urlscan.io logo urlscan.io
SecurityTrails logo

positivepromotions.formstack.com Open in urlscan Pro
65.9.95.4  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://posimail.positivepromotions.com/rd/9z4ztnvkgqh331mmqtukocmejctlkcnkvehm2bsm218_rp22sh2s8i66p37cpj60or24no
Effective URL: https://positivepromotions.formstack.com/forms/healthcarequotesjq
Submission: On April 12 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 8 domains to perform 31 HTTP transactions. The main IP is 65.9.95.4, located in United States and belongs to AMAZON-02, US. The main domain is positivepromotions.formstack.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on March 20th 2023. Valid for: a year.
This is the only time positivepromotions.formstack.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.42.80.126 16509 (AMAZON-02)
17 65.9.95.4 16509 (AMAZON-02)
1 52.216.143.166 16509 (AMAZON-02)
1 65.9.95.3 16509 (AMAZON-02)
4 2606:2800:234... 15133 (EDGECAST)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
4 2a03:2880:f00... 32934 (FACEBOOK)
2 104.244.42.72 13414 (TWITTER)
1 2a03:2880:f10... 32934 (FACEBOOK)
31 9
1    52.42.80.126 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-42-80-126.us-west-2.compute.amazonaws.com
posimail.positivepromotions.com
17    65.9.95.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-4.prg50.r.cloudfront.net
positivepromotions.formstack.com
static.formstack.com
www.formstack.com
1    52.216.143.166 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
1    65.9.95.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-3.prg50.r.cloudfront.net
www.positivepromotions.com
4    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    2a02:26f0:3500:16::215:148d (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
platform.linkedin.com
4    2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
2    104.244.42.72 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
1    2a03:2880:f107:83:face:b00c:0:25de (Vienna, Austria)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
17 formstack.com
positivepromotions.formstack.com
static.formstack.com — Cisco Umbrella Rank: 25208
www.formstack.com — Cisco Umbrella Rank: 44829
217 KB
6 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 793
syndication.twitter.com — Cisco Umbrella Rank: 1106
149 KB
2 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 760
133 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 161
89 KB
2 positivepromotions.com
posimail.positivepromotions.com — Cisco Umbrella Rank: 597880
www.positivepromotions.com — Cisco Umbrella Rank: 270886
48 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 109
15 KB
1 linkedin.com
platform.linkedin.com — Cisco Umbrella Rank: 3552
160 KB
1 amazonaws.com
s3.amazonaws.com
8 KB
31 8
Domain Requested by
13 static.formstack.com positivepromotions.formstack.com
4 platform.twitter.com positivepromotions.formstack.com
platform.twitter.com
3 positivepromotions.formstack.com positivepromotions.formstack.com
static.formstack.com
2 static.xx.fbcdn.net www.facebook.com
2 syndication.twitter.com platform.twitter.com
2 connect.facebook.net positivepromotions.formstack.com
connect.facebook.net
1 www.facebook.com connect.facebook.net
1 platform.linkedin.com positivepromotions.formstack.com
1 www.formstack.com positivepromotions.formstack.com
1 www.positivepromotions.com positivepromotions.formstack.com
1 s3.amazonaws.com positivepromotions.formstack.com
1 posimail.positivepromotions.com 1 redirects
31 12

This site contains links to these domains. Also see Links.

Domain
www.formstack.com
Subject Issuer Validity Valid
*.formstack.com
Amazon RSA 2048 M02		 2023-03-20 -
2024-04-17		 a year crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01		 2022-12-06 -
2023-12-05		 a year crt.sh
www.positivepromotions.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-10 -
2023-11-10		 a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-06 -
2023-11-06		 a year crt.sh
platform.linkedin.com
DigiCert SHA2 Secure Server CA		 2022-06-09 -
2023-06-09		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-01-20 -
2023-04-20		 3 months crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh

This page contains 4 frames:

Primary Page: https://positivepromotions.formstack.com/forms/healthcarequotesjq
Frame ID: 67E75341C9420DCFC26EEEB42F8C4759
Requests: 25 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fpositivepromotions.formstack.com
Frame ID: 92F7AFEE2452BE68F3A679FD0AC5B13D
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/v2.0/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1a70dcee5ae2d8%26domain%3Dpositivepromotions.formstack.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpositivepromotions.formstack.com%252Ff10f51620daa648%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fpositivepromotions.formstack.com%2Fforms%2Fhealthcarequotesjq&layout=button_count&locale=en_US&sdk=joey
Frame ID: 84E64A63E790852987E14484169DFF43
Requests: 3 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
Frame ID: 8009F1F06AEE4FBE9BC4E7DCF72D6735
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Healthcare Quotes - John Quintana - Formstack

Page URL History Show full URLs

  1. https://posimail.positivepromotions.com/rd/9z4ztnvkgqh331mmqtukocmejctlkcnkvehm2bsm218_rp22sh2s8i66p37cpj60or24no HTTP 302
    https://positivepromotions.formstack.com/forms/healthcarequotesjq Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • //platform\.linkedin\.com/in\.js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

31
Requests

100 %
HTTPS

44 %
IPv6

8
Domains

12
Subdomains

9
IPs

3
Countries

819 kB
Transfer

2492 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://posimail.positivepromotions.com/rd/9z4ztnvkgqh331mmqtukocmejctlkcnkvehm2bsm218_rp22sh2s8i66p37cpj60or24no HTTP 302
    https://positivepromotions.formstack.com/forms/healthcarequotesjq Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request healthcarequotesjq
positivepromotions.formstack.com/forms/
Redirect Chain
  • https://posimail.positivepromotions.com/rd/9z4ztnvkgqh331mmqtukocmejctlkcnkvehm2bsm218_rp22sh2s8i66p37cpj60or24no
  • https://positivepromotions.formstack.com/forms/healthcarequotesjq
62 KB
62 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://positivepromotions.formstack.com/forms/healthcarequotesjq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-4.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
9cb313db26b68d16ce719370a73748f24d7e1e10910ef299ba5761a87ea8d74c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=5 public
content-type
text/html; charset=UTF-8
date
Wed, 12 Apr 2023 21:30:56 GMT
expires
Wed, 12 Apr 2023 21:31:01 GMT
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains
via
1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
x-amz-cf-id
xbujZZQbnBprCBWjdY1iW7Qi7I691z7PKBMcVHXmXGXma0kJ5FeFZQ==
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront

Redirect headers

content-type
text/html; charset=UTF-8
date
Wed, 12 Apr 2023 21:30:56 GMT
location
https://PositivePromotions.formstack.com/forms/healthcarequotesjq
server
Apache
status
302 Redirect
reset_3d1cc6d59f.css
static.formstack.com/forms/css/3/ 		2 KB
881 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.formstack.com/forms/css/3/reset_3d1cc6d59f.css
Requested by
Host: positivepromotions.formstack.com
URL: https://positivepromotions.formstack.com/forms/healthcarequotesjq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-4.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
86d5823df9f96c928e9981519128e09bf8f745ca88e690be0b342b5ce904d394

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 12 Apr 2023 18:50:25 GMT
content-encoding
gzip
via
1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
last-modified
Wed, 12 Apr 2023 13:41:45 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
age
9631
etag
W/"6436b519-616"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
public, s-maxage=86400
x-amz-cf-id
Pq8DfWgZdSu3KraNQ3AII_dRsX4EkleThNjgpM64InYn78EqJOjb_Q==
jquery-ui_eb08fdf84b.css
static.formstack.com/forms/css/3/ 		32 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.formstack.com/forms/css/3/jquery-ui_eb08fdf84b.css
Requested by
Host: positivepromotions.formstack.com
URL: https://positivepromotions.formstack.com/forms/healthcarequotesjq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-4.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
4fd91864be6192916a0cdc95d51d179f9bc071b462b7cb1e9e311a4bed974f41

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 12 Apr 2023 18:50:25 GMT
content-encoding
gzip
via
1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
last-modified
Mon, 10 Apr 2023 19:38:59 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
age
9631
etag
W/"643465d3-8052"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
public, s-maxage=86400
x-amz-cf-id
P26lxbwFClhI0WAa-t84gqK5IQO0dWrs7iTxBQLC0kg1xXOeBH0TPw==
default_637050611e.css
static.formstack.com/forms/css/3/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.formstack.com/forms/css/3/default_637050611e.css
Requested by
Host: positivepromotions.formstack.com
URL: https://positivepromotions.formstack.com/forms/healthcarequotesjq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-4.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
8be533d533b9ca9a27c653ae2e71756be96845c84df07cb7ab9629a35741c205

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 12 Apr 2023 18:50:25 GMT
content-encoding
gzip
via
1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
last-modified
Mon, 10 Apr 2023 19:31:01 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
age
9631
etag
W/"643463f5-51ea"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
public, s-maxage=86400
x-amz-cf-id
QEytNsGCxY2jD4y8WZvUGJBbRSpPJ7D6bsZcPQQJ3KLfixT_M1wifw==
uil-static.css
static.formstack.com/common/css/ 		51 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.formstack.com/common/css/uil-static.css
Requested by
Host: positivepromotions.formstack.com
URL: https://positivepromotions.formstack.com/forms/healthcarequotesjq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-4.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
5ec11883dbd19aa91c86ade182cfe7037a9b9f954daca64f341ffd0595e429c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 12 Apr 2023 18:50:25 GMT
content-encoding
gzip
via
1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
last-modified
Mon, 10 Apr 2023 19:26:14 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
age
9631
etag
W/"643462d6-cc55"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
public, s-maxage=86400
x-amz-cf-id
iq2CF-BROQu1ETD6qr13gqnS6GxCOm2NBm0cvTsC4zIwW4O-ZTYvPw==
dialogs_00a7ec5f05.css
static.formstack.com/forms/css/common/ 		170 B
506 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.formstack.com/forms/css/common/dialogs_00a7ec5f05.css
Requested by
Host: positivepromotions.formstack.com
URL: https://positivepromotions.formstack.com/forms/healthcarequotesjq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-4.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
9fc43e8f6f26a254c4570b6ccd4e08a2a5f97bedcd1f3491ede9bbb8b5012d90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 12 Apr 2023 20:37:46 GMT
via
1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
last-modified
Mon, 10 Apr 2023 19:33:41 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
age
3190
etag
"64346495-aa"
x-cache
Hit from cloudfront
content-type
text/css
cache-control
public, s-maxage=86400
accept-ranges
bytes
content-length
170
x-amz-cf-id
N4f_k9mciy1HTDSA1xwRfrW18AVjL0IzYQuX2j3Opqc3BKfrjUH6_Q==
292622_tmpl_head_6001b52c8d710.
s3.amazonaws.com/files.formstack.com/public/502701/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/files.formstack.com/public/502701/292622_tmpl_head_6001b52c8d710.
Requested by
Host: positivepromotions.formstack.com
URL: https://positivepromotions.formstack.com/forms/healthcarequotesjq
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.143.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
4315b545724305bd6f32c456d1b1757f450da398307e2795727f8f5c65a69e46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Wed, 12 Apr 2023 21:30:57 GMT
x-amz-version-id
0JMeDEb_eQaaZOMar9Un62PLatgsFsBB
Last-Modified
Fri, 15 Jan 2021 15:30:53 GMT
Server
AmazonS3
x-amz-request-id
R1R2A4KQZ7AAD4MP
ETag
"3921e3a6c5615cbf9a1c8a8bbe72a028"
Content-Type
image/jpeg
x-amz-replication-status
COMPLETED
Accept-Ranges
bytes
X-Robots-Tag
noindex
Content-Length
7662
x-amz-id-2
d711JNyvxh6eyc8eLAAyFn3uIvBP5BB0i1XKj+/1MPgoPnOTjr4xia3+ct8LZ3Nbzfn6XtaMzhg=
tlvlhlc.jpg
www.positivepromotions.com/images/art/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.positivepromotions.com/images/art/tlvlhlc.jpg
Requested by
Host: positivepromotions.formstack.com
URL: https://positivepromotions.formstack.com/forms/healthcarequotesjq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-3.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
361b5619f5e27a76320e878f44630489569a2e666c63dee4fab7b63b1667a71a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 12 Apr 2023 18:48:18 GMT
via
1.1 d9c696d6d0c92f63870873ced2895baa.cloudfront.net (CloudFront)
last-modified
Fri, 09 Sep 2022 15:44:56 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
9759
etag
"8c701aab7ad194719f70cf8c1aff9278"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
48399
x-amz-cf-id
XEgDYvCwbV-eV-oij-pT--N7nl-JFVxqV0ZM6D9jBmC9ay7J5Ytx7A==
stacklock.png
www.formstack.com/admin/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.formstack.com/admin/images/stacklock.png
Requested by
Host: positivepromotions.formstack.com
URL: https://positivepromotions.formstack.com/forms/healthcarequotesjq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-4.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
7f88c7eb830e129a72668bec156be3b531f711bc03d7ed9fd15844f97f4e0ee9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 12 Apr 2023 18:50:25 GMT
via
1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
last-modified
Mon, 10 Apr 2023 19:26:14 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
age
9631
etag
"643462d6-b73"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, s-maxage=86400
accept-ranges
bytes
content-length
2931
x-amz-cf-id
Cqtftntpsh2lhIdFVuXk-HHemKTY_srNZfP9xeuFwvs_OSRlEiK0vg==
pre-fill-button.png
positivepromotions.formstack.com/admin/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://positivepromotions.formstack.com/admin/images/pre-fill-button.png
Requested by
Host: positivepromotions.formstack.com
URL: https://positivepromotions.formstack.com/forms/healthcarequotesjq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-4.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
6ae18af25b0e9b719e18530c09b5647d99b337fd12e4f75e653de8f81a7fdedd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/forms/healthcarequotesjq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 12 Apr 2023 18:50:25 GMT
via
1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
last-modified
Mon, 10 Apr 2023 19:26:14 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
age
9631
etag
"643462d6-52d"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, s-maxage=86400
accept-ranges
bytes
content-length
1325
x-amz-cf-id
04u5apZoWi6pIGr9VvKCS45wL44jvQaaDj0wio0lxF_z2VVh8lUaTw==
widgets.js
platform.twitter.com/ 		91 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: positivepromotions.formstack.com
URL: https://positivepromotions.formstack.com/forms/healthcarequotesjq
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BE) /
Resource Hash
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Wed, 12 Apr 2023 21:30:56 GMT
Content-Encoding
gzip
Age
13
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27630
Last-Modified
Tue, 24 Jan 2023 21:41:51 GMT
Server
ECS (frb/67BE)
Etag
"9e99725b7a4cd730a934afba2a438bb5+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
Vary
Accept-Encoding
in.js
platform.linkedin.com/ 		509 KB
160 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.linkedin.com/in.js
Requested by
Host: positivepromotions.formstack.com
URL: https://positivepromotions.formstack.com/forms/healthcarequotesjq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Play /
Resource Hash
f3e9ab0ad4c8de7ffe3d9ba47ad32367ccf1193b6b922a1a50bff903ad7477c8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 12 Apr 2023 21:30:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cdn-client-ip-version
IPV6
server
Play
x-li-pop
prod-lva1-x
x-cdn
AKAM
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
x-li-fabric
prod-lva1
cache-control
public, max-age=3600
x-li-proto
http/1.1
content-length
163379
x-li-uuid
AAX5Kf0dGthZxZ5GoOtj3w==
expires
Wed, 12 Apr 2023 22:06:59 GMT
jquery.min_1d14cd3798.js
static.formstack.com/forms/js/3/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.formstack.com/forms/js/3/jquery.min_1d14cd3798.js
Requested by
Host: positivepromotions.formstack.com
URL: https://positivepromotions.formstack.com/forms/healthcarequotesjq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-4.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
04bebecfb9f7ce92cf947ce283fccf067cf6870f65af3456dd22b6c102447c83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 12 Apr 2023 18:51:56 GMT
content-encoding
gzip
via
1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
last-modified
Wed, 12 Apr 2023 13:41:45 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
age
9540
etag
W/"6436b519-16cfa"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, s-maxage=86400
x-amz-cf-id
RLn0ippEDNZcZPwYvHQ5bwPbBoj-oU_c83ZD3fGqtjcUkea_Oh2zLg==
jquery-ui.min_42a497cb9f.js
static.formstack.com/forms/js/3/ 		82 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.formstack.com/forms/js/3/jquery-ui.min_42a497cb9f.js
Requested by
Host: positivepromotions.formstack.com
URL: https://positivepromotions.formstack.com/forms/healthcarequotesjq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-4.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
651dab4cb7bc37df2f04d730db54ee9e9bdc1f93fe9739a05c9ce07e0e335947

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 12 Apr 2023 18:51:55 GMT
content-encoding
gzip
via
1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
last-modified
Mon, 10 Apr 2023 19:33:41 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
age
9540
etag
W/"64346495-147b6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, s-maxage=86400
x-amz-cf-id
LH8nHzIqW5O5SsN7gVpIBlGS3xzRJ2tbnl9nGkT-AZlLlw7ARGUx9Q==
scripts_0edcde2e8b.js
static.formstack.com/forms/js/3/ 		79 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.formstack.com/forms/js/3/scripts_0edcde2e8b.js
Requested by
Host: positivepromotions.formstack.com
URL: https://positivepromotions.formstack.com/forms/healthcarequotesjq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-4.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
74bf23cb58f15f0a5828b81f3285e56f3917d80c4834cc990645c5aa5ba4c254

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 12 Apr 2023 18:51:56 GMT
content-encoding
gzip
via
1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
last-modified
Mon, 10 Apr 2023 19:36:21 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
age
9540
etag
W/"64346535-13d02"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, s-maxage=86400
x-amz-cf-id
aVIueYKjKIXfolrwVOsM--eWdouzmhDMYl1w8DIZyXAxngiCQVDMsw==
analytics_7d49daa365.js
static.formstack.com/forms/js/3/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.formstack.com/forms/js/3/analytics_7d49daa365.js
Requested by
Host: positivepromotions.formstack.com
URL: https://positivepromotions.formstack.com/forms/healthcarequotesjq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-4.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
af897a5f18c00a272750446a9c34d8e024e18813260c4cfef79db22dc4fdf2bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 12 Apr 2023 18:50:25 GMT
content-encoding
gzip
via
1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
last-modified
Wed, 12 Apr 2023 15:42:27 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
age
9631
etag
W/"6436d163-839"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, s-maxage=86400
x-amz-cf-id
7VhxDx9XHyWdL4krakc22LAgKO1brHQX62FWeMCr07wbiFlyD5P9AA==
libphonenumber-min_6f64debfdd.js
static.formstack.com/forms/js/3/ 		165 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.formstack.com/forms/js/3/libphonenumber-min_6f64debfdd.js
Requested by
Host: positivepromotions.formstack.com
URL: https://positivepromotions.formstack.com/forms/healthcarequotesjq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-4.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
be488c0f242b432e7109eebf228368139abbeff37eb8fad1b3c510d41e362bd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 12 Apr 2023 18:50:25 GMT
content-encoding
gzip
via
1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
last-modified
Mon, 10 Apr 2023 19:36:19 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
age
9631
etag
W/"64346533-29364"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, s-maxage=86400
x-amz-cf-id
TNPCeIiVn6owXw8V83Bon-Gm_KAo0J2CrXOGLeB5LP0cuUHVu9l_Zw==
autocapture_b393b647ca.js
static.formstack.com/forms/js/3/plugins/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.formstack.com/forms/js/3/plugins/autocapture_b393b647ca.js
Requested by
Host: positivepromotions.formstack.com
URL: https://positivepromotions.formstack.com/forms/healthcarequotesjq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-4.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
ba640d33e6c4c528bc0667315dd305b76fc10c4b85416853165bfc9820d32417

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 12 Apr 2023 18:50:25 GMT
content-encoding
gzip
via
1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
last-modified
Wed, 12 Apr 2023 15:42:27 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
age
9631
etag
W/"6436d163-17c7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, s-maxage=86400
x-amz-cf-id
VROyPq2vvKstdC2I_uoEd7hJJBwGnZd6mZFkHOE5wI_yGIUBozOCyg==
sharebuttons_16ee24b0ad.js
static.formstack.com/forms/js/3/plugins/ 		488 B
844 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.formstack.com/forms/js/3/plugins/sharebuttons_16ee24b0ad.js
Requested by
Host: positivepromotions.formstack.com
URL: https://positivepromotions.formstack.com/forms/healthcarequotesjq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-4.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
7d5af5ad676dc02d93d6a945a951688ed7b3402a04bc933090de10d614671d0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 12 Apr 2023 18:50:25 GMT
via
1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
last-modified
Mon, 10 Apr 2023 19:38:59 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
age
9631
etag
"643465d3-1e8"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, s-maxage=86400
accept-ranges
bytes
content-length
488
x-amz-cf-id
BtHo0182ZP5iRIiZksgWiQ868CFoB326lkBqo2M7k8PIhsCrrc8mSA==
modernizr_60a2d5aeb5.js
static.formstack.com/forms/js/3/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.formstack.com/forms/js/3/modernizr_60a2d5aeb5.js
Requested by
Host: positivepromotions.formstack.com
URL: https://positivepromotions.formstack.com/forms/healthcarequotesjq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-4.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
af420c807b04fdb5136ef53f3bab83b81f2b94e43fa9856f1fad2fde88383744

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 12 Apr 2023 18:50:25 GMT
content-encoding
gzip
via
1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
last-modified
Wed, 12 Apr 2023 15:42:27 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
age
9631
etag
W/"6436d163-33bc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, s-maxage=86400
x-amz-cf-id
xShbcjKG0ZN7MH9CvcwXuhESVCNq9B8vzQtlopK86NI8EwE0Ha19XA==
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: positivepromotions.formstack.com
URL: https://positivepromotions.formstack.com/forms/healthcarequotesjq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f44be455856fe633238830b80c2ef687f4d4c3578aee8688be9caeb74a0fc7cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 12 Apr 2023 21:30:56 GMT
content-md5
RZDmzxp8dH2P7/41bhjQfg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1689
x-fb-rlafr
0
x-fb-debug
YmQ2TAyENVUrgfMwvYzmavnvP2u1HSzYOSC9eoPoKb6LwRlk9kCfckti78OdCSNbNP8tokk81c1t+sbTJIeZqw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
720026100
x-fb-content-md5
fbd21c7ebb3d99c484e7102d1e81dd32
cross-origin-opener-policy
same-origin-allow-popups
etag
"5fb486a28ccde5fda62842ce61e342d6"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
x-frame-options
DENY
timing-allow-origin
*
expires
Wed, 12 Apr 2023 21:41:05 GMT
widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html
platform.twitter.com/widgets/ Frame 92F7 		320 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fpositivepromotions.formstack.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/669E) /
Resource Hash
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer
https://positivepromotions.formstack.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
2421490
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105435
Content-Type
text/html; charset=utf-8
Date
Wed, 12 Apr 2023 21:30:56 GMT
Etag
"95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified
Tue, 24 Jan 2023 21:41:13 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/669E)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
settings
syndication.twitter.com/ Frame 92F7 		663 B
605 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=588a0534c4d2b2d6aca3ac6ba8a9fa4abb2f2558
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fpositivepromotions.formstack.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
92747742b0d05de841880d3cad6550593fa08692d26fe086e15d4a5696606a54
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-response-time
112
date
Wed, 12 Apr 2023 21:30:56 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Wed, 12 Apr 2023 21:30:57 GMT
server
tsa_o
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
5f7c6f62abd60213
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
a71ba0de7a400546f4324adfc5d4ba5b57a4187c1d240ff39c632f38c4a1d089
content-length
284
sdk.js
connect.facebook.net/en_US/ 		306 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=e90c4e961d643197465091715b88f72c
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fbae6eb35d419f8258ac9259c5c7a87c793a58585abcc3fa042fa3f9fd3655d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://positivepromotions.formstack.com/
Origin
https://positivepromotions.formstack.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 12 Apr 2023 21:30:56 GMT
content-md5
AcvED8T9x0W6n7d3ky/vAg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88562
x-fb-rlafr
0
x-fb-debug
s5o7Z2NKOQQFIcwq1VI/jDA0YenTBwQE7rWxckpNt/vq6mUw2W9E1vs8nJK93BoAtVofrIu1Mqmhq1frBUxcfw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
769355f79720a77a5aece8c60c673093
cross-origin-opener-policy
same-origin-allow-popups
etag
"d3c61344cc91ccd3a0bed513ae9d3b7b"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Thu, 11 Apr 2024 21:17:32 GMT
button.e7f9415a2e000feaab02c86dd5802747.js
platform.twitter.com/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/button.e7f9415a2e000feaab02c86dd5802747.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BE) /
Resource Hash
ef116c4b154888a36784c143110b264cfe6528a4061c5dcc14e6431ecfbcac56

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Wed, 12 Apr 2023 21:30:57 GMT
Content-Encoding
gzip
Age
2421491
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
2618
Last-Modified
Tue, 24 Jan 2023 21:41:06 GMT
Server
ECS (frb/67BE)
Etag
"506673dbdb9085e7201e137e893cc152+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
analytics.php
positivepromotions.formstack.com/forms/ 		0
323 B 		Script
General
Check archive.org
Download Go to
Full URL
https://positivepromotions.formstack.com/forms/analytics.php?f=5173901&a=fv&m=hosted
Requested by
Host: static.formstack.com
URL: https://static.formstack.com/forms/js/3/analytics_7d49daa365.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-4.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/forms/healthcarequotesjq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 12 Apr 2023 21:30:57 GMT
via
1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubDomains
server
nginx
x-amz-cf-pop
PRG50-C1
x-frame-options
sameorigin
x-cache
Miss from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public
x-amz-cf-id
NjZqhw02p10P9Hiz0OSUQLBdeyWB5EPL57OkStjEceNvw51VYD2QNA==
share_button.php
www.facebook.com/v2.0/plugins/ Frame 84E6 		43 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.0/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1a70dcee5ae2d8%26domain%3Dpositivepromotions.formstack.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpositivepromotions.formstack.com%252Ff10f51620daa648%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fpositivepromotions.formstack.com%2Fforms%2Fhealthcarequotesjq&layout=button_count&locale=en_US&sdk=joey
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=e90c4e961d643197465091715b88f72c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a9b70044b7959e5751e988260b490d6e9bcf4ccd879746b2d49f866829be166c
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://positivepromotions.formstack.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
date
Wed, 12 Apr 2023 21:30:57 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v10.0
origin-agent-cluster
?0
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
oWghFgGvXjVPksZg9MEtBrHEiZ5Vadw0MNhpYRVo2AuGrwRxqEwPGIFe2lxIOIWKqVelv+DK2nieOSIySQWQvA==
x-fb-rlafr
0
x-xss-protection
0
tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
platform.twitter.com/widgets/ Frame 8009 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BE) /
Resource Hash
a7fd41fd349db8949a256323b8d9af1f86fe14bbd84214553ca70cb488a95e7b

Request headers

Referer
https://positivepromotions.formstack.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
2421490
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
13592
Content-Type
text/html; charset=utf-8
Date
Wed, 12 Apr 2023 21:30:57 GMT
Etag
"28919252629e2fa1d4ed52f48cb66ac0+gzip"
Last-Modified
Tue, 24 Jan 2023 21:41:10 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/67BE)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
embeds
syndication.twitter.com/i/jot/ 		43 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fpositivepromotions.formstack.com%2Fforms%2Fhealthcarequotesjq%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22formstack%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1681335057151%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=588a0534c4d2b2d6aca3ac6ba8a9fa4abb2f2558
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://positivepromotions.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-response-time
112
date
Wed, 12 Apr 2023 21:30:56 GMT
strict-transport-security
max-age=631138519
last-modified
Wed, 12 Apr 2023 21:30:57 GMT
server
tsa_o
vary
Origin
content-type
image/gif
x-transaction-id
fff4b44ac799610f
cache-control
must-revalidate, max-age=600
perf
7626143928
x-connection-hash
a71ba0de7a400546f4324adfc5d4ba5b57a4187c1d240ff39c632f38c4a1d089
content-length
43
truncated
/ Frame 8009 		822 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/svg+xml
GzgedhmzSQa.png
static.xx.fbcdn.net/rsrc.php/v3/yn/r/ Frame 84E6 		272 B
518 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/GzgedhmzSQa.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.0/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1a70dcee5ae2d8%26domain%3Dpositivepromotions.formstack.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpositivepromotions.formstack.com%252Ff10f51620daa648%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fpositivepromotions.formstack.com%2Fforms%2Fhealthcarequotesjq&layout=button_count&locale=en_US&sdk=joey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0187fed1f15750c2fa9e427912bb64d209aad8b47ee4fa9576f6666b68188d36
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 12 Apr 2023 21:30:57 GMT
x-content-type-options
nosniff
content-md5
lIjeC3eJAboxVqIOEs/Auw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
272
x-fb-rlafr
0
x-fb-debug
NCQqOS/cuJRwoPniUjLdwvgDxPE9E1DyQqSfcWNM2OkcJOFAXuUXqREUgQ8huJBR/VyDQI6Cm5ZgbFNz8Ip6Rg==
x-fb-trip-id
720026100
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Mon, 01 Apr 2024 00:17:02 GMT
fUnzFVZ63IT.js
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yf/l/en_US/ Frame 84E6 		509 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yf/l/en_US/fUnzFVZ63IT.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.0/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1a70dcee5ae2d8%26domain%3Dpositivepromotions.formstack.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpositivepromotions.formstack.com%252Ff10f51620daa648%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fpositivepromotions.formstack.com%2Fforms%2Fhealthcarequotesjq&layout=button_count&locale=en_US&sdk=joey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cd3df240a75d8096d432c0a62e480a5f56880e0b3df970718b5a42a01c647c28
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 12 Apr 2023 21:30:57 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
b63rcQVUqdnQ8N0Qwmr6Kg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
135190
x-fb-rlafr
0
x-fb-debug
o0eSVJ5lleEGSKslYnzsls+A/AGoycFFAwQSJPpWwduYuXYIw/p9KSK9au0FdJyT4jaAelynl6bT5XmYBsLy0A==
x-fb-trip-id
720026100
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 11 Apr 2024 20:07:41 GMT

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 boolean| credentialless object| __twttrll object| twttr object| __twttr object| __core-js_shared__ object| Sslac object| IN object| FS_FIELD_DATA_5173901 undefined| $ function| jQuery function| DP_jQuery_1681335056889 object| Formstack object| libphonenumber function| fsFacAuthCallback object| html5 object| Modernizr function| yepnope function| loadFormstack object| FB object| __buffer object| plugin string| baseUrl object| form5173901

3 Cookies

Domain/Path Name / Value
positivepromotions.formstack.com/forms/ Name: PHPSESSID
Value: 8fa721e4fed06f39f4b3a2115c33e11f
static.formstack.com/ Name: AWSALB
Value: DhGUo9HqGeKsiQWcC+J4TzEDC7se74JIHeDZhJ+zkFca/0QGcq/mU8bvfNxVE+ffMTTrdpAAqbk7s56pm5uLYGwBfrHlIPqb62t3DDAylFfis0tL3Y3UvqRaU8+i
static.formstack.com/ Name: AWSALBCORS
Value: DhGUo9HqGeKsiQWcC+J4TzEDC7se74JIHeDZhJ+zkFca/0QGcq/mU8bvfNxVE+ffMTTrdpAAqbk7s56pm5uLYGwBfrHlIPqb62t3DDAylFfis0tL3Y3UvqRaU8+i

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
platform.linkedin.com
platform.twitter.com
posimail.positivepromotions.com
positivepromotions.formstack.com
s3.amazonaws.com
static.formstack.com
static.xx.fbcdn.net
syndication.twitter.com
www.facebook.com
www.formstack.com
www.positivepromotions.com
104.244.42.72
2606:2800:234:59:254c:406:2366:268c
2a02:26f0:3500:16::215:148d
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f107:83:face:b00c:0:25de
52.216.143.166
52.42.80.126
65.9.95.3
65.9.95.4
0187fed1f15750c2fa9e427912bb64d209aad8b47ee4fa9576f6666b68188d36
04bebecfb9f7ce92cf947ce283fccf067cf6870f65af3456dd22b6c102447c83
361b5619f5e27a76320e878f44630489569a2e666c63dee4fab7b63b1667a71a
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
4315b545724305bd6f32c456d1b1757f450da398307e2795727f8f5c65a69e46
4fd91864be6192916a0cdc95d51d179f9bc071b462b7cb1e9e311a4bed974f41
5ec11883dbd19aa91c86ade182cfe7037a9b9f954daca64f341ffd0595e429c0
651dab4cb7bc37df2f04d730db54ee9e9bdc1f93fe9739a05c9ce07e0e335947
6ae18af25b0e9b719e18530c09b5647d99b337fd12e4f75e653de8f81a7fdedd
74bf23cb58f15f0a5828b81f3285e56f3917d80c4834cc990645c5aa5ba4c254
7d5af5ad676dc02d93d6a945a951688ed7b3402a04bc933090de10d614671d0e
7f88c7eb830e129a72668bec156be3b531f711bc03d7ed9fd15844f97f4e0ee9
86d5823df9f96c928e9981519128e09bf8f745ca88e690be0b342b5ce904d394
8be533d533b9ca9a27c653ae2e71756be96845c84df07cb7ab9629a35741c205
92747742b0d05de841880d3cad6550593fa08692d26fe086e15d4a5696606a54
9cb313db26b68d16ce719370a73748f24d7e1e10910ef299ba5761a87ea8d74c
9fc43e8f6f26a254c4570b6ccd4e08a2a5f97bedcd1f3491ede9bbb8b5012d90
a7fd41fd349db8949a256323b8d9af1f86fe14bbd84214553ca70cb488a95e7b
a9b70044b7959e5751e988260b490d6e9bcf4ccd879746b2d49f866829be166c
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
af420c807b04fdb5136ef53f3bab83b81f2b94e43fa9856f1fad2fde88383744
af897a5f18c00a272750446a9c34d8e024e18813260c4cfef79db22dc4fdf2bb
ba640d33e6c4c528bc0667315dd305b76fc10c4b85416853165bfc9820d32417
be488c0f242b432e7109eebf228368139abbeff37eb8fad1b3c510d41e362bd7
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
cd3df240a75d8096d432c0a62e480a5f56880e0b3df970718b5a42a01c647c28
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef116c4b154888a36784c143110b264cfe6528a4061c5dcc14e6431ecfbcac56
f3e9ab0ad4c8de7ffe3d9ba47ad32367ccf1193b6b922a1a50bff903ad7477c8
f44be455856fe633238830b80c2ef687f4d4c3578aee8688be9caeb74a0fc7cb
fbae6eb35d419f8258ac9259c5c7a87c793a58585abcc3fa042fa3f9fd3655d1