Submitted URL: https://flow.sandmanhotels.com/tr/c/p05f00d00507c05a01m00v02z03g04x05600l00n00/1071230
Effective URL: https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p0...
Submission: On August 31 via api from CA — Scanned from CA

Summary

This website contacted 12 IPs in 1 countries across 12 domains to perform 53 HTTP transactions. The main IP is 2606:4700::6811:ba64, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.rsvprewards.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 7th 2022. Valid for: a year.
This is the only time www.rsvprewards.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 23.14.86.154 20940 (AKAMAI-ASN1)
24 2606:4700::68... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
7 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 34.120.195.249 15169 (GOOGLE)
2 195.244.31.25 63140 (IGUANA-WO...)
2 2600:9000:212... 16509 (AMAZON-02)
2 2600:141b:13:... 20940 (AKAMAI-ASN1)
6 2607:f8b0:400... 15169 (GOOGLE)
53 12
Apex Domain
Subdomains
Transfer
24 rsvprewards.com
www.rsvprewards.com
913 KB
7 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
450 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 45
20 KB
4 galaxy.tf
cdn.galaxy.tf — Cisco Umbrella Rank: 107494
image-tc.galaxy.tf — Cisco Umbrella Rank: 91217
203 KB
2 travelclick.com
api.travelclick.com — Cisco Umbrella Rank: 71750
933 B
2 tsa-db.com
api.tsa-db.com — Cisco Umbrella Rank: 67432
1 KB
2 travelclick-websolutions.com
dynamic.travelclick-websolutions.com — Cisco Umbrella Rank: 109953
2 KB
2 sentry.io
o478535.ingest.sentry.io — Cisco Umbrella Rank: 129878
339 B
2 gstatic.com
fonts.gstatic.com
62 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 219
6 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 54
1 KB
1 sandmanhotels.com
flow.sandmanhotels.com
322 B
53 12
Domain Requested by
24 www.rsvprewards.com www.rsvprewards.com
7 www.googletagmanager.com www.rsvprewards.com
www.googletagmanager.com
6 www.google-analytics.com www.googletagmanager.com
www.rsvprewards.com
3 image-tc.galaxy.tf www.rsvprewards.com
2 api.travelclick.com www.rsvprewards.com
2 api.tsa-db.com www.rsvprewards.com
2 dynamic.travelclick-websolutions.com www.rsvprewards.com
2 o478535.ingest.sentry.io www.rsvprewards.com
2 fonts.gstatic.com fonts.googleapis.com
1 cdn.galaxy.tf www.rsvprewards.com
1 cdnjs.cloudflare.com www.rsvprewards.com
1 fonts.googleapis.com www.rsvprewards.com
1 flow.sandmanhotels.com 1 redirects
53 13
Subject Issuer Validity Valid
www.rsvprewards.com
Cloudflare Inc ECC CA-3
2022-03-07 -
2023-03-07
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-08-08 -
2022-10-31
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-08-08 -
2022-10-31
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-08-03 -
2023-08-02
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-08-08 -
2022-10-31
3 months crt.sh
cdn.galaxy.tf
Cloudflare Inc ECC CA-3
2022-05-06 -
2023-05-06
a year crt.sh
image-tc.galaxy.tf
Cloudflare Inc ECC CA-3
2022-06-08 -
2023-06-07
a year crt.sh
*.ingest.sentry.io
R3
2022-08-20 -
2022-11-18
3 months crt.sh
*.travelclick-websolutions.com
Gandi Standard SSL CA 2
2022-06-16 -
2023-07-08
a year crt.sh
*.tsa-db.com
Amazon
2022-03-30 -
2023-04-28
a year crt.sh
*.travelclick.com
DigiCert TLS RSA SHA256 2020 CA1
2022-03-28 -
2023-03-29
a year crt.sh

This page contains 2 frames:

Primary Page: https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00
Frame ID: 0B117BC108B3875F8716E444E8E887D9
Requests: 48 HTTP requests in this frame

Frame: https://www.rsvprewards.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1661904000
Frame ID: 98BB00E3D2D1A4D69B32DBA469CA97C4
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

Sign Up Page | RSVP Rewardsarrow-rightarrow-leftarrow-bottomarrow-topcalendarphonewebsitedownload-arrowfacebooktwittergoogle-plusupload

Page URL History Show full URLs

  1. https://flow.sandmanhotels.com/tr/c/p05f00d00507c05a01m00v02z03g04x05600l00n00/1071230 HTTP 301
    https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • cookieconsent\.min\.js

Page Statistics

53
Requests

100 %
HTTPS

77 %
IPv6

12
Domains

13
Subdomains

12
IPs

1
Countries

1660 kB
Transfer

5210 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://flow.sandmanhotels.com/tr/c/p05f00d00507c05a01m00v02z03g04x05600l00n00/1071230 HTTP 301
    https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

53 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request sign-up
www.rsvprewards.com/
Redirect Chain
  • https://flow.sandmanhotels.com/tr/c/p05f00d00507c05a01m00v02z03g04x05600l00n00/1071230
  • https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00
84 KB
16 KB
Document
General
Full URL
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
384d0fe2e6ac88f8ffabafe6a7e1425d1be8d81f3bec4883beb0350ed940edef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=1200
cf-cache-status
MISS
cf-ray
743211888c204bb9-YUL
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 31 Aug 2022 01:42:15 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Wed, 31 Aug 2022 02:02:15 GMT
last-modified
Tue, 30 Aug 2022 23:57:42 GMT
referrer-policy
no-referrer-when-downgrade
server
cloudflare
strict-transport-security
max-age=31536000; includeSubdomains; preload
vary
Accept-Encoding
via
1.1 b364a698bd3b40fc657ca5500f6818ce.cloudfront.net (CloudFront)
x-amz-cf-id
Zs8ENt-g4BilwtlUaHxyQonrA6QHXbPTF2P4_5os-IdvsQZhN5g1jg==
x-amz-cf-pop
EWR53-C3
x-amz-version-id
RcXRxZFi3QxEs6WGYLOZOsuX6jDZY1if
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

content-length
0
content-security-policy
upgrade-insecure-requests
date
Wed, 31 Aug 2022 01:42:15 GMT
location
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00
server
Apache-Coyote/1.1
css
fonts.googleapis.com/
7 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,400i,700,700i&display=swap&subset=latin,latin-ext
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200a Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
584dfc26a09b20f29619b9e8e25003f632b9849808d0bdac4c3d18809aaad8f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 31 Aug 2022 00:43:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 31 Aug 2022 01:42:15 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 31 Aug 2022 01:42:15 GMT
main.css
www.rsvprewards.com/css/custom/3947/1/5bf4c7ff47f3f010f6cfcbf3786b429b/
693 KB
97 KB
Stylesheet
General
Full URL
https://www.rsvprewards.com/css/custom/3947/1/5bf4c7ff47f3f010f6cfcbf3786b429b/main.css
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d41e1a2d9c65602ec532937daf2b389a01b79d8d056da73cc2ff62d37c3e4fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 01:42:15 GMT
via
1.1 a171b1283e1187a443aee626cb753630.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
5347
cf-ray
74321189bdfb4bb9-YUL
x-cache
Miss from cloudfront
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 30 Aug 2022 23:58:05 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"21763e5e23fce106d3c4711ccc133c9a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-amz-version-id
eFdMb441_2uWPURbOpMlv3IOz12amSSJ
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-amz-cf-pop
EWR53-C1
content-type
text/css
x-amz-cf-id
8Sb5alJJC5xC4e-HZPldjJmxxKa13adGY0f4yDUeBR-Op0WH97F3iA==
expires
Thu, 31 Aug 2023 01:42:15 GMT
gtm.js
www.googletagmanager.com/
196 KB
61 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TL2MM4B
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2008 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8a652333deb7f9ddd5b6ab3dcab82a355236e93aaff3d3fac37d05c36951ea87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 01:42:15 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61484
x-xss-protection
0
last-modified
Wed, 31 Aug 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 31 Aug 2022 01:42:15 GMT
gtm.js
www.googletagmanager.com/
169 KB
52 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MBPBFS9
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2008 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7d31d7714aaa2e13c828d46c536ceb9c5c309790d1fe890c8d58bbf1a4f1a905
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 01:42:15 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53302
x-xss-protection
0
last-modified
Wed, 31 Aug 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 31 Aug 2022 01:42:15 GMT
svg-icons.svg
www.rsvprewards.com/integration/tc-theme/public/svg/
59 KB
19 KB
Image
General
Full URL
https://www.rsvprewards.com/integration/tc-theme/public/svg/svg-icons.svg
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7d7184ac1e8ddb64e4cda4e272c3c7cf46f43d0d5f7ae2cc59fc8b241ffbf1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 01:42:15 GMT
via
1.1 1ffe498380a643d1bb2efaa624b761a6.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
5347
x-cache
Miss from cloudfront
content-type
image/svg+xml
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 26 Aug 2022 00:19:45 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"157852c610b7bc6a41b8902ca9852406"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-amz-version-id
o5b2c6vrUxWdAdqsR61fWbuEYyUEqtvd
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-amz-cf-pop
EWR53-C1
cf-ray
7432118a3cc74bbe-YUL
x-amz-meta-md5chksum
FXhSxhC3vGpBuJAsqYUkBg==
x-amz-cf-id
RBkHjJf86AmVPjq1mtm7bY2kqP_DOaQuGvj1Vsgbl-kCMkmPn9h4Hg==
expires
Thu, 31 Aug 2023 01:42:15 GMT
cookieconsent.min.js
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/
19 KB
6 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 01:42:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2789599
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5676
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-4d5a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WNh4M6kChSnlkEFdx%2BCuUJs4MBa0Zx9wFXd28bGIKeKXYh0wdk1qs1D4kXXs01geYlJOsxusqK6bkHXRpp9LltMcZjtmWmFqBsm74YJFXirXNK0z3Bo6vVfYgu%2B4O5pxcDKI0Jrac0vZyypnSZ3T7qLp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
7432118a7a244bd1-YUL
expires
Mon, 21 Aug 2023 01:42:15 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/
30 KB
31 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,400i,700,700i&display=swap&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.rsvprewards.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 03:02:54 GMT
x-content-type-options
nosniff
age
254361
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30928
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 28 Aug 2023 03:02:54 GMT
gms-latest.min.js
cdn.galaxy.tf/asset-galaxy/js/
148 KB
46 KB
Script
General
Full URL
https://cdn.galaxy.tf/asset-galaxy/js/gms-latest.min.js?v53dcb28ae89b1c6042829b0b7a034f87
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b964 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce4f1b48eedafeaa3d9b02d15dc642b4cc9a995b6e517d6d9bd91d007a420a6c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 01:42:15 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 23 Aug 2022 10:13:34 GMT
server
cloudflare
age
114361
etag
W/"250c8-5e6e5d1230d79-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
strict-transport-security
max-age=15768000
cf-ray
7432118aecd87150-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Aug 2023 01:42:15 GMT
main.bundle.js
www.rsvprewards.com/integration/tc-theme/public/shared-gms-v2/js/
206 KB
66 KB
Script
General
Full URL
https://www.rsvprewards.com/integration/tc-theme/public/shared-gms-v2/js/main.bundle.js?v53dcb28ae89b1c6042829b0b7a034f87
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a23c2a8cf1f1d948d572b721141a6bda1fd0a8afb365d705d00317a2260502b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 01:42:15 GMT
via
1.1 007ce3e1b06f57ef1a8d55f0923f723c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
5347
x-cache
Miss from cloudfront
content-type
application/javascript
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 28 Jul 2022 18:33:29 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"0cbef5e8824cd8ae2bdf7fce64837f26"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-amz-version-id
XkzqoDqWZyTUdwonfV.5A7pMuZvbzm45
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-amz-cf-pop
EWR53-C1
cf-ray
7432118b5eb74bbe-YUL
x-amz-meta-md5chksum
DL716IJM2K4r33/OZIN/Jg==
x-amz-cf-id
ozNTrD82J_STY2SxyQcOfZCnC6F694ROeehFnlVZ_lWamQnA57h_vw==
expires
Thu, 31 Aug 2023 01:42:15 GMT
main.css
www.rsvprewards.com/integration/tc-theme/public/shared-gms-v2/css/
97 KB
18 KB
Stylesheet
General
Full URL
https://www.rsvprewards.com/integration/tc-theme/public/shared-gms-v2/css/main.css?v53dcb28ae89b1c6042829b0b7a034f87
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddd36af7a038da4ae62c1f9018760ef8a3a3faa3bda18bf43d339d36830a4d03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 01:42:15 GMT
via
1.1 04fa8a9e73b27e301fb4b6d36f313186.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
5347
x-cache
Hit from cloudfront
content-type
text/css
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 14 Jul 2022 16:19:10 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"9220ed17bc706641bab80a9654ab8543"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-amz-version-id
ypfzKXUz9zRxBl7djwa.OncnquxF69yf
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-amz-cf-pop
YTO50-P2
cf-ray
7432118b5eb94bbe-YUL
x-amz-meta-md5chksum
kiDtF7xwZkG6uAqWVKuFQw==
x-amz-cf-id
EArjiRMXTKQwijApG8FCl6a_O1Az7xWiUwJBvfqgXEdvFLDUuFoJQA==
expires
Thu, 31 Aug 2023 01:42:15 GMT
authorization.bundle.js
www.rsvprewards.com/integration/tc-theme/public/shared-gms-v2/js/
70 KB
23 KB
Script
General
Full URL
https://www.rsvprewards.com/integration/tc-theme/public/shared-gms-v2/js/authorization.bundle.js?v53dcb28ae89b1c6042829b0b7a034f87
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df78a608cbf6be1b1f878472d21aa5a1afc588bd19bb81017bf59a0334f430c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 01:42:15 GMT
via
1.1 41c02c3f5acef4f58284b65a8f7a983a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
5347
x-cache
Hit from cloudfront
content-type
application/javascript
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 28 Jul 2022 18:33:34 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"2598d2ce6a26a1191972e9b57390936f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-amz-version-id
5KCvCZecUBNMMySePLJTZ1S_bUizw_JG
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-amz-cf-pop
YTO50-P2
cf-ray
7432118b8f0a4bbe-YUL
x-amz-meta-md5chksum
JZjSzmomoRkZcum1c5CTbw==
x-amz-cf-id
bQDKFj3KrRfPJXKVYhucHQm17IEf2MNAND_NGNfIKIFYJp_Vx36B2Q==
expires
Thu, 31 Aug 2023 01:42:15 GMT
personalization-gms.js
www.rsvprewards.com/widgets/js/personalisation_trigger/
3 KB
1 KB
Script
General
Full URL
https://www.rsvprewards.com/widgets/js/personalisation_trigger/personalization-gms.js?69b42c5e87b35b0798a2ddc9a47c4a98426fcd82
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e4b768550e76908bf473c085ba0c8847cac5bb2c50ad3a8b8817116a177e3e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 01:42:15 GMT
via
1.1 7e35b683005d768b7c720f84f8a9e476.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
5347
cf-ray
7432118befae4bbe-YUL
x-cache
Miss from cloudfront
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 30 Aug 2022 23:57:50 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"633ffd5366aef00cd0f7d85b736bf72e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-amz-version-id
UxFfpYIABh.1onmU_98pPVJR_7K6YeSY
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-amz-cf-pop
EWR53-C1
content-type
application/javascript
x-amz-cf-id
vX3cVDmpHgGY4skwkyHUP1G5aVs7W_XvN_zxl2SBAW3tK2O6yMPZhw==
expires
Thu, 31 Aug 2023 01:42:15 GMT
file.jpg
image-tc.galaxy.tf/wijpeg-cumsx1ax36yq8w2ytpezw5c53/
152 KB
153 KB
Image
General
Full URL
https://image-tc.galaxy.tf/wijpeg-cumsx1ax36yq8w2ytpezw5c53/file.jpg
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b864 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3ee891d09918b640073d78e8742d582c57ea6a883331ce1d0239b921439c2fb
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 01:42:15 GMT
via
1.1 6f628557434f8e8df95d43f90a6e0ee2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
8052388
cf-polished
status=not_needed
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubdomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
155310
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 13 Oct 2021 00:00:46 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"c8a3d4c8a3f6483099a95b339dd31765"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Thu, 31 Aug 2023 01:42:15 GMT
cache-control
public, max-age=31536000
x-amz-version-id
bvz76o.bY3DSSdkHC5gTcovG79.8jLu0
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop
YTO50-C2
accept-ranges
bytes
cf-ray
7432118c2e31ca57-YUL
x-amz-cf-id
uKEmWsHRa_508UvFMtufp6KGV_vNGzSqTHgraW1JAIkmdDq2pJhlcQ==
cf-bgj
imgq:100,h2pri
galaxy-helpers.js
www.rsvprewards.com/frontend/galaxy-helpers/public/
64 KB
23 KB
Script
General
Full URL
https://www.rsvprewards.com/frontend/galaxy-helpers/public/galaxy-helpers.js?v=l-34b88145-8df5-4aea-8213-0c3a3cfe9bf4
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e04815d2b44ded36554b60220d7a4e8b199747ae6f2911a8de71ed4781d5add5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 01:42:15 GMT
via
1.1 1ffe498380a643d1bb2efaa624b761a6.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
5347
x-cache
Hit from cloudfront
content-type
application/javascript
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 01 Jun 2022 19:14:28 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"b23d95a1d83a7fa91efa4244e94a8511"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-amz-version-id
2JI3zh21eP_BZ1AFBPN0uIZOQCnS17cc
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-amz-cf-pop
EWR53-C1
cf-ray
7432118c18024bbe-YUL
x-amz-meta-md5chksum
sj2Vodg6f6ke+kJE6UqFEQ==
x-amz-cf-id
yIyYte17GE4uINwqrWgDr1jGvKfrmOW4BltewIU31AJprJJO_pMPxg==
expires
Thu, 31 Aug 2023 01:42:15 GMT
bundle.js
www.rsvprewards.com/integration/tc-theme/public/js/
1 MB
388 KB
Script
General
Full URL
https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v53dcb28ae89b1c6042829b0b7a034f87
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
389e4690f14a42230eb7cd42bc7440bdcece028857143ea5e88d76066ceb9de2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 01:42:15 GMT
via
1.1 ab3cd7cfdd9d5cf21e29b3ffd33aa170.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
5347
x-cache
Miss from cloudfront
content-type
application/javascript
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 29 Aug 2022 17:28:49 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"c83f88e92e34c24ceb2661538c8d4954"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-amz-version-id
lyEbFXKkGgxnIOSOoAf.cXt4MRjch1of
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-amz-cf-pop
EWR53-C1
cf-ray
7432118c58824bbe-YUL
x-amz-meta-md5chksum
yD+I6S40wkzrJmFTjI1JVA==
x-amz-cf-id
YyGIy-E9IIDqX4wYy011MCWu_Jdv_7MO-J4TwfamPTu9yM9T-AprEQ==
expires
Thu, 31 Aug 2023 01:42:15 GMT
/
o478535.ingest.sentry.io/api/282725/envelope/
2 B
280 B
Fetch
General
Full URL
https://o478535.ingest.sentry.io/api/282725/envelope/?sentry_key=74e3662d86224213a76f365f800bfb4f&sentry_version=7
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v53dcb28ae89b1c6042829b0b7a034f87
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.rsvprewards.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 31 Aug 2022 01:42:16 GMT
via
1.1 google
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.rsvprewards.com
access-control-expose-headers
x-sentry-rate-limits, retry-after, x-sentry-error
x-envoy-upstream-service-time
1
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
svg-icons.svg
www.rsvprewards.com/integration/tc-theme/public/svg/
59 KB
19 KB
XHR
General
Full URL
https://www.rsvprewards.com/integration/tc-theme/public/svg/svg-icons.svg
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v53dcb28ae89b1c6042829b0b7a034f87
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7d7184ac1e8ddb64e4cda4e272c3c7cf46f43d0d5f7ae2cc59fc8b241ffbf1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
sentry-trace
58721c40e2d242099fb4daae6ae11804-b68a27cf66082673-1

Response headers

date
Wed, 31 Aug 2022 01:42:15 GMT
via
1.1 1ffe498380a643d1bb2efaa624b761a6.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
5347
x-cache
Miss from cloudfront
content-type
image/svg+xml
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 26 Aug 2022 00:19:45 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"157852c610b7bc6a41b8902ca9852406"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-amz-version-id
o5b2c6vrUxWdAdqsR61fWbuEYyUEqtvd
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-amz-cf-pop
EWR53-C1
cf-ray
7432118dcaf04bbe-YUL
x-amz-meta-md5chksum
FXhSxhC3vGpBuJAsqYUkBg==
x-amz-cf-id
RBkHjJf86AmVPjq1mtm7bY2kqP_DOaQuGvj1Vsgbl-kCMkmPn9h4Hg==
expires
Thu, 31 Aug 2023 01:42:15 GMT
1
dynamic.travelclick-websolutions.com/token/
686 B
1 KB
XHR
General
Full URL
https://dynamic.travelclick-websolutions.com/token/1
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v53dcb28ae89b1c6042829b0b7a034f87
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.244.31.25 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
xo7-viplb-01-new.ny.ig-1.net
Software
Apache /
Resource Hash
0da03a0efdb4a929e3351931e28b8209b38ae97bfb7209f6d934671f4a701a44
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Aug 2022 01:42:16 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
X-Real-Hostname
xo7-web-04
Strict-Transport-Security
max-age=15768000
Content-Length
551
Expires
Thu, 19 Nov 1981 08:52:00 GMT
invisible.js
www.rsvprewards.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 98BB
37 KB
13 KB
Script
General
Full URL
https://www.rsvprewards.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1661904000
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f19884420052440129f0235ca44a2a6d7f5e4599150a8d3e1ef9b5a16007381

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 01:42:16 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7432118e2b8b4bbe-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
7269-6b5d5d5f7bb57d32d420.js
www.rsvprewards.com/integration/tc-theme/public/js/chunk/
70 KB
26 KB
Script
General
Full URL
https://www.rsvprewards.com/integration/tc-theme/public/js/chunk/7269-6b5d5d5f7bb57d32d420.js
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v53dcb28ae89b1c6042829b0b7a034f87
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb6458dba36f78bc8f32f076672a4c2a707dfa29648648a5768fbe2a672e0364
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 01:42:16 GMT
via
1.1 34d27d5dec8d9c8d04bc61d1e0056be2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
5348
x-cache
Miss from cloudfront
content-type
application/javascript
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 29 Aug 2022 17:28:27 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1d7d225df04585821434938dfb9a5b4a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-amz-version-id
xur8LGPvtO49fs.4rhf.riZm0a3Oi2s2
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-amz-cf-pop
EWR53-C1
cf-ray
7432118e4bb64bbe-YUL
x-amz-meta-md5chksum
HX0iXfBFhYIUNJON+5pbSg==
x-amz-cf-id
VmMzfGmroRQqUFO9rTODOQmqvtNbRBZ2EeZWm18idPNthTP91gA7Og==
expires
Thu, 31 Aug 2023 01:42:16 GMT
9852-058e16800928c0f16094.js
www.rsvprewards.com/integration/tc-theme/public/js/chunk/
26 KB
7 KB
Script
General
Full URL
https://www.rsvprewards.com/integration/tc-theme/public/js/chunk/9852-058e16800928c0f16094.js
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v53dcb28ae89b1c6042829b0b7a034f87
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
561b5cc4d0d6e8ca338aa095eef9aca0a654b46aa9ac4e7bbb73bbac89f51aa6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 01:42:16 GMT
via
1.1 34d27d5dec8d9c8d04bc61d1e0056be2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
5348
x-cache
Miss from cloudfront
content-type
application/javascript
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 29 Aug 2022 17:28:28 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"a34eb23f3a91254a154285cf993c1d9d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-amz-version-id
_Hbv5KTOzVi6pWW4ZQxKkPEH7pnMeMFT
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-amz-cf-pop
EWR53-C1
cf-ray
7432118e4bb94bbe-YUL
x-amz-meta-md5chksum
o06yPzqRJUoVQoXPmTwdnQ==
x-amz-cf-id
NLq9U2IHIMfACnZMTAgTe3usfG1tqNg2Q7UKBmoG3Z0vmTPwX-Yr2g==
expires
Thu, 31 Aug 2023 01:42:16 GMT
header-one-74847195a81822fcf5c7.js
www.rsvprewards.com/integration/tc-theme/public/js/chunk/
7 KB
3 KB
Script
General
Full URL
https://www.rsvprewards.com/integration/tc-theme/public/js/chunk/header-one-74847195a81822fcf5c7.js
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v53dcb28ae89b1c6042829b0b7a034f87
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a8f0f1c0b182d99acc2a3954b4f7d81fee12683003275da08761441f990514c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 01:42:16 GMT
via
1.1 94452e9f76299393d245c2536c80f67e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
5348
x-cache
Miss from cloudfront
content-type
application/javascript
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 29 Aug 2022 17:28:23 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"f40c006c7d0960d1ace54318302fb5ff"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-amz-version-id
UoEb35ZT7EWJrV_kW07tDFCujOb_F9nM
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-amz-cf-pop
EWR53-C1
cf-ray
7432118e4bba4bbe-YUL
x-amz-meta-md5chksum
9AwAbH0JYNGs5UMYMC+1/w==
x-amz-cf-id
JD-ds2YiVWPoeAsx9vRd5o8-_sDLT7yMQeNlpdF7P1nWZfywJHtMEg==
expires
Thu, 31 Aug 2023 01:42:16 GMT
pica.js
www.rsvprewards.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame 98BB
21 KB
7 KB
Other
General
Full URL
https://www.rsvprewards.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae06715c45abd5107d0fcf1b748aac903a434f44a5771094a7a85dc9d881ba07

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 01:42:16 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7432118e7c174bbe-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
1100262
api.tsa-db.com/v1/data/BID/ Frame
0
0
Preflight
General
Full URL
https://api.tsa-db.com/v1/data/BID/1100262
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2120:d800:16:41f8:18c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.rsvprewards.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
access-control-allow-methods
OPTIONS,GET
access-control-allow-origin
*
access-control-max-age
86400
age
52478
cache-control
max-age=86400, s-maxage=86400, proxy-revalidate
content-length
0
content-type
application/json
date
Tue, 30 Aug 2022 11:07:38 GMT
via
1.1 3656f262c2589326b2ab2a4824da0516.cloudfront.net (CloudFront)
x-amz-apigw-id
XrJbJHRKoAMFzFw=
x-amz-cf-id
4fJSFGvjoUPJi7pY-uctQsvcZPv49Au5AoyY3qckGo1ObjED2KY55g==
x-amz-cf-pop
EWR52-C4
x-amzn-requestid
7cea5743-9046-4d59-b48a-fa45c7602991
x-cache
Hit from cloudfront
file.svg
image-tc.galaxy.tf/wisvg-6aiircfs34ql5lsoluivn2xck/
1 KB
1 KB
Image
General
Full URL
https://image-tc.galaxy.tf/wisvg-6aiircfs34ql5lsoluivn2xck/file.svg?width=500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b864 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
472a02d0503f9447e1e6e1f6acaf23a0d86130c13cedc81ee443fb28b1e82095
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 01:42:16 GMT
via
1.1 bc9d715161855640c4738aa7390d934e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
436493
x-cache
Miss from cloudfront
content-type
image/svg+xml
x-amz-replication-status
COMPLETED
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 05 Dec 2021 21:42:55 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"6a47d568cbb98723fcfccc8c4d390854"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-amz-version-id
3.pE47OI7cUJeftzPhPPsojG2deGz1NR
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop
YTO50-P2
cf-ray
7432118f0d2fca47-YUL
x-amz-cf-id
1OxFnGWBn4RVLihW68RbfcOzxspBwsTcDqfeggnGxzHZ312ADLD8Tg==
expires
Thu, 31 Aug 2023 01:42:16 GMT
file.svg
image-tc.galaxy.tf/wisvg-1ryve29oki9zgjhzg6zkh5c7z/
6 KB
3 KB
Image
General
Full URL
https://image-tc.galaxy.tf/wisvg-1ryve29oki9zgjhzg6zkh5c7z/file.svg?width=500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b864 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f28fa10529c01d52222edea9a7e9e5f45edaf7b33a0e44245f187a4f9a66166
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 01:42:16 GMT
via
1.1 6377b6d44129cf483b7fc47ee1f9b05d.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
27825773
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-replication-status
COMPLETED
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 12 Oct 2021 09:24:37 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1e039c13abeebb837ec31939b4ecfe1f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-amz-version-id
7AIhVvMU7VTpwJluh6ZGGpBIM9rOtVB4
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop
EWR53-C2
cf-ray
7432118f0d35ca47-YUL
x-amz-cf-id
7o6SGzQGC2Zu5uO5dKOMFGnsKEC6lab2glYCl-QHjbubUnPCaZpSUw==
expires
Thu, 31 Aug 2023 01:42:16 GMT
3947
dynamic.travelclick-websolutions.com/view/
1 KB
1 KB
XHR
General
Full URL
https://dynamic.travelclick-websolutions.com/view/3947
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v53dcb28ae89b1c6042829b0b7a034f87
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.244.31.25 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
xo7-viplb-01-new.ny.ig-1.net
Software
Apache /
Resource Hash
4246c1c97cf208475a563bb6f26e63d35fc186e8243988795a4a572c3163ba25
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 31 Aug 2022 01:42:16 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
X-Real-Hostname
xo7-web-02
Strict-Transport-Security
max-age=15768000
Content-Length
650
Expires
Thu, 19 Nov 1981 08:52:00 GMT
chunk-tc-GMS-e03526693ac25322a9c7.js
www.rsvprewards.com/integration/tc-theme/public/js/chunk/
3 KB
2 KB
Script
General
Full URL
https://www.rsvprewards.com/integration/tc-theme/public/js/chunk/chunk-tc-GMS-e03526693ac25322a9c7.js
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v53dcb28ae89b1c6042829b0b7a034f87
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6477c99fdb15187e3c895b87a03d06c3a984927f827650932c4979f12a2bb51f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 01:42:16 GMT
via
1.1 42d3518040c55e24793897f7f5d5f342.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
5347
x-cache
Miss from cloudfront
content-type
application/javascript
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 29 Aug 2022 17:28:34 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"a17172b3929fb36caf3b6449ce7d9c48"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-amz-version-id
Yr7zP8bON53Yuj16x5aOgCkxmdnTrzvx
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-amz-cf-pop
EWR53-C1
cf-ray
7432118f5da64bbe-YUL
x-amz-meta-md5chksum
oXFys5Kfs2yvO2RJzn2cSA==
x-amz-cf-id
3uvaIvkbOTQCUPI-1v1tOQZQRPaWX5KKV6rXVt1cgKRuRZtX5At5_A==
expires
Thu, 31 Aug 2023 01:42:16 GMT
1100262
api.tsa-db.com/v1/data/BID/
683 B
1 KB
XHR
General
Full URL
https://api.tsa-db.com/v1/data/BID/1100262
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v53dcb28ae89b1c6042829b0b7a034f87
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2120:d800:16:41f8:18c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
958704d05d4be8019f515074008637b86eba742801afbc048924daad6d3cc437

Request headers

Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 31 Aug 2022 01:37:16 GMT
via
1.1 3656f262c2589326b2ab2a4824da0516.cloudfront.net (CloudFront)
age
300
x-amzn-requestid
11ad44ba-f199-47d5-92a2-6159e319a06d
x-cache
Hit from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
x-amzn-trace-id
Root=1-630ebb4c-60c630612e2d111632b39d2f;Sampled=0
x-amz-cf-pop
EWR52-C4
access-control-allow-credentials
true
x-amz-apigw-id
XtIz8GUcoAMFjLQ=
content-length
683
x-amz-cf-id
IUZWF9BnDNNHx5c0SOqpUZC5td9ZbuJqNWWxRnh2gEXToAneSgPCuw==
vendors~gms-auth-popup~gms-full-app.92c4eda72e5752b7652e.js
www.rsvprewards.com/integration/tc-theme/public/shared-gms-v2/js/chunks/
180 KB
62 KB
Script
General
Full URL
https://www.rsvprewards.com/integration/tc-theme/public/shared-gms-v2/js/chunks/vendors~gms-auth-popup~gms-full-app.92c4eda72e5752b7652e.js
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/shared-gms-v2/js/main.bundle.js?v53dcb28ae89b1c6042829b0b7a034f87
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe2ac309caf859d37461077b9952b40e84173a131641aa9334f887b0d6cd1112
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 01:42:16 GMT
via
1.1 5e2f1ed3ba0ab1e08304bb3d134360de.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
5347
x-cache
Hit from cloudfront
content-type
application/javascript
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 28 Jul 2022 18:33:32 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"956fea0f8482f6596a711fd14fc34159"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-amz-version-id
zW95XsGkAMxl6KGoPnizOh_3WbTesWhs
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-amz-cf-pop
YTO50-P2
cf-ray
743211905f794bbe-YUL
x-amz-meta-md5chksum
lW/qD4SC9llqcR/RT8NBWQ==
x-amz-cf-id
EDl8dZ7ZZwhoghNu-U0NKmYudElpMMp2aF6avT_R4jxgyT2VB1yY8g==
expires
Thu, 31 Aug 2023 01:42:16 GMT
vendors~gms-full-app.a0478037825256550caa.js
www.rsvprewards.com/integration/tc-theme/public/shared-gms-v2/js/chunks/
101 KB
36 KB
Script
General
Full URL
https://www.rsvprewards.com/integration/tc-theme/public/shared-gms-v2/js/chunks/vendors~gms-full-app.a0478037825256550caa.js
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/shared-gms-v2/js/main.bundle.js?v53dcb28ae89b1c6042829b0b7a034f87
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41e935e98fe7dccafed55096e7e477ff102f09ad23f8b8ce78ecd5ffb1fa8ad4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 01:42:16 GMT
via
1.1 6589108eb8812ce79de8a8eef3f72bee.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
5347
x-cache
Hit from cloudfront
content-type
application/javascript
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 28 Jul 2022 18:33:41 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"c9c6502295fb4435186c66e4fe415886"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-amz-version-id
zsbkQkDxoug0cdS8baAG.73IKb0yIK_y
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-amz-cf-pop
YTO50-P2
cf-ray
743211905f804bbe-YUL
x-amz-meta-md5chksum
ycZQIpX7RDUYbGbk/kFYhg==
x-amz-cf-id
nxzvxJKoqmift7dF3SbM_gYPdHz-egxdBc79qqSu1TV_HRWRgJpFiA==
expires
Thu, 31 Aug 2023 01:42:16 GMT
gms-full-app.ba64940d7714f0a6eda8.js
www.rsvprewards.com/integration/tc-theme/public/shared-gms-v2/js/chunks/
29 KB
10 KB
Script
General
Full URL
https://www.rsvprewards.com/integration/tc-theme/public/shared-gms-v2/js/chunks/gms-full-app.ba64940d7714f0a6eda8.js
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/shared-gms-v2/js/main.bundle.js?v53dcb28ae89b1c6042829b0b7a034f87
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1dc9b6088cf543295508d4f5032db9a44f9f1de16ba9803af7a50c56190796e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 01:42:16 GMT
via
1.1 0e761f7a5b2481acd893422a702c9fa8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
5347
x-cache
Hit from cloudfront
content-type
application/javascript
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 28 Jul 2022 18:33:25 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"d5efdbeee3fc3eb1990673bd2134aa5a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-amz-version-id
.vkJ3X.Uf6z8_B6c.u9skoIbdbFnL_h4
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-amz-cf-pop
YTO50-P2
cf-ray
743211905f854bbe-YUL
x-amz-meta-md5chksum
1e/b7uP8PrGZBnO9ITSqWg==
x-amz-cf-id
z3n9ZyW2fgVoCa7Zh0j9MilCoFPq5-NEVvsPs8_CbPe5A9CDF2gwzg==
expires
Thu, 31 Aug 2023 01:42:16 GMT
743211888c204bb9
www.rsvprewards.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 98BB
2 B
441 B
XHR
General
Full URL
https://www.rsvprewards.com/cdn-cgi/challenge-platform/h/b/cv/result/743211888c204bb9
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1661904000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 31 Aug 2022 01:42:16 GMT
content-encoding
br
server
cloudflare
cf-ray
7432119189ab4bbe-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/plain; charset=UTF-8
vendors~gms-app-auth~gms-app-non-auth~gms-auth-popup.f74f710b430a9505f747.js
www.rsvprewards.com/integration/tc-theme/public/shared-gms-v2/js/chunks/
142 KB
49 KB
Script
General
Full URL
https://www.rsvprewards.com/integration/tc-theme/public/shared-gms-v2/js/chunks/vendors~gms-app-auth~gms-app-non-auth~gms-auth-popup.f74f710b430a9505f747.js
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/shared-gms-v2/js/main.bundle.js?v53dcb28ae89b1c6042829b0b7a034f87
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2deab084076f031d502e2e9e6d70ca3bab70bdc5bd6ff7715afc1e5a1c66bc9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 01:42:16 GMT
via
1.1 67dd4d73b80aece69a8e725c6d612b6e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
5347
x-cache
Hit from cloudfront
content-type
application/javascript
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 28 Jul 2022 18:33:45 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"87c306582918590c258bc15af1fd4dfc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-amz-version-id
KdHg9nUwYn3bq7tbsP6EJJpVU2QHOaKi
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-amz-cf-pop
YTO50-P2
cf-ray
74321191ca084bbe-YUL
x-amz-meta-md5chksum
h8MGWCkYWQwli8Fa8f1N/A==
x-amz-cf-id
bAOqX9KQZ7MJQ6pI0vT8ptCCenMDeTOl60CKS0LKc3TBmSyM0TVbzg==
expires
Thu, 31 Aug 2023 01:42:16 GMT
gms-app-auth~gms-app-non-auth~gms-auth-popup.e65292f1bb6c90df1cd9.js
www.rsvprewards.com/integration/tc-theme/public/shared-gms-v2/js/chunks/
54 KB
14 KB
Script
General
Full URL
https://www.rsvprewards.com/integration/tc-theme/public/shared-gms-v2/js/chunks/gms-app-auth~gms-app-non-auth~gms-auth-popup.e65292f1bb6c90df1cd9.js
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/shared-gms-v2/js/main.bundle.js?v53dcb28ae89b1c6042829b0b7a034f87
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
040c753dc904a521b1ca2dc5b53163149010ab12b3409561e3c946819ac33f4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 01:42:16 GMT
via
1.1 21c66eb5f493a6e3ddbaa803cebfe014.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
5347
x-cache
Hit from cloudfront
content-type
application/javascript
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 28 Jul 2022 18:33:25 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"7d652e8b8bb98219b6a1575130d64007"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-amz-version-id
3Eep0F3SmNxPkq5iWHoGFSOZPJLVHOcA
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-amz-cf-pop
YTO50-P2
cf-ray
74321191ca0b4bbe-YUL
x-amz-meta-md5chksum
fWUui4u5ghm2oVdRMNZABw==
x-amz-cf-id
PUaO_25quM7v5yQL9shHLutg4c0C_uQsPZb9EvipuxCCcnuCIdRgtg==
expires
Thu, 31 Aug 2023 01:42:16 GMT
gms-app-non-auth.80fdecd83269ca6e9766.js
www.rsvprewards.com/integration/tc-theme/public/shared-gms-v2/js/chunks/
62 KB
13 KB
Script
General
Full URL
https://www.rsvprewards.com/integration/tc-theme/public/shared-gms-v2/js/chunks/gms-app-non-auth.80fdecd83269ca6e9766.js
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/shared-gms-v2/js/main.bundle.js?v53dcb28ae89b1c6042829b0b7a034f87
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2747850a2a654cdd5c0ac2fb2c43d5daf96072468b19a35bc205e735ff84b6e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 01:42:16 GMT
via
1.1 74797197cacba7d22a7c3a7685b38272.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
5347
x-cache
Hit from cloudfront
content-type
application/javascript
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 28 Jul 2022 18:33:25 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"2cde42262e6171b25a90a2852f706818"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-amz-version-id
bBAh_e6LBMo5qxNlppW.PlsN49vi6Unk
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-amz-cf-pop
YTO50-P2
cf-ray
74321191ca0e4bbe-YUL
x-amz-meta-md5chksum
LN5CJi5hcbJakKKFL3BoGA==
x-amz-cf-id
n1CoLkbIaEFJaAdqQWVCF5k2Pkqh1uRUegM8abd6PS48RTMqpWqNAg==
expires
Thu, 31 Aug 2023 01:42:16 GMT
recaptcha
api.travelclick.com/loyalty/v2/NPC/auth/
34 B
933 B
XHR
General
Full URL
https://api.travelclick.com/loyalty/v2/NPC/auth/recaptcha
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v53dcb28ae89b1c6042829b0b7a034f87
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:aa2::14b9 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2640603c81e84936fe90cb8f1697c47eee36d4f6013352d6fc917bb38507a291

Request headers

Authorization
Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJhcHAiOiJHQUxBWFkiLCJhY2MiOiJkMGE0ZTE0Yi0zMjBmLTQ1ZGItYjg2Yi01Njg0N2JlMjVlY2IiLCJzdWIiOiIiLCJjaGFpbiI6IiIsInBhcnRuZXIiOiIiLCJjaG4iOiIiLCJpc3MiOiJ0cmF2ZWxjbGljayIsImV4cCI6MTY2MTkxMjAxMywianRpIjoiNWI3YzFhMDAtMmIxMi00ZDA3LWE5Y2EtYTJiZmEwNTc2ZjkwIiwibWVjaCI6IiJ9.pdHRT4li9IGiJtl00eiBWRtCzlUs1DRwBPin0QCEc1SopGPI2_n7dlHGKGVhKNL2mCgO8-Nwe6sAmsfnJeul6ljJZ5_f69ZhdRGFYyNq_znYvD0PywSZR4PFIFfxByvAM2w2wux-FAiOtLuBKPx9IrBEkvKSUsIROyGh9HbmwO0uvC1VNDnxIhz9v1xpMP4iQ7zlwBl7IV77q_IicMIZ2LS-weJ80fJTvnqetDWE066tjXYw5nWoGjMejOoJc-31IqGM92tLtyF6XRJA6hIYDdRGba1tOj_lbtM1VDFMW0l_QvnkJSuXimfFcXmM7b0OIqLD520Mcbxm7fIUuydFsA
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 01:42:17 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, CONNECT, PATCH
content-type
application/json
access-control-allow-origin
https://www.rsvprewards.com
access-control-max-age
3600
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, x-tc-user-auth
content-length
60
x-application-context
application:server,prod1:8070
recaptcha
api.travelclick.com/loyalty/v2/NPC/auth/ Frame
0
0
Preflight
General
Full URL
https://api.travelclick.com/loyalty/v2/NPC/auth/recaptcha
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:aa2::14b9 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://www.rsvprewards.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

accept
*/*
accept-encoding
gzip
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, x-tc-user-auth
access-control-allow-methods
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, CONNECT, PATCH
access-control-allow-origin
https://www.rsvprewards.com
access-control-max-age
3600
access-control-request-headers
authorization
access-control-request-method
GET
akamai-origin-hop
1
breadcrumbid
ID-areaapil001-prod-res-ldc-tcinfra-com-1661412752291-0-894324
content-length
0
date
Wed, 31 Aug 2022 01:42:16 GMT
enterpriseid
NPC
origin
https://www.rsvprewards.com
referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00
sec-fetch-dest
empty
sec-fetch-mode
cors
sec-fetch-site
cross-site
true-client-ip
2607:5300:60:7867::2
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
x-akamai-config-log-detail
true
x-akamai-device-characteristics
is_mobile=false;is_tablet=false
x-akamai-edgescape
georegion=300,country_code=CA,region_code=QC,city=MONTREAL,lat=45.50,long=-73.58,timezone=EST,zip=H1A+H1B+H1C+H1E+H1G+H1H+H1K+H1L+H1M+H1N+H1R+H1S+H1T+H1V+H1W+H1X+H1Y+H1Z+H2A+H2B+H2C+H2E+H2G+H2H+H2J+H2K+H2L+H2M+H2N+H2P+H2R+H2S+H2T+H2V+H2W+H2X+H2Y+H2Z+H3A+H3B+H3C+H3G+H3H+H3J+H3K+H3L+H3M+H3N+H3P+H3R+H3S+H3T+H3V+H3W+H3X+H3Y+H3Z+H4A+H4B+H4C+H4E+H4J+H4K+H4N+H4P+H4V+H4W+H4Z+H5A+H5B,continent=NA,throughput=low,bw=1,asnum=16276,network_type=hosted,location_id=0
x-application-context
application:server,prod1:8070
x-forwarded-for
2607:5300:60:7867::2
js
www.googletagmanager.com/gtag/
124 KB
49 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TL2MM4B
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2008 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cf6e2acd0b9b5f30d3fb16b521bfb014588c1a77dc35bd5f719f67d76678d899
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 01:42:16 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49939
x-xss-protection
0
last-modified
Wed, 31 Aug 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 31 Aug 2022 01:42:16 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TL2MM4B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200e Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
2395
date
Wed, 31 Aug 2022 01:02:21 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 31 Aug 2022 03:02:21 GMT
js
www.googletagmanager.com/gtag/
203 KB
72 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-H4228VNMFE&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MBPBFS9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2008 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2e0d9a12d85c400698f67fcfaa656482ac1c1baa0191c4fcd7581beb9532c04a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 01:42:16 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73881
x-xss-protection
0
expires
Wed, 31 Aug 2022 01:42:16 GMT
js
www.googletagmanager.com/gtag/
203 KB
72 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3S5G3ZLFWB&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MBPBFS9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2008 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cccc75ca98bcb1c4e1c960bfcad076402187cc33d9a321b2f18756bc8d1c6551
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 01:42:16 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73963
x-xss-protection
0
expires
Wed, 31 Aug 2022 01:42:16 GMT
thick.svg
www.rsvprewards.com/integration/tc-theme/public/shared-gms-v2/resources/svg/
145 B
727 B
Image
General
Full URL
https://www.rsvprewards.com/integration/tc-theme/public/shared-gms-v2/resources/svg/thick.svg
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/shared-gms-v2/css/main.css?v53dcb28ae89b1c6042829b0b7a034f87
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff4748da828fd12795da27db137e2345cd6301f80b9b95f7da7ef2ee72b0abb1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/integration/tc-theme/public/shared-gms-v2/css/main.css?v53dcb28ae89b1c6042829b0b7a034f87
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 01:42:16 GMT
via
1.1 1ffe498380a643d1bb2efaa624b761a6.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
1422
x-cache
Miss from cloudfront
content-type
image/svg+xml
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 17 Sep 2021 23:57:06 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"394e2ffa049f730d5bf622c74b5249c2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-amz-version-id
i.J90AZIo8Q2tvK6s3FQpGucXBQehzw9
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-amz-cf-pop
EWR53-C1
cf-ray
743211928b4b4bbe-YUL
x-amz-meta-md5chksum
OU4v+gSfcw1b9iLHS1JJwg==
x-amz-cf-id
8dD8-XF7NTHe-A3z80cMB2ryVPg8emkxJkEdthubMdEQibzaPGpIyw==
expires
Thu, 31 Aug 2023 01:42:16 GMT
JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
fonts.gstatic.com/s/montserrat/v25/
31 KB
31 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,400i,700,700i&display=swap&subset=latin,latin-ext
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.rsvprewards.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 22:29:53 GMT
x-content-type-options
nosniff
age
270743
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31760
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:54:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Aug 2023 22:29:53 GMT
destination
www.googletagmanager.com/gtag/
203 KB
72 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-H4228VNMFE&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MBPBFS9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2008 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
82dcf27cf388e996ba01e8c0f6685a549b30db84d672e88dddd48aa93279dd31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 01:42:16 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73930
x-xss-protection
0
expires
Wed, 31 Aug 2022 01:42:16 GMT
destination
www.googletagmanager.com/gtag/
203 KB
72 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-3S5G3ZLFWB&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MBPBFS9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2008 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
63b9cef9f765b48679f0cf4f38316b60e4e22164351d82ff7e674314ca45e93f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 01:42:16 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73954
x-xss-protection
0
expires
Wed, 31 Aug 2022 01:42:16 GMT
collect
www.google-analytics.com/j/
1 B
21 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=243652411&t=pageview&_s=1&dl=https%3A%2F%2Fwww.rsvprewards.com%2Fsign-up%3Futm_medium%3Demail%26utm_source%3DAB%2BSplit%2BEmail%26utm_campaign%3DSHG_August30_EndlessSummer%26pl%3Dp05f00d00507c05a01m00v02z03g04x05600l00n00&dp=%2Fsign-up%3Futm_medium%3Demail%26utm_source%3DAB%2BSplit%2BEmail%26utm_campaign%3DSHG_August30_EndlessSummer%26pl%3Dp05f00d00507c05a01m00v02z03g04x05600l00n00&ul=en-us&de=UTF-8&dt=Sign%20Up%20Page%20%7C%20RSVP%20Rewards&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAAC~&jid=1840845684&gjid=1556543359&cid=1212161790.1661910137&tid=UA-162681275-1&_gid=1532057247.1661910137&_r=1&gtm=2wg8t0TL2MM4B&cg1=guest_portal&cg2=not_applicable&cg3=group_property&cd1=1100262&cd2=not_applicable&cd3=Northland%20Properties%20Corp&cd4=The%20Sutton%20Place%20Hotels&cd5=not_applicable&cd6=not_applicable&cd7=not_applicable&cd8=not_applicable&cd9=not_applicable&cd10=not_applicable&cd11=not_applicable&cd12=galaxy&cd13=essentials&cd14=th1&cd15=hd1&cd16=ft3&cd19=tvs_no&cd20=not_applicable&cd21=group_property&cd22=not_applicable&cd23=not_applicable&cd24=2&cd25=en&cd26=guest_portal&cd27=not_applicable&cd28=not_applicable&cd29=not_applicable&cd30=no&cd31=no&cd34=%7C&cd36=%7C&cd38=https%3A%2F%2Fwww.rsvprewards.com%2Fsign-up%3Futm_medium%3Demail%26utm_source%3DAB%2BSplit%2BEmail%26utm_campaign%3DSHG_August30_EndlessSummer%26pl%3Dp05f00d00507c05a01m00v02z03g04x05600l00n00&cd39=not_applicable&cd40=rsvprewards.com&cd41=GTM-TL2MM4B&cd42=51&cd54=be4&cd59=0&z=1320895384
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v53dcb28ae89b1c6042829b0b7a034f87
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::200e Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 01:42:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.rsvprewards.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
1 B
21 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=243652411&t=pageview&_s=1&dl=https%3A%2F%2Fwww.rsvprewards.com%2Fsign-up%3Futm_medium%3Demail%26utm_source%3DAB%2BSplit%2BEmail%26utm_campaign%3DSHG_August30_EndlessSummer%26pl%3Dp05f00d00507c05a01m00v02z03g04x05600l00n00&dp=%2Fsign-up%3Futm_medium%3Demail%26utm_source%3DAB%2BSplit%2BEmail%26utm_campaign%3DSHG_August30_EndlessSummer%26pl%3Dp05f00d00507c05a01m00v02z03g04x05600l00n00&ul=en-us&de=UTF-8&dt=Sign%20Up%20Page%20%7C%20RSVP%20Rewards&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACEABBAAAAC~&jid=997049283&gjid=2024863735&cid=1212161790.1661910137&tid=UA-193984690-1&_gid=1532057247.1661910137&_r=1&gtm=2wg8t0MBPBFS9&cd1=not_available&cd2=not_available&cd3=not_available&cd4=Guest&cd5=not_available&cd6=not_available&cd7=not_available&cd8=not_available&cd9=not_available&cd10=not_applicable&cd11=not_applicable&cd12=not_applicable&cd14=not_applicable&cd15=not_applicable&cd16=no&cd19=https%3A%2F%2Fwww.rsvprewards.com%2Fsign-up%3Futm_medium%3Demail%26utm_source%3DAB%2BSplit%2BEmail%26utm_campaign%3DSHG_August30_EndlessSummer%26pl%3Dp05f00d00507c05a01m00v02z03g04x05600l00n00&z=19229176
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v53dcb28ae89b1c6042829b0b7a034f87
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::200e Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 01:42:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.rsvprewards.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
1 B
21 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=243652411&t=pageview&_s=1&dl=https%3A%2F%2Fwww.rsvprewards.com%2Fsign-up%3Futm_medium%3Demail%26utm_source%3DAB%2BSplit%2BEmail%26utm_campaign%3DSHG_August30_EndlessSummer%26pl%3Dp05f00d00507c05a01m00v02z03g04x05600l00n00&dp=%2Fsign-up%3Futm_medium%3Demail%26utm_source%3DAB%2BSplit%2BEmail%26utm_campaign%3DSHG_August30_EndlessSummer%26pl%3Dp05f00d00507c05a01m00v02z03g04x05600l00n00&ul=en-us&de=UTF-8&dt=Sign%20Up%20Page%20%7C%20RSVP%20Rewards&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACEABBAAAAC~&jid=2037523818&gjid=1661220486&cid=1212161790.1661910137&tid=UA-193985224-1&_gid=1532057247.1661910137&_r=1&gtm=2wg8t0MBPBFS9&cd1=not_available&cd2=not_available&cd3=not_available&cd4=Guest&cd5=not_available&cd6=not_available&cd7=not_available&cd8=not_available&cd9=not_available&cd10=not_applicable&cd11=not_applicable&cd12=not_applicable&cd14=not_applicable&cd15=not_applicable&cd16=no&cd19=https%3A%2F%2Fwww.rsvprewards.com%2Fsign-up%3Futm_medium%3Demail%26utm_source%3DAB%2BSplit%2BEmail%26utm_campaign%3DSHG_August30_EndlessSummer%26pl%3Dp05f00d00507c05a01m00v02z03g04x05600l00n00&z=2037163563
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v53dcb28ae89b1c6042829b0b7a034f87
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::200e Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 01:42:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.rsvprewards.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-H4228VNMFE&gtm=2oe8t0&_p=243652411&cid=1212161790.1661910137&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=1&dl=%2Fsign-up%3Futm_medium%3Demail%26utm_source%3DAB%2BSplit%2BEmail%26utm_campaign%3DSHG_August30_EndlessSummer%26pl%3Dp05f00d00507c05a01m00v02z03g04x05600l00n00&sid=1661910136&sct=1&seg=0&dt=Sign%20Up%20Page%20%7C%20RSVP%20Rewards&en=page_view&_fv=1&_ss=1&ep.page_section=not_applicable&ep.page_subsection=not_applicable&ep.page_content_group=not_applicable&ep.page_full_url=https%3A%2F%2Fwww.rsvprewards.com%2Fsign-up%3Futm_medium%3Demail%26utm_source%3DAB%2BSplit%2BEmail%26utm_campaign%3DSHG_August30_EndlessSummer%26pl%3Dp05f00d00507c05a01m00v02z03g04x05600l00n00&ep.page_language=en&ep.page_containing_tvs=no&ep.hotel_city=not_applicable&ep.hotel_country=not_applicable&ep.hotel_state=not_applicable&ep.hotel_continent=not_applicable&ep.hotel_brand_name=The%20Sutton%20Place%20Hotels&ep.hotel_id=not_applicable&ep.hotel_name=not_applicable&ep.hotel_star_rating=not_applicable&ep.hotel_property_type=group_property&ep.hotel_booking_engine_provider=not_applicable&up.user_logged_in_session=no
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::200e Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 01:42:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.rsvprewards.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-3S5G3ZLFWB&gtm=2oe8t0&_p=243652411&cid=1212161790.1661910137&ul=en-us&sr=1600x1200&ir=1&_eu=Q&_z=ccd.v9B&_s=1&dl=%2Fsign-up%3Futm_medium%3Demail%26utm_source%3DAB%2BSplit%2BEmail%26utm_campaign%3DSHG_August30_EndlessSummer%26pl%3Dp05f00d00507c05a01m00v02z03g04x05600l00n00&sid=1661910136&sct=1&seg=0&dt=Sign%20Up%20Page%20%7C%20RSVP%20Rewards&en=page_view&_fv=1&_ss=1&ep.page_section=not_applicable&ep.page_subsection=not_applicable&ep.page_content_group=not_applicable&ep.page_full_url=https%3A%2F%2Fwww.rsvprewards.com%2Fsign-up%3Futm_medium%3Demail%26utm_source%3DAB%2BSplit%2BEmail%26utm_campaign%3DSHG_August30_EndlessSummer%26pl%3Dp05f00d00507c05a01m00v02z03g04x05600l00n00&ep.page_language=en&ep.page_containing_tvs=no&ep.hotel_city=not_applicable&ep.hotel_country=not_applicable&ep.hotel_state=not_applicable&ep.hotel_continent=not_applicable&ep.hotel_brand_name=The%20Sutton%20Place%20Hotels&ep.hotel_id=not_applicable&ep.hotel_name=not_applicable&ep.hotel_star_rating=not_applicable&ep.hotel_property_type=group_property&ep.hotel_booking_engine_provider=not_applicable&up.user_logged_in_session=no
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::200e Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_August30_EndlessSummer&pl=p05f00d00507c05a01m00v02z03g04x05600l00n00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 01:42:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.rsvprewards.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
o478535.ingest.sentry.io/api/282725/envelope/
41 B
59 B
Fetch
General
Full URL
https://o478535.ingest.sentry.io/api/282725/envelope/?sentry_key=74e3662d86224213a76f365f800bfb4f&sentry_version=7
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v53dcb28ae89b1c6042829b0b7a034f87
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
8622d2cca72338bbb5c21ed64e23044afc28cd4f459cd5d9e13b733339b638bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.rsvprewards.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 31 Aug 2022 01:42:17 GMT
via
1.1 google
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.rsvprewards.com
access-control-expose-headers
x-sentry-error, x-sentry-rate-limits, retry-after
x-envoy-upstream-service-time
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41

Verdicts & Comments Add Verdict or Comment

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| galaxyGMS string| BIDnumber number| websiteID number| cms object| ts_analytics object| dl object| dataLayer object| galaxyInfo string| _dynamic_base object| websiteGlobalVariables object| cookieconsent string| gmsUrlReservation boolean| gmsUrlReservationTarget string| endpointBase string| tokenEndpoint string| reservationUrl string| gmsModifyBookingURL string| language string| gmsLoginURL string| gmsHomeURL string| gmsSignUpURL string| gmsResetPasswordURL string| gmsSignUpSuccessURL string| gmsResetPasswordCodeSuccessURL string| gmsDateFormat string| gmsDatePlaceholder object| gmsCalendars string| gmsDefaultTierColor string| gmsDefaultTierColorText string| gmsMembershipBgColor string| gmsMembershipTxtColor string| gmsPointsBgColor string| gmsPointsTxtColor string| gmsSecondaryNavBgColor string| gmsSecondaryNavFontColor string| gmsNavBgColor string| gmsNavFontColor object| gmsConfigObject string| gmsHotelsData boolean| gmsSDKSession string| gmsJSPath object| google_tag_manager function| setImmediate function| clearImmediate object| GMS function| base64 function| isLocalStorageAvailable object| GMSVendor object| __ga4Redact object| headerMenu object| headerConfigs object| cms_configs string| GMS_required_status object| gmsVisaIframe object| webpackJsonp object| regeneratorRuntime object| tcGMSHelpers object| GalaxyPersonalization function| triggerCheck_gms object| glxhprs object| webpackJsonpglxhprs object| GalaxyHelpers object| traductionBM object| validationMessages object| tcthemejsonpFunction object| picturefillCFG function| picturefill boolean| VimeoPlayerResizeEmbeds_ boolean| VimeoSeoMetadataAppended object| lazySizes object| BM object| __SENTRY__ function| SVGInject object| CustomMap object| CustomMapUI object| GoogleAPIs function| $ function| jQuery function| _ object| errorOptions function| alite object| tcTool object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady

10 Cookies

Domain/Path Name / Value
flow.sandmanhotels.com/tr Name: GMS_REDIRECT
Value: 53F620F89D55A5AEB64261ABE5B79C71
flow.sandmanhotels.com/ Name: 10500751023450
Value: 604a87734913
.www.rsvprewards.com/ Name: __cf_bm
Value: FoSv_o8oEQ95zGcMlvdD_gMQMXMTTlGZ8XYHxw1VEdk-1661910136-0-AQyKrxaYY4D03dRl8pZbopgkbdvBJ7+5c5JwiWK47YSrvVckjKit4pxZu4OVdrPATdC/82K73e0EPrx2A9+VxM6rKKAA6ZdeObh0d//VrBY6IQwH2PKFYW/eprgAbAbngA==
.rsvprewards.com/ Name: _gid
Value: GA1.2.1532057247.1661910137
.rsvprewards.com/ Name: _gat_tct
Value: 1
.rsvprewards.com/ Name: _gat_tc_client
Value: 1
.rsvprewards.com/ Name: _gat_tc_client_roll_up
Value: 1
.rsvprewards.com/ Name: _ga_H4228VNMFE
Value: GS1.1.1661910136.1.0.1661910136.0.0.0
.rsvprewards.com/ Name: _ga
Value: GA1.1.1212161790.1661910137
.rsvprewards.com/ Name: _ga_3S5G3ZLFWB
Value: GS1.1.1661910136.1.0.1661910136.0.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.travelclick.com
api.tsa-db.com
cdn.galaxy.tf
cdnjs.cloudflare.com
dynamic.travelclick-websolutions.com
flow.sandmanhotels.com
fonts.googleapis.com
fonts.gstatic.com
image-tc.galaxy.tf
o478535.ingest.sentry.io
www.google-analytics.com
www.googletagmanager.com
www.rsvprewards.com
195.244.31.25
23.14.86.154
2600:141b:13:aa2::14b9
2600:9000:2120:d800:16:41f8:18c0:93a1
2606:4700::6811:180e
2606:4700::6811:b864
2606:4700::6811:b964
2606:4700::6811:ba64
2607:f8b0:4006:80a::2008
2607:f8b0:4006:80b::2003
2607:f8b0:4006:80d::200e
2607:f8b0:4006:821::200a
34.120.195.249
040c753dc904a521b1ca2dc5b53163149010ab12b3409561e3c946819ac33f4a
0da03a0efdb4a929e3351931e28b8209b38ae97bfb7209f6d934671f4a701a44
1dc9b6088cf543295508d4f5032db9a44f9f1de16ba9803af7a50c56190796e3
2640603c81e84936fe90cb8f1697c47eee36d4f6013352d6fc917bb38507a291
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2747850a2a654cdd5c0ac2fb2c43d5daf96072468b19a35bc205e735ff84b6e1
2d41e1a2d9c65602ec532937daf2b389a01b79d8d056da73cc2ff62d37c3e4fe
2deab084076f031d502e2e9e6d70ca3bab70bdc5bd6ff7715afc1e5a1c66bc9d
2e0d9a12d85c400698f67fcfaa656482ac1c1baa0191c4fcd7581beb9532c04a
2e4b768550e76908bf473c085ba0c8847cac5bb2c50ad3a8b8817116a177e3e7
2f28fa10529c01d52222edea9a7e9e5f45edaf7b33a0e44245f187a4f9a66166
33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38
384d0fe2e6ac88f8ffabafe6a7e1425d1be8d81f3bec4883beb0350ed940edef
389e4690f14a42230eb7cd42bc7440bdcece028857143ea5e88d76066ceb9de2
41e935e98fe7dccafed55096e7e477ff102f09ad23f8b8ce78ecd5ffb1fa8ad4
4246c1c97cf208475a563bb6f26e63d35fc186e8243988795a4a572c3163ba25
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
472a02d0503f9447e1e6e1f6acaf23a0d86130c13cedc81ee443fb28b1e82095
561b5cc4d0d6e8ca338aa095eef9aca0a654b46aa9ac4e7bbb73bbac89f51aa6
584dfc26a09b20f29619b9e8e25003f632b9849808d0bdac4c3d18809aaad8f8
5a8f0f1c0b182d99acc2a3954b4f7d81fee12683003275da08761441f990514c
5f19884420052440129f0235ca44a2a6d7f5e4599150a8d3e1ef9b5a16007381
63b9cef9f765b48679f0cf4f38316b60e4e22164351d82ff7e674314ca45e93f
6477c99fdb15187e3c895b87a03d06c3a984927f827650932c4979f12a2bb51f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7d31d7714aaa2e13c828d46c536ceb9c5c309790d1fe890c8d58bbf1a4f1a905
82dcf27cf388e996ba01e8c0f6685a549b30db84d672e88dddd48aa93279dd31
8622d2cca72338bbb5c21ed64e23044afc28cd4f459cd5d9e13b733339b638bb
8a652333deb7f9ddd5b6ab3dcab82a355236e93aaff3d3fac37d05c36951ea87
958704d05d4be8019f515074008637b86eba742801afbc048924daad6d3cc437
9a23c2a8cf1f1d948d572b721141a6bda1fd0a8afb365d705d00317a2260502b
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a7d7184ac1e8ddb64e4cda4e272c3c7cf46f43d0d5f7ae2cc59fc8b241ffbf1a
ae06715c45abd5107d0fcf1b748aac903a434f44a5771094a7a85dc9d881ba07
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
cccc75ca98bcb1c4e1c960bfcad076402187cc33d9a321b2f18756bc8d1c6551
ce4f1b48eedafeaa3d9b02d15dc642b4cc9a995b6e517d6d9bd91d007a420a6c
cf6e2acd0b9b5f30d3fb16b521bfb014588c1a77dc35bd5f719f67d76678d899
d3ee891d09918b640073d78e8742d582c57ea6a883331ce1d0239b921439c2fb
ddd36af7a038da4ae62c1f9018760ef8a3a3faa3bda18bf43d339d36830a4d03
df78a608cbf6be1b1f878472d21aa5a1afc588bd19bb81017bf59a0334f430c5
e04815d2b44ded36554b60220d7a4e8b199747ae6f2911a8de71ed4781d5add5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb6458dba36f78bc8f32f076672a4c2a707dfa29648648a5768fbe2a672e0364
fe2ac309caf859d37461077b9952b40e84173a131641aa9334f887b0d6cd1112
ff4748da828fd12795da27db137e2345cd6301f80b9b95f7da7ef2ee72b0abb1