S6QvbcGgsnw6UkpVthDlzs8h641AKiysC9w==

GET
H3-Q050 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 27ms
13ms Script
text/javascript 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 14:44:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 2871
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Tue, 22 Sep 2020 15:44:40 GMT

GET
H3-Q050 200 u-4n0qyriQwlOrhSvowK_l52xwNZWMf6hPvhPQ.woff2
fonts.gstatic.com/s/merriweather/v22/ 12 KB
12 KB 28ms
13ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v22/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6hPvhPQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,700|Roboto:400,700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b986fbc59b4f9794ff0d1bd475093053df31b2b79b545daf4125f0abf912716b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.positivepromotions.com
Referer: https://fonts.googleapis.com/css?family=Merriweather:400,700|Roboto:400,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Sep 2020 17:40:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:11:15 GMT
server: sffe
age: 424328
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12192
x-xss-protection: 0
expires: Fri, 17 Sep 2021 17:40:23 GMT

GET
H2 200 33836.json Show response
s.yimg.com/wi/config/ 2 B
495 B 51ms
18ms XHR
application/json 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/33836.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 15:29:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 185
status: 200
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: 8BBDB4CCCA1F9288
x-amz-id-2: F7rPY+p69oXb26q95fAct6QniXmon5g/pveK28MlpDZBr9HMEjWxKIP8AnU2R3bSU75HPRKTKk4=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 22

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 135 KB
34 KB 19ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PJD7SL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

097afea517679d2e0b986d77cb3fe7808026882b52ca074a050e03e7a4a6996b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 34302
x-xss-protection: 0
pragma: public
x-fb-debug: ln2dl+RhwVM7DdTU6KL0GC5rzkVk5NbXlp+oRy1jeXSjaeVLxPF7yrPVRwmCYiGMV0DcfXyd30inWprd4lvTGg==
x-fb-trip-id: 1460883810
x-frame-options: DENY
date: Tue, 22 Sep 2020 15:32:31 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 26 KB
8 KB 43ms
31ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PJD7SL
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5c622f5433cbb6ea1df5c0dd8671e55ef7d1464366074730473c453de50a579b

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 15:32:30 GMT
content-encoding: gzip
last-modified: Thu, 16 Jul 2020 20:00:00 GMT
x-msedge-ref: Ref A: 65AA6CBC979F473B90CFE767859C95FC Ref B: FRAEDGE1410 Ref C: 2020-09-22T15:32:31Z
status: 200
etag: "0e0bdafab5bd61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8022

GET
H2 200 widget.js Show response
staticw2.yotpo.com/klxL5FhIMNyGmwj9h6Vv9i0PhCJWnIsQu2kpimZA/ 438 KB
120 KB 21ms
6ms Script
text/javascript 2a02:26f0:f1:296::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/klxL5FhIMNyGmwj9h6Vv9i0PhCJWnIsQu2kpimZA/widget.js

Requested by

Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f1:296::1d72 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

c729b78d488b8ee9fd8a8e2f0bf4006540e6463c96664c9c496c647249e382cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 15:32:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT", CP="CAO PSA OUR"
status: 200, 200 OK
server-timing: cdn-cache; desc=HIT, edge; dur=1
vary: Accept-Encoding
content-length: 121732
x-xss-protection: 1; mode=block
x-request-id: 88de9ed8-937a-4e12-9abf-716baadb40e6
x-runtime: 0.022593
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"d13c89e4393c1e26db5ff6955d70b1a7"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1452
access-control-allow-credentials: true
access-control-allow-headers: *

GET
H2 200 D25436AC25A958.js Show response
cdn.datasteam.io/js/ 68 KB
22 KB 168ms
63ms Script
application/x-javascript 99.86.7.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.datasteam.io/js/D25436AC25A958.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PJD7SL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.44 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-44.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dc057632b70ebbd01209d18802c279186b964d476a737a04e6b3f6f44025bdff

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 15:43:02 GMT
content-encoding: gzip
last-modified: Thu, 17 Sep 2020 22:00:13 GMT
server: AmazonS3
age: 85769
etag: W/"3f0edff352a5cec972f31dee7ac97797"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=600,s-maxage=86400
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: caIq6h0wD27CCVLXvZJ-ppieDIZPCK2x0HCDvjSa1A9uWRRZzBidxw==
via: 1.1 8e04f5d6c745b231c10fce7c2aa9c70f.cloudfront.net (CloudFront)

GET
H/1.1 200
OK unbxdAnalytics.js Show response
d21gpk1vhmjuf5.cloudfront.net/ 35 KB
11 KB 157ms
52ms Script
application/javascript 99.84.144.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d21gpk1vhmjuf5.cloudfront.net/unbxdAnalytics.js
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.144.51 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-144-51.txl52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ff1e7839d2cb72b8e951d3e09b2d2b35841165e84fab1dd40d121dc8602a6471

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: F8jwLf8YnCqWBdiQgN30fwnIOl_RU7EY
Content-Encoding: gzip
ETag: "8a8bf94b4549ebba25eef7c81e17efb9"
Age: 53546
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 10296
Last-Modified: Tue, 28 Jul 2020 08:41:54 GMT
Server: AmazonS3
Date: Tue, 22 Sep 2020 00:40:06 GMT
Content-Type: application/javascript
Via: 1.1 3987a119dd762046470f5ba503a917ea.cloudfront.net (CloudFront)
Cache-Control: max-age=3600
X-Amz-Cf-Pop: TXL52-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: 1lt5NsFvYcfEfERx3L-aKarfeSP_w_2C0QYvpt7hsftujoOSFhOoiA==

GET
H2 200 Nav-marketplace-HouseKeep.jpg
www.positivepromotions.com/images/art/ 40 KB
40 KB 53ms
51ms Image
image/jpeg 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/Nav-marketplace-HouseKeep.jpg?v=102183461603-2
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: 9086a4f2d1bc952690cc78688f5a6d2e169d3a1eef9f788512ef5fa2be888bcc

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 03:38:14 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Wed, 09 Sep 2020 17:11:53 GMT
age: 42857
etag: "80122450cc86d61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 40800
x-amz-cf-id: omSsrO55ex7ME1CEGUYre9x7MiS392p6abbFhjmUQFcfs9EUwjhdFQ==

GET
H2 200 Nav-marketplace-Environm.jpg
www.positivepromotions.com/images/art/ 43 KB
43 KB 55ms
52ms Image
image/jpeg 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/Nav-marketplace-Environm.jpg?v=102183461602-2
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: f12fcf18866ca5a680b57f8c2d30aa4e5e38328ffd797fe964eecbe2776d8fd0

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 17:40:34 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Wed, 09 Sep 2020 17:11:53 GMT
age: 78717
etag: "80122450cc86d61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 44015
x-amz-cf-id: frk5f2YYLkMUJNMzBmudX1q6ZbIArGmkZstVrt55XjYUcIV79bJwmQ==

GET
H2 200 Nav-marketplace-Recognition.jpg
www.positivepromotions.com/images/art/ 40 KB
40 KB 63ms
61ms Image
image/jpeg 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/Nav-marketplace-Recognition.jpg?v=102183389544-3
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: 22182b397724050a5d43fe3764f2c57772444a51bf7245e44addbf0f4ecadc5a

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 01:37:37 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Wed, 09 Sep 2020 17:13:56 GMT
age: 50094
etag: "0627499cc86d61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 40579
x-amz-cf-id: WpXMeCNifxZ6__2LpqpbkVXcSUkCyyfFSR_g_iBElvlu-6DD3xoqHA==

GET
H2 200 Nav-marketplace-CustomerServ.jpg
www.positivepromotions.com/images/art/ 39 KB
39 KB 66ms
64ms Image
image/jpeg 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/Nav-marketplace-CustomerServ.jpg?v=102183469327-2
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: aaf3ba1fcd9c7ed305717cbdb8144afd3c52126391d6cb1376416db43f7afe43

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 17:40:34 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Wed, 09 Sep 2020 17:13:56 GMT
age: 78717
etag: "0627499cc86d61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 40060
x-amz-cf-id: ZofwEWNKmGxO-retJlQbbskS1XF576iNp-VlWpOLoTLyl_Zi6o1_hw==

GET
H2 200 Nav-marketplace-ERPreparedness.jpg
www.positivepromotions.com/images/art/ 44 KB
44 KB 65ms
63ms Image
image/jpeg 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/Nav-marketplace-ERPreparedness.jpg?v=102183467228-2
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: 8b244b5f5b175567a320ddb47fd376f73356ce46459417fd2763f216f7f9ec57

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 18:42:41 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Wed, 09 Sep 2020 17:16:46 GMT
age: 74990
etag: "053c8fecc86d61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 44815
x-amz-cf-id: fd2xrSyRKthsThkn_7Kjs9BFbwGnuayiEAF3SfR5-Hb-KCm08fFtOA==

GET
H2 200 Nav-marketplace-FirePrev.jpg
www.positivepromotions.com/images/art/ 55 KB
56 KB 71ms
70ms Image
image/jpeg 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/Nav-marketplace-FirePrev.jpg?v=102183476746-2
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: a1747ea9a9dfe58c70d5b6b04f22b6aca8c48d2063baa8da900b2089e73c7c3d

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 19:28:48 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Wed, 09 Sep 2020 17:16:46 GMT
age: 72223
etag: "053c8fecc86d61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 56703
x-amz-cf-id: -SMeo71QfLmSXRQBNWQLPdxN0k_MvS07arV2zwPT-nIh-HvN3YoqaQ==

GET
H2 200 Nav-marketplace-TruckDriver.jpg
www.positivepromotions.com/images/art/ 42 KB
42 KB 67ms
65ms Image
image/jpeg 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/Nav-marketplace-TruckDriver.jpg?v=102183467229-2
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: 1018ea923141e1d37033fcb924a6a401db104568cbed8780f2034be7a80c2041

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 17:48:07 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Wed, 09 Sep 2020 17:19:22 GMT
age: 78264
etag: "09c45bcd86d61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 43024
x-amz-cf-id: 0zTKXgEhDDqm1DlDh2C1WFPGoeIu91Qd5d3O0lS2HoSmmwAxLwuwhA==

GET
H2 200 Nav-marketplace-Christian.jpg
www.positivepromotions.com/images/art/ 41 KB
41 KB 68ms
67ms Image
image/jpeg 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/Nav-marketplace-Christian.jpg?v=102183065552-10
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: 48ad33787e49556536171325ac3cc2a0df9b5e06f8852efb41541276f1e446ee

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 08:46:17 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Wed, 09 Sep 2020 17:19:22 GMT
age: 24374
etag: "09c45bcd86d61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 41735
x-amz-cf-id: Saq8S-6E3ydnNo-8FdfYeM3ZmKl2U9_ipnAzUJypTddl_9UbOLwOMA==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
69 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-1042451-1&cid=603311520.1600788752&jid=1953213900&gjid=873834304&_gid=1466071102.1600788752&_u=aGBAgEIhQAAAAE~&z=377127340

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 22 Sep 2020 15:32:31 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.positivepromotions.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 js Show response
www.google-analytics.com/gtm/ 78 KB
31 KB 22ms
21ms Script
application/javascript 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=OPT-TXS9VN9&t=gtm2&cid=603311520.1600788752

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d6a5da52c9483d6e5aef07d46edb1d2b46ee536b2bcf8a6bed3ae85ba1d74b8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 15:32:31 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31409
x-xss-protection: 0
last-modified: Tue, 22 Sep 2020 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 22 Sep 2020 15:32:31 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
188 B 7ms
6ms Image
image/gif 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j86&a=547846824&t=pageview&_s=1&dl=https%3A%2F%2Fwww.positivepromotions.com%2F&ul=en-us&de=UTF-8&dt=Positive%20Promotions%20%7C%20Promotional%20Products%2C%20Recognition%20Gifts&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEIhQ~&jid=1953213900&gjid=873834304&cid=603311520.1600788752&tid=UA-1042451-1&_gid=1466071102.1600788752&cd2=control&cd3=yo-not-present&z=2018529600

Requested by

Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Sep 2020 13:27:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 7495
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sp.pl Show response
sp.analytics.yahoo.com/ 0
857 B 209ms
70ms Script
application/x-javascript 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Tue%2C%2022%20Sep%202020%2015%3A32%3A31%20GMT&n=-2d&b=Positive%20Promotions%20%7C%20Promotional%20Products%2C%20Recognition%20Gifts&.yp=33836&f=https%3A%2F%2Fwww.positivepromotions.com%2F&enc=UTF-8&tagmgr=gtm

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 , Switzerland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Sep 2020 15:32:31 GMT
X-Content-Type-Options: nosniff
Age: 0
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: ATS
X-Frame-Options: DENY
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Content-Type: application/x-javascript
Cache-Control: no-cache, private, must-revalidate
Accept-Ranges: bytes
Expires: Tue, 22 Sep 2020 15:32:31 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
106 B 23ms
16ms Image
image/gif 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-1042451-1&cid=603311520.1600788752&jid=1953213900&_u=aGBAgEIhQAAAAE~&z=276249956

Requested by

Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Sep 2020 15:32:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
106 B 24ms
17ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-1042451-1&cid=603311520.1600788752&jid=1953213900&_u=aGBAgEIhQAAAAE~&z=276249956

Requested by

Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Sep 2020 15:32:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
148 B 29ms
29ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=4048868&Ver=2&mid=5e1b94cd-acd1-fce1-1666-12123100dcdb&sid=24b49c51dd8219d268d4b39e0dd5155a&vid=da8a7b81144fd2a19247639c653d0b28&vids=0&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Positive%20Promotions%20%7C%20Promotional%20Products,%20Recognition%20Gifts&p=https%3A%2F%2Fwww.positivepromotions.com%2F&r=&evt=pageLoad&msclkid=N&sv=1&rn=697017
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Tue, 22 Sep 2020 15:32:30 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 53B5D7FE750940D6B540B92C8B5E1BF2 Ref B: FRAEDGE1410 Ref C: 2020-09-22T15:32:31Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 43 KB
11 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.24

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b72031ab9ee0b637634d8b4c5ea7d5c9c1286acaa1a5f3f8c43d3a8f5fa82664

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 10760
x-xss-protection: 0
pragma: public
x-fb-debug: qQnVIw0YYqakU7tVh1dH2XgTX211JP5twmj8VCAxWKnoigImmgYCbwV1TtnX58bUgf7d48LRALY15qYHOE6wjg==
x-fb-trip-id: 1460883810
x-frame-options: DENY
date: Tue, 22 Sep 2020 15:32:31 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 1197586330272709 Show response
connect.facebook.net/signals/config/ 524 KB
132 KB 12ms
12ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1197586330272709?v=2.9.24&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3389cc721507ac4a3486948bb2125286b818dc97252e2f16231d02f6918ead0b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 134879
x-xss-protection: 0
pragma: public
x-fb-debug: xb88bYjF4FFmuVl1Hn6Yf7i5V1NUea15MozSXL8FAfxieIHrsOpw79trnIjl/+7E2XqHEfmuyPGNprC9mJ6hzw==
x-fb-trip-id: 1460883810
x-frame-options: DENY
date: Tue, 22 Sep 2020 15:32:31 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 widget.css
staticw2.yotpo.com/klxL5FhIMNyGmwj9h6Vv9i0PhCJWnIsQu2kpimZA/ 481 KB
49 KB 10ms
10ms Stylesheet
text/css 2a02:26f0:f1:296::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/klxL5FhIMNyGmwj9h6Vv9i0PhCJWnIsQu2kpimZA/widget.css?widget_version=2020-09-09_17-29-56

Requested by

Host: staticw2.yotpo.com
URL: https://staticw2.yotpo.com/klxL5FhIMNyGmwj9h6Vv9i0PhCJWnIsQu2kpimZA/widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f1:296::1d72 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

26062b7f56da1e9ac007cfc4895afb473b854f288106edf2fab741a513320ee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 15:32:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT", CP="CAO PSA OUR"
status: 200, 200 OK
server-timing: cdn-cache; desc=HIT, edge; dur=1
vary: Accept-Encoding
content-length: 49553
x-xss-protection: 1; mode=block
x-request-id: 6cb4198f-79e8-49fc-9f01-ce62e1cca759
x-runtime: 0.087367
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"ccc7cea29d28f94272d93ce42a31bb61"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1478
access-control-allow-credentials: true
access-control-allow-headers: *

GET
H2 200 icon-products.png
www.positivepromotions.com/images/art/ 7 KB
7 KB 51ms
50ms Image
image/png 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/icon-products.png?v=102183002837-2
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: 21bff12856ef61a7cd62b5461bba05d8df8f2e13b784a1dbb11dffe25c36056f

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 17:48:07 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Tue, 10 Jul 2018 18:44:27 GMT
age: 78264
etag: "a24a7d77e18d41:0"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 7292
x-amz-cf-id: 8lghASaBAq8c6Oq1U7Pdvrmab_DUsVhpPbE9LUFuhASekbqRK8nY8w==

GET
H2 200 icon-samples.png
www.positivepromotions.com/images/art/ 3 KB
4 KB 61ms
60ms Image
image/png 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/icon-samples.png?v=102183002838-2
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: 134ec1cb43774c298560a3ef8beb25f96c27d40f4de10957fc5e358b4161e0e0

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 17:48:17 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Tue, 10 Jul 2018 18:44:27 GMT
age: 78254
etag: "7ad48677e18d41:0"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 3441
x-amz-cf-id: bvM1TZBKHYy-bvHPV7CwQlbPoJNUFuUr4gnp9XOp384ox0pQfLFhWw==

GET
H2 200 icon-staff.png
www.positivepromotions.com/images/art/ 4 KB
4 KB 52ms
51ms Image
image/png 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/icon-staff.png?v=102183002839-2
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: 91e52e8155aaf5e6478f6b433692f226960f46aed69b5d3dd227c0b479bb3659

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 23:26:51 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Tue, 10 Jul 2018 18:44:27 GMT
age: 57940
etag: "defa8d77e18d41:0"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 3959
x-amz-cf-id: nzbgTlrZLoUJFFS107WDqJnHdNo_q-44V-uwZVMMoEfAYWMu98-4Iw==

GET
H2 200 icon-guarantee.png
www.positivepromotions.com/images/art/ 6 KB
6 KB 52ms
51ms Image
image/png 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/icon-guarantee.png?v=102183002836-2
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: f33e62610fc8fe7b882fe4a02aa4e86259d69ff0a2b36fef890479dbfefe9aea

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 23:26:51 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Tue, 10 Jul 2018 18:44:27 GMT
age: 57940
etag: "f85e7177e18d41:0"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 6253
x-amz-cf-id: FaidybFJ86d8Arsor9VNCZNostBj1JZMd0muqWZNkYVK1L22zRguNA==

GET
H2 200 /
www.facebook.com/tr/ 44 B
376 B 18ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1197586330272709&ev=PageView&dl=https%3A%2F%2Fwww.positivepromotions.com%2F&rl=&if=false&ts=1600788751759&sw=1600&sh=1200&v=2.9.24&r=stable&ec=0&o=30&fbp=fb.1.1600788751758.996023215&it=1600788751672&coo=false&tm=1&rqm=GET

Requested by

Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 15:32:31 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 22 Sep 2020 15:32:31 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ 2 KB
1020 B 35ms
22ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: staticw2.yotpo.com
URL: https://staticw2.yotpo.com/klxL5FhIMNyGmwj9h6Vv9i0PhCJWnIsQu2kpimZA/widget.css?widget_version=2020-09-09_17-29-56

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44c7a313987266137f475859395cfa30414abf12182bf74b06b33d804b0c29f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://staticw2.yotpo.com/klxL5FhIMNyGmwj9h6Vv9i0PhCJWnIsQu2kpimZA/widget.css?widget_version=2020-09-09_17-29-56
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 22 Sep 2020 15:08:53 GMT
server: ESF
date: Tue, 22 Sep 2020 15:32:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 22 Sep 2020 15:32:31 GMT

GET
H3-Q050 200 u-440qyriQwlOrhSvowK_l5-fCZMdeX3rg.woff2
fonts.gstatic.com/s/merriweather/v22/ 12 KB
12 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v22/u-440qyriQwlOrhSvowK_l5-fCZMdeX3rg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,700|Roboto:400,700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4fa437e044d3f739bd5e4aa2d1bd94e3952e888baec655763cd7969576001da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.positivepromotions.com
Referer: https://fonts.googleapis.com/css?family=Merriweather:400,700|Roboto:400,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Sep 2020 17:26:54 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:10:13 GMT
server: sffe
age: 425137
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12256
x-xss-protection: 0
expires: Fri, 17 Sep 2021 17:26:54 GMT

GET
H2 200 ico_phone_x100white.png
www.positivepromotions.com/images/art/ 3 KB
4 KB 50ms
49ms Image
image/png 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/ico_phone_x100white.png?v=102183002575-2
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: dc89916a09f2cc096d5fed5207187669b87d75f4ab3c387689f4f346d0242602

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 17:52:26 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Tue, 10 Jul 2018 15:27:40 GMT
age: 78005
etag: "d5d1208a6218d41:0"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 3447
x-amz-cf-id: FC-LOM-rqJLkyGzQVjXBngdc4arr5oBnJWiWCshjS26jPPIyPUgG-w==

GET
H2 200 ico_livechat_x100white.png
www.positivepromotions.com/images/art/ 1 KB
2 KB 51ms
50ms Image
image/png 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/ico_livechat_x100white.png?v=102183002574-2
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: 3d3040db72f2e65def04a5e3bb7d9e6cd77509221bab8c8fc8e311dd447e8a23

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 17:48:10 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Tue, 10 Jul 2018 15:27:40 GMT
age: 78261
etag: "70e5148a6218d41:0"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 1534
x-amz-cf-id: 8AOr8S9z0wgR5_WYeQyWvQK0pwG4lk7yor8lnDM6GwlJM74_QzWJ1g==

GET
H2 200 ico_email_x100white.png
www.positivepromotions.com/images/art/ 2 KB
3 KB 51ms
50ms Image
image/png 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/ico_email_x100white.png?v=102183002573-2
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: b248519c3f3409fe0758aafef8d0c7e5ec17ae14399e18a7ab608ad1340c3b87

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 06:29:35 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Tue, 10 Jul 2018 15:27:40 GMT
age: 32576
etag: "aacfa896218d41:0"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 2454
x-amz-cf-id: cUOeMx-jKpFmALpmNKZxmOPSRlY2_sOuIeFe1RoaqXF0iAtB4NSy7w==

GET
H/1.1 200
OK unbxdAnalyticsConfig.js Show response
d21gpk1vhmjuf5.cloudfront.net/ 1 KB
2 KB 53ms
52ms Script
application/javascript 99.84.144.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d21gpk1vhmjuf5.cloudfront.net/unbxdAnalyticsConfig.js
Requested by: Host: d21gpk1vhmjuf5.cloudfront.net
URL: https://d21gpk1vhmjuf5.cloudfront.net/unbxdAnalytics.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.144.51 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-144-51.txl52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d34df9d80e6ff53e3882b4d061b37b34fb1e752c749478c9b235cd5992d58536

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: ZMK2XJGbjW_OX5QC8WJ1FsKvWXer0806
Via: 1.1 3987a119dd762046470f5ba503a917ea.cloudfront.net (CloudFront)
Last-Modified: Wed, 22 Apr 2020 07:36:27 GMT
Server: AmazonS3
Age: 38057
ETag: "95819328a8a844e5ffb92fc67422b859"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
Date: Tue, 22 Sep 2020 04:58:15 GMT
X-Amz-Cf-Pop: TXL52-C1
Accept-Ranges: bytes
Content-Length: 1226
X-Amz-Cf-Id: IJy-ZA0UVsUkrTwyvgnezA9dJ3N_w9bkTQsGtzRF6ii2KHjSh58x_g==

GET
H/1.1 200
OK 1p.jpg
tracker.unbxdapi.com/v2/ 309 B
726 B 572ms
143ms Image
image/jpeg 54.210.170.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tracker.unbxdapi.com/v2/1p.jpg?data=%7B%22url%22%3A%22https%3A%2F%2Fwww.positivepromotions.com%2F%22%2C%22referrer%22%3A%22%22%2C%22visit_type%22%3A%22first_time%22%2C%22ver%22%3A%224.0.27%22%2C%22_uf%22%3A2950260117%2C%22visitId%22%3A%22visitId-1600788751882-66356%22%7D&UnbxdKey=prod-positivepromotions-com800951496246780&action=visitor&uid=uid-1600788751878-38851&t=1600788751883|0.9219092027368172
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.210.170.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-210-170-56.compute-1.amazonaws.com
Software: Wingman-3.3.8-hotfix1-[1597213506] /
Resource Hash: a61d8687f980bf5ef71b178b270a9713c0bb745b73dd56fed208c103d99af846

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Sep 2020 15:32:32 GMT
Content-Encoding: gzip
Server: Wingman-3.3.8-hotfix1-[1597213506]
Unx-Accept-Encoding: gzip, deflate, br
Vary: Accept-Encoding
Content-Type: image/jpeg; charset=utf-8
Region: us-east-1-(prod)
Unx-Server: Wingman-3.3.8-hotfix1-[1597213506]
Unx-Conn: tracker-ext-v2
Connection: keep-alive
X-Request-Id: c29d5623-ac32-4573-a894-b71498030a37
Content-Length: 137
Unbxd-Request-Id: c29d5623-ac32-4573-a894-b71498030a37
Unx-Site: prod-positivepromotions-com800951496246780
Unx-Request-Id: c29d5623-ac32-4573-a894-b71498030a37

GET
H2 200 norton_seal_2020.jpg
www.positivepromotions.com/images/art/ 5 KB
6 KB 73ms
65ms Image
image/jpeg 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/norton_seal_2020.jpg?v=102183489859-2
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: b1bf5741c95d01d3270f5624dfd90abdcee36c353a79f939ebdc6eea4a139950

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 19:06:42 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Fri, 18 Sep 2020 21:07:13 GMT
age: 73549
etag: "41dc9daeff8dd61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 5416
x-amz-cf-id: c6Qq6eG0PeHxtI0JhCDvxvBfQnbRfeANDpMCDKbdp5vIHhDs-yr1qw==

GET
H2 200 secureTrust_2020.png
www.positivepromotions.com/images/art/ 8 KB
9 KB 72ms
65ms Image
image/png 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/secureTrust_2020.png?v=102183491306-2
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: 95fcbf9082db907fc86c76cb568511cef921457eea70de75ace15e8466d9359f

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 19:06:42 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Mon, 21 Sep 2020 18:40:21 GMT
age: 73549
etag: "2c1114a94690d61:0"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 8387
x-amz-cf-id: fqsdgWre_XWCV_kd8SHK-u_a2QYUmF7tL-izaFjOQ32zrHv7Dm3fzQ==

GET
H2 200 yui-combined-min.js Show response
www.positivepromotions.com/Javascript/ 115 KB
33 KB 62ms
56ms Script
application/javascript 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.positivepromotions.com/Javascript/yui-combined-min.js?v=4
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: 3b9e2c7abe011a82abd74c43584a2256431231d6aea59dc1515bdbfb2926cbbe

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 15:00:41 GMT
content-encoding: gzip
last-modified: Tue, 13 Aug 2019 14:41:44 GMT
age: 88310
etag: W/"68bc1a3ae551d51:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=2678400
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: zc1ztTmQacz1kLN7oDDhFXMtHGdgDCmyzI6muLgo3tcy6LLDApGxHw==
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)

GET
H2 200 library-kalio-autocomplete.js Show response
www.positivepromotions.com/Javascript/ 60 KB
8 KB 64ms
58ms Script
application/javascript 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.positivepromotions.com/Javascript/library-kalio-autocomplete.js?v=1
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: e510d6ab6cd40e2c523ad1503c775a98ae322e935c976962f3d1fd97f12ee5c7

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 15:00:41 GMT
content-encoding: gzip
last-modified: Tue, 16 Jan 2018 19:07:02 GMT
age: 88310
etag: W/"a93fe630fd8ed31:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=2678400
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: 9ENH-XtybinPiLZP7VoAM3zNCcTtG7CrNX0us1JK1zPd3GjHuwv_0g==
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)

GET
H2 200 library-kalio-ajax.js Show response
www.positivepromotions.com/Javascript/ 21 KB
3 KB 63ms
57ms Script
application/javascript 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.positivepromotions.com/Javascript/library-kalio-ajax.js?v=1
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: a1f35edd40f07d4300aaeebab334a72ac340a464204d1c6c7458163f594f30c1

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 15:00:40 GMT
content-encoding: gzip
last-modified: Tue, 16 Jan 2018 19:07:02 GMT
age: 88311
etag: W/"a93fe630fd8ed31:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=2678400
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: Jk2CVbef9gbR-navLxyGJKNIq3V5dUIUGNvinWhFReeJhVS4DXGi5w==
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)

GET
H2 200 jquery-min.js Show response
www.positivepromotions.com/Javascript/ 190 KB
40 KB 65ms
58ms Script
application/javascript 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.positivepromotions.com/Javascript/jquery-min.js?v=2
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: 3ae5d8b5a2806b811378107313b19f0b05baae4b2bbe85e19e9cd223391a0fe3

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 15:00:41 GMT
content-encoding: gzip
last-modified: Thu, 09 Nov 2017 21:42:15 GMT
age: 88310
etag: W/"6fb4d09ba359d31:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=2678400
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: SeKnMwzZBflnnI5RMsltsDggSvuq3X_3Pbqi1x-4V_SGDclfMCZxIw==
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)

GET
H2 200 posi-plugins.js Show response
www.positivepromotions.com/Javascript/ 620 KB
99 KB 72ms
66ms Script
application/javascript 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.positivepromotions.com/Javascript/posi-plugins.js?v=6
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: ac82ce791c576bf9823e09d759621e498e38d750be14b9f76e27f46bae317423

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 15:00:41 GMT
content-encoding: gzip
last-modified: Thu, 09 Nov 2017 21:42:15 GMT
age: 88310
etag: W/"9adbd79ba359d31:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=2678400
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: Niss2dky5d6umjcqYlFcpIEEnLhwQwrqQAX9BdABLx00G7n3neHuCA==
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)

GET
H2 200 page-all.js Show response
www.positivepromotions.com/Javascript/ 252 KB
36 KB 66ms
59ms Script
application/javascript 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.positivepromotions.com/Javascript/page-all.js?v=443
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: d09a5d7c4e39134261c9142b6b3e5999e2a657c5825663f008303ff0879cb503

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 15:23:49 GMT
content-encoding: gzip
last-modified: Mon, 21 Sep 2020 14:55:25 GMT
age: 86922
etag: W/"c3c0ad3c2790d61:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=2678400
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: GaAjW7e86ABnuomwdx6HLmAeDirKUJxibnejxW2fnbCp2arIPsaFSw==
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)

GET
H2 200 dmPlugins.js Show response
www.positivepromotions.com/Javascript/ 57 KB
11 KB 76ms
70ms Script
application/javascript 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.positivepromotions.com/Javascript/dmPlugins.js?v=5
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: 81eaa133a55ba1861e7e784354a8ddbed3cafc3419e74f1f05ae87aac8caaf0d

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 15:00:41 GMT
content-encoding: gzip
last-modified: Tue, 06 Feb 2018 23:23:07 GMT
age: 88310
etag: W/"8d373a72a19fd31:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=2678400
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: vZgdiMu56x_9-S1oLDIHSRFEDxq8zlQIJo7PpJCs60-NIqencyv7WQ==
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)

GET
H2 200 jqueryplugins.js Show response
www.positivepromotions.com/Javascript/ 403 KB
66 KB 67ms
61ms Script
application/javascript 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.positivepromotions.com/Javascript/jqueryplugins.js?v=81
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: 31480fb4efe81a6fa395bb84e48f8a95e63beed3b3a53dde06109608f6a1d786

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 15:00:41 GMT
content-encoding: gzip
last-modified: Fri, 12 Jun 2020 13:26:17 GMT
age: 88309
etag: W/"c4687cdbd40d61:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=2678400
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: uGHRCdMjUc22U3OtmyPpluYMRU5hOfYXNGYhl479VRDfc1t8wuTh6g==
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)

GET
H2 200 recaptcha-form.js Show response
www.positivepromotions.com/Javascript/ 760 B
1 KB 66ms
60ms Script
application/javascript 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.positivepromotions.com/Javascript/recaptcha-form.js?v=49
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: 56f95ff21e2ed3afd665ab3f1f9d311b9365b3629ffc3fea1f8713bd8e376398

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 15:00:42 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Thu, 25 Jun 2020 18:32:01 GMT
age: 88309
etag: "fb8d9dea1e4bd61:0"
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=2678400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 760
x-amz-cf-id: vf5y2WwB3rv0uDPVky09GJ6jDivBqGj7rMPyfyLPDFagy6NjUmAYpg==

GET
H3-Q050 200 api.js Show response
www.google.com/recaptcha/ 796 B
920 B 115ms
96ms Script
text/javascript 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onRecaptchaLoad&render=explicit

Requested by

Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

55dd61811ac7f596acc87716915b2efdd67dd3a0029a49ab3a16e69cbfe08555

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 15:32:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 485
x-xss-protection: 1; mode=block
expires: Tue, 22 Sep 2020 15:32:32 GMT

GET
H2 200 rapid.min.js Show response
cdn.yottaa.com/ 64 KB
20 KB 130ms
34ms Script
application/javascript 68.232.35.206
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.yottaa.com/rapid.min.js
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.35.206 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (waw/179E) /
Resource Hash: 13c170450fd97d42287db6b538f1aa603b052e7713e0b04a1f8268ea4503f85b

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 15:32:32 GMT
content-encoding: gzip
last-modified: Wed, 26 Aug 2020 18:01:49 GMT
server: ECS (waw/179E)
age: 509214
etag: "43f11ed8de025dbcc4413d55b0263b48+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: max-age=300
x-amz-request-id: DC1857EFB33D4D20
timing-allow-origin: *
content-length: 20240
x-amz-id-2: zltDR0PLCzyxjBZvsmfWrKbRDzt4sQze1AlVXKQ/GMI+TbjEcIUWT4UN+Pl+ehW+LsDOmGFqjCc=

GET
H2 200 slickmin.js Show response
www.positivepromotions.com/Javascript/ 81 KB
12 KB 66ms
61ms Script
application/javascript 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.positivepromotions.com/Javascript/slickmin.js?v=4
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: 3c24b215ca07aff5472816af0532da3c1689b4599f1347297b97e2b6a118a1e0

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 15:00:43 GMT
content-encoding: gzip
last-modified: Tue, 03 Sep 2019 16:55:42 GMT
age: 88308
etag: W/"ae84116c7862d51:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=2678400
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: 8iwa4svCLh1gOrjZms520e4-6jPDyB_J9KkPWU5Tk-4Z-CPbEcmr-g==
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
10 KB 13ms
8ms Script
text/javascript 2001:4de0:ac19::1:b:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 15:32:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:33:51 GMT
status: 200
etag: "1544639631"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 9832

GET
H2 200 enhancedecommerce2.js Show response
www.positivepromotions.com/Javascript/ 31 KB
3 KB 69ms
64ms Script
application/javascript 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.positivepromotions.com/Javascript/enhancedecommerce2.js?v=10
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: 242d5967416ff7741af7f6a02be2ecaec3bdbb8575eb379a8ba65562d8e39446

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 15:00:43 GMT
content-encoding: gzip
last-modified: Thu, 17 Jan 2019 14:17:58 GMT
age: 88307
etag: W/"772f9c726faed41:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=2678400
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: dwi2d3cxSeI71GSzlzt8ujumdIVT9VVuGrZ_tn9aVVTzI5RnHWs_aQ==
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)

GET
H2 200 es5-shim.min.js Show response
cdnjs.cloudflare.com/ajax/libs/es5-shim/4.1.1/ 15 KB
5 KB 29ms
24ms Script
application/javascript 2606:4700::6811:4f6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/es5-shim/4.1.1/es5-shim.min.js

Requested by

Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4f6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ced7e817b2e92e1c3ef51e66ea4ff33aaf248786c319a079d7da46f8a97bc408

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 15:32:31 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1096371
x-via: cfworker/kv
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5026
cf-request-id: 05580afe220000c2a4f3388200000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:56 GMT
server: cloudflare
etag: "5eb03e54-3b2b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5d6d14436c6fc2a4-FRA
expires: Sun, 12 Sep 2021 15:32:31 GMT

GET
H2 200 json3.min.js Show response
cdnjs.cloudflare.com/ajax/libs/json3/3.3.2/ 8 KB
4 KB 32ms
28ms Script
application/javascript 2606:4700::6811:4f6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/json3/3.3.2/json3.min.js

Requested by

Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4f6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c3e64ef84e5290feef3e6e6943c4618cd3b609995b6d7bde6e898b06bbf5d5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 15:32:31 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":31536000,"success_fraction":0.01,"include_subdomains":true,"response_headers":["cf-ray"]}
age: 1098626
cf-ray: 5d6d14436c71c2a4-FRA
x-via: cfworker/kv
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 05580afe220000c2a4f3389200000001
last-modified: Mon, 04 May 2020 16:11:53 GMT
server: cloudflare
etag: W/"5eb03ec9-1fd1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"group":"cf-nel","max_age":31536000,"endpoints":[{"url":"https://gcp.nel.cloudflare.com/report?lkg-colo=fra&lkg-time=1600788751&lkg-ip=2a01:4f8:192:5414::2","weight":10}],"include_subdomains":true}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
timing-allow-origin: *
expires: Sun, 12 Sep 2021 15:32:31 GMT

GET
H/1.1 200
OK prod-positivepromotions-com_autosuggest.js Show response
d21gpk1vhmjuf5.cloudfront.net/ 105 KB
29 KB 92ms
63ms Script
application/javascript 99.84.144.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d21gpk1vhmjuf5.cloudfront.net/prod-positivepromotions-com_autosuggest.js
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.144.51 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-144-51.txl52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 20c3292613359e9cbaf417c980d497e8df6efee9d9124e0eebe1792fa38b04e3

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Sep 2020 14:10:45 GMT
Content-Encoding: gzip
Age: 4907
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 28916
Last-Modified: Tue, 28 Jul 2020 07:22:45 GMT
Server: AmazonS3
ETag: "fe307b83dd1b0bd6ce0272f2907aac04"
x-amz-version-id: 141VqvK6k5nAjP54pPwm4AkV2In7nagj
Via: 1.1 3987a119dd762046470f5ba503a917ea.cloudfront.net (CloudFront)
Cache-Control: max-age=3600
X-Amz-Cf-Pop: TXL52-C1
Accept-Ranges: bytes
Content-Type: application/javascript
X-Amz-Cf-Id: zF_xWq44y5Fqh3rEsnH38Y-M7ntRh2L2HYLbcvQxGFI7fpTeXpBTLQ==

GET
H/1.1 200
OK prod-positivepromotions-com_autosuggest.css
d21gpk1vhmjuf5.cloudfront.net/ 9 KB
2 KB 151ms
50ms Stylesheet
text/css 99.84.144.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d21gpk1vhmjuf5.cloudfront.net/prod-positivepromotions-com_autosuggest.css
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.144.51 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-144-51.txl52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 004af2f1118416e6152e6bcbe984ef0fc077e950422377223e046a86bcc14466

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Sep 2020 14:10:45 GMT
Content-Encoding: gzip
Age: 4908
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 1767
Last-Modified: Tue, 14 Jan 2020 09:08:00 GMT
Server: AmazonS3
ETag: "9dad32043c854373a9ae476d500d0908"
x-amz-version-id: aDvSQoMtiPHKTmDW0PCyE5VjjCmxytsX
Via: 1.1 3987a119dd762046470f5ba503a917ea.cloudfront.net (CloudFront)
Cache-Control: max-age=3600
X-Amz-Cf-Pop: TXL52-C1
Accept-Ranges: bytes
Content-Type: text/css
X-Amz-Cf-Id: Tl2aQY81vT4adl92HMMR9Kb-TjXaY405ED9FQm6n1HITPskMPSCoUA==

GET
H2 200 page-home.js Show response
www.positivepromotions.com/Javascript/ 1 KB
876 B 73ms
69ms Script
application/javascript 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.positivepromotions.com/Javascript/page-home.js?v=66
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: dbeb3bde562641bf11ac5e6e2fae5852681636f081e0b8df8a0d0db735259b00

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 15:43:09 GMT
content-encoding: gzip
last-modified: Fri, 24 Jul 2020 15:46:32 GMT
age: 85762
etag: W/"3074c49ad161d61:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=2678400
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: LA2x5eF0OI4FfWiFii2uhc-Mx5rZawESUTcLq8w7RnLYEsylE3Xq3w==
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 36 KB
12 KB 49ms
16ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/ld.js
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 0f6204713c11eeb6d7648e3401617e22f8e88f96cd517a538dc018ac2ab7bdf2

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 15:32:31 GMT
content-encoding: gzip
last-modified: Mon, 14 Sep 2020 13:03:43 GMT
server: nginx
etag: W/"5f5f6a2f-90a2"
status: 200
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Wed, 23 Sep 2020 15:32:31 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 29 KB
12 KB 168ms
57ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

fd63d6a5ec44215e50612d8bea8eff0a12f5d4981ab6745db8d8479f7c102845

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 15:32:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11416
x-xss-protection: 0
server: cafe
etag: 7270336119834106254
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 22 Sep 2020 15:32:32 GMT

GET
H2 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.1.0/webfonts/ 62 KB
62 KB 59ms
58ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.1.0/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 62b5e7ae9e2ed60dcd7cb2e0823dd0884575f2176aff629f2df1e912dfae20e1

Request headers

Origin: https://www.positivepromotions.com
Referer: https://use.fontawesome.com/releases/v5.1.0/css/all.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 15:32:31 GMT
last-modified: Wed, 20 Jun 2018 20:19:30 GMT
server: NetDNA-cache/2.2
status: 200
etag: "f319eac1c755f9929fd856720ce1695e"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 63376

GET
H2 200 pubhtml5-light-box-api.css
pubhtml5.com/plugin/LightBox/css/ 673 B
565 B 25ms
24ms Stylesheet
text/css 2606:4700:10::ac43:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pubhtml5.com/plugin/LightBox/css/pubhtml5-light-box-api.css
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/Javascript/page-all.js?v=443
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad4c4ceedd14c9d85a094c759ea244dde244b60ae5ee77f82c6495a4208858e7

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 15:32:32 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 6041
cf-polished: origSize=911
status: 200
cf-request-id: 05580afef500002c26e7026200000001
last-modified: Mon, 20 Oct 2014 09:59:30 GMT
server: cloudflare
etag: W/"2cf13c-38f-505d7c54fc480"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 5d6d1444b95c2c26-FRA
cf-bgj: minify

GET
H2 200 configure.rapid.js Show response
qoe-1.yottaa.net/api/v1/ 2 KB
873 B 449ms
153ms XHR
text/javascript 204.2.131.14
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://qoe-1.yottaa.net/api/v1/configure.rapid.js?key=HoeUAIgp9Kcjhg&ul=en-US&dl=https%3A%2F%2Fwww.positivepromotions.com%2F&dt=Positive%20Promotions%20%7C%20Promotional%20Products%2C%20Recognition%20Gifts&sd=24&sr=1600,1200&vp=1600,1200&ct=4g&rtt=0
Requested by: Host: cdn.yottaa.com
URL: https://cdn.yottaa.com/rapid.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 204.2.131.14 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 0f22b246b5b3a1a62d2500e37fbdc4a88ad55b83f033f9350adf44097aaf4ef1

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 15:32:32 GMT
content-encoding: gzip
status: 200
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
x-yottaa-optstate: active
timing-allow-origin: *

GET
H2 200 bundle.js Show response
snip.bronto.com/v2/sites/eyJ0eXBlIjoic2l0ZWhhc2giLCJpZCI6IjI5YTY5ZmRhMzliMWYxNGI3ZTAxOTY5M2Y0NGYxM2U4ZjhkYjMxMTUzZGE1Yjg5ODNjMzU1MTAyMGQzODg1N2IifQ==/assets/ 50 KB
20 KB 32ms
20ms Script
application/javascript 2a02:26f0:6c00:280::3a7c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snip.bronto.com/v2/sites/eyJ0eXBlIjoic2l0ZWhhc2giLCJpZCI6IjI5YTY5ZmRhMzliMWYxNGI3ZTAxOTY5M2Y0NGYxM2U4ZjhkYjMxMTUzZGE1Yjg5ODNjMzU1MTAyMGQzODg1N2IifQ==/assets/bundle.js
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:280::3a7c , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: 2082c62475463c05d99fb3aa3b4c9cc570026d86bbcea5a1d6d76ef30e30d6df

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-runtime: 6
date: Tue, 22 Sep 2020 15:32:32 GMT
content-encoding: gzip
x-trace: 38ae9522-eae8-40f7-81a7-264da945c1ef
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=300, s-maxage=900
content-length: 20174

GET
H/1.1 200
OK i
p.yotpo.com/ 35 B
402 B 188ms
64ms Image
image/gif 18.194.7.207
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.yotpo.com/i?e=pv&page=Positive%20Promotions%20%7C%20Promotional%20Products%2C%20Recognition%20Gifts&se_va=klxL5FhIMNyGmwj9h6Vv9i0PhCJWnIsQu2kpimZA&cx=eyJwdl91dWlkIjo5MjAwNDc5NH0&dtm=1600788752650&tid=413357&vp=1600x1200&ds=1600x3198&vid=1&duid=143a11927977f5cb&p=web&tv=js-0.13.2&fp=1288168746&aid=onsite_v2&lang=en-US&cs=UTF-8&tz=Europe%2FBerlin&res=1600x1200&cd=24&cookie=1&url=https%3A%2F%2Fwww.positivepromotions.com%2F
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.7.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-7-207.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Sep 2020 15:32:32 GMT
Cache-Control: max-age=86400, private
Expires: Wed, 23 Sep 2020 15:32:32 GMT
Server: nginx
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 200 placeHolder175.gif
www.positivepromotions.com/images/art/ 5 KB
5 KB 51ms
50ms Image
image/gif 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/placeHolder175.gif
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: adf57c1c466e6fc7121918acc81e1c70e1888b2c7edf2ad8f58546182532b9a9

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 22:37:52 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Fri, 06 Sep 2019 14:09:39 GMT
age: 60880
etag: "377f3b8bc64d51:0"
x-cache: Hit from cloudfront
content-type: image/gif
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 5049
x-amz-cf-id: L6a-DsdRJqQTHGJya6e8DpGrZhoxMotxfivJqSybB_jtDRjIq53BBA==

GET
H2 200 Coronavirus-slider.jpg
www.positivepromotions.com/images/art/ 109 KB
109 KB 62ms
53ms Image
image/jpeg 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/Coronavirus-slider.jpg?v=102183411511-8
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: c30caab2963ebed0c88937bf131804afdd2bf4b4bb6ef8e46d0be55cb305726f

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 17:48:10 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Thu, 18 Jun 2020 20:44:15 GMT
age: 78262
etag: "80b9ad3ab145d61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 111220
x-amz-cf-id: XjH1kSFZqSxSz-XjAN0nPQ8AoIkMv9QQ9b2Til8tLAOfK-64-cPbQw==

GET
H2 200 TLVLHLC_HandSanitizers.jpg
www.positivepromotions.com/images/art/ 20 KB
20 KB 60ms
51ms Image
image/jpeg 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/TLVLHLC_HandSanitizers.jpg?v=102183391402-2
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: f245e3bb4f56dd897a55735700e389c52f1eecc5b3ed8c8ae5c1f3f35e06d26b

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 17:48:11 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jun 2020 14:43:36 GMT
age: 78261
etag: "01cf0affe3fd61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 20046
x-amz-cf-id: rkrpn4RhcnHh2WOyIzMazGy3FrfPCOfjkE5VxMOkdh6P8oWpuXeyVA==

GET
H2 200 TLVLHLC_FaceMasks.jpg
www.positivepromotions.com/images/art/ 23 KB
23 KB 70ms
60ms Image
image/jpeg 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/TLVLHLC_FaceMasks.jpg?v=102183391415-2
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: 3b3613d94c3ae7393e5781f023177e7d54e6d3440dbb004060cec40a7d5f0727

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 07:02:39 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jun 2020 15:20:20 GMT
age: 30593
etag: "0d29fd1340d61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 23262
x-amz-cf-id: e30Snw17cM3zElixDZbWBJFTzkpKUXtIT76onMiP4uaT4W1VJUZoWw==

GET
H2 200 TLVLHLC_GermFree.jpg
www.positivepromotions.com/images/art/ 17 KB
17 KB 67ms
58ms Image
image/jpeg 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/TLVLHLC_GermFree.jpg?v=102183447453-1
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: 2037566145973bb8328adbc9b3d6c1b00f98fe607c4f65ef75ac29821fc0ee81

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 08:57:16 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Wed, 15 Jul 2020 15:19:23 GMT
age: 23716
etag: "80cfb151bb5ad61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 17553
x-amz-cf-id: Ptf10i5exFeQLz_qqyidjEMYNlSSdIaUZHG1MgVqX5PABRw14AXZdA==

GET
H2 200 TLVLPP_PersnalCare.jpg
www.positivepromotions.com/images/art/ 18 KB
18 KB 65ms
57ms Image
image/jpeg 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/TLVLPP_PersnalCare.jpg?v=102183391417-2
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: e3c9ed7f6bd65d5d2af552137ab78e485b19c695d7019433249707db818f33a7

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 07:02:39 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jun 2020 15:09:37 GMT
age: 30592
etag: "80ce5d52240d61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 18141
x-amz-cf-id: BjRAKLjJ1866gx3iGkoN-XHCSaO1Iy0XJHxp7LGBDYQxS-LiW9Qn-g==

GET
H2 200 TLVLHLC_CoronaTips.jpg
www.positivepromotions.com/images/art/ 35 KB
35 KB 79ms
70ms Image
image/jpeg 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/TLVLHLC_CoronaTips.jpg?v=102183391420-1
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: 4426bea797eed81c67557e46861151ff2efd18ac444db12f8e3a6ef436150f1d

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 17:48:12 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Tue, 14 Apr 2020 18:34:44 GMT
age: 78260
etag: "07af35d8b12d61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 35456
x-amz-cf-id: 6l7_dT-I_daiIwaqJx8uKuWywl9xwpO5O4UKjdVXUfJRRYH3dt95dQ==

GET
H2 200 TLVLHLC_PPE-Kits.jpg
www.positivepromotions.com/images/art/ 11 KB
12 KB 67ms
59ms Image
image/jpeg 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/TLVLHLC_PPE-Kits.jpg?v=102183447532-1
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: d47e79deb24cf7fd48a9104ba5e554e3da566e663241a446ef684257cd9a42c7

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 17:48:11 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Wed, 15 Jul 2020 15:56:54 GMT
age: 78260
etag: "027658fc05ad61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 11773
x-amz-cf-id: egcKumP2XpAvHnBmTXRprdGUeI91q1e4NiqW3vg3mgsEaX6lUWqKFQ==

GET
H2 200 TLVLPP_WaterBottles.jpg
www.positivepromotions.com/images/art/ 15 KB
15 KB 71ms
63ms Image
image/jpeg 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/TLVLPP_WaterBottles.jpg?v=102183391896-1
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: 509e31ff8434caa6066ee3ac0d3192b748cd804050597030d696df04c9c3d5d1

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 14:27:05 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Tue, 14 Apr 2020 18:59:32 GMT
age: 3927
etag: "042ded48e12d61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 15422
x-amz-cf-id: nHJxYBTp54pxj2NisK923kf77XcZKCLi7mIpzjQ1Dh5Ny0uo9ltARg==

GET
H2 200 TLVLPP_ToteBags.jpg
www.positivepromotions.com/images/art/ 22 KB
23 KB 76ms
68ms Image
image/jpeg 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/TLVLPP_ToteBags.jpg?v=102183391999-2
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: 6d419fcaeff6431126fc63cfde2972469aba3b6bff4e057523b7b8f7d231efcb

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 14:27:05 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jun 2020 16:02:27 GMT
age: 3927
etag: "806bd5b3940d61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 22793
x-amz-cf-id: uscJ5wIZaqM-RolaKlTO0_sd2HgK5Nk30zAfjrG387pua_58FJRbEw==

GET
H2 200 TLVLPP_Tech.jpg
www.positivepromotions.com/images/art/ 13 KB
13 KB 87ms
79ms Image
image/jpeg 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/TLVLPP_Tech.jpg?v=102182688935-17
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: 5f10273b068b586ff466f9d27bf6a3d8d410f074d1e9079328098a6e00d2523b

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 08:57:16 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jun 2020 15:39:09 GMT
age: 23716
etag: "808c8f72640d61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 12994
x-amz-cf-id: Lw9iTOXkLgXER6zGGwSKybSHcqhQAdnmWsagZGlcui2DRuswGNnV-g==

GET
H2 200 TLVLPP_Col.jpg
www.positivepromotions.com/images/art/ 26 KB
26 KB 109ms
102ms Image
image/jpeg 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/TLVLPP_Col.jpg?v=102182688922-12
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: 36732bdcfcbf88c05c411495de1ec4c6e1ed584060d386a5f647678d473fbb77

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 03:25:08 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Tue, 14 Jul 2020 18:03:10 GMT
age: 43644
etag: "043a1895ad61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 26220
x-amz-cf-id: a2u56JGX_kkoTsG-fXkNfnTP0Osb2uWt5QpYJxbG5t-F2Mcjch7l3g==

GET
H2 200 TLVLHLC_ThankHeroes.jpg
www.positivepromotions.com/images/art/ 25 KB
25 KB 90ms
83ms Image
image/jpeg 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/TLVLHLC_ThankHeroes.jpg?v=102183408957-1
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: 4cd36023eb5b3ed3553cb48e94fa8b2f0308109163d2722929f1c3de87b0d480

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 07:48:13 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Wed, 13 May 2020 14:37:13 GMT
age: 27859
etag: "8032acfd3329d61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 25623
x-amz-cf-id: kdFAz56xochdKR31nGucrUDsDrcSWmswSYajqNnJYgZ26tXpLgiolg==

GET
H2 200 HLCTheme_1001_376_200.jpg
www.positivepromotions.com/images/art/ 17 KB
18 KB 101ms
94ms Image
image/jpeg 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/HLCTheme_1001_376_200.jpg?v=102183388945-4
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: e96d1f2ab9ae2c745992af553df65385e7725788a3bcb47501378109e118a8a7

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 01:54:38 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Tue, 14 Apr 2020 15:32:02 GMT
age: 49074
etag: "558027d87112d61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 17783
x-amz-cf-id: OEejEGVueWPv6Td5t-Kxb8I8kxYkThOmiNkmxjdzMlFh_MCC7Gb5PA==

GET
H2 200 HLCTheme_1001_162_200.jpg
www.positivepromotions.com/images/art/ 16 KB
16 KB 89ms
82ms Image
image/jpeg 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/HLCTheme_1001_162_200.jpg?v=102183071768-4
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: 0e05937072d6adb1189d33aa348742485f4e50516aa5db2fa4752a062974c7cf

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 11:48:53 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Thu, 20 Dec 2018 18:51:41 GMT
age: 13419
etag: "809c6fb9598d41:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 16008
x-amz-cf-id: 0ZRvf2ca7SFozzkQ3MbIGXHSTg7z_96teWWVYvnmBeZmMqCo3w48Ew==

GET
H2 200 HLCTheme_1001_377_200.jpg
www.positivepromotions.com/images/art/ 18 KB
18 KB 99ms
93ms Image
image/jpeg 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/HLCTheme_1001_377_200.jpg?v=102183390727-2
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: ecb7ef8f21f978fb32752077d4cc22e3ab4c3e0e17ff39b1abad6e26ebba5178

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 04:25:26 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Fri, 10 Apr 2020 19:09:54 GMT
age: 40026
etag: "d97b2d9e6bfd61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 17993
x-amz-cf-id: z4d4slPUeDXgRPDavGV7Q667E78txS13pSWnUV_jF1_YNRsoPc65uQ==

GET
H2 200 BISTheme_1001_19_200.jpg
www.positivepromotions.com/images/art/ 15 KB
15 KB 109ms
103ms Image
image/jpeg 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/BISTheme_1001_19_200.jpg?v=102182670908-1
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: 39562151cd9930d248d432a664f3e83d3c4c446dcf7d502944c084cd848ce0ae

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 11:35:27 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Wed, 05 Jul 2017 19:45:56 GMT
age: 14225
etag: "0726451c7f5d21:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 15453
x-amz-cf-id: sxdBKVx7uX7uqtjWMObhRYXJ1yvXyJHIs9HiTKyZ9Ks290inEPAO3Q==

GET
H2 200 RecognitionSummer2020A.jpg
www.positivepromotions.com/images/art/ 98 KB
99 KB 90ms
84ms Image
image/jpeg 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/RecognitionSummer2020A.jpg?v=102183436048-3
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: 052bdb1705e88bb78fd2efb5352a7e956b871b7ede1ab2ea9ccf279488372fb1

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 17:48:11 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Fri, 26 Jun 2020 18:19:36 GMT
age: 78261
etag: "06ce558e64bd61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 100629
x-amz-cf-id: 7N2pmGTwXNJWEj1vaXqgc2X1HA0qikpWfN64w5VvnDOu3vKkQerG3A==

GET
H2 200 BCA-slider-2020.jpg
www.positivepromotions.com/images/art/ 104 KB
105 KB 95ms
89ms Image
image/jpeg 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/BCA-slider-2020.jpg?v=102183477153-1
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: 5abc288a2eff69f9a58afd3860af49d2daf1b17ad0ce22aa92d37608d3debc56

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 13:41:38 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Wed, 02 Sep 2020 14:42:26 GMT
age: 6654
etag: "03580463781d61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 106837
x-amz-cf-id: MVVvmxKBfAKTxpeR2FUN0VoQKl_811qsypKiHK1uv6qpQ66CZ1iSoA==

GET
H2 200 Posi-FaceMasksCollection-slider.jpg
www.positivepromotions.com/images/art/ 84 KB
84 KB 103ms
97ms Image
image/jpeg 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/Posi-FaceMasksCollection-slider.jpg?v=102183455828-3
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: 0064adadac62d4192555685bb55721814505b019317ecb6e8542f224cd37f192

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 17:48:11 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jul 2020 19:14:43 GMT
age: 78261
etag: "80933d591365d61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 85768
x-amz-cf-id: fN0w1FyZyXBE3Sn9TD8knQVb24pfEYuBQvQcHDK2bXNBXhyp-_3Qdw==

GET
H2 200 HP-Main_Recogniton.jpg
www.positivepromotions.com/images/art/ 35 KB
35 KB 100ms
95ms Image
image/jpeg 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/HP-Main_Recogniton.jpg?v=102183056174-16
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: 1be218e5543848dbd0609410b3c68c936580f36d3336a1fa790ca907edf155f0

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 15:43:15 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Tue, 14 Apr 2020 21:51:47 GMT
age: 85756
etag: "2d8f48e5a612d61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 35396
x-amz-cf-id: DLrZTMOb76tfgViT5Lao5AB08-DW27doozx1bnUJdmCLQ2qp7X3Phg==

GET
H2 200 TOP_SocialDistancing.jpg
www.positivepromotions.com/images/art/ 22 KB
23 KB 101ms
96ms Image
image/jpeg 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/TOP_SocialDistancing.jpg?v=102183447695-1
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: 4d975adf2cf2f249487adf14b2082908cfafb071bd599fc8560bd512c9d7a471

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 07:02:39 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Wed, 15 Jul 2020 18:00:35 GMT
age: 30592
etag: "80e3a7d6d15ad61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 22924
x-amz-cf-id: Le3UOvOLBEWdYAPvQbqJscqCURaX12CQktFV_fPDDh4PeX6fNc14rw==

GET
H2 200 TOP_2020YOTN.jpg
www.positivepromotions.com/images/art/ 21 KB
21 KB 694ms
689ms Image
image/jpeg 99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/art/TOP_2020YOTN.jpg?v=102183392687-1
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: c72319c29420d6a8348a919663cc199094dd7129f62f58b0d678ce18a47e660b

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 15:32:33 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Wed, 15 Apr 2020 19:40:46 GMT
x-amz-cf-pop: FRA6-C1
etag: "073e6c15d13d61:0"
x-cache: Miss from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 21444
x-amz-cf-id: oau6Jd9X7Yy0z-YIVvdBj5GMKTbe3fJ1pzKl4Ksuvhs9vzP3mdYj6g==

GET
H2 200 syncframe
gum.criteo.com/ Frame 2BD9 0
0 49ms
16ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.positivepromotions.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=www.positivepromotions.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.positivepromotions.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.positivepromotions.com/

Response headers

status: 200
cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
server-processing-duration-in-ticks: 459
date: Tue, 22 Sep 2020 15:32:32 GMT
content-length: 0

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
61 B 7ms
7ms Image
image/gif 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j86&a=547846824&t=event&ni=true&_s=2&dl=https%3A%2F%2Fwww.positivepromotions.com%2F&ul=en-us&de=UTF-8&dt=Positive%20Promotions%20%7C%20Promotional%20Products%2C%20Recognition%20Gifts&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=EmailModal&ea=Show&el=Displayed&_u=aGDAgEIjQAAAAE~&jid=&gjid=&cid=603311520.1600788752&tid=UA-1042451-1&_gid=1466071102.1600788752&cd2=control&cd3=yo-not-present&z=920152181

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Sep 2020 13:27:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 7497
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 a
www.googletagmanager.com/ 0
326 B 48ms
34ms Image
image/gif 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=OPT-TXS9VN9&cv=7&t=ol&g=192&p=gtm&l=284&q=366&f=26&e=75&i=44&d=-925&c=227&hc=1&fh=108&sr=0.050000&ps=0.041487387722354274&cb=1018928278

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Sep 2020 15:32:33 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
status: 204
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK embed.js Show response
unbxd.s3.amazonaws.com/ 6 KB
6 KB 871ms
226ms Script
application/javascript 52.219.125.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://unbxd.s3.amazonaws.com/embed.js
Requested by: Host: cdn.yottaa.com
URL: https://cdn.yottaa.com/rapid.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.125.32 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 82369aa82c069beecaccb05dbc469fe1b725160e01e63c7cec9ae2471bd35c2f

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Sep 2020 15:32:35 GMT
Last-Modified: Mon, 04 Feb 2019 12:17:39 GMT
Server: AmazonS3
x-amz-request-id: 503058457FA064FC
ETag: "cbd18052ee4d48d2b020f0e3750e03e6"
Content-Type: application/javascript
x-amz-version-id: 806XLmY7btbOmzuFTDWqhWzCXdID5KXf
Accept-Ranges: bytes
Content-Length: 5662
x-amz-id-2: 0bnWj4VcmyQAdPSBu0+yd39fVQPghWn3Gek27KIgoPSxzJseWSgnA//AVuvEQ+gkwZU4W9zr4e8=

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/6TWYOsKNtRFaLeFqv5xN42-l/ 338 KB
133 KB 8ms
5ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/6TWYOsKNtRFaLeFqv5xN42-l/recaptcha__en.js

Requested by

Host: cdn.yottaa.com
URL: https://cdn.yottaa.com/rapid.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1eed7eeb3d66a6c76d2567bc3a6ef502be67a866f965e42296b87cc85dda3d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 15:06:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1579
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135875
x-xss-protection: 0
last-modified: Mon, 14 Sep 2020 04:07:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Sep 2021 15:06:14 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1071029284/ 2 KB
1 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1071029284/?random=1600788752638&cv=9&fst=1600788752638&num=1&label=j3f2CLrlrQUQpLja_gM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&data=ecomm_prodid%3D%3Becomm_pagetype%3Dhome%3Becomm_totalvalue%3D&frm=0&url=https%3A%2F%2Fwww.positivepromotions.com%2F&tiba=Positive%20Promotions%20%7C%20Promotional%20Products%2C%20Recognition%20Gifts&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: cdn.yottaa.com
URL: https://cdn.yottaa.com/rapid.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd28046b8f576276bb8f2a8e9b72bee8237c7ace91fe79f1ce2d283f23bd583

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Sep 2020 15:32:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1099
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 A2030358-93ee-4232-a887-68f51f27ca671.js Show response
d.impactradius-event.com/ 41 KB
13 KB 281ms
171ms Script
text/javascript 35.186.249.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.impactradius-event.com/A2030358-93ee-4232-a887-68f51f27ca671.js
Requested by: Host: cdn.yottaa.com
URL: https://cdn.yottaa.com/rapid.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.249.72 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 72.249.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e7043ee5f03e403e12542d337708df8ce559f5f90e43bce5bdaf8fb710ebcb72

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 15:32:33 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ABg5-Uz2LFH6QFu6aAsSm3yQyo-jFcZtWUDIEbhPwDMyx_VY-atjuoKex8lSm1VLFr2FYWw0-ZhX3GB7QoFxunFljgU
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 13023
last-modified: Mon, 14 Sep 2020 20:51:57 GMT
server: UploadServer
etag: "efc23c65d595088ac90c8b05e2471ba4"
vary: Accept-Encoding
x-goog-hash: crc32c=uoS61Q==, md5=78I8ZdWVCIrJDIsF4kcbpA==
x-goog-generation: 1600116717757343
cache-control: public,max-age=900,s-maxage=300
x-goog-stored-content-length: 13023
accept-ranges: bytes
content-type: text/javascript; charset=utf-8
expires: Tue, 22 Sep 2020 15:37:33 GMT

GET
H/1.1 200
OK embed.js Show response
d21gpk1vhmjuf5.cloudfront.net/ 6 KB
6 KB 56ms
54ms Script
application/javascript 99.84.144.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d21gpk1vhmjuf5.cloudfront.net/embed.js
Requested by: Host: cdn.yottaa.com
URL: https://cdn.yottaa.com/rapid.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.144.51 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-144-51.txl52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 82369aa82c069beecaccb05dbc469fe1b725160e01e63c7cec9ae2471bd35c2f

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 806XLmY7btbOmzuFTDWqhWzCXdID5KXf
Via: 1.1 3987a119dd762046470f5ba503a917ea.cloudfront.net (CloudFront)
Last-Modified: Mon, 04 Feb 2019 12:17:39 GMT
Server: AmazonS3
Age: 36086
ETag: "cbd18052ee4d48d2b020f0e3750e03e6"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
Date: Tue, 22 Sep 2020 05:31:08 GMT
X-Amz-Cf-Pop: TXL52-C1
Accept-Ranges: bytes
Content-Length: 5662
X-Amz-Cf-Id: 9PwwvEARxeuQDCCqG29eOtVGo4tcPC8w-75AkN-XdqhQlDgQFTM9Ww==

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=50039&v=5.6.2&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&tld=positivepromotions.com&dtycbr=53196
https://widget.us.criteo.com/event?a=50039&v=5.6.2&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&tld=positivepromotions.com&dtycbr=53196

7 KB
4 KB

433ms
159ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.us.criteo.com/event?a=50039&v=5.6.2&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&tld=positivepromotions.com&dtycbr=53196
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 73b61b5b072cfea99b31ae1feb2e7dce889244a6e395f06ef6e30504dfe1f6f9

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Sep 2020 15:32:33 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
timing-allow-origin: *
x-powered-by: ASP.NET
vary: Accept-Encoding
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
status: 200
cache-control: no-cache
server-processing-duration-in-ticks: 43928
content-type: application/x-javascript
content-length: 3565
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 22 Sep 2020 15:32:32 GMT
status: 302
location: https://widget.us.criteo.com/event?a=50039&v=5.6.2&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&tld=positivepromotions.com&dtycbr=53196
cache-control: no-cache
server-processing-duration-in-ticks: 1680
timing-allow-origin: *
content-length: 0
expires: 0

GET
H/1.1 200
OK frs-next.js Show response
emails.positivepromotions.com/js/ 4 KB
5 KB 433ms
146ms Script
application/x-javascript 54.91.222.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://emails.positivepromotions.com/js/frs-next.js

Requested by

Host: cdn.yottaa.com
URL: https://cdn.yottaa.com/rapid.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.222.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-222-103.compute-1.amazonaws.com

Software

nginx / ASP.NET

Resource Hash

3b95555ecf083a644c052294f6ae432237dae1a96bba1fd36d6fd50008e244a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Sep 2020 15:32:33 GMT
ETag: "e17a6dd54cfad11:0"
Last-Modified: Fri, 19 Aug 2016 19:06:47 GMT
Server: nginx
X-Powered-By: ASP.NET
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4306

GET
H/1.1 200
OK vms.js Show response
vmss.boldchat.com/aid/367279686880837180/bc.vms4/ 52 KB
18 KB 647ms
159ms Script
text/javascript 173.199.53.100
GOTO-PRIMARY-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://vmss.boldchat.com/aid/367279686880837180/bc.vms4/vms.js

Requested by

Host: cdn.yottaa.com
URL: https://cdn.yottaa.com/rapid.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

173.199.53.100 , United States, ASN16815 (GOTO-PRIMARY-AS, US),

Reverse DNS

b-app14-34.boldchat.com

Software

BoldChat/8007 /

Resource Hash

a4d2b1d47686b43ae583ef485fb6ad27b86c28415d1adfd3f4a880e8c6161ea6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Sep 2020 15:32:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: BoldChat/8007
ETag: "B058F812D55F2C895B472FD9C599DD12"
P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM", policyref="http://my.boldchat.com/w3c/p3p.xml"
Cache-Control: max-age=7200, public
Content-Type: text/javascript;charset=UTF-8
Content-Length: 17950

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/1071029284/ 42 B
307 B 24ms
24ms Image
image/gif 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1071029284/?random=1600788752638&cv=9&fst=1600786800000&num=1&label=j3f2CLrlrQUQpLja_gM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=ecomm_prodid%3D%3Becomm_pagetype%3Dhome%3Becomm_totalvalue%3D&frm=0&url=https%3A%2F%2Fwww.positivepromotions.com%2F&tiba=Positive%20Promotions%20%7C%20Promotional%20Products%2C%20Recognition%20Gifts&fmt=3&is_vtc=1&random=3226697936&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Sep 2020 15:32:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/1071029284/ 42 B
538 B 43ms
29ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1071029284/?random=1600788752638&cv=9&fst=1600786800000&num=1&label=j3f2CLrlrQUQpLja_gM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=ecomm_prodid%3D%3Becomm_pagetype%3Dhome%3Becomm_totalvalue%3D&frm=0&url=https%3A%2F%2Fwww.positivepromotions.com%2F&tiba=Positive%20Promotions%20%7C%20Promotional%20Products%2C%20Recognition%20Gifts&fmt=3&is_vtc=1&random=3226697936&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Sep 2020 15:32:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK top-sellers Show response
recommendations.unbxdapi.com/v1.0/64601147214db18d63b681068f9a6b28/prod-positivepromotions-com800951496246780/ 30 KB
5 KB 1730ms
1090ms Script
application/javascript 122.248.251.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://recommendations.unbxdapi.com/v1.0/64601147214db18d63b681068f9a6b28/prod-positivepromotions-com800951496246780/top-sellers?cont=unbxd_top_sellers&uid=uid-1600788751878-38851&screenWidth=1600
Requested by: Host: cdn.yottaa.com
URL: https://cdn.yottaa.com/rapid.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 122.248.251.30 Ulu Bedok, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: 2ee20229dc814f3ba3e40c9005e5dea8216164f72b21734dd7ec857f137ceccc

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Sep 2020 15:32:35 GMT
Content-Encoding: gzip
X-Powered-By: Express
ETag: W/"7613-JZ5kO0uVkjxZjwGCl/x7xw"
Vary: X-HTTP-Method-Override, Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive
Content-Length: 4722
x-request-id: 9623686e-d24f-408e-8de8-8418126c91c3

POST
H2 200 event
qoe-1.yottaa.net/log-nt/ 3 B
191 B 463ms
158ms Other
text/json 204.2.131.14
YOTTAA-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://qoe-1.yottaa.net/log-nt/event
Requested by: Host: cdn.yottaa.com
URL: https://cdn.yottaa.com/rapid.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 204.2.131.14 , United States, ASN393259 (YOTTAA-AS-1, US),
Reverse DNS
Software: /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 22 Sep 2020 15:32:34 GMT
status: 200
content-type: text/json
access-control-allow-origin: *
access-control-expose-headers: X-Results-Data-Source
cache-control: no-cache
access-control-allow-credentials: true
timing-allow-origin: *

GET
H/1.1 200
OK 5436AC25A958 Show response
api.datasteam.io/v1/C/RawData/ 208 B
795 B 567ms
140ms Script
text/plain 52.73.66.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.datasteam.io/v1/C/RawData/5436AC25A958?v=36434de7-6cb4-4371-b5e0-6d24926fd816&m=374c44e4-39f8-4790-85f9-68a81fccd05f&se=20dd42a1-7e4a-47a6-b646-6eb7b54bcf2e&d=eyJ2IjoiMzY0MzRkZTctNmNiNC00MzcxLWI1ZTAtNmQyNDkyNmZkODE2IiwibSI6IjM3NGM0NGU0LTM5ZjgtNDc5MC04NWY5LTY4YTgxZmNjZDA1ZiIsImNzaSI6IiIsInNlIjoiMjBkZDQyYTEtN2U0YS00N2E2LWI2NDYtNmViN2I1NGJjZjJlIiwibiI6MSwicCI6IjAyYTFhZmZlLWEwOWMtNDEwZC04NzExLTM5OTM2NjZjZTAzMiIsInUiOiJodHRwczovL3d3dy5wb3NpdGl2ZXByb21vdGlvbnMuY29tLyIsInBuIjoiLyIsInIiOiIiLCJ0IjoiUG9zaXRpdmUgUHJvbW90aW9ucyB8IFByb21vdGlvbmFsIFByb2R1Y3RzLCBSZWNvZ25pdGlvbiBHaWZ0cyIsImMiOiJodHRwczovL3d3dy5wb3NpdGl2ZXByb21vdGlvbnMuY29tLyIsInByIjoiOThCRDY0IiwicyI6MSwidnMiOjEsImwiOiJDYXRlZ29yeSIsInYwMSI6IjAiLCJ2MDIiOiJIb21lcGFnZSJ9&callback=cb7b03b45677b77
Requested by: Host: cdn.yottaa.com
URL: https://cdn.yottaa.com/rapid.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.66.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-66-205.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: fb057158136185fffc7b59f61d3d16ccdb40a252dc818dfa7c573aad355d0547

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Sep 2020 15:32:34 GMT
Server: Kestrel
Connection: keep-alive
Content-Length: 208

GET
H2 200 /
www.facebook.com/tr/ 44 B
146 B 6ms
5ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1197586330272709&ev=Microdata&dl=https%3A%2F%2Fwww.positivepromotions.com%2F&rl=&if=false&ts=1600788753880&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5CnPositive%20Promotions%20%7C%20Promotional%20Products%2C%20Recognition%20Gifts%5Cn%22%2C%22meta%3Adescription%22%3A%22Positive%20Promotions%20is%20your%20one-stop%20shop%20for%20your%20promotional%20product%20needs.%20Visit%20our%20site%20to%20learn%20how%20our%20expert%20marketing%20staff%20can%20help%20make%20your%20awareness%2C%20education%20and%20incentive%20programs%20campaign%20a%20success.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.24&r=stable&ec=1&o=30&fbp=fb.1.1600788751758.996023215&it=1600788751672&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 15:32:33 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 22 Sep 2020 15:32:33 GMT

GET
H/1.1 200
OK web-next.gif
emails.positivepromotions.com/ 49 B
690 B 186ms
185ms Image
images/gif 54.91.222.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://emails.positivepromotions.com/web-next.gif?&v=js2.1&cid=97513&cke=&u=https%3A%2F%2Fwww.positivepromotions.com%2F&t=Positive%20Promotions%20%7C%20Promotional%20Products%2C%20Recognition%20Gifts&l=en-US&je=&re=1600x1200&cd=24&pd=24&os=Linux%20x86_64&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&ref=&h=N&tz=UTC%2B0200&jsv=1.3&ss=35807c15-a8af-41aa-96ee-2e110e7a51cb

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.222.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-222-103.compute-1.amazonaws.com

Software

nginx / ASP.NET

Resource Hash

8c8cb3e3e555ee218e51b16a7c33fa44957f35ec1909701633756306a3fa4fc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Sep 2020 15:32:34 GMT
Server: nginx
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Methods: GET,POST,OPTIONS
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Access-Control-Allow-Origin: *
Cache-Control: private
Connection: keep-alive
Content-Type: images/gif
Content-Length: 49

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/rightmedia/ Frame 105E
Redirect Chain

https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1
https://dis.criteo.com/dis/rtb/rightmedia/cookiematch.aspx?xid=E0

43 B
333 B

208ms
114ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dis.criteo.com/dis/rtb/rightmedia/cookiematch.aspx?xid=E0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Sep 2020 15:32:34 GMT
server: Microsoft-IIS/10.0
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
x-powered-by: ASP.NET
content-type: image/gif
status: 200
cache-control: no-cache
server-processing-duration-in-ticks: 6620
timing-allow-origin: *
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Tue, 22 Sep 2020 15:32:34 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
age: 0
status: 302
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
location: https://dis.criteo.com/dis/rtb/rightmedia/cookiematch.aspx?xid=E0
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H/1.1 200
OK spp.pl
sp.analytics.yahoo.com/ Frame 105E 43 B
886 B 73ms
70ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=10028862&js=no

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 , Switzerland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Sep 2020 15:32:34 GMT
X-Content-Type-Options: nosniff
Age: 0
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: ATS
X-Frame-Options: DENY
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: no-cache, private, must-revalidate
Accept-Ranges: bytes
Expires: Tue, 22 Sep 2020 15:32:34 GMT

GET
H/1.1 204
No Content sync
ups.analytics.yahoo.com/ups/58301/ Frame 105E 0
657 B 199ms
66ms Image
text/plain 18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-_adbji8I6Eg7Zkli6V7t-lfDEh6MMmBGsaTF4A

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS/7.1.2.113 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Sep 2020 15:32:34 GMT
Server: ATS/7.1.2.113
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 105E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=VaBeJH5IdUGKDUSnE7I8SQ
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0

43 B
332 B

165ms
114ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Sep 2020 15:32:34 GMT
server: Microsoft-IIS/10.0
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
x-powered-by: ASP.NET
content-type: image/gif
status: 200
cache-control: no-cache
server-processing-duration-in-ticks: 492
timing-allow-origin: *
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 22 Sep 2020 15:32:34 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 279
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
partner.mediawallahscript.com/ Frame 105E 32 B
367 B 299ms
74ms Image
image/png 34.247.125.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=245ea055-487e-4175-8a0d-44a713b23c49&custom=&tag_format=img&tag_action=sync&custom=&cb=528833e1-8d33-4011-a940-12632113e847
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.125.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-125-34.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: 853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Sep 2020 15:32:34 GMT
Server: nginx/1.12.1
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: private, no-cache, must-revalidate, no-store, max-age=0
Connection: keep-alive
Content-Type: image/png
Content-Length: 32
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame 105E
Redirect Chain

https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-hM6nwi8I6Eg7Zkli6V7t-lfDEh5Myadc5HmANg
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-hM6nwi8I6Eg7Zkli6V7t-lfDEh5Myadc5HmANg&rdrctExp=true

0
476 B

197ms
196ms

Image
text/plain

66.225.223.31
NTTA-3946

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-hM6nwi8I6Eg7Zkli6V7t-lfDEh5Myadc5HmANg&rdrctExp=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 66.225.223.31 Chicago, United States, ASN3949 (NTTA-3946, US),
Reverse DNS: sa.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Sep 2020 15:32:35 GMT
Cache-Control: no-cache
X-TraceId: c71470735ef3583e5a320d24356ede13
Content-Length: 0

Redirect headers

Location: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-hM6nwi8I6Eg7Zkli6V7t-lfDEh5Myadc5HmANg&rdrctExp=true
Date: Tue, 22 Sep 2020 15:32:34 GMT
X-TraceId: ae715c915f9a2f0acdd57a231e696bd6
Content-Length: 0

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 105E 0
239 B 193ms
49ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-E-JzvS8I6Eg7Zkli6V7t-lfDEh7Ek-cT_xmIbw&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

GET
H2 204 t.gif
cw.addthis.com/ Frame 105E 0
426 B 286ms
172ms Image
text/plain 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cw.addthis.com/t.gif?pid=113&pdid=k-E-JzvS8I6Eg7Zkli6V7t-lfDEh7Ek-cT_xmIbw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-44.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Tue, 22 Sep 2020 15:32:34 GMT
cache-control: max-age=0, no-cache, no-store
expires: Tue, 22 Sep 2020 15:32:34 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 105E
Redirect Chain

https://eb2.3lift.com/xuid?mid=2711&xuid=k-QJPv3y8I6Eg7Zkli6V7t-lfDEh7ld6rHS7dQMA&dongle=013b
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-QJPv3y8I6Eg7Zkli6V7t-lfDEh7ld6rHS7dQMA&dongle=013b&gdpr=1&cmp_cs=&us_privacy=

37 B
352 B

65ms
65ms

Image
image/gif

18.196.236.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-QJPv3y8I6Eg7Zkli6V7t-lfDEh7ld6rHS7dQMA&dongle=013b&gdpr=1&cmp_cs=&us_privacy=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.236.3 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 22 Sep 2020 15:32:34 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

status: 302
date: Tue, 22 Sep 2020 15:32:34 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: /xuid?ld=1&mid=2711&xuid=k-QJPv3y8I6Eg7Zkli6V7t-lfDEh7ld6rHS7dQMA&dongle=013b&gdpr=1&cmp_cs=&us_privacy=
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame 105E
Redirect Chain

https://secure.adnxs.com/setuid?entity=52&code=k-mjYo8i8I6Eg7Zkli6V7t-lfDEh5wv57uWaDIGQ&seg=95287
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-mjYo8i8I6Eg7Zkli6V7t-lfDEh5wv57uWaDIGQ%26seg%3D95287

43 B
1 KB

67ms
67ms

Image
image/gif

37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-mjYo8i8I6Eg7Zkli6V7t-lfDEh5wv57uWaDIGQ%26seg%3D95287

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.62 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Sep 2020 15:32:34 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 535.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.41:80
AN-X-Request-Uuid: f9ed9927-2370-44a9-a66e-53dab61a530a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 22 Sep 2020 15:32:34 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 535.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.142:80
AN-X-Request-Uuid: 271afb60-287f-4fe9-a4f6-8e4ab37bf6bc
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-mjYo8i8I6Eg7Zkli6V7t-lfDEh5wv57uWaDIGQ%26seg%3D95287
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/cdb/ Frame 105E
Redirect Chain

https://gum.criteo.com/sync?c=383&r=1&a=1&u=https%3A%2F%2Fd.turn.com%2Fr%2Fdd%2Fid%2FL2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI%2Fdpuid%2F%40USERID%40%2Furl%2Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%25...
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI/dpuid/ItdWsi_Wdha-3l-GToNfSXYXpBfmDh0E/url/https%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fcdb%2Fcookiematch.aspx%3F%26extid%3D%24!%7BTURN_...
https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=2564390133719697621

43 B
333 B

233ms
114ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=2564390133719697621
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Sep 2020 15:32:33 GMT
server: Microsoft-IIS/10.0
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
x-powered-by: ASP.NET
content-type: image/gif
status: 200
cache-control: no-cache
server-processing-duration-in-ticks: 4844
timing-allow-origin: *
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 22 Sep 2020 15:32:33 GMT
server: Apache-Coyote/1.1
status: 302
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
location: https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=2564390133719697621
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/55945/ Frame 105E
Redirect Chain

https://pixel.advertising.com/ups/55945/sync?uid=k-RPQcJi8I6Eg7Zkli6V7t-lfDEh4seP6zWs3qqw&_origin=1
https://pixel.advertising.com/ups/55945/sync?uid=k-RPQcJi8I6Eg7Zkli6V7t-lfDEh4seP6zWs3qqw&_origin=1&verify=true
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-RPQcJi8I6Eg7Zkli6V7t-lfDEh4seP6zWs3qqw&_origin=1&apid=UPd648aa83-fce8-11ea-8f20-06dea3b5a23a

0
975 B

66ms
65ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-RPQcJi8I6Eg7Zkli6V7t-lfDEh4seP6zWs3qqw&_origin=1&apid=UPd648aa83-fce8-11ea-8f20-06dea3b5a23a

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS/7.1.2.113 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Sep 2020 15:32:34 GMT
Server: ATS/7.1.2.113
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status: 302
date: Tue, 22 Sep 2020 15:32:34 GMT
location: https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-RPQcJi8I6Eg7Zkli6V7t-lfDEh4seP6zWs3qqw&_origin=1&apid=UPd648aa83-fce8-11ea-8f20-06dea3b5a23a
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 /
s.ad.smaato.net/c/ Frame 105E 0
237 B 181ms
75ms Image
text/plain 99.84.144.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-yYLOSi8I6Eg7Zkli6V7t-lfDEh5Iul0c2uS2uQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.144.107 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-144-107.txl52.r.cloudfront.net
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 15:32:34 GMT
via: 1.1 a57d5819527c444e16b1875e3bd28970.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: TXL52-C1
x-cache: Miss from cloudfront
status: 204
cache-control: no-cache, must-revalidate
x-amz-cf-id: -OIE-HPH_AreWUZB2q6XzPqujKgVBcvlYI7v_wb_9H6vbah_5WlFCA==

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 105E
Redirect Chain

https://us-u.openx.net/w/1.0/sd?id=537072953&val=k-xSE9bC8I6Eg7Zkli6V7t-lfDEh7yX_NISJMGOQ&c=us
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072953&val=k-xSE9bC8I6Eg7Zkli6V7t-lfDEh7yX_NISJMGOQ&c=us

43 B
180 B

57ms
57ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072953&val=k-xSE9bC8I6Eg7Zkli6V7t-lfDEh7yX_NISJMGOQ&c=us
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.193.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Sep 2020 15:32:34 GMT
via: 1.1 google
server: OXGW/16.193.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Tue, 22 Sep 2020 15:32:34 GMT
via: 1.1 google
server: OXGW/16.193.0
status: 302
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072953&val=k-xSE9bC8I6Eg7Zkli6V7t-lfDEh7yX_NISJMGOQ&c=us
alt-svc: clear
content-length: 0

GET
H2 200 pixel_sync
trends.revcontent.com/cm/ Frame 105E 35 B
335 B 219ms
75ms Image
image/gif 63.32.81.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?bidder=151&bidder_uid=k-YUo3sS8I6Eg7Zkli6V7t-lfDEh5-BAA8vNQuTA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.81.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 22 Sep 2020 15:32:34 GMT
x-powered-by: Express
content-length: 35
content-type: image/gif

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame 105E
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-OSHl5S8I6Eg7Zkli6V7t-lfDEh4VyL24Ot2LWg
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-OSHl5S8I6Eg7Zkli6V7t-lfDEh4VyL24Ot2LWg&C=1

43 B
1000 B

62ms
62ms

Image
image/gif

23.210.249.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-OSHl5S8I6Eg7Zkli6V7t-lfDEh4VyL24Ot2LWg&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Sep 2020 15:32:34 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 22 Sep 2020 15:32:34 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 22 Sep 2020 15:32:34 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-OSHl5S8I6Eg7Zkli6V7t-lfDEh4VyL24Ot2LWg&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 296
Expires: Tue, 22 Sep 2020 15:32:34 GMT

GET
H/1.1 200
OK Pug
simage2.pubmatic.com/AdServer/ Frame 105E 42 B
873 B 213ms
55ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-dUF16S8I6Eg7Zkli6V7t-lfDEh7-S5R9-ldrnA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Tue, 22 Sep 2020 15:32:34 GMT
X-lat: Pug22055:0:458
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

GET
H2 200 cksync.php
contextual.media.net/ Frame 105E 46 B
713 B 224ms
92ms Image
image/gif 92.122.253.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-pYzN6C8I6Eg7Zkli6V7t-lfDEh7t7zRt6kusGA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

92.122.253.103 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-122-253-103.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

579a172ca2c700734ebcfa06d105a134f31ec2357660e58e0874cfdee8472fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Tue, 22 Sep 2020 15:32:34 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
status: 200
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 46
x-mnet-hl2: E
expires: Tue, 22 Sep 2020 15:32:34 GMT

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame 105E 43 B
426 B 609ms
204ms Image
image/gif 52.9.74.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k-G-AJDS8I6Eg7Zkli6V7t-lfDEh7TbvTyEBM6Og
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.9.74.36 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-9-74-36.us-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Sep 2020 15:32:35 GMT
server: nginx/1.12.1
status: 200
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 um
criteo-sync.teads.tv/ Frame 105E 23 B
172 B 205ms
97ms Image
image/gif 104.109.66.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-ZdbF_S8I6Eg7Zkli6V7t-lfDEh7FWYm5H8G_AQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.66.25 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a104-109-66-25.deploy.static.akamaitechnologies.com
Software: akka-http/10.1.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Sep 2020 15:32:34 GMT
server: akka-http/10.1.9
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
content-length: 23
expires: Tue, 22 Sep 2020 15:32:34 GMT

GET
H2 200 v1
match.sharethrough.com/sync/ Frame 105E 68 B
262 B 186ms
59ms Image
image/png 54.93.35.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-PZfkui8I6Eg7Zkli6V7t-lfDEh5w6WkbSsozhA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.35.217 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 22 Sep 2020 15:32:34 GMT
content-length: 68
content-type: image/png

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/taboola/ Frame 105E
Redirect Chain

https://sync-t1.taboola.com/sg/criteo/1/rtb
https://dis.criteo.com/dis/rtb/taboola/cookiematch.aspx?partner_uid=f68617dc-7a2e-44c0-984e-787dcd19f592-tuct6639e92

43 B
333 B

61ms
61ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dis.criteo.com/dis/rtb/taboola/cookiematch.aspx?partner_uid=f68617dc-7a2e-44c0-984e-787dcd19f592-tuct6639e92
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Sep 2020 15:32:34 GMT
server: Microsoft-IIS/10.0
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
x-powered-by: ASP.NET
content-type: image/gif
status: 200
cache-control: no-cache
server-processing-duration-in-ticks: 5299
timing-allow-origin: *
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

status: 302
tbl-x-upstream: 10.41.32.36:10213
date: Tue, 22 Sep 2020 15:32:34 GMT
server: nginx
x-fastly-to-nlb-rtt: 22462
location: https://dis.criteo.com/dis/rtb/taboola/cookiematch.aspx?partner_uid=f68617dc-7a2e-44c0-984e-787dcd19f592-tuct6639e92

GET
H2 200 idr.gif
p.alcmpn.com/idr/ven/1012/ 32 B
185 B 470ms
155ms Image
image/gif 35.193.67.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://p.alcmpn.com/idr/ven/1012/idr.gif?fpid=98BD64-36434DE7-6CB4-4371-B5E0-6D24926FD816

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.193.67.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

164.67.193.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 15:32:35 GMT
last-modified: Mon, 31 Aug 2020 17:53:30 GMT
server: nginx
etag: "5f4d391a-20"
strict-transport-security: max-age=31536000;
content-type: image/gif
status: 200
accept-ranges: bytes
content-length: 32

GET
H2 200 g.jsonp Show response
aa.agkn.com/adscores/ 82 B
390 B 181ms
67ms Script
application/json 35.176.88.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aa.agkn.com/adscores/g.jsonp?sid=9202274878&userid=98BD64-36434DE7-6CB4-4371-B5E0-6D24926FD816
Requested by: Host: cdn.yottaa.com
URL: https://cdn.yottaa.com/rapid.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.176.88.2 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AAWebServer /
Resource Hash: 9e446e75dc20b6dc693b247aaf7704112e55ef434588368aa0761fc76b3a29a5

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Sep 2020 15:32:34 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: application/json
content-length: 82
expires: 0

GET
H/1.1 200
OK spp.pl
sp.analytics.yahoo.com/ Frame 105E 43 B
886 B 71ms
71ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=39872&js=no

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 , Switzerland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Sep 2020 15:32:34 GMT
X-Content-Type-Options: nosniff
Age: 0
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: ATS
X-Frame-Options: DENY
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: no-cache, private, must-revalidate
Accept-Ranges: bytes
Expires: Tue, 22 Sep 2020 15:32:34 GMT

GET
H/1.1 200
OK setup Show response
vms.boldchat.com/aid/367279686880837180/api/v1/extendedvisitorinfo/ 24 B
234 B 634ms
160ms XHR
application/json 173.199.53.22
GOTO-PRIMARY-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://vms.boldchat.com/aid/367279686880837180/api/v1/extendedvisitorinfo/setup

Requested by

Host: vmss.boldchat.com
URL: https://vmss.boldchat.com/aid/367279686880837180/bc.vms4/vms.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

173.199.53.22 , United States, ASN16815 (GOTO-PRIMARY-AS, US),

Reverse DNS

Software

BoldChat/8007 /

Resource Hash

ab23e5ef2389cf1539e1ad4dc3ff1cbd09a452482157ee899fd27f83239d9360

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 22 Sep 2020 15:32:33 GMT
X-Content-Type-Options: nosniff
Server: BoldChat/8007
Content-Length: 24
Content-Type: application/json;charset=UTF-8

GET
H2 200 visitor-token Show response
visitor-services.boldchat.com/visitor-token-service/ 38 B
378 B 429ms
65ms XHR
application/json 52.29.222.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://visitor-services.boldchat.com/visitor-token-service/visitor-token?visitorToken=6714193915048951808
Requested by: Host: vmss.boldchat.com
URL: https://vmss.boldchat.com/aid/367279686880837180/bc.vms4/vms.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.222.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-222-110.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: facad2d272a26383afa00bbced57936096b16a48c311111d3bace214e8c70e36

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-response-time: 0.119486ms
date: Tue, 22 Sep 2020 15:32:34 GMT
x-correlation-id: d400f4f2-d50c-4706-82d6-f06527b70c5c
status: 200
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.positivepromotions.com
access-control-allow-credentials: true
content-length: 38

GET
H2

200

397596.gif
idsync.rlcdn.com/ Frame 105E
Redirect Chain

https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
https://idsync.rlcdn.com/397596.gif?partner_uid=zBAzKiqhDHRjWfZGh7J6srtK_FF3ucXI

42 B
417 B

160ms
60ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/397596.gif?partner_uid=zBAzKiqhDHRjWfZGh7J6srtK_FF3ucXI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 22 Sep 2020 15:32:37 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
status: 200
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

strict-transport-security: max-age=31536000
date: Tue, 22 Sep 2020 15:32:36 GMT
status: 302
content-type: text/html; charset=utf-8
location: https://idsync.rlcdn.com/397596.gif?partner_uid=zBAzKiqhDHRjWfZGh7J6srtK_FF3ucXI
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2049
content-length: 197

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/yahoogemini/ Frame 105E
Redirect Chain

https://ads.yahoo.com/cms/v1?esig=2~d70585acac52c040f8b2016b9137859f8ce8814d&nwid=10022892938&sigv=1
https://dis.criteo.com/dis/rtb/yahoogemini/cookiematch.aspx?xid=E0

43 B
333 B

69ms
69ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dis.criteo.com/dis/rtb/yahoogemini/cookiematch.aspx?xid=E0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Sep 2020 15:32:34 GMT
server: Microsoft-IIS/10.0
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
x-powered-by: ASP.NET
content-type: image/gif
status: 200
cache-control: no-cache
server-processing-duration-in-ticks: 5367
timing-allow-origin: *
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Tue, 22 Sep 2020 15:32:34 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
age: 0
status: 302
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
location: https://dis.criteo.com/dis/rtb/yahoogemini/cookiematch.aspx?xid=E0
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 105E
Redirect Chain

https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8565154968457851672

43 B
333 B

61ms
61ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8565154968457851672
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Sep 2020 15:32:34 GMT
server: Microsoft-IIS/10.0
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
x-powered-by: ASP.NET
content-type: image/gif
status: 200
cache-control: no-cache
server-processing-duration-in-ticks: 6448
timing-allow-origin: *
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 22 Sep 2020 15:32:34 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 535.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.132:80
AN-X-Request-Uuid: c86a0189-e66b-4dc3-90d4-20bd3a0a5dbc
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8565154968457851672
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/55945/ Frame 105E
Redirect Chain

https://pixel.advertising.com/ups/55945/sync?uid=k-nq5jIy8I6Eg7Zkli6V7t-lfDEh67hcwVY_FpLw&_origin=1
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-nq5jIy8I6Eg7Zkli6V7t-lfDEh67hcwVY_FpLw&_origin=1&apid=UPd648aa83-fce8-11ea-8f20-06dea3b5a23a

0
975 B

64ms
64ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-nq5jIy8I6Eg7Zkli6V7t-lfDEh67hcwVY_FpLw&_origin=1&apid=UPd648aa83-fce8-11ea-8f20-06dea3b5a23a

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS/7.1.2.113 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Sep 2020 15:32:34 GMT
Server: ATS/7.1.2.113
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status: 302
date: Tue, 22 Sep 2020 15:32:34 GMT
location: https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-nq5jIy8I6Eg7Zkli6V7t-lfDEh67hcwVY_FpLw&_origin=1&apid=UPd648aa83-fce8-11ea-8f20-06dea3b5a23a
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK bc.pv Show response
vms.boldchat.com/aid/367279686880837180/ 194 B
390 B 636ms
159ms Script
text/javascript 173.199.53.22
GOTO-PRIMARY-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://vms.boldchat.com/aid/367279686880837180/bc.pv?script=true&securevm=true&&blur=false&vm=false&poll=65000&swidth=1600&sheight=1200&sdpi=96&url=https%3A%2F%2Fwww.positivepromotions.com%2F&wdid=2449079818214097220&1600788754782&visitorToken=6714193915048951808&tabIdentifier=6605603960777157001&clientScheme=https&_bcvm_vrid_=true&_bcvm_vid_2449079818214097220=1600788754783Sundefined&_bcvm_vrid_2449079818214097220=1600788754783Sundefined&&hasbutton=false&tcwdid=0.6997568302459756,365376214178398913,,

Requested by

Host: cdn.yottaa.com
URL: https://cdn.yottaa.com/rapid.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

173.199.53.22 , United States, ASN16815 (GOTO-PRIMARY-AS, US),

Reverse DNS

Software

BoldChat/8007 /

Resource Hash

87fe6374f27414f083578da189b2e81c5c2b85870203599b67b4d299cab56a7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Sep 2020 15:32:35 GMT
X-Content-Type-Options: nosniff
Server: BoldChat/8007
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK spp.pl
sp.analytics.yahoo.com/ Frame 105E 43 B
886 B 76ms
76ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10028862

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 , Switzerland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Sep 2020 15:32:34 GMT
X-Content-Type-Options: nosniff
Age: 0
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: ATS
X-Frame-Options: DENY
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: no-cache, private, must-revalidate
Accept-Ranges: bytes
Expires: Tue, 22 Sep 2020 15:32:34 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/yahoogemini/ Frame 105E
Redirect Chain

https://ads.yahoo.com/cms/v1?esig=2~53ef8d479c22b2f64b38b7c8ed96f504cd8e84c6&nwid=10033892938&sigv=1
https://dis.criteo.com/dis/rtb/yahoogemini/cookiematch.aspx?xid=E0

43 B
333 B

59ms
59ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dis.criteo.com/dis/rtb/yahoogemini/cookiematch.aspx?xid=E0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Sep 2020 15:32:34 GMT
server: Microsoft-IIS/10.0
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
x-powered-by: ASP.NET
content-type: image/gif
status: 200
cache-control: no-cache
server-processing-duration-in-ticks: 2410
timing-allow-origin: *
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Tue, 22 Sep 2020 15:32:34 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
age: 2
status: 302
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
location: https://dis.criteo.com/dis/rtb/yahoogemini/cookiematch.aspx?xid=E0
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H/1.1 200
OK 5436AC25A958 Show response
api.datasteam.io/v1/C/RawData/ 208 B
795 B 145ms
145ms Script
text/plain 52.73.66.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.datasteam.io/v1/C/RawData/5436AC25A958?v=36434de7-6cb4-4371-b5e0-6d24926fd816&m=374c44e4-39f8-4790-85f9-68a81fccd05f&se=20dd42a1-7e4a-47a6-b646-6eb7b54bcf2e&d=eyJ2IjoiMzY0MzRkZTctNmNiNC00MzcxLWI1ZTAtNmQyNDkyNmZkODE2IiwibSI6IjM3NGM0NGU0LTM5ZjgtNDc5MC04NWY5LTY4YTgxZmNjZDA1ZiIsImNzaSI6IiIsInNlIjoiMjBkZDQyYTEtN2U0YS00N2E2LWI2NDYtNmViN2I1NGJjZjJlIiwicCI6IjAyYTFhZmZlLWEwOWMtNDEwZC04NzExLTM5OTM2NjZjZTAzMiIsInUiOiJodHRwczovL3d3dy5wb3NpdGl2ZXByb21vdGlvbnMuY29tLyIsInBuIjoiLyIsInIiOiIiLCJ0IjoiUG9zaXRpdmUgUHJvbW90aW9ucyB8IFByb21vdGlvbmFsIFByb2R1Y3RzLCBSZWNvZ25pdGlvbiBHaWZ0cyIsImMiOiJodHRwczovL3d3dy5wb3NpdGl2ZXByb21vdGlvbnMuY29tLyIsInByIjoiOThCRDY0IiwiZWlkIjoibnNfc2VnXzAwMCIsInMiOjIsInZzIjoxLCJsIjoiQWN0aW9uIiwidjAxIjoiRWlkIiwidjAyIjoibnNfc2VnXzAwMCJ9&callback=cbc5451769c29de
Requested by: Host: cdn.yottaa.com
URL: https://cdn.yottaa.com/rapid.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.66.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-66-205.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: 5bacf1f1fc67ad64a28d1f9c611862d87eb788f15cdb6b40f5eabf353e045f11

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Sep 2020 15:32:34 GMT
Server: Kestrel
Connection: keep-alive
Content-Length: 208

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 105E 0
227 B 52ms
52ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-KBoG-i8I6Eg7Zkli6V7t-lfDEh7E3NubnCV_7Q
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
tbl-x-upstream: 10.40.20.11:10213
date: Tue, 22 Sep 2020 15:32:34 GMT
server: nginx
x-fastly-to-nlb-rtt: 26052

GET
H/1.1 200
OK 5436AC25A958 Show response
api.datasteam.io/v1/C/RawData/ 208 B
795 B 144ms
144ms Script
text/plain 52.73.66.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.datasteam.io/v1/C/RawData/5436AC25A958?v=36434de7-6cb4-4371-b5e0-6d24926fd816&m=374c44e4-39f8-4790-85f9-68a81fccd05f&se=20dd42a1-7e4a-47a6-b646-6eb7b54bcf2e&d=eyJ2IjoiMzY0MzRkZTctNmNiNC00MzcxLWI1ZTAtNmQyNDkyNmZkODE2IiwibSI6IjM3NGM0NGU0LTM5ZjgtNDc5MC04NWY5LTY4YTgxZmNjZDA1ZiIsImNzaSI6IiIsInNlIjoiMjBkZDQyYTEtN2U0YS00N2E2LWI2NDYtNmViN2I1NGJjZjJlIiwicCI6IjAyYTFhZmZlLWEwOWMtNDEwZC04NzExLTM5OTM2NjZjZTAzMiIsInUiOiJodHRwczovL3d3dy5wb3NpdGl2ZXByb21vdGlvbnMuY29tLyIsInBuIjoiLyIsInIiOiIiLCJ0IjoiUG9zaXRpdmUgUHJvbW90aW9ucyB8IFByb21vdGlvbmFsIFByb2R1Y3RzLCBSZWNvZ25pdGlvbiBHaWZ0cyIsImMiOiJodHRwczovL3d3dy5wb3NpdGl2ZXByb21vdGlvbnMuY29tLyIsInByIjoiOThCRDY0IiwiZWlkIjoibnNfc2VnXzAwMCIsInMiOjMsInZzIjoxLCJsIjoiQWN0aW9uIiwidjAxIjoiRXMxIn0%3D&callback=cb9f6e5d39b112b
Requested by: Host: cdn.yottaa.com
URL: https://cdn.yottaa.com/rapid.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.66.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-66-205.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: 6a81f6f79e40a55cdd8398d2c12feb300e326d74622edf1f491daf1188acf00d

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Sep 2020 15:32:35 GMT
Server: Kestrel
Connection: keep-alive
Content-Length: 208

GET
H/1.1 200
OK embed.css
d21gpk1vhmjuf5.cloudfront.net/ 2 KB
1 KB 52ms
52ms Stylesheet
text/css 99.84.144.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d21gpk1vhmjuf5.cloudfront.net/embed.css
Requested by: Host: www.positivepromotions.com
URL: https://www.positivepromotions.com/Javascript/jquery-min.js?v=2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.144.51 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-144-51.txl52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8b76b3cddd1e228c9d709db82d3d2a34262f269d34772c43c9825a8255133886

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: null
Content-Encoding: gzip
ETag: "c1296dceb5ad2174c804321deb2b10f5"
Age: 28198
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 793
Last-Modified: Fri, 05 Jun 2015 10:51:08 GMT
Server: AmazonS3
Date: Tue, 22 Sep 2020 07:42:38 GMT
Content-Type: text/css
Via: 1.1 3987a119dd762046470f5ba503a917ea.cloudfront.net (CloudFront)
Cache-Control: max-age=3600
X-Amz-Cf-Pop: TXL52-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: Tp2CzJaDY_vjSASZK96ABMwGsVQbf1NvNS9BXn3lKKarcR4GsgYfSQ==
Expires: Sun, 05 Jun 2016 10:50:07 GMT

GET
H/1.1 200
OK arrow_left.png
d21gpk1vhmjuf5.cloudfront.net/ 393 B
896 B 806ms
803ms Image
image/png 99.84.144.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d21gpk1vhmjuf5.cloudfront.net/arrow_left.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.144.51 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-144-51.txl52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f16ff2648e2aa593a7a167bfc9b47689551d12a3cd90314e1475437445ed0cf6

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Sep 2020 15:32:37 GMT
Via: 1.1 8a8ce1b655547c1da36b64e17700f010.cloudfront.net (CloudFront)
Last-Modified: Tue, 29 Aug 2017 12:08:49 GMT
Server: AmazonS3
X-Amz-Cf-Pop: TXL52-C1
ETag: "e33beab2ab71f5f0e0c50d3842c2f947"
X-Cache: Miss from cloudfront
x-amz-version-id: efFdNBZULQKFmqg0okjOnODsds_brbIN
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 393
X-Amz-Cf-Id: deGujxnwaL3uabMit-JhdQU8eKJ1wKdsuNwlizWLdgvK0-AnuTdY7Q==

GET
H/1.1 200
OK arrow_right.png
d21gpk1vhmjuf5.cloudfront.net/ 401 B
904 B 854ms
851ms Image
image/png 99.84.144.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d21gpk1vhmjuf5.cloudfront.net/arrow_right.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.144.51 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-144-51.txl52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 55d273cbf24517eb1cc1271016eef7a8660ef7c29ad84402a9deb80d22df1383

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Sep 2020 15:32:37 GMT
Via: 1.1 ffa01f5c992a803f4470401daea2d541.cloudfront.net (CloudFront)
Last-Modified: Tue, 29 Aug 2017 12:08:48 GMT
Server: AmazonS3
X-Amz-Cf-Pop: TXL52-C1
ETag: "686389ac3cfea3411a95b43511637cfd"
X-Cache: Miss from cloudfront
x-amz-version-id: GnaWRr_3FR73PVZQVVWgyy4wN1wZmvsy
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 401
X-Amz-Cf-Id: kjZoS6O0H6v1AmGYeCgzQ7-dXkryB3NxAvfyVAc4HLVG8L4lkWb6rg==

GET
H2

200

OSW9759.jpg
www.positivepromotions.com/images/350/
Redirect Chain

https://positivepromotions.com/images/350/OSW9759.jpg
https://www.positivepromotions.com/images/350/OSW9759.jpg

14 KB
14 KB

50ms
49ms

Image
image/jpeg

99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/350/OSW9759.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: 672a9a4fe2b337facc53181ed5a2c7797e57dc898c3692375c8a321b9a770cf3

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 23:27:04 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Thu, 13 Aug 2020 15:08:59 GMT
age: 57931
etag: "a1df42ac8371d61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 14339
x-amz-cf-id: O97JcAMiAGCaYiBLN7nMi1jfw774tlfJgXOcD-wseWApbDfmIIS1GQ==

Redirect headers

date: Tue, 22 Sep 2020 07:48:16 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
age: 27859
status: 301
x-cache: Hit from cloudfront
content-type: text/html
location: https://www.positivepromotions.com/images/350/OSW9759.jpg
x-amz-cf-pop: FRA6-C1
content-length: 267
x-amz-cf-id: F9LoRrdtDY1oaR0Yw015e9ztEEf4gnQra_ebVpkSukLcDyQf_yiTGw==

GET
H2

200

OSV1533.jpg
www.positivepromotions.com/images/350/
Redirect Chain

https://positivepromotions.com/images/350/OSV1533.jpg
https://www.positivepromotions.com/images/350/OSV1533.jpg

19 KB
19 KB

51ms
50ms

Image
image/jpeg

99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/350/OSV1533.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: a97c4ad701fed96125f4066508b5342868675d5384b0beafb0194c8279be06d0

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 23:27:04 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Fri, 04 Sep 2020 20:23:50 GMT
age: 57931
etag: "b09c3e4df982d61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 19100
x-amz-cf-id: qEanpOeN0q0YrVvFbssQ7bpoeM1bHd7xSFBSfv9rR2zsuwlD2igs1w==

Redirect headers

date: Tue, 22 Sep 2020 07:48:16 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
age: 27859
status: 301
x-cache: Hit from cloudfront
content-type: text/html
location: https://www.positivepromotions.com/images/350/OSV1533.jpg
x-amz-cf-pop: FRA6-C1
content-length: 267
x-amz-cf-id: NZpNAz1HaUYLFGR8AK88FTS7eCnt7kuSBo9OvzvCFVIUSzp2oF6g2g==

GET
H2

200

OS-2153.jpg
www.positivepromotions.com/images/350/
Redirect Chain

https://positivepromotions.com/images/350/OS-2153.jpg
https://www.positivepromotions.com/images/350/OS-2153.jpg

24 KB
24 KB

50ms
49ms

Image
image/jpeg

99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/350/OS-2153.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: 31c3d6ddec400935b2dcfc244c9c3c19c4e778657b9cd205644b667d9cbf4c49

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 23:27:04 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Thu, 30 Jun 2016 21:22:23 GMT
age: 57931
etag: "e7df287e15d3d11:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 24496
x-amz-cf-id: 8OiXHhoHIqUrtOEV9oJtKqVAa3w0ATggyFaB8SCLu_KqJQ-NJW8-PQ==

Redirect headers

date: Tue, 22 Sep 2020 07:48:15 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
age: 27859
status: 301
x-cache: Hit from cloudfront
content-type: text/html
location: https://www.positivepromotions.com/images/350/OS-2153.jpg
x-amz-cf-pop: FRA6-C1
content-length: 267
x-amz-cf-id: ro5K62WeeSjPsNcTUmrazt-LxoVdS-aUFNVXy-vBUByf9gYWoDS4Kg==

GET
H2

200

OST1098.jpg
www.positivepromotions.com/images/350/
Redirect Chain

https://positivepromotions.com/images/350/OST1098.jpg
https://www.positivepromotions.com/images/350/OST1098.jpg

13 KB
13 KB

50ms
50ms

Image
image/jpeg

99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/350/OST1098.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: 809ded41b053ace963459e0611475e0108eccb67bdfceb1092d77ce80909a75b

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 23:27:04 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Thu, 20 Jun 2019 21:52:55 GMT
age: 57931
etag: "c0709784b227d51:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 13488
x-amz-cf-id: B5iNTXhkC2YjGocE1j_m937DEPPpAUy1saddM637Gak7xcfXcw0gLQ==

Redirect headers

date: Tue, 22 Sep 2020 07:48:15 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
age: 27859
status: 301
x-cache: Hit from cloudfront
content-type: text/html
location: https://www.positivepromotions.com/images/350/OST1098.jpg
x-amz-cf-pop: FRA6-C1
content-length: 267
x-amz-cf-id: lq76kF1hLxAZQhq6MZID3o9-ja1J-EYTyF5WodqCGaoX2PD0hUq65A==

GET
H2

200

G-617.jpg
www.positivepromotions.com/images/350/
Redirect Chain

https://positivepromotions.com/images/350/G-617.jpg
https://www.positivepromotions.com/images/350/G-617.jpg

15 KB
16 KB

49ms
48ms

Image
image/jpeg

99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/350/G-617.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: d8d6c5065bd297601c8f352e3b9cee6fae8a872fcb4f10dc429f58e741ed1e71

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 23:27:04 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Wed, 08 Jul 2020 14:32:23 GMT
age: 57931
etag: "3f6e33983455d61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 15858
x-amz-cf-id: sqcWHFrRQS6VjEBV6BAaXuW6xf3Pq2DXRYc-cBj3ov1b56jbyDcg_A==

Redirect headers

date: Tue, 22 Sep 2020 07:48:16 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
age: 27859
status: 301
x-cache: Hit from cloudfront
content-type: text/html
location: https://www.positivepromotions.com/images/350/G-617.jpg
x-amz-cf-pop: FRA6-C1
content-length: 265
x-amz-cf-id: 6S-ji_038Oc-zHHTAr0RElVZ3W-2S_4ujnVbG326ZN3sPITmv2S2wg==

GET
H2

200

ITP-52S.jpg
www.positivepromotions.com/images/350/
Redirect Chain

https://positivepromotions.com/images/350/ITP-52S.jpg
https://www.positivepromotions.com/images/350/ITP-52S.jpg

22 KB
22 KB

52ms
52ms

Image
image/jpeg

99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/350/ITP-52S.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: b11aa91074a16dcfba56f9351a71f15109923e9a46f904bcb81873b0e9f0efcb

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 23:27:04 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Fri, 17 Jul 2020 16:14:41 GMT
age: 57931
etag: "8930a260555cd61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 22061
x-amz-cf-id: QX7LzmVa80LBREr1uO7PGQzLpaCYwENVXNAN_vPFOfcu7jBX6E6JRQ==

Redirect headers

date: Tue, 22 Sep 2020 07:48:15 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
age: 27859
status: 301
x-cache: Hit from cloudfront
content-type: text/html
location: https://www.positivepromotions.com/images/350/ITP-52S.jpg
x-amz-cf-pop: FRA6-C1
content-length: 267
x-amz-cf-id: SUJ4c-0ii7i4QGd1FF4vzz5NF08oM6z3WxxFVIA1M_zEoY4ErVxbtg==

GET
H2

200

PNP-553.jpg
www.positivepromotions.com/images/350/
Redirect Chain

https://positivepromotions.com/images/350/PNP-553.jpg
https://www.positivepromotions.com/images/350/PNP-553.jpg

9 KB
9 KB

49ms
48ms

Image
image/jpeg

99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/350/PNP-553.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: b4de69f8078f79f1ef9261de3353172155b091d45078d5c79a6476873f825df6

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 23:27:04 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Thu, 14 May 2020 22:17:18 GMT
age: 57931
etag: "ccc716e3d2ad61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 9026
x-amz-cf-id: D_0TcDyMKRTZ97lGYoD5GOTV9boYBLyU7ViE22M4xb3AK09Zb8xslQ==

Redirect headers

date: Tue, 22 Sep 2020 07:48:16 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
age: 27859
status: 301
x-cache: Hit from cloudfront
content-type: text/html
location: https://www.positivepromotions.com/images/350/PNP-553.jpg
x-amz-cf-pop: FRA6-C1
content-length: 267
x-amz-cf-id: G5EslhUQlG_E2sRRgiXFAVX4xrU3Q_S5Z9rG5tErAmLOQzROnhqlRQ==

GET
H2

200

GP-116.jpg
www.positivepromotions.com/images/350/
Redirect Chain

https://positivepromotions.com/images/350/GP-116.jpg
https://www.positivepromotions.com/images/350/GP-116.jpg

10 KB
10 KB

49ms
48ms

Image
image/jpeg

99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/350/GP-116.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: 4c8ce95e3a62d4bb4a8cfb02d4b61c8368c87798299872bfdc027b8482a92631

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 23:27:04 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Thu, 18 Jun 2020 16:10:30 GMT
age: 57931
etag: "3eb8abfc8a45d61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 10275
x-amz-cf-id: NXWFNiUg7lNopsJghb4agyB1gZPeD8B86XUekMLTsK4WReilq_MFyQ==

Redirect headers

date: Tue, 22 Sep 2020 07:48:16 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
age: 27859
status: 301
x-cache: Hit from cloudfront
content-type: text/html
location: https://www.positivepromotions.com/images/350/GP-116.jpg
x-amz-cf-pop: FRA6-C1
content-length: 266
x-amz-cf-id: NLOg65PEU-JV2FQDPKauB23SCWJS_go2JyDWOTJIlETjYgJkzxQ2yA==

GET
H2

200

OS-1022.jpg
www.positivepromotions.com/images/350/
Redirect Chain

https://positivepromotions.com/images/350/OS-1022.jpg
https://www.positivepromotions.com/images/350/OS-1022.jpg

5 KB
5 KB

49ms
49ms

Image
image/jpeg

99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/350/OS-1022.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: 9d93fc9103f5ed3fe287e463bcb7376519ebfd8e4344177724c2be9ebe1c8dc4

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 23:27:04 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Mon, 22 Apr 2019 20:51:49 GMT
age: 57931
etag: "d57bc0344df9d41:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 4781
x-amz-cf-id: SzO0waTXxCyUAYKGdYZlJNoVl7N_aD4mZtf0fAmc9_6BYZ12ZMi8Zg==

Redirect headers

date: Tue, 22 Sep 2020 07:48:16 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
age: 27859
status: 301
x-cache: Hit from cloudfront
content-type: text/html
location: https://www.positivepromotions.com/images/350/OS-1022.jpg
x-amz-cf-pop: FRA6-C1
content-length: 267
x-amz-cf-id: pu5nKj2oi5wuIvrw83zaIKP04NCOJqz_DZS9v02dcKNAOxgu1FM9Qw==

GET
H2

200

OST-600.jpg
www.positivepromotions.com/images/350/
Redirect Chain

https://positivepromotions.com/images/350/OST-600.jpg
https://www.positivepromotions.com/images/350/OST-600.jpg

11 KB
11 KB

50ms
49ms

Image
image/jpeg

99.86.7.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.positivepromotions.com/images/350/OST-600.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-61.fra6.r.cloudfront.net
Software: /
Resource Hash: 1898c437683b3f6fdce76fb13f518c451ca9376c8ad5bdb4b5e3cfcd13717460

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 23:27:04 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
last-modified: Mon, 11 Jun 2018 20:03:17 GMT
age: 57931
etag: "bdd0e3dbf1d41:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 10956
x-amz-cf-id: z04wPoJsVsRaMQFvJTsj86sDvNnmCU7sBhvMIQT_ZDMgpt45wjNWlA==

Redirect headers

date: Tue, 22 Sep 2020 07:48:16 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
age: 27859
status: 301
x-cache: Hit from cloudfront
content-type: text/html
location: https://www.positivepromotions.com/images/350/OST-600.jpg
x-amz-cf-pop: FRA6-C1
content-length: 267
x-amz-cf-id: d3XkjQ2AdK7KKWJ1GXisjrFVU1GBVl02bXvL0plAs12fT8xJqU5NwA==

GET
H/1.1 200
OK 1p.jpg
tracker.unbxdapi.com/v2/ 309 B
726 B 149ms
149ms Image
image/jpeg 54.210.170.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tracker.unbxdapi.com/v2/1p.jpg?data=%7B%22box_type%22%3A%22TOP_SELLERS%22%2C%22path%22%3A%22%2F%22%2C%22identifier%22%3Anull%2C%22pids_list%22%3A%5B%22OSW9759%22%2C%22OSV1533%22%2C%22OS-2153%22%2C%22OST1098%22%2C%22G-617%22%2C%22ITP-52S%22%2C%22PNP-553%22%2C%22GP-116%22%2C%22OS-1022%22%2C%22OST-600%22%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.positivepromotions.com%2F%22%2C%22referrer%22%3A%22%22%2C%22visit_type%22%3A%22first_time%22%2C%22ver%22%3A%224.0.27%22%2C%22_uf%22%3A2950260117%2C%22visitId%22%3A%22visitId-1600788751882-66356%22%7D&UnbxdKey=prod-positivepromotions-com800951496246780&action=impression&uid=uid-1600788751878-38851&t=1600788756032|0.00910451410955293
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.210.170.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-210-170-56.compute-1.amazonaws.com
Software: Wingman-3.3.8-hotfix1-[1597213506] /
Resource Hash: a61d8687f980bf5ef71b178b270a9713c0bb745b73dd56fed208c103d99af846

Request headers

Referer: https://www.positivepromotions.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Sep 2020 15:32:36 GMT
Content-Encoding: gzip
Server: Wingman-3.3.8-hotfix1-[1597213506]
Unx-Accept-Encoding: gzip, deflate, br
Vary: Accept-Encoding
Content-Type: image/jpeg; charset=utf-8
Region: us-east-1-(prod)
Unx-Server: Wingman-3.3.8-hotfix1-[1597213506]
Unx-Conn: tracker-ext-v2
Connection: keep-alive
X-Request-Id: 5ab5c3ed-d40f-42c2-8410-33d58e11bd9c
Content-Length: 137
Unbxd-Request-Id: 5ab5c3ed-d40f-42c2-8410-33d58e11bd9c
Unx-Site: prod-positivepromotions-com800951496246780
Unx-Request-Id: 5ab5c3ed-d40f-42c2-8410-33d58e11bd9c

Verdicts & Comments Add Verdict or Comment

348 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.positivepromotions.com/	1970-01-19 12:39:50	Name: _sp_ses.ef96 Value: *
.positivepromotions.com/	1970-01-19 21:25:24	Name: MGX_CID Value: 3ac6f2e6-082d-4fab-9814-74c770bc1033
.positivepromotions.com/	1970-01-19 21:25:24	Name: MGX_P Value: 36434de7-6cb4-4371-b5e0-6d24926fd816
www.positivepromotions.com/	1970-01-20 06:11:00	Name: _sp_id.ef96 Value: 143a11927977f5cb.1600788753.1.1600788753.1600788753
.positivepromotions.com/	1970-01-19 12:39:50	Name: unbxd.visitId Value: visitId-1600788751882-66356
.positivepromotions.com/	1970-01-19 12:39:50	Name: unbxd.visit Value: first_time
.positivepromotions.com/	1970-01-19 13:03:12	Name: _uetvid Value: da8a7b81144fd2a19247639c653d0b28
.positivepromotions.com/	1969-12-31 23:59:59	Name: MGX_PX Value: 20dd42a1-7e4a-47a6-b646-6eb7b54bcf2e
.positivepromotions.com/	1970-01-19 21:25:24	Name: MGX_U Value: 374c44e4-39f8-4790-85f9-68a81fccd05f
.positivepromotions.com/	1970-01-19 12:41:15	Name: _uetsid Value: 24b49c51dd8219d268d4b39e0dd5155a
.positivepromotions.com/	1970-01-20 06:11:00	Name: _ga Value: GA1.2.603311520.1600788752
.positivepromotions.com/	1970-01-19 14:49:24	Name: _fbp Value: fb.1.1600788751758.996023215
www.positivepromotions.com/	1970-01-19 13:23:00	Name: modal_shown Value: yes
.positivepromotions.com/	1970-01-26 19:51:48	Name: b_s_id Value: 549f7334-3286-470e-a132-be507485b92c
www.positivepromotions.com/	1970-02-10 10:15:48	Name: dmi Value: 637363711509365491
.positivepromotions.com/	1970-01-19 12:39:48	Name: _gat Value: 1
www.positivepromotions.com/	1970-01-19 12:49:53	Name: AWSALB Value: f/iXCNCDn/Pvoj3vSKDs9TQihFOj/2N2rltTSZ16m5k2tR7C6PNlrpvjHcRIFzKmqHZHGgQ4stexKq2iOFw0THl1mc/0co3HlaR506s/M0l3swYWGcQ/xeUeAuac
www.positivepromotions.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: bziod5vzgq5oyuq2ggozx5lg
www.positivepromotions.com/	1970-02-10 10:15:48	Name: visitor_guid Value: afb22eaf-b75f-41bf-a817-c24a13619043
.positivepromotions.com/	1970-01-19 12:41:15	Name: _gid Value: GA1.2.1466071102.1600788752
.positivepromotions.com/	1970-01-22 22:42:10	Name: unbxd.userId Value: uid-1600788751878-38851
www.positivepromotions.com/	1970-01-19 12:49:53	Name: AWSALBCORS Value: f/iXCNCDn/Pvoj3vSKDs9TQihFOj/2N2rltTSZ16m5k2tR7C6PNlrpvjHcRIFzKmqHZHGgQ4stexKq2iOFw0THl1mc/0co3HlaR506s/M0l3swYWGcQ/xeUeAuac

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
ads.yahoo.com
api.datasteam.io
bat.bing.com
cdn.datasteam.io
cdn.yottaa.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-sync.teads.tv
cw.addthis.com
d.impactradius-event.com
d.turn.com
d21gpk1vhmjuf5.cloudfront.net
dis.criteo.com
eb2.3lift.com
emails.positivepromotions.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
idsync.rlcdn.com
jadserve.postrelease.com
match.sharethrough.com
maxcdn.bootstrapcdn.com
p.alcmpn.com
p.yotpo.com
partner.mediawallahscript.com
pixel.advertising.com
pixel.rubiconproject.com
positivepromotions.com
pubhtml5.com
qoe-1.yottaa.net
r.casalemedia.com
recommendations.unbxdapi.com
s.ad.smaato.net
s.yimg.com
secure.adnxs.com
simage2.pubmatic.com
snip.bronto.com
sp.analytics.yahoo.com
sslwidget.criteo.com
static.criteo.net
staticw2.yotpo.com
stats.g.doubleclick.net
sync-t1.taboola.com
sync.outbrain.com
tracker.unbxdapi.com
trends.revcontent.com
unbxd.s3.amazonaws.com
ups.analytics.yahoo.com
us-u.openx.net
use.fontawesome.com
visitor-services.boldchat.com
vms.boldchat.com
vmss.boldchat.com
widget.us.criteo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.positivepromotions.com
104.109.66.25
122.248.251.30
141.226.228.48
172.217.16.194
173.199.53.100
173.199.53.22
178.250.0.163
178.250.2.151
18.156.0.31
18.194.7.207
18.196.236.3
185.64.189.110
2001:4de0:ac19::1:b:1b
2001:4de0:ac19::1:b:3b
2001:678:cb4:bbbb::13
204.2.131.14
212.82.100.181
23.111.9.35
23.210.248.44
23.210.249.164
2606:4700:10::ac43:cc2
2606:4700::6811:4f6b
2620:1ec:c11::200
2a00:1288:f03d:1fa::4000
2a00:1450:4001:801::2003
2a00:1450:4001:802::200a
2a00:1450:4001:809::2003
2a00:1450:4001:809::2008
2a00:1450:4001:81a::2008
2a00:1450:4001:81b::2003
2a00:1450:4001:81d::2002
2a00:1450:4001:821::200e
2a00:1450:4001:824::2004
2a00:1450:4001:825::2003
2a00:1450:400c:c07::9d
2a02:2638::1c
2a02:2638::3
2a02:26f0:6c00:280::3a7c
2a02:26f0:f1:296::1d72
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.247.125.34
35.176.88.2
35.186.249.72
35.193.67.164
35.244.159.8
35.244.174.68
37.252.173.62
52.219.125.32
52.29.222.110
52.59.102.119
52.73.66.205
52.9.74.36
54.210.170.56
54.91.222.103
54.93.35.217
63.32.81.121
66.225.223.31
68.232.35.206
69.173.144.139
74.119.119.150
92.122.253.103
99.84.144.107
99.84.144.51
99.86.7.44
99.86.7.61
004af2f1118416e6152e6bcbe984ef0fc077e950422377223e046a86bcc14466
0064adadac62d4192555685bb55721814505b019317ecb6e8542f224cd37f192
052bdb1705e88bb78fd2efb5352a7e956b871b7ede1ab2ea9ccf279488372fb1
097afea517679d2e0b986d77cb3fe7808026882b52ca074a050e03e7a4a6996b
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0e05937072d6adb1189d33aa348742485f4e50516aa5db2fa4752a062974c7cf
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0f22b246b5b3a1a62d2500e37fbdc4a88ad55b83f033f9350adf44097aaf4ef1
0f6204713c11eeb6d7648e3401617e22f8e88f96cd517a538dc018ac2ab7bdf2
1018ea923141e1d37033fcb924a6a401db104568cbed8780f2034be7a80c2041
1020ebd7e59a7ce616ba2a6e533485c5bbc98053add7b12a1c95e1b5e5ca4725
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
134ec1cb43774c298560a3ef8beb25f96c27d40f4de10957fc5e358b4161e0e0
13c170450fd97d42287db6b538f1aa603b052e7713e0b04a1f8268ea4503f85b
1898c437683b3f6fdce76fb13f518c451ca9376c8ad5bdb4b5e3cfcd13717460
1be218e5543848dbd0609410b3c68c936580f36d3336a1fa790ca907edf155f0
2037566145973bb8328adbc9b3d6c1b00f98fe607c4f65ef75ac29821fc0ee81
2082c62475463c05d99fb3aa3b4c9cc570026d86bbcea5a1d6d76ef30e30d6df
20c3292613359e9cbaf417c980d497e8df6efee9d9124e0eebe1792fa38b04e3
21bff12856ef61a7cd62b5461bba05d8df8f2e13b784a1dbb11dffe25c36056f
22182b397724050a5d43fe3764f2c57772444a51bf7245e44addbf0f4ecadc5a
242d5967416ff7741af7f6a02be2ecaec3bdbb8575eb379a8ba65562d8e39446
2551a2873aa0ce6dbf0c40e163499e893a782edc4fde8456f09cafa05b668944
26062b7f56da1e9ac007cfc4895afb473b854f288106edf2fab741a513320ee0
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2ee20229dc814f3ba3e40c9005e5dea8216164f72b21734dd7ec857f137ceccc
31480fb4efe81a6fa395bb84e48f8a95e63beed3b3a53dde06109608f6a1d786
31c3d6ddec400935b2dcfc244c9c3c19c4e778657b9cd205644b667d9cbf4c49
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3389cc721507ac4a3486948bb2125286b818dc97252e2f16231d02f6918ead0b
36732bdcfcbf88c05c411495de1ec4c6e1ed584060d386a5f647678d473fbb77
39562151cd9930d248d432a664f3e83d3c4c446dcf7d502944c084cd848ce0ae
3ae5d8b5a2806b811378107313b19f0b05baae4b2bbe85e19e9cd223391a0fe3
3b3613d94c3ae7393e5781f023177e7d54e6d3440dbb004060cec40a7d5f0727
3b95555ecf083a644c052294f6ae432237dae1a96bba1fd36d6fd50008e244a2
3b9e2c7abe011a82abd74c43584a2256431231d6aea59dc1515bdbfb2926cbbe
3c24b215ca07aff5472816af0532da3c1689b4599f1347297b97e2b6a118a1e0
3d3040db72f2e65def04a5e3bb7d9e6cd77509221bab8c8fc8e311dd447e8a23
4162687ac2d243d20ab4152f80551a0adcd810c77b891661ea5b95af7e704ec2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4426bea797eed81c67557e46861151ff2efd18ac444db12f8e3a6ef436150f1d
44c7a313987266137f475859395cfa30414abf12182bf74b06b33d804b0c29f9
48ad33787e49556536171325ac3cc2a0df9b5e06f8852efb41541276f1e446ee
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c8ce95e3a62d4bb4a8cfb02d4b61c8368c87798299872bfdc027b8482a92631
4cd36023eb5b3ed3553cb48e94fa8b2f0308109163d2722929f1c3de87b0d480
4d975adf2cf2f249487adf14b2082908cfafb071bd599fc8560bd512c9d7a471
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
509e31ff8434caa6066ee3ac0d3192b748cd804050597030d696df04c9c3d5d1
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
55d273cbf24517eb1cc1271016eef7a8660ef7c29ad84402a9deb80d22df1383
55dd61811ac7f596acc87716915b2efdd67dd3a0029a49ab3a16e69cbfe08555
56f95ff21e2ed3afd665ab3f1f9d311b9365b3629ffc3fea1f8713bd8e376398
579a172ca2c700734ebcfa06d105a134f31ec2357660e58e0874cfdee8472fd4
5a05f9db9da75445577638a9c3b553deb28b09c07c4759234a9ad20297da0ca3
5abc288a2eff69f9a58afd3860af49d2daf1b17ad0ce22aa92d37608d3debc56
5bacf1f1fc67ad64a28d1f9c611862d87eb788f15cdb6b40f5eabf353e045f11
5c622f5433cbb6ea1df5c0dd8671e55ef7d1464366074730473c453de50a579b
5cc1e8acb9c5eb53e9bca6081f9aaef89670617aae4362c820ceee43426d771f
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5e58fa4b27e7f3531d9233bae7270845e9910428b1676e113a0ee20f612c3484
5f10273b068b586ff466f9d27bf6a3d8d410f074d1e9079328098a6e00d2523b
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
62b5e7ae9e2ed60dcd7cb2e0823dd0884575f2176aff629f2df1e912dfae20e1
672a9a4fe2b337facc53181ed5a2c7797e57dc898c3692375c8a321b9a770cf3
6a81f6f79e40a55cdd8398d2c12feb300e326d74622edf1f491daf1188acf00d
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d419fcaeff6431126fc63cfde2972469aba3b6bff4e057523b7b8f7d231efcb
73b61b5b072cfea99b31ae1feb2e7dce889244a6e395f06ef6e30504dfe1f6f9
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7c3e64ef84e5290feef3e6e6943c4618cd3b609995b6d7bde6e898b06bbf5d5a
809ded41b053ace963459e0611475e0108eccb67bdfceb1092d77ce80909a75b
81eaa133a55ba1861e7e784354a8ddbed3cafc3419e74f1f05ae87aac8caaf0d
82369aa82c069beecaccb05dbc469fe1b725160e01e63c7cec9ae2471bd35c2f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1
87fe6374f27414f083578da189b2e81c5c2b85870203599b67b4d299cab56a7c
88cf2c9a4c4bcef2aa64fb6ea0f337f78e9a7dc61d87993441369fa5cb429d32
88f006c6f5d06d3e9b0d4f7bec0be8c719b5aff7ba046ef77a64f944d90834a1
8b244b5f5b175567a320ddb47fd376f73356ce46459417fd2763f216f7f9ec57
8b76b3cddd1e228c9d709db82d3d2a34262f269d34772c43c9825a8255133886
8c8cb3e3e555ee218e51b16a7c33fa44957f35ec1909701633756306a3fa4fc6
8cd28046b8f576276bb8f2a8e9b72bee8237c7ace91fe79f1ce2d283f23bd583
8f5efeb8e7184d30d948891117232917ba9285e4307203293959175fc11e63b3
9086a4f2d1bc952690cc78688f5a6d2e169d3a1eef9f788512ef5fa2be888bcc
91e52e8155aaf5e6478f6b433692f226960f46aed69b5d3dd227c0b479bb3659
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
95fcbf9082db907fc86c76cb568511cef921457eea70de75ace15e8466d9359f
9a462d310893abdf754e05dd5511e92c5a984b16525de7ade6977e5b49649fd4
9b8a5d4db37bad156daaf56eff1bf0eb83ddddf909e11518dc87bc560233ed2d
9d93fc9103f5ed3fe287e463bcb7376519ebfd8e4344177724c2be9ebe1c8dc4
9e446e75dc20b6dc693b247aaf7704112e55ef434588368aa0761fc76b3a29a5
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1747ea9a9dfe58c70d5b6b04f22b6aca8c48d2063baa8da900b2089e73c7c3d
a1f35edd40f07d4300aaeebab334a72ac340a464204d1c6c7458163f594f30c1
a4d2b1d47686b43ae583ef485fb6ad27b86c28415d1adfd3f4a880e8c6161ea6
a61d8687f980bf5ef71b178b270a9713c0bb745b73dd56fed208c103d99af846
a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9
a97c4ad701fed96125f4066508b5342868675d5384b0beafb0194c8279be06d0
aaf3ba1fcd9c7ed305717cbdb8144afd3c52126391d6cb1376416db43f7afe43
ab23e5ef2389cf1539e1ad4dc3ff1cbd09a452482157ee899fd27f83239d9360
ac82ce791c576bf9823e09d759621e498e38d750be14b9f76e27f46bae317423
ad4c4ceedd14c9d85a094c759ea244dde244b60ae5ee77f82c6495a4208858e7
adf57c1c466e6fc7121918acc81e1c70e1888b2c7edf2ad8f58546182532b9a9
b11aa91074a16dcfba56f9351a71f15109923e9a46f904bcb81873b0e9f0efcb
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1bf5741c95d01d3270f5624dfd90abdcee36c353a79f939ebdc6eea4a139950
b248519c3f3409fe0758aafef8d0c7e5ec17ae14399e18a7ab608ad1340c3b87
b46dc1673faa2af5843564d4e298a4397d760c6274b10da9ee1463e41bee35ac
b4de69f8078f79f1ef9261de3353172155b091d45078d5c79a6476873f825df6
b72031ab9ee0b637634d8b4c5ea7d5c9c1286acaa1a5f3f8c43d3a8f5fa82664
b986fbc59b4f9794ff0d1bd475093053df31b2b79b545daf4125f0abf912716b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c30caab2963ebed0c88937bf131804afdd2bf4b4bb6ef8e46d0be55cb305726f
c72319c29420d6a8348a919663cc199094dd7129f62f58b0d678ce18a47e660b
c729b78d488b8ee9fd8a8e2f0bf4006540e6463c96664c9c496c647249e382cb
c917f69d8194a8ef256fc8e05cbf8e4e0b68c04280cc445d05e81f7318e4ddfd
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca94205bd925fecd979d7b5714b5f69a64d2a3d28116a7181fabcfa4b7f593ae
ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550
ced7e817b2e92e1c3ef51e66ea4ff33aaf248786c319a079d7da46f8a97bc408
d09a5d7c4e39134261c9142b6b3e5999e2a657c5825663f008303ff0879cb503
d34df9d80e6ff53e3882b4d061b37b34fb1e752c749478c9b235cd5992d58536
d47e79deb24cf7fd48a9104ba5e554e3da566e663241a446ef684257cd9a42c7
d6a5da52c9483d6e5aef07d46edb1d2b46ee536b2bcf8a6bed3ae85ba1d74b8b
d8d6c5065bd297601c8f352e3b9cee6fae8a872fcb4f10dc429f58e741ed1e71
dbeb3bde562641bf11ac5e6e2fae5852681636f081e0b8df8a0d0db735259b00
dc057632b70ebbd01209d18802c279186b964d476a737a04e6b3f6f44025bdff
dc4920dd2a007ae5d6c24fa68a7e524524176489397b764e29f531bf593fdb47
dc89916a09f2cc096d5fed5207187669b87d75f4ab3c387689f4f346d0242602
e1eed7eeb3d66a6c76d2567bc3a6ef502be67a866f965e42296b87cc85dda3d3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c9ed7f6bd65d5d2af552137ab78e485b19c695d7019433249707db818f33a7
e4fa437e044d3f739bd5e4aa2d1bd94e3952e888baec655763cd7969576001da
e510d6ab6cd40e2c523ad1503c775a98ae322e935c976962f3d1fd97f12ee5c7
e6de96b686567ff3e6731fa6c24827b77c9beb4a252c1518935c4750f847cc3f
e7043ee5f03e403e12542d337708df8ce559f5f90e43bce5bdaf8fb710ebcb72
e96d1f2ab9ae2c745992af553df65385e7725788a3bcb47501378109e118a8a7
ea1a77513a2d2393b3f6d7229cdfabecb328a94b4381d1229f3e9ae98ff286c1
ecb7ef8f21f978fb32752077d4cc22e3ab4c3e0e17ff39b1abad6e26ebba5178
ee6ba5d5ebbe884f25b17c712e018bcc31ddc08c7baa49611a553b61a034a85e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f12fcf18866ca5a680b57f8c2d30aa4e5e38328ffd797fe964eecbe2776d8fd0
f16ff2648e2aa593a7a167bfc9b47689551d12a3cd90314e1475437445ed0cf6
f245e3bb4f56dd897a55735700e389c52f1eecc5b3ed8c8ae5c1f3f35e06d26b
f332d2f3ac637ee74d969509c8267cb20c5e06083801c6b33d4031a08fe4855f
f33e62610fc8fe7b882fe4a02aa4e86259d69ff0a2b36fef890479dbfefe9aea
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
facad2d272a26383afa00bbced57936096b16a48c311111d3bace214e8c70e36
fb057158136185fffc7b59f61d3d16ccdb40a252dc818dfa7c573aad355d0547
fd63d6a5ec44215e50612d8bea8eff0a12f5d4981ab6745db8d8479f7c102845
ff1e7839d2cb72b8e951d3e09b2d2b35841165e84fab1dd40d121dc8602a6471
ff4d0c2b64f4d9e704d0742dc74cd75606d9e15734fd8741f9d0ab5a8c5b7f16

www.positivepromotions.com Open in urlscan Pro 99.86.7.61 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

186 Requests

100 %HTTPS

36 %IPv6

51 Domains

66 Subdomains

63 IPs

11 Countries

3244 kBTransfer

7780 kBSize

22 Cookies

11 Outgoing links

Page URL History

Redirected requests

186 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.positivepromotions.com Open in urlscan Pro
99.86.7.61 Public Scan

Screenshot
Live screenshot

Full Image

186
Requests

100 %
HTTPS

36 %
IPv6

51
Domains

66
Subdomains

63
IPs

11
Countries

3244 kB
Transfer

7780 kB
Size

22
Cookies

186 HTTP transactions
0 data transactions