urlscan.io logo urlscan.io
SecurityTrails logo

www.rsvprewards.com Open in urlscan Pro
2606:4700::6811:b764  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://flow.sandmanhotels.com/tr/c/837n37c3ba35133n33h32h34c33p38r33337632k00/1988894
Effective URL: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&...
Submission: On October 16 via api from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 1 countries across 11 domains to perform 43 HTTP transactions. The main IP is 2606:4700::6811:b764, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.rsvprewards.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 7th 2022. Valid for: a year.
This is the only time www.rsvprewards.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 23.14.86.201 20940 (AKAMAI-ASN1)
16 2606:4700::68... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
7 2606:4700::68... 13335 (CLOUDFLAR...)
1 34.120.195.249 396982 (GOOGLE-CL...)
2 195.244.31.25 63140 (IGUANA-WO...)
2 2600:9000:251... 16509 (AMAZON-02)
6 2607:f8b0:400... 15169 (GOOGLE)
43 12
1    23.14.86.201 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-14-86-201.deploy.static.akamaitechnologies.com
flow.sandmanhotels.com
16    2606:4700::6811:b764 (United States)

ASN13335 (CLOUDFLARENET, US)
www.rsvprewards.com
1    2607:f8b0:4006:822::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2607:f8b0:4006:809::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2607:f8b0:4006:81e::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700::6811:b964 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.galaxy.tf
7    2606:4700::6811:b664 (United States)

ASN13335 (CLOUDFLARENET, US)
image-tc.galaxy.tf
1    34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o478535.ingest.sentry.io
2    195.244.31.25 (Newark, United States)

ASN63140 (IGUANA-WORLDWIDE, US)
PTR: xo7-viplb-01-new.ny.ig-1.net
dynamic.travelclick-websolutions.com
2    2600:9000:2512:f200:16:41f8:18c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
api.tsa-db.com
6    2607:f8b0:4006:808::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
16 rsvprewards.com
www.rsvprewards.com
720 KB
8 galaxy.tf
cdn.galaxy.tf — Cisco Umbrella Rank: 119605
image-tc.galaxy.tf — Cisco Umbrella Rank: 94667
2 MB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
20 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 61
311 KB
2 tsa-db.com
api.tsa-db.com — Cisco Umbrella Rank: 80848
1 KB
2 travelclick-websolutions.com
dynamic.travelclick-websolutions.com — Cisco Umbrella Rank: 124443
2 KB
1 sentry.io
o478535.ingest.sentry.io — Cisco Umbrella Rank: 144393
280 B
1 gstatic.com
fonts.gstatic.com
31 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 216
6 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 44
1 KB
1 sandmanhotels.com
flow.sandmanhotels.com
325 B
43 11
Domain Requested by
16 www.rsvprewards.com www.rsvprewards.com
7 image-tc.galaxy.tf www.rsvprewards.com
6 www.google-analytics.com www.googletagmanager.com
www.rsvprewards.com
5 www.googletagmanager.com www.rsvprewards.com
www.googletagmanager.com
2 api.tsa-db.com www.rsvprewards.com
2 dynamic.travelclick-websolutions.com www.rsvprewards.com
1 o478535.ingest.sentry.io www.rsvprewards.com
1 cdn.galaxy.tf www.rsvprewards.com
1 fonts.gstatic.com fonts.googleapis.com
1 cdnjs.cloudflare.com www.rsvprewards.com
1 fonts.googleapis.com www.rsvprewards.com
1 flow.sandmanhotels.com 1 redirects
43 12
Subject Issuer Validity Valid
www.rsvprewards.com
Cloudflare Inc ECC CA-3		 2022-03-07 -
2023-03-07		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
cdn.galaxy.tf
Cloudflare Inc ECC CA-3		 2022-05-06 -
2023-05-06		 a year crt.sh
image-tc.galaxy.tf
Cloudflare Inc ECC CA-3		 2022-06-08 -
2023-06-07		 a year crt.sh
*.ingest.sentry.io
R3		 2022-08-20 -
2022-11-18		 3 months crt.sh
*.travelclick-websolutions.com
Gandi Standard SSL CA 2		 2022-06-16 -
2023-07-08		 a year crt.sh
*.tsa-db.com
Amazon		 2022-03-30 -
2023-04-28		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
Frame ID: 57AC23FFB6B7C8215E12E8F0479ED93B
Requests: 40 HTTP requests in this frame

Frame: https://www.rsvprewards.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1665878400
Frame ID: 3E97CDD96F5E4DF49FDD6674E88E90E8
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Visa Canada | RSVP Rewardsarrow-rightarrow-leftarrow-bottomarrow-topcalendarphonewebsitedownload-arrowfacebooktwittergoogle-plusupload

Page URL History Show full URLs

  1. https://flow.sandmanhotels.com/tr/c/837n37c3ba35133n33h32h34c33p38r33337632k00/1988894 HTTP 301
    https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cookieconsent\.min\.js

Page Statistics

43
Requests

100 %
HTTPS

75 %
IPv6

11
Domains

12
Subdomains

12
IPs

1
Countries

2720 kB
Transfer

5619 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://flow.sandmanhotels.com/tr/c/837n37c3ba35133n33h32h34c33p38r33337632k00/1988894 HTTP 301
    https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

43 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request visacanada
www.rsvprewards.com/
Redirect Chain
  • https://flow.sandmanhotels.com/tr/c/837n37c3ba35133n33h32h34c33p38r33337632k00/1988894
  • https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
91 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b764 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98f27a2fe15a25e4cb18b43cf7a8019f81a75c36bd7bd74f48c07cfbcbd2ced0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
22
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=1200
cf-cache-status
HIT
cf-ray
75acc8d5ed2da1f2-YYZ
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 16 Oct 2022 00:47:40 GMT
expires
Sun, 16 Oct 2022 01:07:40 GMT
last-modified
Sat, 15 Oct 2022 00:03:02 GMT
referrer-policy
no-referrer-when-downgrade
server
cloudflare
strict-transport-security
max-age=31536000; includeSubdomains; preload
vary
Accept-Encoding
via
1.1 f5c1da639a075ecd7bb86ffc181e3dd8.cloudfront.net (CloudFront)
x-amz-cf-id
fnkN9GEs7mGfyzAOmPEXo2qOfqq2X8n4uXS07c7HjJcin-9tRF9ojw==
x-amz-cf-pop
ORD58-P1
x-amz-version-id
H2LF2Da8zxZsSLaSPsXgXUBbH95DCl_Z
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

content-length
0
content-security-policy
upgrade-insecure-requests
date
Sun, 16 Oct 2022 00:47:40 GMT
location
https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
server
Apache-Coyote/1.1
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,400i,700,700i&display=swap&subset=latin,latin-ext
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
584dfc26a09b20f29619b9e8e25003f632b9849808d0bdac4c3d18809aaad8f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 16 Oct 2022 00:47:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 16 Oct 2022 00:47:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 16 Oct 2022 00:47:40 GMT
main.css
www.rsvprewards.com/css/custom/3947/1/882b52ac663c0d586e1dd8bd3abc9a99/ 		722 KB
100 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.rsvprewards.com/css/custom/3947/1/882b52ac663c0d586e1dd8bd3abc9a99/main.css
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b764 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05f3c4defeb4990796c46f1e0f0ec606e525b884fc80893b5d47de0cb07910be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 00:47:40 GMT
x-amz-version-id
G_.UAndR7e4KgUqyT34H.evRcwzd0nHl
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 b6989f0f2e150081d90f4c11e6692d3e.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
YUL62-C2
age
88181
content-encoding
br
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 15 Oct 2022 00:03:28 GMT
server
cloudflare
etag
W/"a693c9c854be1d88a2dab822f9d3ea6a"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
75acc8d66df6a1f2-YYZ
x-amz-cf-id
DOMR7YJMz_qZUdyzL3yIZNEl_S4I6OErP9Xn4mPexvcTgFCCJRK5OA==
expires
Mon, 16 Oct 2023 00:47:40 GMT
gtm.js
www.googletagmanager.com/ 		197 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TL2MM4B
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
704b0ed985f02be12a9160c63adf1e1126ee459c43e50d127e2590c7c846a78b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 00:47:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62190
x-xss-protection
0
last-modified
Sun, 16 Oct 2022 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 16 Oct 2022 00:47:40 GMT
gtm.js
www.googletagmanager.com/ 		171 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MBPBFS9
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
24de2d9f49d15be468220a8f6aa8f1031f463e0be265349bbf72e040eafb065f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 00:47:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53846
x-xss-protection
0
last-modified
Sun, 16 Oct 2022 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 16 Oct 2022 00:47:40 GMT
svg-icons.svg
www.rsvprewards.com/integration/tc-theme/public/svg/ 		59 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rsvprewards.com/integration/tc-theme/public/svg/svg-icons.svg
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b764 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fad351e76cdfee295c42a628938000ad1d909d6ac7adaa3f749c03f6e16230a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 00:47:40 GMT
x-amz-version-id
xGda4vmgAfKfANJqfwkOSEN6u2FkiyLq
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 5457c222c2d16dbac9187bfa0ba2f8f2.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
YUL62-C2
age
88181
content-encoding
br
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 22 Sep 2022 00:00:33 GMT
server
cloudflare
etag
W/"7f2e56792059baaf943072d2d2d052d1"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
75acc8d70fc1a1ed-YYZ
x-amz-meta-md5chksum
fy5WeSBZuq+UMHLS0tBS0Q==
x-amz-cf-id
92tmAXN31W1-Qx1-qhsh3RxTifrizBDuKhUs1xWaeHYPMlq3jt3iBg==
expires
Mon, 16 Oct 2023 00:47:40 GMT
cookieconsent.min.js
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 00:47:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
12898341
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5676
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-4d5a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TeQFCKbeaOEeq61NmEFVaNHRxjC1K0Vnbh3JvVTQFrOumSVSlU57mf5zWUtrqYoYoiEk6JNHNnHSkemZPIYcJdlbH0IjwFJMkvgxrlmiZo4h4ZRMBZbhwB97opC6OJqfCYbhuLLb%2F9oNWIozB3ftBnLD"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75acc8d74dc03ff2-YYZ
expires
Fri, 06 Oct 2023 00:47:40 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,400i,700,700i&display=swap&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.rsvprewards.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 10:24:41 GMT
x-content-type-options
nosniff
age
138179
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30928
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Oct 2023 10:24:41 GMT
gms-latest.min.js
cdn.galaxy.tf/asset-galaxy/js/ 		148 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.galaxy.tf/asset-galaxy/js/gms-latest.min.js?v98381c71da4a7dc4eec1c6b55e50aa90
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b964 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce4f1b48eedafeaa3d9b02d15dc642b4cc9a995b6e517d6d9bd91d007a420a6c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 00:47:40 GMT
strict-transport-security
max-age=15768000
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 23 Aug 2022 10:13:26 GMT
server
cloudflare
age
347934
etag
W/"250c8-5e6e5d0abf027-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
75acc8d7df8da235-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 16 Oct 2023 00:47:40 GMT
main.bundle.js
www.rsvprewards.com/integration/tc-theme/public/shared-gms-v2/js/ 		206 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rsvprewards.com/integration/tc-theme/public/shared-gms-v2/js/main.bundle.js?v98381c71da4a7dc4eec1c6b55e50aa90
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b764 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b13604d0660edd82ebc47d7044d9ea4c0b1f0864451ff60fcb9ce1b1d2479fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 00:47:40 GMT
x-amz-version-id
P9Qmv3V0SWtTkKjpqL.we1eVgv62_gPv
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 ab1abc326c36ea4cd78ce117e4c20e88.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
YUL62-C2
age
88181
content-encoding
br
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 11 Oct 2022 23:59:44 GMT
server
cloudflare
etag
W/"14f38a64564f286e680b7ea4c4aa794b"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
75acc8d84a92a1ed-YYZ
x-amz-meta-md5chksum
FPOKZFZPKG5oC36kxKp5Sw==
x-amz-cf-id
xOj6TIl9EvMPhsBFVc2wiQ8zPoV3Uf5TNDBmvQfJaj0ztA7bnLfGHw==
expires
Mon, 16 Oct 2023 00:47:40 GMT
truncated
/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
file.jpg
image-tc.galaxy.tf/wijpeg-13dn889xay1uobmahoem4xigg/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image-tc.galaxy.tf/wijpeg-13dn889xay1uobmahoem4xigg/file.jpg
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cafa815650e794e77e9869b600255edebbe141eb1becb504a5fe2ead656e4dff
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 00:47:40 GMT
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
via
1.1 101faeb149b23d8a2ab2e8bae2efec18.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubdomains; preload
cf-cache-status
HIT
x-content-type-options
nosniff
x-amz-version-id
qOBZN.zRh.nd6xCK6z3S1JEaXjHlsDkz
x-amz-cf-pop
YTO50-P1
age
11767775
cf-polished
status=not_needed
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37981
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
cf-bgj
imgq:100,h2pri
last-modified
Wed, 01 Jun 2022 17:08:26 GMT
server
cloudflare
etag
"d58c445712f16f56afb2cab77ff3fc4a"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
75acc8d88b3ba216-YYZ
x-amz-cf-id
nxn5nu2pP0b2ufVvbAHfFnPnG3XY4s0UZVu0G1klC0AfuayeJaXfzQ==
expires
Mon, 16 Oct 2023 00:47:40 GMT
personalization-gms.js
www.rsvprewards.com/widgets/js/personalisation_trigger/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rsvprewards.com/widgets/js/personalisation_trigger/personalization-gms.js?69b42c5e87b35b0798a2ddc9a47c4a98426fcd82
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b764 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e4b768550e76908bf473c085ba0c8847cac5bb2c50ad3a8b8817116a177e3e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 00:47:40 GMT
x-amz-version-id
CerYafb4e7cbzNzbIFshH.2QwKIyiyhm
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 8422f3871db2552d4ad0cc9f31e22c2e.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
YUL62-C2
age
88181
content-encoding
br
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 15 Oct 2022 00:03:15 GMT
server
cloudflare
etag
W/"633ffd5366aef00cd0f7d85b736bf72e"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
75acc8d84aa1a1ed-YYZ
x-amz-cf-id
bdMIC2RXGxCrSlLePCQN0thY49es5KRDnahJSsdYCKwmumvxjBjWTw==
expires
Mon, 16 Oct 2023 00:47:40 GMT
galaxy-helpers.js
www.rsvprewards.com/frontend/galaxy-helpers/public/ 		64 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rsvprewards.com/frontend/galaxy-helpers/public/galaxy-helpers.js?v=l-01fbd708-a35b-4530-ae31-9128e0a7d4e8
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b764 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e04815d2b44ded36554b60220d7a4e8b199747ae6f2911a8de71ed4781d5add5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 00:47:40 GMT
x-amz-version-id
2JI3zh21eP_BZ1AFBPN0uIZOQCnS17cc
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 9ea08c3a2524e99d2bb42ac613eb89a2.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
YUL62-C2
age
88181
content-encoding
br
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 01 Jun 2022 19:14:28 GMT
server
cloudflare
etag
W/"b23d95a1d83a7fa91efa4244e94a8511"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
75acc8d8cb8da1ed-YYZ
x-amz-meta-md5chksum
sj2Vodg6f6ke+kJE6UqFEQ==
x-amz-cf-id
pamI5QtOuFxDbeRZPNssf1aG-x7rRKbODye0WOpay30Fku6lK72nTg==
expires
Mon, 16 Oct 2023 00:47:40 GMT
bundle.js
www.rsvprewards.com/integration/tc-theme/public/js/ 		1 MB
413 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v98381c71da4a7dc4eec1c6b55e50aa90
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b764 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54b5cee974fe384dc9b6a023f068e01809e279a25e8b1203a9d73dacaaa80af3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 00:47:41 GMT
x-amz-version-id
YQZMz9ctFteyu8boLhPL6ZmABDQ1916f
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 9d44e85808045d940d36e8cfb772edae.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
YUL62-C2
age
88181
content-encoding
br
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 11 Oct 2022 23:59:34 GMT
server
cloudflare
etag
W/"7b11dc524af0da46b0af37e5602fcb81"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
75acc8d92c7ba1ed-YYZ
x-amz-meta-md5chksum
exHcUkrw2kawrzflYC/LgQ==
x-amz-cf-id
XNbnbrwofQJlBY9yDr1PPpFmIdpD_myvNFakjSsPXALutMfBbpeLkA==
expires
Mon, 16 Oct 2023 00:47:40 GMT
7334-245478edc8e5ead36294.js
www.rsvprewards.com/integration/tc-theme/public/js/chunk/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rsvprewards.com/integration/tc-theme/public/js/chunk/7334-245478edc8e5ead36294.js
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v98381c71da4a7dc4eec1c6b55e50aa90
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b764 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad143d75162342bd9978cbbbc5d0a20a081d78c954f6b09b3d1f358806a73fb2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 00:47:41 GMT
x-amz-version-id
tk6NZA9Ci19dPiEgAwZL9dyMEQhA_jOa
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 39379e6e28640430f64b963528b44426.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
YUL62-C2
age
88182
content-encoding
br
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 05 Oct 2022 19:17:09 GMT
server
cloudflare
etag
W/"bf498adc8a488bbba160852e6c188c72"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
75acc8da7f59a1ed-YYZ
x-amz-meta-md5chksum
v0mK3IpIi7uhYIUubBiMcg==
x-amz-cf-id
4NREbNbMIewTBYWkA8tcxPtcY-DCSUMgtIdEUf53H-FH40OIi1HFsQ==
expires
Mon, 16 Oct 2023 00:47:41 GMT
/
o478535.ingest.sentry.io/api/282725/envelope/ 		2 B
280 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o478535.ingest.sentry.io/api/282725/envelope/?sentry_key=74e3662d86224213a76f365f800bfb4f&sentry_version=7
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v98381c71da4a7dc4eec1c6b55e50aa90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.rsvprewards.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 16 Oct 2022 00:47:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.rsvprewards.com
access-control-expose-headers
x-sentry-rate-limits, x-sentry-error, retry-after
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
svg-icons.svg
www.rsvprewards.com/integration/tc-theme/public/svg/ 		59 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.rsvprewards.com/integration/tc-theme/public/svg/svg-icons.svg
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v98381c71da4a7dc4eec1c6b55e50aa90
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b764 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fad351e76cdfee295c42a628938000ad1d909d6ac7adaa3f749c03f6e16230a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
sentry-trace
5c1b10e6cca344f58b24f2b16e23161d-8586568718f25bd9-0

Response headers

date
Sun, 16 Oct 2022 00:47:41 GMT
x-amz-version-id
xGda4vmgAfKfANJqfwkOSEN6u2FkiyLq
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 5457c222c2d16dbac9187bfa0ba2f8f2.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
YUL62-C2
age
88182
content-encoding
br
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 22 Sep 2022 00:00:33 GMT
server
cloudflare
etag
W/"7f2e56792059baaf943072d2d2d052d1"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
75acc8dacff3a1ed-YYZ
x-amz-meta-md5chksum
fy5WeSBZuq+UMHLS0tBS0Q==
x-amz-cf-id
92tmAXN31W1-Qx1-qhsh3RxTifrizBDuKhUs1xWaeHYPMlq3jt3iBg==
expires
Mon, 16 Oct 2023 00:47:41 GMT
1
dynamic.travelclick-websolutions.com/token/ 		686 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dynamic.travelclick-websolutions.com/token/1
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v98381c71da4a7dc4eec1c6b55e50aa90
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.244.31.25 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
xo7-viplb-01-new.ny.ig-1.net
Software
Apache /
Resource Hash
c52953ee9598d77b68c0c234fae53d447f31775a8c47f0e6707b4f4cf44489f0
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 16 Oct 2022 00:47:41 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=15768000
Server
Apache
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
X-Real-Hostname
xo7-web-01
Content-Length
555
Expires
Thu, 19 Nov 1981 08:52:00 GMT
invisible.js
www.rsvprewards.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 3E97 		38 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rsvprewards.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1665878400
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b764 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6fe19b42547eea51f9043cb39a058a85f2d477018426b6a8badd2f995b84552

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 00:47:41 GMT
content-encoding
br
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
75acc8db28dba1ed-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
7269-61d712c33bd852f6916b.js
www.rsvprewards.com/integration/tc-theme/public/js/chunk/ 		70 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rsvprewards.com/integration/tc-theme/public/js/chunk/7269-61d712c33bd852f6916b.js
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v98381c71da4a7dc4eec1c6b55e50aa90
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b764 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1dc3189ca16cbc1172e0892e62e345657454828401f37769ad73d2037d0cdd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 00:47:41 GMT
x-amz-version-id
L2cdYX9otkaDvj8sGklamS9rheKM2dYt
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 757f53a116e3bce1cfc7655bc6b1ae8e.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
YUL62-C2
age
88182
content-encoding
br
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 05 Oct 2022 19:17:13 GMT
server
cloudflare
etag
W/"5cd9b49454ec269463f35741d89d8fe8"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
75acc8db490ea1ed-YYZ
x-amz-meta-md5chksum
XNm0lFTsJpRj81dB2J2P6A==
x-amz-cf-id
tx-1oc3uli-gZBR8cim0R_LXsgB_H0bcRAC6BYIcqf4Hh8nri1WTTw==
expires
Mon, 16 Oct 2023 00:47:41 GMT
8196-e1a8b9ec73ed4132032a.js
www.rsvprewards.com/integration/tc-theme/public/js/chunk/ 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rsvprewards.com/integration/tc-theme/public/js/chunk/8196-e1a8b9ec73ed4132032a.js
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v98381c71da4a7dc4eec1c6b55e50aa90
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b764 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e9575ea089a989683e0519998ae57ad2bb058d2f6687072c108da736447513b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 00:47:41 GMT
x-amz-version-id
NKBLNwFf50YthQ6lz4gbMHazjN1In9Pf
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 144825e0e5f4523d1f7ce8c9b62cd908.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
YUL62-C2
age
88182
content-encoding
br
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 05 Oct 2022 19:17:06 GMT
server
cloudflare
etag
W/"0817bf482f091ab57beaeeba3cc278e9"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
75acc8db4911a1ed-YYZ
x-amz-meta-md5chksum
CBe/SC8JGrV76u66PMJ46Q==
x-amz-cf-id
CLWW8-aX60P_GGEroEN1KPBvVhm_TXYvVejM8VLzNO1rRSQFPjnPEQ==
expires
Mon, 16 Oct 2023 00:47:41 GMT
header-one-50d6d4dd692b5a4ebcba.js
www.rsvprewards.com/integration/tc-theme/public/js/chunk/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rsvprewards.com/integration/tc-theme/public/js/chunk/header-one-50d6d4dd692b5a4ebcba.js
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v98381c71da4a7dc4eec1c6b55e50aa90
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b764 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5514114366d4801ff03edd13a5c85a2a7fccb46a1718bc74c269d79699535daf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 00:47:41 GMT
x-amz-version-id
ulKGmgF4AULt6zTLQl1Yvlh8DXYFoXER
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 0fb05a472bd2fcfe266ed8a7a987ab1e.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
YUL62-C2
age
88181
content-encoding
br
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 05 Oct 2022 19:17:00 GMT
server
cloudflare
etag
W/"27099135cfd81fca08e638d909fee42e"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
75acc8db5915a1ed-YYZ
x-amz-meta-md5chksum
JwmRNc/YH8oI5jjZCf7kLg==
x-amz-cf-id
PZ81zDxPmdM6QsV1t7XVOzTIPKflUJeUhk_g9YS8UEyctzBbx8QpEg==
expires
Mon, 16 Oct 2023 00:47:41 GMT
rsvpxvisa-sandman-hamilton.jpg
image-tc.galaxy.tf/wijpeg-2yjquncftfu5quuck3hoc7ddg/ 		368 KB
369 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image-tc.galaxy.tf/wijpeg-2yjquncftfu5quuck3hoc7ddg/rsvpxvisa-sandman-hamilton.jpg?width=1920
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29adca8e192470a127de194799e03fd301f6755977c2c015b84a559208f86549
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 00:47:41 GMT
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
via
1.1 c8ddfdb8cb371fe15c8c6e3acd4f74ea.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubdomains; preload
cf-cache-status
HIT
x-content-type-options
nosniff
x-amz-version-id
nreWPxxBf867khaBLeqRT40goQ.JU2K4
age
3369526
x-amz-cf-pop
MSP50-C2
cf-polished
status=not_needed
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
376699
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
cf-bgj
imgq:100,h2pri
last-modified
Tue, 17 May 2022 22:58:09 GMT
server
cloudflare
etag
"f5aebd37127f6b1b36f77a0a5dc4842d"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
75acc8dbce36a244-YYZ
x-amz-cf-id
u5z2_6qSv8484gktnjdtr-LeA7zvwoXijV--VkdzHdzo42n-zLu7hA==
expires
Mon, 16 Oct 2023 00:47:41 GMT
rsvpxvisa-sutton-vancouver-01.jpg
image-tc.galaxy.tf/wijpeg-dcrs8m8jrfxeh1oz2aw4hh29j/ 		248 KB
249 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image-tc.galaxy.tf/wijpeg-dcrs8m8jrfxeh1oz2aw4hh29j/rsvpxvisa-sutton-vancouver-01.jpg?width=1920
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8428d56cd6ccfd682b0a8541fe5168aa8365422eacca6e07704d952d37b507b3
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 00:47:41 GMT
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
via
1.1 603f7fca6e96da4aaee2b5219f231c92.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubdomains; preload
cf-cache-status
HIT
x-content-type-options
nosniff
x-amz-version-id
1ExU.dd7EelUBceLIiH2y6Ic1aDT8mZ9
age
448234
x-amz-cf-pop
ORD58-P1
cf-polished
status=not_needed
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
254001
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
cf-bgj
imgq:100,h2pri
last-modified
Tue, 17 May 2022 22:58:08 GMT
server
cloudflare
etag
"5a01fd6fbbcbe82461eeb0fb66cac8f9"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
75acc8dbce3aa244-YYZ
x-amz-cf-id
SqzAZOzCKuofJcl99Pd6im2QXOe-MANt_MCTkG5_NzyuPAn2s3lnvA==
expires
Mon, 16 Oct 2023 00:47:41 GMT
1100262
api.tsa-db.com/v1/data/BID/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.tsa-db.com/v1/data/BID/1100262
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2512:f200:16:41f8:18c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.rsvprewards.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
access-control-allow-methods
OPTIONS,GET
access-control-allow-origin
*
access-control-max-age
86400
age
38891
cache-control
max-age=86400, s-maxage=86400, proxy-revalidate
content-length
0
content-type
application/json
date
Sat, 15 Oct 2022 13:59:30 GMT
via
1.1 7c1248297a08764c17a9223ad5c211f8.cloudfront.net (CloudFront)
x-amz-apigw-id
aDJufFuXoAMFd0g=
x-amz-cf-id
s1x6GCOmnwMADKHb8NbkLAzidejRUAdCMTO7uky0TFGT-_hO3YtzMw==
x-amz-cf-pop
JFK50-P7
x-amzn-requestid
b72dfb8e-84fb-492a-847b-4520b74cb77e
x-cache
Hit from cloudfront
rsvp.svg
image-tc.galaxy.tf/wisvg-1ryve29oki9zgjhzg6zkh5c7z/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image-tc.galaxy.tf/wisvg-1ryve29oki9zgjhzg6zkh5c7z/rsvp.svg?width=500
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f28fa10529c01d52222edea9a7e9e5f45edaf7b33a0e44245f187a4f9a66166
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 00:47:41 GMT
x-amz-version-id
7AIhVvMU7VTpwJluh6ZGGpBIM9rOtVB4
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 8504d76345ac5d175fb1aabd19e8fede.cloudfront.net (CloudFront)
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop
MSP50-C2
age
3372412
cf-cache-status
HIT
content-encoding
br
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 12 Oct 2021 09:24:37 GMT
server
cloudflare
etag
W/"1e039c13abeebb837ec31939b4ecfe1f"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
75acc8dbfeafa244-YYZ
x-amz-cf-id
Xy_db6u_ExsS2FNgmR2TLkztyuxGOorKrIwaAEuD4sdF3I29_MeZkQ==
expires
Mon, 16 Oct 2023 00:47:41 GMT
3947
dynamic.travelclick-websolutions.com/view/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dynamic.travelclick-websolutions.com/view/3947
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v98381c71da4a7dc4eec1c6b55e50aa90
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.244.31.25 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
xo7-viplb-01-new.ny.ig-1.net
Software
Apache /
Resource Hash
53957b8c747d62dcfe515af5e21dac9385bdcc7be5533aa67224ce37fad9cbf2
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Referer
https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 16 Oct 2022 00:47:41 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=15768000
Server
Apache
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
X-Real-Hostname
xo7-web-05
Content-Length
650
Expires
Thu, 19 Nov 1981 08:52:00 GMT
chunk-tc-GMS-e04d1bb3d485984b4818.js
www.rsvprewards.com/integration/tc-theme/public/js/chunk/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rsvprewards.com/integration/tc-theme/public/js/chunk/chunk-tc-GMS-e04d1bb3d485984b4818.js
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v98381c71da4a7dc4eec1c6b55e50aa90
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b764 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6477c99fdb15187e3c895b87a03d06c3a984927f827650932c4979f12a2bb51f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 00:47:41 GMT
x-amz-version-id
BAYOlKHTR8ZlelgrvLYo0ZnqzoiEyRpV
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 9a6f07a84b60a85466bb31603767843c.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
YUL62-C2
age
88181
content-encoding
br
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 05 Oct 2022 19:19:28 GMT
server
cloudflare
etag
W/"a17172b3929fb36caf3b6449ce7d9c48"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
75acc8dc8bd0a1ed-YYZ
x-amz-meta-md5chksum
oXFys5Kfs2yvO2RJzn2cSA==
x-amz-cf-id
QgNQ2zua5MVSx-wE_-UAN4HzS-255Cr6YfoI1LF_fH2VIYre7gJp8g==
expires
Mon, 16 Oct 2023 00:47:41 GMT
1100262
api.tsa-db.com/v1/data/BID/ 		683 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.tsa-db.com/v1/data/BID/1100262
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v98381c71da4a7dc4eec1c6b55e50aa90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2512:f200:16:41f8:18c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
958704d05d4be8019f515074008637b86eba742801afbc048924daad6d3cc437

Request headers

Referer
https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 16 Oct 2022 00:39:30 GMT
via
1.1 7c1248297a08764c17a9223ad5c211f8.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P7
age
491
x-amzn-trace-id
Root=1-634b52c2-0d0ed03168a8ce3019fd70f8;Sampled=0
x-amzn-requestid
a167e30b-fbb2-41d8-b977-ac178ff5e9a7
x-cache
Hit from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
access-control-allow-credentials
true
x-amz-apigw-id
aEneXGmboAMF0Hw=
content-length
683
x-amz-cf-id
YBPErkoWl2NudFtsS1JqbSfnJHSUiY8vJbVPC4ca_d_vk2i9zDVPrg==
rsvpxvisa-signature-kamloops.jpg
image-tc.galaxy.tf/wijpeg-1kqkv8n82e43wouc7a41qoief/ 		359 KB
360 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image-tc.galaxy.tf/wijpeg-1kqkv8n82e43wouc7a41qoief/rsvpxvisa-signature-kamloops.jpg?width=1920
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
515cfe7dbec6ba692ce61436c70cfd2c1b82f4ab45f773959682aa53ac3ce561
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 00:47:41 GMT
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
via
1.1 4f3c1338af36440a148f23bdc9214efe.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubdomains; preload
cf-cache-status
HIT
x-content-type-options
nosniff
x-amz-version-id
T.I9oK7Ph0MTWbInrl.FCHS8p7LTFf6v
age
3369526
x-amz-cf-pop
JFK50-P1
cf-polished
status=not_needed
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
367733
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
cf-bgj
imgq:100,h2pri
last-modified
Tue, 17 May 2022 22:58:11 GMT
server
cloudflare
etag
"814fd626784e1eea68d0fce883e3da0b"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
75acc8dcb88ba244-YYZ
x-amz-cf-id
Cr_IBgL64wAX5Tr1viI2_C0RxQoYFwObLsJmq0EpkPswZvocRGUQBA==
expires
Mon, 16 Oct 2023 00:47:41 GMT
pica.js
www.rsvprewards.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame 3E97 		22 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.rsvprewards.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b764 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f42b413149ea767c7c8b320eb7a847229ea47837230ac726bb12b3de841ec2e3

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 00:47:41 GMT
content-encoding
br
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
75acc8dcbc59a1ed-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TL2MM4B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 16 Oct 2022 00:34:58 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
763
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Sun, 16 Oct 2022 02:34:58 GMT
js
www.googletagmanager.com/gtag/ 		126 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TL2MM4B
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fba7e5f6a6f5e50ea8824f1b5b15df514b4a07065c24877989aa611b6365e5f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 00:47:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50703
x-xss-protection
0
last-modified
Sun, 16 Oct 2022 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 16 Oct 2022 00:47:41 GMT
js
www.googletagmanager.com/gtag/ 		213 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-H4228VNMFE&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MBPBFS9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1e8c44dbcade1b81e7ab87413bd7eae595dcbc4867248aac941955b0aea42ec4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 00:47:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
75767
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 16 Oct 2022 00:47:41 GMT
js
www.googletagmanager.com/gtag/ 		213 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3S5G3ZLFWB&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MBPBFS9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
be4416013bb4405a1c73227ab3e06e103ed908819eec122b1f24e957fe097fd5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 00:47:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
75707
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 16 Oct 2022 00:47:41 GMT
rsvpxvisa-sutton-vancouver-02.jpg
image-tc.galaxy.tf/wijpeg-eugnt7vuztt7150l6bf1ab009/ 		313 KB
314 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image-tc.galaxy.tf/wijpeg-eugnt7vuztt7150l6bf1ab009/rsvpxvisa-sutton-vancouver-02.jpg?width=1920
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18bbe359c2fef1303c3456498994048795c143e198b44c62b3ee348ade2a8d72
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 00:47:41 GMT
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
via
1.1 b58d5fc06e70f14ce49bfebe2491c5f8.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubdomains; preload
cf-cache-status
HIT
x-content-type-options
nosniff
x-amz-version-id
CxNX5s8qL5fT.v1jx138JXunS8Ush1Ci
age
3369525
x-amz-cf-pop
MSP50-C2
cf-polished
status=not_needed
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
320386
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
cf-bgj
imgq:100,h2pri
last-modified
Tue, 17 May 2022 22:58:14 GMT
server
cloudflare
etag
"00012e0cb534a610ccb45c553b2ff16f"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
75acc8dd59cba244-YYZ
x-amz-cf-id
Sab5ikdDvK-kUxPsezH7H2pB65lHsYED5bvqQRZHw_TC02R27u8QcQ==
expires
Mon, 16 Oct 2023 00:47:41 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&aip=1&a=1776653311&t=pageview&_s=1&dl=https%3A%2F%2Fwww.rsvprewards.com%2Fvisacanada%3Futm_medium%3Demail%26utm_source%3DAB%2BSplit%2BEmail%26utm_campaign%3DSHG_Oct4_Stay%2526Dine_Seniors%26pl%3D837n37c3ba35133n33h32h34c33p38r33337632k00&ul=en-us&de=UTF-8&dt=Visa%20Canada%20%7C%20RSVP%20Rewards&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAACAEK~&jid=1796079676&gjid=1548727485&cid=109879596.1665881262&tid=UA-162681275-1&_gid=276902725.1665881262&_r=1&gtm=2wgaa0TL2MM4B&cg1=web&cg2=not_applicable&cg3=group_property&cd1=1100262&cd2=not_applicable&cd3=Northland%20Properties%20Corp&cd4=The%20Sutton%20Place%20Hotels&cd5=not_applicable&cd6=not_applicable&cd7=not_applicable&cd8=not_applicable&cd9=not_applicable&cd10=not_applicable&cd11=not_applicable&cd12=galaxy&cd13=essentials&cd14=th1&cd15=hd1&cd16=ft3&cd19=tvs_no&cd20=not_applicable&cd21=group_property&cd22=not_applicable&cd23=not_applicable&cd24=2&cd25=en&cd26=web&cd27=not_applicable&cd28=not_applicable&cd29=not_applicable&cd30=no&cd31=no&cd34=%7C&cd36=%7C&cd38=https%3A%2F%2Fwww.rsvprewards.com%2Fvisacanada%3Futm_medium%3Demail%26utm_source%3DAB%2BSplit%2BEmail%26utm_campaign%3DSHG_Oct4_Stay%26Dine_Seniors%26pl%3D837n37c3ba35133n33h32h34c33p38r33337632k00&cd39=not_applicable&cd40=rsvprewards.com&cd41=GTM-TL2MM4B&cd42=53&cd54=be4&cd59=0&z=1379470340
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v98381c71da4a7dc4eec1c6b55e50aa90
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 16 Oct 2022 00:47:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.rsvprewards.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&aip=1&a=1776653311&t=pageview&_s=1&dl=https%3A%2F%2Fwww.rsvprewards.com%2Fvisacanada%3Futm_medium%3Demail%26utm_source%3DAB%2BSplit%2BEmail%26utm_campaign%3DSHG_Oct4_Stay%2526Dine_Seniors%26pl%3D837n37c3ba35133n33h32h34c33p38r33337632k00&ul=en-us&de=UTF-8&dt=Visa%20Canada%20%7C%20RSVP%20Rewards&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACEABBAAAACAEK~&jid=1930717117&gjid=598823219&cid=109879596.1665881262&tid=UA-193984690-1&_gid=276902725.1665881262&_r=1&gtm=2wgaa0MBPBFS9&cd1=not_available&cd2=not_available&cd3=not_available&cd4=Guest&cd5=not_available&cd6=not_available&cd7=not_available&cd8=not_available&cd9=not_available&cd10=not_applicable&cd11=not_applicable&cd12=not_applicable&cd14=not_applicable&cd15=not_applicable&cd16=no&cd19=https%3A%2F%2Fwww.rsvprewards.com%2Fvisacanada%3Futm_medium%3Demail%26utm_source%3DAB%2BSplit%2BEmail%26utm_campaign%3DSHG_Oct4_Stay%26Dine_Seniors%26pl%3D837n37c3ba35133n33h32h34c33p38r33337632k00&z=1830538606
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v98381c71da4a7dc4eec1c6b55e50aa90
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 16 Oct 2022 00:47:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.rsvprewards.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&aip=1&a=1776653311&t=pageview&_s=1&dl=https%3A%2F%2Fwww.rsvprewards.com%2Fvisacanada%3Futm_medium%3Demail%26utm_source%3DAB%2BSplit%2BEmail%26utm_campaign%3DSHG_Oct4_Stay%2526Dine_Seniors%26pl%3D837n37c3ba35133n33h32h34c33p38r33337632k00&ul=en-us&de=UTF-8&dt=Visa%20Canada%20%7C%20RSVP%20Rewards&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACEABBAAAACAEK~&jid=1058736776&gjid=1746725467&cid=109879596.1665881262&tid=UA-193985224-1&_gid=276902725.1665881262&_r=1&gtm=2wgaa0MBPBFS9&cd1=not_available&cd2=not_available&cd3=not_available&cd4=Guest&cd5=not_available&cd6=not_available&cd7=not_available&cd8=not_available&cd9=not_available&cd10=not_applicable&cd11=not_applicable&cd12=not_applicable&cd14=not_applicable&cd15=not_applicable&cd16=no&cd19=https%3A%2F%2Fwww.rsvprewards.com%2Fvisacanada%3Futm_medium%3Demail%26utm_source%3DAB%2BSplit%2BEmail%26utm_campaign%3DSHG_Oct4_Stay%26Dine_Seniors%26pl%3D837n37c3ba35133n33h32h34c33p38r33337632k00&z=1032594628
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v98381c71da4a7dc4eec1c6b55e50aa90
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 16 Oct 2022 00:47:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.rsvprewards.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
rsvpxvisa-sutton-revelstoke.jpg
image-tc.galaxy.tf/wijpeg-4jxirey4a1e9xbnvc72uvm2b5/ 		249 KB
249 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image-tc.galaxy.tf/wijpeg-4jxirey4a1e9xbnvc72uvm2b5/rsvpxvisa-sutton-revelstoke.jpg?width=1920
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
813e53317103de60f6f23dbf4ef3ad5061c6ee39dd5fea0dea2033457d127125
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 00:47:41 GMT
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
via
1.1 f7f31420756ca58f7776c2ab4a33c4ac.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubdomains; preload
cf-cache-status
HIT
x-content-type-options
nosniff
x-amz-version-id
qCcAChZjq.22lITd8Vq78AAqT8lbJlHT
x-amz-cf-pop
MSP50-C2
age
3369525
cf-polished
status=not_needed
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
254493
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
cf-bgj
imgq:100,h2pri
last-modified
Tue, 17 May 2022 22:58:16 GMT
server
cloudflare
etag
"4442252ae54f19e338893eac27e654f1"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
75acc8de0b46a244-YYZ
x-amz-cf-id
oeLN_KYUF3pAZjneslQFcJ7UgbRfWuglDnHeqJul8yu778MG7YJOyg==
expires
Mon, 16 Oct 2023 00:47:41 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-3S5G3ZLFWB&gtm=2oeaa0&_p=1776653311&cid=109879596.1665881262&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=Q&_s=1&sid=1665881261&sct=1&seg=0&dl=https%3A%2F%2Fwww.rsvprewards.com%2Fvisacanada%3Futm_medium%3Demail%26utm_source%3DAB%2BSplit%2BEmail%26utm_campaign%3DSHG_Oct4_Stay%2526Dine_Seniors%26pl%3D837n37c3ba35133n33h32h34c33p38r33337632k00&dt=Visa%20Canada%20%7C%20RSVP%20Rewards&en=page_view&_fv=1&_ss=1&ep.page_section=not_applicable&ep.page_subsection=not_applicable&ep.page_content_group=not_applicable&ep.page_full_url=https%3A%2F%2Fwww.rsvprewards.com%2Fvisacanada%3Futm_medium%3Demail%26utm_source%3DAB%2BSplit%2BEmail%26utm_campaign%3DSHG_Oct4_Stay%26Dine_Seniors%26pl%3D837n37c3ba35133n33h32h34c33p38r33337632k00&ep.page_language=en&ep.page_containing_tvs=no&ep.hotel_city=not_applicable&ep.hotel_country=not_applicable&ep.hotel_state=not_applicable&ep.hotel_continent=not_applicable&ep.hotel_brand_name=The%20Sutton%20Place%20Hotels&ep.hotel_id=not_applicable&ep.hotel_name=not_applicable&ep.hotel_star_rating=not_applicable&ep.hotel_property_type=group_property&ep.hotel_booking_engine_provider=not_applicable&up.user_logged_in_session=no
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Oct 2022 00:47:41 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.rsvprewards.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-H4228VNMFE&gtm=2oeaa0&_p=1776653311&cid=109879596.1665881262&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1665881261&sct=1&seg=0&dl=https%3A%2F%2Fwww.rsvprewards.com%2Fvisacanada%3Futm_medium%3Demail%26utm_source%3DAB%2BSplit%2BEmail%26utm_campaign%3DSHG_Oct4_Stay%2526Dine_Seniors%26pl%3D837n37c3ba35133n33h32h34c33p38r33337632k00&dt=Visa%20Canada%20%7C%20RSVP%20Rewards&en=page_view&_fv=1&_ss=1&ep.page_section=not_applicable&ep.page_subsection=not_applicable&ep.page_content_group=not_applicable&ep.page_full_url=https%3A%2F%2Fwww.rsvprewards.com%2Fvisacanada%3Futm_medium%3Demail%26utm_source%3DAB%2BSplit%2BEmail%26utm_campaign%3DSHG_Oct4_Stay%26Dine_Seniors%26pl%3D837n37c3ba35133n33h32h34c33p38r33337632k00&ep.page_language=en&ep.page_containing_tvs=no&ep.hotel_city=not_applicable&ep.hotel_country=not_applicable&ep.hotel_state=not_applicable&ep.hotel_continent=not_applicable&ep.hotel_brand_name=The%20Sutton%20Place%20Hotels&ep.hotel_id=not_applicable&ep.hotel_name=not_applicable&ep.hotel_star_rating=not_applicable&ep.hotel_property_type=group_property&ep.hotel_booking_engine_provider=not_applicable&up.user_logged_in_session=no
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Oct 2022 00:47:41 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.rsvprewards.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
75acc8d5ed2da1f2
www.rsvprewards.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 3E97 		2 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.rsvprewards.com/cdn-cgi/challenge-platform/h/g/cv/result/75acc8d5ed2da1f2
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1665878400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b764 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 16 Oct 2022 00:47:42 GMT
content-encoding
br
server
cloudflare
cf-ray
75acc8e0bbcca1ed-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| galaxyGMS string| BIDnumber number| websiteID number| cms object| ts_analytics object| dl object| dataLayer object| galaxyInfo string| _dynamic_base object| websiteGlobalVariables object| cookieconsent string| gmsUrlReservation boolean| gmsUrlReservationTarget string| endpointBase string| tokenEndpoint string| reservationUrl string| gmsModifyBookingURL string| language string| gmsLoginURL string| gmsHomeURL string| gmsSignUpURL string| gmsResetPasswordURL string| gmsSignUpSuccessURL string| gmsResetPasswordCodeSuccessURL string| gmsDateFormat string| gmsDatePlaceholder object| gmsCalendars string| gmsDefaultTierColor string| gmsDefaultTierColorText string| gmsMembershipBgColor string| gmsMembershipTxtColor string| gmsPointsBgColor string| gmsPointsTxtColor object| gmsConfigObject string| gmsHotelsData boolean| gmsSDKSession string| gmsJSPath object| google_tag_manager object| google_tag_data object| __ga4Redact function| setImmediate function| clearImmediate object| GMS function| base64 function| isLocalStorageAvailable object| GMSVendor object| headerMenu object| headerConfigs object| GalaxyPersonalization function| triggerCheck_gms object| webpackJsonp object| regeneratorRuntime object| tcGMSHelpers object| glxhprs object| webpackJsonpglxhprs object| GalaxyHelpers object| traductionBM object| validationMessages object| tcthemejsonpFunction object| picturefillCFG function| picturefill boolean| VimeoPlayerResizeEmbeds_ boolean| VimeoSeoMetadataAppended boolean| VimeoCheckedUrlTimeParam object| lazySizes object| BM object| __SENTRY__ function| SVGInject object| CustomMap object| CustomMapUI object| GoogleAPIs function| $ function| jQuery function| _ object| errorOptions function| alite object| tcTool string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady

10 Cookies

Domain/Path Name / Value
flow.sandmanhotels.com/tr Name: GMS_REDIRECT
Value: 520F788100AFD01C63C8601B880209FA
flow.sandmanhotels.com/ Name: 10559311021615
Value: 4286cc660235
.rsvprewards.com/ Name: _gid
Value: GA1.2.276902725.1665881262
.rsvprewards.com/ Name: _gat_tct
Value: 1
.rsvprewards.com/ Name: _gat_tc_client
Value: 1
.rsvprewards.com/ Name: _gat_tc_client_roll_up
Value: 1
.rsvprewards.com/ Name: _ga_3S5G3ZLFWB
Value: GS1.1.1665881261.1.0.1665881261.0.0.0
.rsvprewards.com/ Name: _ga
Value: GA1.1.109879596.1665881262
.rsvprewards.com/ Name: _ga_H4228VNMFE
Value: GS1.1.1665881261.1.0.1665881261.0.0.0
.www.rsvprewards.com/ Name: __cf_bm
Value: YAaDLeJMtkwKXa33gYrdMigRvFLj2BJ9rMMpkyj19dI-1665881262-0-AeQuCqLtvISEHo1HWgq5jyVKmIB3Db+i0in2mGid8ZiYum9/EwQt8x2uLwDnbnKpbr9gb75eK5QToxl3A1Gb4R5li/F70ZXUIVrDqMIHrID42gtpBksPa982Yd+WSpz91w==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.tsa-db.com
cdn.galaxy.tf
cdnjs.cloudflare.com
dynamic.travelclick-websolutions.com
flow.sandmanhotels.com
fonts.googleapis.com
fonts.gstatic.com
image-tc.galaxy.tf
o478535.ingest.sentry.io
www.google-analytics.com
www.googletagmanager.com
www.rsvprewards.com
195.244.31.25
23.14.86.201
2600:9000:2512:f200:16:41f8:18c0:93a1
2606:4700::6811:190e
2606:4700::6811:b664
2606:4700::6811:b764
2606:4700::6811:b964
2607:f8b0:4006:808::200e
2607:f8b0:4006:809::2008
2607:f8b0:4006:81e::2003
2607:f8b0:4006:822::200a
34.120.195.249
05f3c4defeb4990796c46f1e0f0ec606e525b884fc80893b5d47de0cb07910be
0e9575ea089a989683e0519998ae57ad2bb058d2f6687072c108da736447513b
18bbe359c2fef1303c3456498994048795c143e198b44c62b3ee348ade2a8d72
1e8c44dbcade1b81e7ab87413bd7eae595dcbc4867248aac941955b0aea42ec4
24de2d9f49d15be468220a8f6aa8f1031f463e0be265349bbf72e040eafb065f
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
29adca8e192470a127de194799e03fd301f6755977c2c015b84a559208f86549
2e4b768550e76908bf473c085ba0c8847cac5bb2c50ad3a8b8817116a177e3e7
2f28fa10529c01d52222edea9a7e9e5f45edaf7b33a0e44245f187a4f9a66166
2fad351e76cdfee295c42a628938000ad1d909d6ac7adaa3f749c03f6e16230a
3b13604d0660edd82ebc47d7044d9ea4c0b1f0864451ff60fcb9ce1b1d2479fb
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
515cfe7dbec6ba692ce61436c70cfd2c1b82f4ab45f773959682aa53ac3ce561
53957b8c747d62dcfe515af5e21dac9385bdcc7be5533aa67224ce37fad9cbf2
54b5cee974fe384dc9b6a023f068e01809e279a25e8b1203a9d73dacaaa80af3
5514114366d4801ff03edd13a5c85a2a7fccb46a1718bc74c269d79699535daf
584dfc26a09b20f29619b9e8e25003f632b9849808d0bdac4c3d18809aaad8f8
6477c99fdb15187e3c895b87a03d06c3a984927f827650932c4979f12a2bb51f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
704b0ed985f02be12a9160c63adf1e1126ee459c43e50d127e2590c7c846a78b
813e53317103de60f6f23dbf4ef3ad5061c6ee39dd5fea0dea2033457d127125
8428d56cd6ccfd682b0a8541fe5168aa8365422eacca6e07704d952d37b507b3
958704d05d4be8019f515074008637b86eba742801afbc048924daad6d3cc437
98f27a2fe15a25e4cb18b43cf7a8019f81a75c36bd7bd74f48c07cfbcbd2ced0
a6fe19b42547eea51f9043cb39a058a85f2d477018426b6a8badd2f995b84552
ad143d75162342bd9978cbbbc5d0a20a081d78c954f6b09b3d1f358806a73fb2
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
be4416013bb4405a1c73227ab3e06e103ed908819eec122b1f24e957fe097fd5
c52953ee9598d77b68c0c234fae53d447f31775a8c47f0e6707b4f4cf44489f0
cafa815650e794e77e9869b600255edebbe141eb1becb504a5fe2ead656e4dff
ce4f1b48eedafeaa3d9b02d15dc642b4cc9a995b6e517d6d9bd91d007a420a6c
e04815d2b44ded36554b60220d7a4e8b199747ae6f2911a8de71ed4781d5add5
e1dc3189ca16cbc1172e0892e62e345657454828401f37769ad73d2037d0cdd9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f42b413149ea767c7c8b320eb7a847229ea47837230ac726bb12b3de841ec2e3
fba7e5f6a6f5e50ea8824f1b5b15df514b4a07065c24877989aa611b6365e5f3