www.tdrewards.com Open in urlscan Pro
45.60.67.34 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://eurox.co.th/api-keys/logon.php?ttt=1673897298?idlogin=12de2235c74639cef8009f55c3f27005
Effective URL:
https://www.tdrewards.com/home-page
Submission: On February 16 via manual (February 16th 2023, 1:32:02 pm UTC) from IN — Scanned from SG

Summary HTTP 171 Redirects Behaviour Indicators

Summary

This website contacted 28 IPs in 4 countries across 33 domains to perform 171 HTTP transactions. The main IP is 45.60.67.34, located in United States and belongs to INCAPSULA, US. The main domain is www.tdrewards.com.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2022 Q4 on December 13th 2022. Valid for: 6 months.

This is the only time www.tdrewards.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	128.199.65.28 128.199.65.28	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
43	45.60.67.34 45.60.67.34	19551 (INCAPSULA) (INCAPSULA)
6	54.192.150.72 54.192.150.72	16509 (AMAZON-02) (AMAZON-02)
2 18	13.250.236.77 13.250.236.77	16509 (AMAZON-02) (AMAZON-02)
23	2404:6800:400... 2404:6800:4003:c05::61	15169 (GOOGLE) (GOOGLE)
1 9	2404:6800:400... 2404:6800:4003:c03::9c	15169 (GOOGLE) (GOOGLE)
1	52.74.236.208 52.74.236.208	16509 (AMAZON-02) (AMAZON-02)
3	104.81.138.27 104.81.138.27	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8 8	54.179.137.60 54.179.137.60	16509 (AMAZON-02) (AMAZON-02)
1	52.220.75.199 52.220.75.199	16509 (AMAZON-02) (AMAZON-02)
1 10	2404:6800:400... 2404:6800:4003:c11::63	15169 (GOOGLE) (GOOGLE)
10	2404:6800:400... 2404:6800:4003:c0f::5e	15169 (GOOGLE) (GOOGLE)
1 1	35.76.241.249 35.76.241.249	16509 (AMAZON-02) (AMAZON-02)
1 1	103.229.206.240 103.229.206.240	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	104.254.150.241 104.254.150.241	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	67.202.105.22 67.202.105.22	32748 (STEADFAST) (STEADFAST)
7 7	142.250.4.157 142.250.4.157	15169 (GOOGLE) (GOOGLE)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
6 12	52.221.81.3 52.221.81.3	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:116:800e... 2620:116:800e:21:46d:7e81:55ff:4c12	16509 (AMAZON-02) (AMAZON-02)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	34.111.234.236 34.111.234.236	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	106.10.236.147 106.10.236.147	56173 (YAHOO-SG3...) (YAHOO-SG3 internet content provider)
1 1	2600:1901:0:8... 2600:1901:0:8eee::	15169 (GOOGLE) (GOOGLE)
2 2	104.69.106.71 104.69.106.71	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	3.232.106.236 3.232.106.236	14618 (AMAZON-AES) (AMAZON-AES)
1	2406:2000:98:... 2406:2000:98:800::e6	38032 (YAHOO-HK2...) (YAHOO-HK2-AP internet content provider)
2 3	52.46.143.56 52.46.143.56	16509 (AMAZON-02) (AMAZON-02)
5	2404:6800:400... 2404:6800:4003:c0f::65	15169 (GOOGLE) (GOOGLE)
1	142.251.10.149 142.251.10.149	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c11::9a	15169 (GOOGLE) (GOOGLE)
1	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
5 8	142.251.12.148 142.251.12.148	15169 (GOOGLE) (GOOGLE)
5	2404:6800:400... 2404:6800:4003:c04::9b	15169 (GOOGLE) (GOOGLE)
2	142.251.12.149 142.251.12.149	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f00... 2a03:2880:f00c:212:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
2	74.125.24.157 74.125.24.157	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f10... 2a03:2880:f10c:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
12	209.15.211.147 209.15.211.147	() ()
171	28

1 128.199.65.28 (Singapore) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

eurox.co.th	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 45.60.67.34 (United States)

ASN19551 (INCAPSULA, US)

www.tdrewards.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.192.150.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-72.sin2.r.cloudfront.net

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 13.250.236.77 (Singapore) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-250-236-77.ap-southeast-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2404:6800:4003:c05::61 (Singapore)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2404:6800:4003:c03::9c (Singapore) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.74.236.208 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-236-208.ap-southeast-1.compute.amazonaws.com

td.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.81.138.27 (Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-81-138-27.deploy.static.akamaitechnologies.com

smetrics.td.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.179.137.60 (Singapore) 8 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-179-137-60.ap-southeast-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.220.75.199 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-75-199.ap-southeast-1.compute.amazonaws.com

tdbankfinancialgroup.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2404:6800:4003:c11::63 (Singapore) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2404:6800:4003:c0f::5e (Singapore)

ASN15169 (GOOGLE, US)

www.google.com.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.76.241.249 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-76-241-249.ap-northeast-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.229.206.240 (Singapore) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.254.150.241 (Los Angeles, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.158.64 (Singapore)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.22 (Palos Park, United States) 1 redirects

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-105.static.steadfastdns.net

dp2.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.4.157 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: sm-in-f157.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 52.221.81.3 (Singapore) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-221-81-3.ap-southeast-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800e:21:46d:7e81:55ff:4c12 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.234.236 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 236.234.111.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 106.10.236.147 (Singapore) 1 redirects

ASN56173 (YAHOO-SG3 internet content provider, SG)
PTR: spcms.pbp.vip.sg3.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:8eee:: (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.69.106.71 (Singapore) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-69-106-71.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.232.106.236 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-106-236.compute-1.amazonaws.com

exchange.adstanding.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:2000:98:800::e6 (Taiwan)

ASN38032 (YAHOO-HK2-AP internet content provider, HK)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.143.56 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4003:c0f::65 (Singapore)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.10.149 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f149.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c11::9a (Singapore)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.251.12.148 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: se-in-f148.1e100.net

6835781.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
6868519.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
5322602.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
5967600.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
10393945.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4003:c04::9b (Singapore)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.12.149 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f149.1e100.net

5967600.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
10393945.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f00c:212:face:b00c:0:3 (Singapore)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.241.14 (Apex, United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.24.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f157.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f10c:181:face:b00c:0:25de (Singapore)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 209.15.211.147 (None, )

ASN- ()

assets.tdrewards.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
55	tdrewards.com www.tdrewards.com assets.tdrewards.com	6 MB
28	doubleclick.net 13 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 cm.g.doubleclick.net — Cisco Umbrella Rank: 205 ad.doubleclick.net — Cisco Umbrella Rank: 164 stats.g.doubleclick.net — Cisco Umbrella Rank: 77 6835781.fls.doubleclick.net 6868519.fls.doubleclick.net — Cisco Umbrella Rank: 779441 5322602.fls.doubleclick.net 5967600.fls.doubleclick.net 10393945.fls.doubleclick.net	14 KB
23	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	1 MB
20	everesttech.net 14 redirects cm.everesttech.net — Cisco Umbrella Rank: 1029 pixel.everesttech.net — Cisco Umbrella Rank: 4493	9 KB
19	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 199 td.demdex.net — Cisco Umbrella Rank: 40372	21 KB
15	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 72	2 KB
10	google.com.sg www.google.com.sg — Cisco Umbrella Rank: 12969	1 KB
6	ensighten.com nexus.ensighten.com — Cisco Umbrella Rank: 2923	132 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	22 KB
4	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 241 bat.bing.com — Cisco Umbrella Rank: 368	13 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 149	91 KB
3	amazon-adsystem.com 2 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 274	2 KB
3	td.com smetrics.td.com — Cisco Umbrella Rank: 41557	5 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 106	216 B
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 163	18 KB
2	owneriq.net 2 redirects px.owneriq.net — Cisco Umbrella Rank: 1191	1 KB
2	yahoo.com 1 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 860 ads.yahoo.com — Cisco Umbrella Rank: 2672	1 KB
2	tribalfusion.com 2 redirects a.tribalfusion.com — Cisco Umbrella Rank: 734 s.tribalfusion.com — Cisco Umbrella Rank: 1800	941 B
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 426	1 KB
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 203	2 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 222	625 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 341	9 KB
1	adstanding.com 1 redirects exchange.adstanding.com — Cisco Umbrella Rank: 152272	169 B
1	pro-market.net 1 redirects fei.pro-market.net — Cisco Umbrella Rank: 2207	321 B
1	ml314.com 1 redirects ml314.com — Cisco Umbrella Rank: 1710	407 B
1	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 643	493 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 617	395 B
1	33across.com 1 redirects dp2.33across.com — Cisco Umbrella Rank: 9430	501 B
1	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 542	706 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 460	684 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 482	475 B
1	omtrdc.net tdbankfinancialgroup.tt.omtrdc.net — Cisco Umbrella Rank: 86817	724 B
1	eurox.co.th 1 redirects eurox.co.th	283 B
171	33

	Domain	Requested by
43	www.tdrewards.com	www.tdrewards.com
23	www.googletagmanager.com	nexus.ensighten.com www.googletagmanager.com
18	dpm.demdex.net	2 redirects www.tdrewards.com
12	assets.tdrewards.com	www.tdrewards.com
12	pixel.everesttech.net	6 redirects www.tdrewards.com
10	www.google.com.sg	www.tdrewards.com 5967600.fls.doubleclick.net
10	www.google.com	1 redirects www.tdrewards.com
9	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
8	cm.everesttech.net	8 redirects
7	cm.g.doubleclick.net	7 redirects
6	nexus.ensighten.com	www.tdrewards.com nexus.ensighten.com
5	adservice.google.com	6835781.fls.doubleclick.net 5322602.fls.doubleclick.net 10393945.fls.doubleclick.net 5967600.fls.doubleclick.net 6868519.fls.doubleclick.net
5	www.google-analytics.com	www.tdrewards.com www.google-analytics.com
3	connect.facebook.net	6835781.fls.doubleclick.net connect.facebook.net
3	bat.bing.com	nexus.ensighten.com bat.bing.com www.tdrewards.com
3	s.amazon-adsystem.com	2 redirects www.tdrewards.com
3	smetrics.td.com	www.tdrewards.com
2	www.facebook.com	6835781.fls.doubleclick.net
2	www.googleadservices.com	5967600.fls.doubleclick.net www.googleadservices.com
2	10393945.fls.doubleclick.net	1 redirects 6835781.fls.doubleclick.net
2	5967600.fls.doubleclick.net	1 redirects 6835781.fls.doubleclick.net
2	5322602.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	6868519.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	6835781.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	px.owneriq.net	2 redirects
2	pixel.tapad.com	2 redirects
2	ib.adnxs.com	2 redirects
1	bam.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	www.tdrewards.com
1	stats.g.doubleclick.net	www.tdrewards.com
1	ad.doubleclick.net	nexus.ensighten.com
1	ads.yahoo.com	www.tdrewards.com
1	exchange.adstanding.com	1 redirects
1	fei.pro-market.net	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	ml314.com	1 redirects
1	s.tribalfusion.com	1 redirects
1	a.tribalfusion.com	1 redirects
1	c.bing.com	1 redirects
1	cms.quantserve.com	1 redirects
1	analytics.twitter.com	www.tdrewards.com
1	dp2.33across.com	1 redirects
1	token.rubiconproject.com	www.tdrewards.com
1	sync.mathtag.com	1 redirects
1	aa.agkn.com	1 redirects
1	tdbankfinancialgroup.tt.omtrdc.net	www.tdrewards.com
1	td.demdex.net	nexus.ensighten.com
1	eurox.co.th	1 redirects
171	48

This site contains no links.

Subject Issuer	Validity	Valid
imperva.com GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-13` - `2023-06-11`	6 months	crt.sh
nexus.ensighten.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-07` - `2023-10-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
smetrics.td.com Entrust Certification Authority - L1M	`2022-10-12` - `2023-10-12`	a year	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-09-01`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.google.com.sg GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-03` - `2024-01-03`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-11-25` - `2023-05-25`	6 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-11-25` - `2023-02-23`	3 months	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
assets.tdrewards.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-24` - `2023-08-24`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://www.tdrewards.com/home-page
Frame ID: F66A488CDE841DA013C16B1F17BD0907
Requests: 128 HTTP requests in this frame

Frame: https://td.demdex.net/dest5.html?d_nsid=0
Frame ID: 4D7C4821B41EE86228CE2410AD04521B
Requests: 25 HTTP requests in this frame

Frame: https://6835781.fls.doubleclick.net/activityi;dc_pre=COWH2b-Tmv0CFYTQcwEd7OEOOA;src=6835781;type=tdrew0;cat=tdrew0;ord=1;num=9359702034594;gtm=45fe32f0;auiddc=406728175.1676554302;u1=02035324512203471391771226136983157623;~oref=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page
Frame ID: 4F681145766BEF7CD08C939F866A85B8
Requests: 7 HTTP requests in this frame

Frame: https://6868519.fls.doubleclick.net/activityi;dc_pre=CKSu2b-Tmv0CFacDtwAd6qsGAw;src=6868519;type=credi0;cat=tdrew00-;ord=1;num=7899310269818;gtm=45fe32f0;auiddc=406728175.1676554302;~oref=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page
Frame ID: 2D83A3A7571B585FB125495EA262EFAF
Requests: 2 HTTP requests in this frame

Frame: https://5322602.fls.doubleclick.net/activityi;dc_pre=CJOk2r-Tmv0CFV0PtwAd170PxQ;src=5322602;type=rewar0;cat=tdrew002;ord=1;num=4122597628723;gtm=45fe32f0;auiddc=406728175.1676554302;u1=02035324512203471391771226136983157623;~oref=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page
Frame ID: CF017F0B43F76499A47088A911B98588
Requests: 2 HTTP requests in this frame

Frame: https://5967600.fls.doubleclick.net/activityi;dc_pre=CPWq27-Tmv0CFcIMtwAdYhAA5w;src=5967600;type=invmedia;cat=tdrew000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=3020080285801.4077
Frame ID: 0F83B81773F983CEBC8B92EA88496E5E
Requests: 5 HTTP requests in this frame

Frame: https://10393945.fls.doubleclick.net/activityi;dc_pre=CJzL27-Tmv0CFViS2AUdhRUC-g;src=10393945;type=invmedia;cat=tdban02l;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=9613631665678.56
Frame ID: 376281BB5F1A672C108A94E0A348D517
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TD RewardsTD Rewards

Page URL History Show full URLs

https://eurox.co.th/api-keys/logon.php?ttt=1673897298?idlogin=12de2235c74639cef8009f55c3f27005 HTTP 302
https://www.tdrewards.com/home-page Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

\bangular.{0,32}\.js

Ensighten (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

//nexus\.ensighten\.com/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

171
Requests

85 %
HTTPS

33 %
IPv6

33
Domains

48
Subdomains

28
IPs

4
Countries

8085 kB
Transfer

10791 kB
Size

50
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://eurox.co.th/api-keys/logon.php?ttt=1673897298?idlogin=12de2235c74639cef8009f55c3f27005 HTTP 302
https://www.tdrewards.com/home-page Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A783776A5245B1E50A490D44%40AdobeOrg&d_nsid=0&ts=1676554302209 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A783776A5245B1E50A490D44%40AdobeOrg&d_nsid=0&ts=1676554302209

Request Chain 40

https://cm.everesttech.net/cm/dd?d_uuid=01937205230809454571799052450619272517 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y_4wPwAAAIKBkQN9

Request Chain 54

https://aa.agkn.com/adscores/g.pixel?sid=9211132908&aam=01937205230809454571799052450619272517 HTTP 302
https://dpm.demdex.net/ibs:dpid=21&dpuuid=232513304429010031268

Request Chain 65

https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=01937205230809454571799052450619272517&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d01937205230809454571799052450619272517 HTTP 302
https://dpm.demdex.net/ibs:dpid=269&dpuuid=206c63ee-303f-4500-9769-6c53b054b467&ddsuuid=01937205230809454571799052450619272517

Request Chain 66

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
https://dpm.demdex.net/ibs:dpid=358&dpuuid=5717618198874968751

Request Chain 68

https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D540%26dpuuid%3D%24%7BTA_DEVICE_ID%7D&partner_device_id=01937205230809454571799052450619272517 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=ADB&partner_url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D540%26dpuuid%3D%24%7BTA_DEVICE_ID%7D&partner_device_id=01937205230809454571799052450619272517 HTTP 302
https://dpm.demdex.net/ibs:dpid=540&dpuuid=febec45b-c047-4028-adb7-313208e96c81

Request Chain 69

https://dp2.33across.com/ps/?pid=897&random=1711547665 HTTP 302
https://dpm.demdex.net/ibs:dpid=601&dpuuid=212103185677670&random=1676554304

Request Chain 70

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MDE5MzcyMDUyMzA4MDk0NTQ1NzE3OTkwNTI0NTA2MTkyNzI1MTc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESECSLYUsMac3VLPW1cGpvMTQ&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 73

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.everesttech.net%2F1x1%3F HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WV80d1B3QUFBSUtCa1FOOQ&url=/1/gr%3furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F&google_gid=CAESEBtMOC4R9TgTY8zpWDiHJ3k&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 74

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072980%26val%3D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WV80d1B3QUFBSUtCa1FOOQ&url=/1/gr%3furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEBtMOC4R9TgTY8zpWDiHJ3k&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 75

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fib.adnxs.com%2Fpxj%3Faction%3Dsetuid(%27__EFGSURFER__.__EFGCK__%27)%26bidder%3D51%26seg%3D2634060der%3D51%26seg%3D2634060 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WV80d1B3QUFBSUtCa1FOOQ&url=/1/gr%3furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D2634060der%253D51%2526seg%253D2634060 HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D2634060der%253D51%2526seg%253D2634060&google_gid=CAESEBtMOC4R9TgTY8zpWDiHJ3k&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 76

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fexpires%3D30%26nid%3D2181%26put%3D__EFGSURFER__.__EFGCK__%26v%3D11782 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WV80d1B3QUFBSUtCa1FOOQ&url=/1/gr%3furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2526v%253D11782 HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2526v%253D11782&google_gid=CAESEBtMOC4R9TgTY8zpWDiHJ3k&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 77

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%3D%26piggybackCookie%3D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WV80d1B3QUFBSUtCa1FOOQ&url=/1/gr%3furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggybackCookie%253D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggybackCookie%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEBtMOC4R9TgTY8zpWDiHJ3k&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 78

https://cms.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=9iPWsvMgh-ftIoK18HSe4PYmhu7tJ4HlpSOs2w9Y

Request Chain 79

https://c.bing.com/c.gif?uid=01937205230809454571799052450619272517&Red3=MSAdobe_pd&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=27A650045F396E2B22F042BE5E386F57

Request Chain 80

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D71%26external_user_id%3D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WV80d1B3QUFBSUtCa1FOOQ&url=/1/gr%3furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEBtMOC4R9TgTY8zpWDiHJ3k&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 81

https://a.tribalfusion.com/i.match?p=b13&u=01937205230809454571799052450619272517&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$ HTTP 302
https://s.tribalfusion.com/z/i.match?p=b13&u=01937205230809454571799052450619272517&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$ HTTP 302
https://dpm.demdex.net/ibs:dpid=22054

Request Chain 82

https://ml314.com/utsync.ashx?eid=50112&et=0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID] HTTP 302
https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3633646459608367170

Request Chain 83

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=01937205230809454571799052450619272517&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-kGGKdThE2pF8jWFB0OV6eDkmbSEQhA_P0Yw-~A

Request Chain 84

https://fei.pro-market.net/engine?site=141472;size=1x1;mimetype=img;du=67;csync=01937205230809454571799052450619272517 HTTP 302
https://dpm.demdex.net/ibs:dpid=575&dpuuid=-7298207602752076725

Request Chain 85

https://px.owneriq.net/eucm/p/adpq?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D53196%26dpuuid%3D(OIQ_UUID) HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdpm.demdex.net%2fibs%3adpid%3d53196%26dpuuid%3dQ7298407041365979959&uid=Q7298407041365979959&ref=%2Feucm%2Fp%2Fadpq HTTP 302
https://dpm.demdex.net/ibs:dpid=53196&dpuuid=Q7298407041365979959

Request Chain 86

https://exchange.adstanding.com/partners/aam/sync.php HTTP 302
https://dpm.demdex.net/ibs:dpid=59982&dpuuid=

Request Chain 87

https://cm.everesttech.net/cm/yh HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=Y_4wPwAAAIKBkQN9&sigv=1&esig=1~1d085748a8b5decad9ba3d49dd00b1410e883571

Request Chain 88

https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433 HTTP 302
https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433&dcc=t HTTP 302
https://dpm.demdex.net/ibs:dpid=139200&dpuuid=F55EiaROSLSyr86IlBbdoQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=01937205230809454571799052450619272517

Request Chain 107

https://6835781.fls.doubleclick.net/activityi;src=6835781;type=tdrew0;cat=tdrew0;ord=1;num=9359702034594;gtm=45fe32f0;auiddc=406728175.1676554302;u1=02035324512203471391771226136983157623;~oref=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page HTTP 302
https://6835781.fls.doubleclick.net/activityi;dc_pre=COWH2b-Tmv0CFYTQcwEd7OEOOA;src=6835781;type=tdrew0;cat=tdrew0;ord=1;num=9359702034594;gtm=45fe32f0;auiddc=406728175.1676554302;u1=02035324512203471391771226136983157623;~oref=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page

Request Chain 108

https://6868519.fls.doubleclick.net/activityi;src=6868519;type=credi0;cat=tdrew00-;ord=1;num=7899310269818;gtm=45fe32f0;auiddc=406728175.1676554302;~oref=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page HTTP 302
https://6868519.fls.doubleclick.net/activityi;dc_pre=CKSu2b-Tmv0CFacDtwAd6qsGAw;src=6868519;type=credi0;cat=tdrew00-;ord=1;num=7899310269818;gtm=45fe32f0;auiddc=406728175.1676554302;~oref=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page

Request Chain 109

https://5322602.fls.doubleclick.net/activityi;src=5322602;type=rewar0;cat=tdrew002;ord=1;num=4122597628723;gtm=45fe32f0;auiddc=406728175.1676554302;u1=02035324512203471391771226136983157623;~oref=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page HTTP 302
https://5322602.fls.doubleclick.net/activityi;dc_pre=CJOk2r-Tmv0CFV0PtwAd170PxQ;src=5322602;type=rewar0;cat=tdrew002;ord=1;num=4122597628723;gtm=45fe32f0;auiddc=406728175.1676554302;u1=02035324512203471391771226136983157623;~oref=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page

Request Chain 111

https://5967600.fls.doubleclick.net/activityi;src=5967600;type=invmedia;cat=tdrew000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=3020080285801.4077 HTTP 302
https://5967600.fls.doubleclick.net/activityi;dc_pre=CPWq27-Tmv0CFcIMtwAdYhAA5w;src=5967600;type=invmedia;cat=tdrew000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=3020080285801.4077

Request Chain 112

https://10393945.fls.doubleclick.net/activityi;src=10393945;type=invmedia;cat=tdban02l;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=9613631665678.56 HTTP 302
https://10393945.fls.doubleclick.net/activityi;dc_pre=CJzL27-Tmv0CFViS2AUdhRUC-g;src=10393945;type=invmedia;cat=tdban02l;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=9613631665678.56

Request Chain 127

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/875695358/?random=1096094377&cv=9&fst=1676554307959&num=1&npa=1&label=Yk5PCMaLxYYYEP6ZyKED&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F5967600.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPWq27-Tmv0CFcIMtwAdYhAA5w%3Bsrc%3D5967600%3Btype%3Dinvmedia%3Bcat%3Dtdrew000%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bnpa%3D%3Bgdpr%3D%3Bgdpr_consent%3D%3Bord%3D3020080285801.4077%3F&ref=https%3A%2F%2F6835781.fls.doubleclick.net%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=QzDuY_2LO8-99QOghaHwBQ&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/875695358/?random=1096094377&cv=9&fst=1676554307959&num=1&npa=1&label=Yk5PCMaLxYYYEP6ZyKED&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F5967600.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPWq27-Tmv0CFcIMtwAdYhAA5w%3Bsrc%3D5967600%3Btype%3Dinvmedia%3Bcat%3Dtdrew000%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bnpa%3D%3Bgdpr%3D%3Bgdpr_consent%3D%3Bord%3D3020080285801.4077%3F&ref=https%3A%2F%2F6835781.fls.doubleclick.net%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=QzDuY_2LO8-99QOghaHwBQ&cid=CAQSKQDUE5ym3t4PYZxqv-DC69yJj7hTUf9oxdKGzoKVQr01jdQMr3LeijVe&random=1351929061&resp=GooglemKTybQhCsO HTTP 302
https://www.google.com.sg/pagead/1p-conversion/875695358/?random=1096094377&cv=9&fst=1676554307959&num=1&npa=1&label=Yk5PCMaLxYYYEP6ZyKED&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F5967600.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPWq27-Tmv0CFcIMtwAdYhAA5w%3Bsrc%3D5967600%3Btype%3Dinvmedia%3Bcat%3Dtdrew000%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bnpa%3D%3Bgdpr%3D%3Bgdpr_consent%3D%3Bord%3D3020080285801.4077%3F&ref=https%3A%2F%2F6835781.fls.doubleclick.net%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=QzDuY_2LO8-99QOghaHwBQ&cid=CAQSKQDUE5ym3t4PYZxqv-DC69yJj7hTUf9oxdKGzoKVQr01jdQMr3LeijVe&random=1351929061&resp=GooglemKTybQhCsO&ipr=y&prhg=0

171 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request home-page Show response
www.tdrewards.com/
Redirect Chain

https://eurox.co.th/api-keys/logon.php?ttt=1673897298?idlogin=12de2235c74639cef8009f55c3f27005
https://www.tdrewards.com/home-page

17 KB
17 KB

1047ms
1027ms

Document
text/html

45.60.67.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tdrewards.com/home-page

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.67.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

f26e7e4ce2db247f0c8ec9897c775da7be6032d49c1262a86ce89328006208ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-type: text/html; charset=utf-8
date: Thu, 16 Feb 2023 13:31:41 GMT
etag: W/"4302-g1oh4IfTHFaneaIdWJ2nY3mkv9s"
strict-transport-security: max-age=157680000
x-cdn: Imperva
x-iinfo: 12-10621650-10621654 NNNN CT(248 521 0) RT(1676554300550 6) q(0 0 8 0) r(10 10) U5
x-powered-by: Express

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html; charset=UTF-8
date: Thu, 16 Feb 2023 13:31:41 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://www.tdrewards.com/home-page
pragma: no-cache
server: nginx
x-powered-by: PHP/7.4.33 PleskLin
x-ua-compatible: IE=edge

GET
H2 200 Bootstrap.js Show response
nexus.ensighten.com/tdb/public-ca/ 335 KB
91 KB 24ms
6ms Script
application/javascript 54.192.150.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/tdb/public-ca/Bootstrap.js
Requested by: Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-72.sin2.r.cloudfront.net
Software: CloudFront /
Resource Hash: 9f8315d9a3ac8497d0d3eee3467a75e8cb5fcdda48d13788d65e0affae95aeb0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 22:03:30 GMT
x-amz-version-id: 9EB_lhFawcckbBJ1bon7.sP0tu3J.jT9
content-encoding: br
via: 1.1 c8c43b7bd0e92cbb9fbe171dc985f060.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-C1
age: 574093
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 09 Feb 2023 21:47:05 GMT
server: CloudFront
etag: W/"ec1b6263d2e6ab9d3558a5d504c60a43"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=300
x-amz-cf-id: uqdW5LwWD0lFeAGgQQ6WalyVECz75oMg_whCmFfIehYCS_i4oMyhGg==

GET
H2 200 style.css
www.tdrewards.com/templates/active/static/ 255 KB
256 KB 257ms
256ms Stylesheet
text/css 45.60.67.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tdrewards.com/templates/active/static/style.css

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.67.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

c89295f4cf9f044cc628d03fcdfde1d1d4a9d9398f86d20167e1f9bd90ff571b

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/home-page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:31:42 GMT
strict-transport-security: max-age=157680000
last-modified: Thu, 16 Feb 2023 13:27:40 GMT
x-cdn: Imperva
x-powered-by: Express
etag: W/"3fc1b-1865a68c1da"
content-type: text/css; charset=UTF-8
x-iinfo: 12-10621650-10621654 PNNN RT(1676554300550 1038) q(0 0 0 -1) r(3 3) U5
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 261147

GET
H2 200 vendors.js Show response
www.tdrewards.com/ 1 MB
1 MB 1073ms
1072ms Script
application/javascript 45.60.67.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tdrewards.com/vendors.js

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.67.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

8430e365f8defac031dcde01850e7c9fbf4d4108b991dba7c7bb411cab7a0cff

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/home-page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:31:43 GMT
strict-transport-security: max-age=157680000
last-modified: Sat, 11 Feb 2023 01:30:30 GMT
x-cdn: Imperva
x-powered-by: Express
etag: W/"13f64f-1863e185ef0"
content-type: application/javascript; charset=UTF-8
x-iinfo: 12-10621650-10621895 NNNN CT(266 530 0) RT(1676554300550 1041) q(0 0 8 -1) r(11 11) U5
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 1308239

GET
H2 200 bundle.js Show response
www.tdrewards.com/ 1 MB
1 MB 1077ms
1076ms Script
application/javascript 45.60.67.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tdrewards.com/bundle.js

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.67.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

ef02361cfc918950f2432a3eba916b540437375242bd255cd3d33cd7e252fd7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/home-page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:31:43 GMT
strict-transport-security: max-age=157680000
last-modified: Sat, 11 Feb 2023 01:30:30 GMT
x-cdn: Imperva
x-powered-by: Express
etag: W/"15ab28-1863e185ef0"
content-type: application/javascript; charset=UTF-8
x-iinfo: 12-10621650-10621897 NNNN CT(266 534 0) RT(1676554300550 1043) q(0 0 8 -1) r(11 11) U5
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 1420072

GET
H2 200 templateCacheHtml.js Show response
www.tdrewards.com/templates/active/static/ 336 B
507 B 1018ms
1018ms Script
application/javascript 45.60.67.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tdrewards.com/templates/active/static/templateCacheHtml.js

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.67.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

e54d3f4ad5c3c66a747f2a7f62e7ca28abfd2db5c57b3ba53721ee02e7e11b29

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/home-page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:31:42 GMT
strict-transport-security: max-age=157680000
last-modified: Sat, 11 Feb 2023 01:30:30 GMT
x-cdn: Imperva
x-powered-by: Express
etag: W/"150-1863e185ef0"
content-type: application/javascript; charset=UTF-8
x-iinfo: 12-10621650-10621900 NNNN CT(249 502 0) RT(1676554300550 1046) q(0 0 8 -1) r(11 11) U5
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 336

GET
H2 200 _Incapsula_Resource Show response
www.tdrewards.com/ 137 KB
20 KB 11ms
11ms Script
application/javascript 45.60.67.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tdrewards.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1314908550
Requested by: Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.67.34 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 2fb03a2ce745b5b139f72178cb8e06862939bc6b3ec55190260c831fb0039aae

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/home-page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
x-robots-tag: noindex
content-length: 19897
content-type: application/javascript

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A783776A5245B1E50A490D44%40AdobeOrg&d_nsid=0&ts=1676554302209
https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A783776A5245B1E50A490D44%40AdobeOrg&d_nsid=0&ts=1676554302209

5 KB
2 KB

9ms
8ms

XHR
application/json

13.250.236.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A783776A5245B1E50A490D44%40AdobeOrg&d_nsid=0&ts=1676554302209

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

HTTP/1.1

Server

13.250.236.77 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-250-236-77.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

21676ab136e387a17804cb9ea74cff3747cae41e493d20687d058efba1b4bc6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS: dcs-prod-apse-2-v043-0850de994.edge-apse.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: aJnXkAl3SyE=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.tdrewards.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1556
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-apse-1-v043-08a603c26.edge-apse.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 0yvGtKRJSC4=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.tdrewards.com
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A783776A5245B1E50A490D44%40AdobeOrg&d_nsid=0&ts=1676554302209
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 serverComponent.php Show response
nexus.ensighten.com/tdb/public-ca/ 599 B
907 B 28ms
28ms Script
text/javascript 54.192.150.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/tdb/public-ca/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/tdb/public-ca/code/&publishedOn=Thu%20Feb%2009%2021:47:01%20GMT%202023&ClientID=822&PageID=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tdb/public-ca/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-72.sin2.r.cloudfront.net
Software: CloudFront /
Resource Hash: b4c3fe3c99bfcbce39378f37930148a39b1f6e01a811ffb2fe6a44fe6d4152a2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:31:42 GMT
via: 1.1 c8c43b7bd0e92cbb9fbe171dc985f060.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: SIN2-C1
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: no-cache, no-store
content-length: 599
x-amz-cf-id: WzCkyqL95j7ZGErVvJuRFFW2LaW4AAsJkTVtpuo0V62JEsu1w4KXWQ==
expires: Thu, 16 Feb 2023 13:31:41 GMT

GET
H2 200 21d670707824fc8bcc8207d207cfc0fa.js Show response
nexus.ensighten.com/tdb/public-ca/code/ 114 KB
37 KB 7ms
6ms Script
application/javascript 54.192.150.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/tdb/public-ca/code/21d670707824fc8bcc8207d207cfc0fa.js?conditionId0=423140
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tdb/public-ca/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-72.sin2.r.cloudfront.net
Software: CloudFront /
Resource Hash: 3419780f825800a9a73c6afd5a23ce681cdb40c853973df484cfbe562d615cd1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 22:12:24 GMT
x-amz-version-id: CZtZCGgUnIbh89k5KNxDQXqdZN5SaAn3
content-encoding: gzip
via: 1.1 c8c43b7bd0e92cbb9fbe171dc985f060.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-C1
age: 573559
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 09 Feb 2023 21:47:05 GMT
server: CloudFront
etag: W/"a88bd8c1710c24d4c562c17f0f91eec1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: eGjYEZ2DplHPvesb-pILaTu3VnSWDQCNKpAVZEXwZHUj_fpZMoIiQw==

GET
H2 200 53806121fbcecf081a714e6527577c95.js Show response
nexus.ensighten.com/tdb/public-ca/code/ 2 KB
823 B 8ms
7ms Script
application/javascript 54.192.150.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/tdb/public-ca/code/53806121fbcecf081a714e6527577c95.js?conditionId0=4841570
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tdb/public-ca/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-72.sin2.r.cloudfront.net
Software: CloudFront /
Resource Hash: 3b30c57fee08b8710ae3ec4a4f44cab038c7c238fbef21adf60791b6af5d3190

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:14:39 GMT
x-amz-version-id: nc.xF8GSNlB.1f8m0QghLrowiumo0LJk
content-encoding: br
via: 1.1 c8c43b7bd0e92cbb9fbe171dc985f060.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-C1
age: 796623
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Dec 2022 18:16:52 GMT
server: CloudFront
etag: W/"e9606fc127291df4b34091477c116c44"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: UaxU_F1NETEisrfftd2e9Evv3C7AyrBiCQ3qtqPppM1tXu2fJuDHpA==

GET
H2 200 e5276288d948078f4ec1dc417fdf0e2b.js Show response
nexus.ensighten.com/tdb/public-ca/code/ 3 KB
1 KB 9ms
8ms Script
application/javascript 54.192.150.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/tdb/public-ca/code/e5276288d948078f4ec1dc417fdf0e2b.js?conditionId0=505813
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tdb/public-ca/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-72.sin2.r.cloudfront.net
Software: CloudFront /
Resource Hash: bde0dcec69fee23a4d9549a2c5a935a8a831c8f8d5019576b7047ce5d7214064

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 20:36:31 GMT
x-amz-version-id: pyKMxTyKEGvgy7OmAcU_nIJaWSBQVguQ
content-encoding: gzip
via: 1.1 c8c43b7bd0e92cbb9fbe171dc985f060.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-C1
age: 1788912
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 29 Jul 2021 20:32:17 GMT
server: CloudFront
etag: W/"65bc8d3a30a05124edd12469e8a3a745"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: rC_oC7HGJl6O4PZgv4IiQHEr135DAFi2nl113xBtyurbMAEac87CVA==

GET
H2 200 132b94a24d0c2c50efae315c8d66deb4.js Show response
nexus.ensighten.com/tdb/public-ca/code/ 687 B
1 KB 8ms
7ms Script
application/javascript 54.192.150.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/tdb/public-ca/code/132b94a24d0c2c50efae315c8d66deb4.js?conditionId0=1218305
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tdb/public-ca/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-72.sin2.r.cloudfront.net
Software: CloudFront /
Resource Hash: dc4c8b4269817a4028f65fb34d0cf7410050c6e58aeb82aa9fb067e7d85b3f65

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 18:32:47 GMT
x-amz-version-id: qJZnEEBmjCokGtURZx0GHfXGqM7E8Fr5
via: 1.1 c8c43b7bd0e92cbb9fbe171dc985f060.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-C1
age: 2919536
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 687
last-modified: Wed, 07 Dec 2022 18:16:52 GMT
server: CloudFront
etag: "ee74c5f299abbb748fff1fa82a992117"
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: MwVGww-XSqhHOBwJdmRsAwd9A_6MAsTFuEcammEtfxm-dF8b1d_J4Q==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 111 KB
44 KB 23ms
11ms Script
application/javascript 2404:6800:4003:c05::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6974241

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tdb/public-ca/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

df6df090a7128e114a0f08b26a08c0378db2203a544741597780d9064a23e9bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:31:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44353
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 Feb 2023 13:31:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 192 KB
67 KB 28ms
17ms Script
application/javascript 2404:6800:4003:c05::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1029090628

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tdb/public-ca/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

07b755763c387218c31997464b34c437400229d0876f5d4c09b140f931b0b432

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:31:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68940
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 Feb 2023 13:31:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 111 KB
43 KB 31ms
24ms Script
application/javascript 2404:6800:4003:c05::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6868520&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6974241

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

730aeeb7f1415c535be0ca0c33415242065e6021f88690501a4330f22ff59c6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:31:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44369
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 Feb 2023 13:31:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 111 KB
43 KB 16ms
9ms Script
application/javascript 2404:6800:4003:c05::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6835781&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6974241

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

639ac24436be6ea57e40a0983eb05cecae1aa8da5fbfc98815381f7d20c9bae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:31:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44365
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 Feb 2023 13:31:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 111 KB
43 KB 28ms
21ms Script
application/javascript 2404:6800:4003:c05::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6868312&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6974241

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e62cd1a9f5640f2383476b5d861217ab95f3deacaaa99f22750ac887cedf7f81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:31:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44366
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 Feb 2023 13:31:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 111 KB
43 KB 22ms
16ms Script
application/javascript 2404:6800:4003:c05::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6868519&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6974241

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8cb53a2d0d9445493e187c2a908c2e8c2cada4164033f9888ba3d46c1c36f93f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:31:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44366
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 Feb 2023 13:31:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 111 KB
43 KB 35ms
29ms Script
application/javascript 2404:6800:4003:c05::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6867344&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6974241

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

762dbd6276d1d3e6c2fae8d78bb9b3ff5744eaff90972a846649280af18d00e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:31:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44366
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 Feb 2023 13:31:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 111 KB
43 KB 32ms
25ms Script
application/javascript 2404:6800:4003:c05::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6868105&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6974241

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1198988b83ca7988b5c02b6145567b98b3d42d1e534fd50a27a04283b5bec97a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:31:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44366
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 Feb 2023 13:31:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 111 KB
43 KB 39ms
33ms Script
application/javascript 2404:6800:4003:c05::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6868503&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6974241

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

65d2ee594e960bc99076bb661cfc25eedc9c4c0d26575ec278a3a12b52fd68a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:31:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44365
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 Feb 2023 13:31:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 111 KB
43 KB 38ms
32ms Script
application/javascript 2404:6800:4003:c05::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6871112&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6974241

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0485242c27c73fe350b025a3ca7f4b28e7771ab6b14827e5e9915526a1328e18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:31:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44365
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 Feb 2023 13:31:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 111 KB
43 KB 40ms
34ms Script
application/javascript 2404:6800:4003:c05::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6868104&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6974241

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b5336040c9a6931a9648d63b9db69bd5cd100f25ab9abe83a4e13b32a5ffd17d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:31:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44364
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 Feb 2023 13:31:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 111 KB
43 KB 23ms
18ms Script
application/javascript 2404:6800:4003:c05::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6868106&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6974241

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f173a09278e7d0dd54d5e2f7a30e5ce66c9421eb5208e4c9bded6d28c9214d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:31:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44364
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 Feb 2023 13:31:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 111 KB
43 KB 52ms
46ms Script
application/javascript 2404:6800:4003:c05::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6871114&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6974241

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f17844ee96d8deee40595b61e230182d4b726e7d66d0a49962e3b7e176648ecd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:31:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44365
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 Feb 2023 13:31:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 111 KB
43 KB 60ms
56ms Script
application/javascript 2404:6800:4003:c05::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6868309&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6974241

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1408a754490f23f259fd0126395c94f030f4a806b21beaadcf1090c8e3b332dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:31:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44366
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 Feb 2023 13:31:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 111 KB
43 KB 62ms
58ms Script
application/javascript 2404:6800:4003:c05::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6102339&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6974241

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c5db9d2ee99b5105f0ff09468f0616565745c833490ce0bbc88896eb40f4cf96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:31:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44365
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 Feb 2023 13:31:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 111 KB
43 KB 53ms
49ms Script
application/javascript 2404:6800:4003:c05::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-5322602&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6974241

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0521b56d822fc3c4ebbe224988004cc042921eadbfbe5a5a6d7a7aa006467dbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:31:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44367
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 Feb 2023 13:31:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 179 KB
65 KB 45ms
41ms Script
application/javascript 2404:6800:4003:c05::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-973175160&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6974241

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c0bb446250cac648d324fba1c1107aba165d17056419a8bb17cf2dc315708de3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:31:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66132
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 Feb 2023 13:31:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 173 KB
63 KB 49ms
45ms Script
application/javascript 2404:6800:4003:c05::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-986405607&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6974241

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0f40202f475781ad7acfdce82c5aa79e1809100b532af513736431a9c8cd2c9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:31:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64783
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 Feb 2023 13:31:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 173 KB
63 KB 58ms
54ms Script
application/javascript 2404:6800:4003:c05::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1028536181&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6974241

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0e30a67ef606ad73ce659a398524ea2a6b39d92df64137f33f186a7e51e8c5be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:31:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64826
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 Feb 2023 13:31:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 175 KB
64 KB 63ms
60ms Script
application/javascript 2404:6800:4003:c05::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-980723526&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6974241

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1d36506a57ecd85c38358b46841ebd5029ef9bfe7ed1e1ef4134f7dc07afe639

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:31:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65396
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 Feb 2023 13:31:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 192 KB
67 KB 41ms
38ms Script
application/javascript 2404:6800:4003:c05::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-707912219&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6974241

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f9cf35318aaf5b196c21cc34d519c243aed95474d298ce438727d299e9343892

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:31:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68972
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 Feb 2023 13:31:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 192 KB
67 KB 54ms
51ms Script
application/javascript 2404:6800:4003:c05::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1029090628&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6974241

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5e7ede88dfed685c223be49b44acef42e117639342fa63a256faf955e5911557

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:31:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68964
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 Feb 2023 13:31:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 179 KB
65 KB 38ms
35ms Script
application/javascript 2404:6800:4003:c05::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-624489921&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6974241

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7e4c5ae8867546ea5c0bb72caf8cb9fdc77a3ac1a6f49725ad6a8a2ad7e5a705

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:31:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66129
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 Feb 2023 13:31:42 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/707912219/ 2 KB
1 KB 26ms
14ms Script
text/javascript 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/707912219/?random=1676554302377&cv=11&fst=1676554302377&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page&tiba=TD%20Rewards&auid=406728175.1676554302&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1029090628

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e558ea3d70636d5dbe91f8468d6087ca1f01d2b4e8e7664795d7428ac051cef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 13:31:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 875
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/449593252/ 2 KB
1 KB 19ms
13ms Script
text/javascript 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/449593252/?random=1676554302398&cv=11&fst=1676554302398&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page&tiba=TD%20Rewards&auid=406728175.1676554302&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1029090628

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9aeb6cad80e7763a4b59134ed01ee6313531b075e1ca63b17cf934d492a8c6f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 13:31:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 876
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1029090628/ 2 KB
1 KB 14ms
12ms Script
text/javascript 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1029090628/?random=1676554302406&cv=11&fst=1676554302406&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page&tiba=TD%20Rewards&auid=406728175.1676554302&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1029090628

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

313c3bc827cd5d8d6cffb1c681408a38aab008a12882c1bf7b42ad8d450a9fbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 13:31:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 877
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dest5.html Show response
td.demdex.net/ Frame 4D7C 7 KB
3 KB 21ms
5ms Document
text/html 52.74.236.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://td.demdex.net/dest5.html?d_nsid=0

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tdb/public-ca/Bootstrap.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.74.236.208 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-74-236-208.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.tdrewards.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-apse-1-v043-00b453c2c.edge-apse.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: aLJfaE9MQIQ=
content-encoding: gzip
date: Thu, 16 Feb 2023 13:31:42 GMT
last-modified: Wed, 8 Feb 2023 11:10:32 GMT
vary: accept-encoding

GET
H2 200 id Show response
smetrics.td.com/ 48 B
467 B 192ms
161ms XHR
application/x-javascript 104.81.138.27
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.td.com/id?d_visid_ver=5.0.1&d_fieldgroup=A&mcorgid=A783776A5245B1E50A490D44%40AdobeOrg&mid=02035324512203471391771226136983157623&ts=1676554302503

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.81.138.27 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-81-138-27.deploy.static.akamaitechnologies.com

Software

jag /

Resource Hash

730a444ef382257b4f05f6dfd84b1477b74488b8e00e2a18f0e6b8186401468a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tdrewards.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 13:31:42 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
server: jag
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://www.tdrewards.com
p3p: CP="This is not a P3P policy"
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 48
x-xss-protection: 1; mode=block
expires: Thu, 16 Feb 2023 13:31:42 GMT

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=Y_4wPwAAAIKBkQN9
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=01937205230809454571799052450619272517
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y_4wPwAAAIKBkQN9

42 B
942 B

7ms
6ms

Image
image/gif

13.250.236.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y_4wPwAAAIKBkQN9

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

HTTP/1.1

Server

13.250.236.77 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-250-236-77.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS: dcs-prod-apse-2-v043-0b8142c89.edge-apse.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: uZUX+DqwR1k=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y_4wPwAAAIKBkQN9
Date: Thu, 16 Feb 2023 13:31:43 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H2 200 delivery Show response
tdbankfinancialgroup.tt.omtrdc.net/rest/v1/ 363 B
724 B 63ms
46ms XHR
application/json 52.220.75.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tdbankfinancialgroup.tt.omtrdc.net/rest/v1/delivery?client=tdbankfinancialgroup&sessionId=edc6bdf8ad4b4d2bb70ffe95010aba08&version=2.3.1
Requested by: Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.220.75.199 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-220-75-199.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 3fb46196c59b803db0e641aba0b51b24d70879f45520cd9ab9d82a170981744b

Request headers

Referer: https://www.tdrewards.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 16 Feb 2023 13:31:42 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.tdrewards.com
access-control-allow-credentials: true
timing-allow-origin: *
x-request-id: 91004d1bae77ef4476390c15434f356d

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/624489921/ 2 KB
1 KB 30ms
29ms Script
text/javascript 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/624489921/?random=1676554302601&cv=11&fst=1676554302601&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page&tiba=TD%20Rewards&auid=406728175.1676554302&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-624489921&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8f55f018a310821aedf45ff61deef6c9a96e2dec628f01f71e254789230268b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 13:31:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 874
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/973175160/ 2 KB
900 B 94ms
93ms Script
text/javascript 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/973175160/?random=1676554302637&cv=11&fst=1676554302637&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page&tiba=TD%20Rewards&auid=406728175.1676554302&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-973175160&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40539237359c1efd9939ef5a917816ca9e1e3c86dcaae458ed4b835c41754ff5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 13:31:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 876
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/986405607/ 2 KB
901 B 17ms
17ms Script
text/javascript 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/986405607/?random=1676554302690&cv=11&fst=1676554302690&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page&tiba=TD%20Rewards&auid=406728175.1676554302&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-986405607&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec5df636e33eeb3bbdff36280ff508935e474f299b687b58bc5aa52855e8e078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 13:31:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 877
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/449593252/ 42 B
455 B 24ms
9ms Image
image/gif 2404:6800:4003:c11::63
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/449593252/?random=1676554302398&cv=11&fst=1676552400000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page&tiba=TD%20Rewards&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4066956096&rmt_tld=0&ipr=y

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::63 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 13:31:42 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com.sg/pagead/1p-user-list/449593252/ 42 B
108 B 26ms
11ms Image
image/gif 2404:6800:4003:c0f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/pagead/1p-user-list/449593252/?random=1676554302398&cv=11&fst=1676552400000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page&tiba=TD%20Rewards&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4066956096&rmt_tld=1&ipr=y

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 13:31:42 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/707912219/ 42 B
108 B 25ms
13ms Image
image/gif 2404:6800:4003:c11::63
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/707912219/?random=1676554302377&cv=11&fst=1676552400000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page&tiba=TD%20Rewards&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4138375123&rmt_tld=0&ipr=y

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::63 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 13:31:42 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com.sg/pagead/1p-user-list/707912219/ 42 B
455 B 23ms
10ms Image
image/gif 2404:6800:4003:c0f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/pagead/1p-user-list/707912219/?random=1676554302377&cv=11&fst=1676552400000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page&tiba=TD%20Rewards&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4138375123&rmt_tld=1&ipr=y

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 13:31:42 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1028536181/ 2 KB
901 B 59ms
58ms Script
text/javascript 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1028536181/?random=1676554302729&cv=11&fst=1676554302729&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page&tiba=TD%20Rewards&auid=406728175.1676554302&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1028536181&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0807a23e3481f1e98a783280c9a7a7f5cc5e1e16071f9b9cb860aa55a4f6afb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 13:31:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 877
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/980723526/ 2 KB
898 B 92ms
91ms Script
text/javascript 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/980723526/?random=1676554302754&cv=11&fst=1676554302754&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page&tiba=TD%20Rewards&auid=406728175.1676554302&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-980723526&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43097e50144651ec70a871b631d97fedaf2b106a2854dcb6dcc9a09292befb1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 13:31:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 874
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1029090628/ 42 B
108 B 13ms
12ms Image
image/gif 2404:6800:4003:c11::63
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1029090628/?random=1676554302406&cv=11&fst=1676552400000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page&tiba=TD%20Rewards&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2545673775&rmt_tld=0&ipr=y

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::63 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 13:31:42 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com.sg/pagead/1p-user-list/1029090628/ 42 B
108 B 10ms
9ms Image
image/gif 2404:6800:4003:c0f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/pagead/1p-user-list/1029090628/?random=1676554302406&cv=11&fst=1676552400000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page&tiba=TD%20Rewards&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2545673775&rmt_tld=1&ipr=y

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 13:31:42 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 s65165101377370 Show response
smetrics.td.com/b/ss/tdtdct,tdglobal/10/JS-2.20.0/ 5 KB
2 KB 280ms
279ms Script
application/x-javascript 104.81.138.27
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.td.com/b/ss/tdtdct,tdglobal/10/JS-2.20.0/s65165101377370?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=16%2F1%2F2023%2013%3A31%3A42%204%200&d.&nsid=0&jsonv=1&.d&sdid=55BADE1A1A49423B-6A6FAAE209E04253&mid=02035324512203471391771226136983157623&aamlh=3&ce=UTF-8&ns=tdbank&pageName=%2Fwww.tdrewards.com%2Fhome-page&g=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page&server=www.tdrewards.com&events=event1&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&v1=D%3DpageName&v3=1&c4=9%3A30AM&v4=1&c5=Thursday&v5=1&c6=Weekday&c12=not-authenticated&c13=New&v18=D%3Dc4&v19=D%3Dc5&c20=D%3Ds_vi&v20=D%3Dc6&c21=D%3DUser-Agent&v32=D%3Dc12&v33=D%3Dc13&v39=D%3Ds_vi&v68=D%3Dc21&c70=tdtdct%2Ctdglobal&c71=02035324512203471391771226136983157623&c74=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page&c75=AppMeasurement%20-%202.20.0&v94=02035324512203471391771226136983157623&v151=D%3Dmid&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=A783776A5245B1E50A490D44%40AdobeOrg&AQE=1

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.81.138.27 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-81-138-27.deploy.static.akamaitechnologies.com

Software

jag /

Resource Hash

7500e14cd0f47f81650862c2ec5e57ba9788ab694467b98064a412d920ddbb7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-aam-tid: qJrHypfJRHg=
date: Thu, 16 Feb 2023 13:31:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=86400
p3p: CP="This is not a P3P policy"
content-length: 1547
x-xss-protection: 1; mode=block
dcs: dcs-prod-apse-2-v043-0850de994.edge-apse.demdex.com 5 ms
pragma: no-cache
last-modified: Fri, 17 Feb 2023 13:31:42 GMT
server: jag
etag: 3600372950349742080-4619647246656634174
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
expires: Thu, 16 Feb 2023 13:31:43 GMT

GET
H/1.1

200
OK

ibs:dpid=21&dpuuid=232513304429010031268
dpm.demdex.net/ Frame 4D7C
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9211132908&aam=01937205230809454571799052450619272517
https://dpm.demdex.net/ibs:dpid=21&dpuuid=232513304429010031268

42 B
942 B

7ms
7ms

Image
image/gif

13.250.236.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=21&dpuuid=232513304429010031268

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

HTTP/1.1

Server

13.250.236.77 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-250-236-77.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS: dcs-prod-apse-1-v043-08dc53168.edge-apse.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: wi+hzYqWTyY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Thu, 16 Feb 2023 13:31:43 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://dpm.demdex.net/ibs:dpid=21&dpuuid=232513304429010031268
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/624489921/ 42 B
64 B 9ms
8ms Image
image/gif 2404:6800:4003:c11::63
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/624489921/?random=1676554302601&cv=11&fst=1676552400000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page&tiba=TD%20Rewards&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2811926680&rmt_tld=0&ipr=y

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::63 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 13:31:42 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com.sg/pagead/1p-user-list/624489921/ 42 B
64 B 12ms
11ms Image
image/gif 2404:6800:4003:c0f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/pagead/1p-user-list/624489921/?random=1676554302601&cv=11&fst=1676552400000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page&tiba=TD%20Rewards&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2811926680&rmt_tld=1&ipr=y

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 13:31:42 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/973175160/ 42 B
64 B 10ms
9ms Image
image/gif 2404:6800:4003:c11::63
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/973175160/?random=1676554302637&cv=11&fst=1676552400000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page&tiba=TD%20Rewards&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4147515668&rmt_tld=0&ipr=y

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::63 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 13:31:42 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com.sg/pagead/1p-user-list/973175160/ 42 B
64 B 12ms
10ms Image
image/gif 2404:6800:4003:c0f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/pagead/1p-user-list/973175160/?random=1676554302637&cv=11&fst=1676552400000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page&tiba=TD%20Rewards&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4147515668&rmt_tld=1&ipr=y

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 13:31:42 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/986405607/ 42 B
64 B 12ms
11ms Image
image/gif 2404:6800:4003:c11::63
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/986405607/?random=1676554302690&cv=11&fst=1676552400000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page&tiba=TD%20Rewards&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3851280850&rmt_tld=0&ipr=y

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::63 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 13:31:42 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com.sg/pagead/1p-user-list/986405607/ 42 B
64 B 12ms
11ms Image
image/gif 2404:6800:4003:c0f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/pagead/1p-user-list/986405607/?random=1676554302690&cv=11&fst=1676552400000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page&tiba=TD%20Rewards&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3851280850&rmt_tld=1&ipr=y

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 13:31:42 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1028536181/ 42 B
64 B 14ms
12ms Image
image/gif 2404:6800:4003:c11::63
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1028536181/?random=1676554302729&cv=11&fst=1676552400000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page&tiba=TD%20Rewards&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3697685455&rmt_tld=0&ipr=y

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::63 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 13:31:42 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com.sg/pagead/1p-user-list/1028536181/ 42 B
64 B 13ms
11ms Image
image/gif 2404:6800:4003:c0f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/pagead/1p-user-list/1028536181/?random=1676554302729&cv=11&fst=1676552400000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page&tiba=TD%20Rewards&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3697685455&rmt_tld=1&ipr=y

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 13:31:42 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/980723526/ 42 B
64 B 10ms
10ms Image
image/gif 2404:6800:4003:c11::63
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/980723526/?random=1676554302754&cv=11&fst=1676552400000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page&tiba=TD%20Rewards&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3347313353&rmt_tld=0&ipr=y

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::63 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 13:31:42 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com.sg/pagead/1p-user-list/980723526/ 42 B
64 B 11ms
10ms Image
image/gif 2404:6800:4003:c0f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/pagead/1p-user-list/980723526/?random=1676554302754&cv=11&fst=1676552400000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page&tiba=TD%20Rewards&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3347313353&rmt_tld=1&ipr=y

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 13:31:42 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=269&dpuuid=206c63ee-303f-4500-9769-6c53b054b467&ddsuuid=01937205230809454571799052450619272517
dpm.demdex.net/ Frame 4D7C
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=01937205230809454571799052450619272517&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d01937205230809...
https://dpm.demdex.net/ibs:dpid=269&dpuuid=206c63ee-303f-4500-9769-6c53b054b467&ddsuuid=01937205230809454571799052450619272517

42 B
942 B

7ms
6ms

Image
image/gif

13.250.236.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=269&dpuuid=206c63ee-303f-4500-9769-6c53b054b467&ddsuuid=01937205230809454571799052450619272517

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

HTTP/1.1

Server

13.250.236.77 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-250-236-77.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS: dcs-prod-apse-1-v043-0276d6ee0.edge-apse.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: g0SVToYJQ+I=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date: Thu, 16 Feb 2023 13:31:43 GMT
Server: MT3 457 2362390 master hkg-pixel-x24 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://dpm.demdex.net/ibs:dpid=269&dpuuid=206c63ee-303f-4500-9769-6c53b054b467&ddsuuid=01937205230809454571799052450619272517
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 16 Feb 2023 13:31:42 GMT

GET
H/1.1

200
OK

ibs:dpid=358&dpuuid=5717618198874968751
dpm.demdex.net/ Frame 4D7C
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
https://dpm.demdex.net/ibs:dpid=358&dpuuid=5717618198874968751

42 B
942 B

6ms
5ms

Image
image/gif

13.250.236.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=358&dpuuid=5717618198874968751

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

HTTP/1.1

Server

13.250.236.77 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-250-236-77.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS: dcs-prod-apse-1-v043-0276d6ee0.edge-apse.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: x/aBF11cQns=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date: Thu, 16 Feb 2023 13:31:44 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 103.254.153.207; 103.254.153.207; 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: f227c95a-e329-43f2-96dd-c3c78ebeeeb8
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dpm.demdex.net/ibs:dpid=358&dpuuid=5717618198874968751
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 4D7C 0
706 B 28ms
7ms Image
text/plain 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=6404&puid=01937205230809454571799052450619272517&gdpr=0&gdpr_consent=
Requested by: Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: d335433bbbe0efeac67146df47932f6f
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ibs:dpid=540&dpuuid=febec45b-c047-4028-adb7-313208e96c81
dpm.demdex.net/ Frame 4D7C
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D540%26dpuuid%3D%24%7BTA_DEVICE_ID%7D&partner_device_id=01937205230809454571799052450...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=ADB&partner_url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D540%26dpuuid%3D%24%7BTA_DEVICE_ID%7D&partner_device_id=01937205230809454571799...
https://dpm.demdex.net/ibs:dpid=540&dpuuid=febec45b-c047-4028-adb7-313208e96c81

42 B
943 B

15ms
15ms

Image
image/gif

13.250.236.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=540&dpuuid=febec45b-c047-4028-adb7-313208e96c81

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

HTTP/1.1

Server

13.250.236.77 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-250-236-77.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS: dcs-prod-apse-1-v043-0b4f34a6e.edge-apse.demdex.com 11 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: NZRHMvVMS+0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Thu, 16 Feb 2023 13:31:43 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://dpm.demdex.net/ibs:dpid=540&dpuuid=febec45b-c047-4028-adb7-313208e96c81
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

ibs:dpid=601&dpuuid=212103185677670&random=1676554304
dpm.demdex.net/ Frame 4D7C
Redirect Chain

https://dp2.33across.com/ps/?pid=897&random=1711547665
https://dpm.demdex.net/ibs:dpid=601&dpuuid=212103185677670&random=1676554304

42 B
942 B

7ms
7ms

Image
image/gif

13.250.236.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=601&dpuuid=212103185677670&random=1676554304

Protocol

HTTP/1.1

Server

13.250.236.77 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-250-236-77.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS: dcs-prod-apse-2-v043-0767302f3.edge-apse.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: N4SJ8xXFSAE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Thu, 16 Feb 2023 13:31:43 GMT
referrer-policy: unsafe-url
server: 33XP016
x-33x-status: 200004000C
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://dpm.demdex.net/ibs:dpid=601&dpuuid=212103185677670&random=1676554304
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESECSLYUsMac3VLPW1cGpvMTQ&google_cver=1
dpm.demdex.net/ Frame 4D7C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MDE5MzcyMDUyMzA4MDk0NTQ1NzE3OTkwNTI0NTA2MTkyNzI1MTc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESECSLYUsMac3VLPW1cGpvMTQ&google_cver=1?gdpr=0&gdpr_consent=

42 B
942 B

7ms
7ms

Image
image/gif

13.250.236.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESECSLYUsMac3VLPW1cGpvMTQ&google_cver=1?gdpr=0&gdpr_consent=

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

HTTP/1.1

Server

13.250.236.77 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-250-236-77.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS: dcs-prod-apse-1-v043-0ba003d1b.edge-apse.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: r6zte6GTRqQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Thu, 16 Feb 2023 13:31:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESECSLYUsMac3VLPW1cGpvMTQ&google_cver=1?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 weblysleekuisl-webfont.woff2
www.tdrewards.com/templates/active/static/fonts/ 21 KB
21 KB 270ms
270ms Font
font/woff2 45.60.67.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tdrewards.com/templates/active/static/fonts/weblysleekuisl-webfont.woff2

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/templates/active/static/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.67.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

8adf7be5e4b8e09896eb13e9eaa409a3bcf7d35a096c858127816cd520d8b13f

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Referer: https://www.tdrewards.com/templates/active/static/style.css
Origin: https://www.tdrewards.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:31:43 GMT
strict-transport-security: max-age=157680000
last-modified: Sat, 11 Feb 2023 01:30:30 GMT
x-cdn: Imperva
x-powered-by: Express
etag: W/"53e0-1863e185ef0"
content-type: font/woff2
x-iinfo: 12-10621650-10621654 PNNN RT(1676554300550 2345) q(0 0 0 -1) r(3 3) U5
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 21472

GET
H2 200 adsct
analytics.twitter.com/i/ Frame 4D7C 43 B
395 B 191ms
177ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_user_id=01937205230809454571799052450619272517&p_id=38594

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_k /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-response-time: 173
date: Thu, 16 Feb 2023 13:31:42 GMT
strict-transport-security: max-age=631138519
server: tsa_k
content-type: image/gif;charset=utf-8
x-transaction-id: d5ac6efb6d95e9f2
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: cdf32448a641eeeab6e075af3eedfeafb2dd9531310adcbf05c8de57870ec08f
content-length: 43

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 4D7C
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.everesttech.net%2F1x1%3F
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WV80d1B3QUFBSUtCa1FOOQ&url=/1/gr%3furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F&google_gid=CAESEBtMOC4R9TgTY8zpWDiHJ3k&google_cver=1
https://pixel.everesttech.net/1x1

128 B
796 B

4ms
4ms

Image
image/png

52.221.81.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Requested by: Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page
Protocol: HTTP/1.1
Server: 52.221.81.3 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-221-81-3.ap-southeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 16 Feb 2023 13:31:43 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b521-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type: image/png
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Thu, 16 Feb 2023 13:31:43 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 4D7C
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072980%26val%3D__EFGSURFER__.__EFGCK__
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WV80d1B3QUFBSUtCa1FOOQ&url=/1/gr%3furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEB...
https://pixel.everesttech.net/1x1

128 B
691 B

4ms
4ms

Image
image/png

52.221.81.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Requested by: Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page
Protocol: HTTP/1.1
Server: 52.221.81.3 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-221-81-3.ap-southeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 16 Feb 2023 13:31:43 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "36b6c2-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type: image/png
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Thu, 16 Feb 2023 13:31:43 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 4D7C
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fib.adnxs.com%2Fpxj%3Faction%3Dsetuid(%27__EFGSURFER__.__EFGCK__%27)%26bidder%3D51%26seg%3D2634060der%3D51%26seg%3D2634060
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WV80d1B3QUFBSUtCa1FOOQ&url=/1/gr%3furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%25...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D26...
https://pixel.everesttech.net/1x1

128 B
691 B

4ms
4ms

Image
image/png

52.221.81.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Requested by: Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page
Protocol: HTTP/1.1
Server: 52.221.81.3 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-221-81-3.ap-southeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 16 Feb 2023 13:31:43 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b51c-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type: image/png
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Thu, 16 Feb 2023 13:31:43 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 4D7C
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fexpires%3D30%26nid%3D2181%26put%3D__EFGSURFER__.__EFGCK__%26v%3D11782
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WV80d1B3QUFBSUtCa1FOOQ&url=/1/gr%3furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpir...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2...
https://pixel.everesttech.net/1x1

128 B
691 B

5ms
5ms

Image
image/png

52.221.81.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Requested by: Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page
Protocol: HTTP/1.1
Server: 52.221.81.3 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-221-81-3.ap-southeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 16 Feb 2023 13:31:43 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "36b521-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type: image/png
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Thu, 16 Feb 2023 13:31:43 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 4D7C
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%3D%26piggybackCookie%3D__EFGSURFER__.__EFGCK__
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WV80d1B3QUFBSUtCa1FOOQ&url=/1/gr%3furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fv...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggyb...
https://pixel.everesttech.net/1x1

128 B
691 B

4ms
4ms

Image
image/png

52.221.81.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Requested by: Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page
Protocol: HTTP/1.1
Server: 52.221.81.3 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-221-81-3.ap-southeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 16 Feb 2023 13:31:44 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b521-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type: image/png
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Thu, 16 Feb 2023 13:31:44 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

ibs:dpid=1175&gdpr=0&dpuuid=9iPWsvMgh-ftIoK18HSe4PYmhu7tJ4HlpSOs2w9Y
dpm.demdex.net/ Frame 4D7C
Redirect Chain

https://cms.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=9iPWsvMgh-ftIoK18HSe4PYmhu7tJ4HlpSOs2w9Y

42 B
942 B

6ms
6ms

Image
image/gif

13.250.236.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=9iPWsvMgh-ftIoK18HSe4PYmhu7tJ4HlpSOs2w9Y

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

HTTP/1.1

Server

13.250.236.77 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-250-236-77.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS: dcs-prod-apse-2-v043-0a8596cb8.edge-apse.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: KPSrhCE9QLM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Thu, 16 Feb 2023 13:31:44 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=9iPWsvMgh-ftIoK18HSe4PYmhu7tJ4HlpSOs2w9Y
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=1957&dpuuid=27A650045F396E2B22F042BE5E386F57
dpm.demdex.net/ Frame 4D7C
Redirect Chain

https://c.bing.com/c.gif?uid=01937205230809454571799052450619272517&Red3=MSAdobe_pd&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=27A650045F396E2B22F042BE5E386F57

42 B
942 B

7ms
7ms

Image
image/gif

13.250.236.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=1957&dpuuid=27A650045F396E2B22F042BE5E386F57

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

HTTP/1.1

Server

13.250.236.77 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-250-236-77.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS: dcs-prod-apse-2-v043-035c59223.edge-apse.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: ixNm3Au+Tgo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Thu, 16 Feb 2023 13:31:44 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 01D644817B7D4850940556D8772F00CC Ref B: SIN30EDGE0111 Ref C: 2023-02-16T13:31:44Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://dpm.demdex.net/ibs:dpid=1957&dpuuid=27A650045F396E2B22F042BE5E386F57
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 4D7C
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D71%26external_user_id%3D__EFGSURFER__.__EFGCK__
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WV80d1B3QUFBSUtCa1FOOQ&url=/1/gr%3furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__&google_...
https://pixel.everesttech.net/1x1

128 B
691 B

4ms
4ms

Image
image/png

52.221.81.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Requested by: Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page
Protocol: HTTP/1.1
Server: 52.221.81.3 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-221-81-3.ap-southeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 16 Feb 2023 13:31:44 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "36b67e-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type: image/png
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Thu, 16 Feb 2023 13:31:44 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

ibs:dpid=22054
dpm.demdex.net/ Frame 4D7C
Redirect Chain

https://a.tribalfusion.com/i.match?p=b13&u=01937205230809454571799052450619272517&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$
https://s.tribalfusion.com/z/i.match?p=b13&u=01937205230809454571799052450619272517&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$
https://dpm.demdex.net/ibs:dpid=22054

42 B
956 B

5ms
5ms

Image
image/gif

13.250.236.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=22054

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

HTTP/1.1

Server

13.250.236.77 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-250-236-77.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS: dcs-prod-apse-1-v043-0b35213b9.edge-apse.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: gO7RgBZlTow=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error: 300
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Thu, 16 Feb 2023 13:31:44 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 125
content-type: text/html
location: https://dpm.demdex.net/ibs:dpid=22054
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 79a6a533fd104c47-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=22052&dpuuid=3633646459608367170
dpm.demdex.net/ Frame 4D7C
Redirect Chain

https://ml314.com/utsync.ashx?eid=50112&et=0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID]
https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3633646459608367170

42 B
942 B

7ms
6ms

Image
image/gif

13.250.236.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3633646459608367170

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

HTTP/1.1

Server

13.250.236.77 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-250-236-77.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS: dcs-prod-apse-2-v043-036fdd517.edge-apse.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: CLO9eH/fQyo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Thu, 16 Feb 2023 13:31:44 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/html; charset=utf-8
location: https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3633646459608367170
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 185
expires: 0,Fri, 17 Feb 2023 08:31:44 GMT

GET
H/1.1

200
OK

ibs:dpid=30646
dpm.demdex.net/ Frame 4D7C
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=01937205230809454571799052450619272517&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-kGGKdThE2pF8jWFB0OV6eDkmbSEQhA_P0Yw-~A

42 B
942 B

7ms
6ms

Image
image/gif

13.250.236.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-kGGKdThE2pF8jWFB0OV6eDkmbSEQhA_P0Yw-~A

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

HTTP/1.1

Server

13.250.236.77 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-250-236-77.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS: dcs-prod-apse-2-v043-0a8596cb8.edge-apse.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: Sz+G4HhFTJw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Thu, 16 Feb 2023 13:31:44 GMT
strict-transport-security: max-age=31536000
via: http/1.1 spdc0104.pbp.sg3.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
content-type: text/html;charset=utf-8
location: https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-kGGKdThE2pF8jWFB0OV6eDkmbSEQhA_P0Yw-~A
content-length: 0

GET
H/1.1

200
OK

ibs:dpid=575&dpuuid=-7298207602752076725
dpm.demdex.net/ Frame 4D7C
Redirect Chain

https://fei.pro-market.net/engine?site=141472;size=1x1;mimetype=img;du=67;csync=01937205230809454571799052450619272517
https://dpm.demdex.net/ibs:dpid=575&dpuuid=-7298207602752076725

42 B
942 B

7ms
7ms

Image
image/gif

13.250.236.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=575&dpuuid=-7298207602752076725

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

HTTP/1.1

Server

13.250.236.77 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-250-236-77.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS: dcs-prod-apse-1-v043-05bc2a4b1.edge-apse.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: k8ykuQ6sR5w=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Thu, 16 Feb 2023 13:31:43 GMT
via: 1.1 google
server: Apache-Coyote/1.1
anserver: gapp4.c.datonics-gcp-01.internal
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: *
location: https://dpm.demdex.net/ibs:dpid=575&dpuuid=-7298207602752076725
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0
expires: Mon, 1 Jan 1990 0:0:0 GMT

GET
H/1.1

200
OK

ibs:dpid=53196&dpuuid=Q7298407041365979959
dpm.demdex.net/ Frame 4D7C
Redirect Chain

https://px.owneriq.net/eucm/p/adpq?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D53196%26dpuuid%3D(OIQ_UUID)
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdpm.demdex.net%2fibs%3adpid%3d53196%26dpuuid%3dQ7298407041365979959&uid=Q7298407041365979959&ref=%2Feucm%2Fp%2Fadpq
https://dpm.demdex.net/ibs:dpid=53196&dpuuid=Q7298407041365979959

42 B
942 B

6ms
6ms

Image
image/gif

13.250.236.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=53196&dpuuid=Q7298407041365979959

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

HTTP/1.1

Server

13.250.236.77 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-250-236-77.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS: dcs-prod-apse-2-v043-0a8596cb8.edge-apse.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: fpbm8ol7RfU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date: Thu, 16 Feb 2023 13:31:44 GMT
Server: Apache/2.4.6 (CentOS)
X-Powered-By: PHP/7.3.33
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://dpm.demdex.net/ibs:dpid=53196&dpuuid=Q7298407041365979959
Content-Type: text/html
Cache-Control: max-age=38835
Connection: keep-alive
Content-Length: 154

GET
H/1.1

200
OK

ibs:dpid=59982&dpuuid=
dpm.demdex.net/ Frame 4D7C
Redirect Chain

https://exchange.adstanding.com/partners/aam/sync.php
https://dpm.demdex.net/ibs:dpid=59982&dpuuid=

42 B
960 B

5ms
5ms

Image
image/gif

13.250.236.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=59982&dpuuid=

Protocol

HTTP/1.1

Server

13.250.236.77 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-250-236-77.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS: dcs-prod-apse-2-v043-02f7750fb.edge-apse.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: O7CmoZnbQzU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error: 300,104
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Thu, 16 Feb 2023 13:31:46 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
location: https://dpm.demdex.net/ibs:dpid=59982&dpuuid=
cache-control: no-store
expires: 0

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 4D7C
Redirect Chain

https://cm.everesttech.net/cm/yh
https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=Y_4wPwAAAIKBkQN9&sigv=1&esig=1~1d085748a8b5decad9ba3d49dd00b1410e883571

0
194 B

13ms
3ms

Image
text/plain

2406:2000:98:800::e6
YAHOO-HK2-AP inte...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=Y_4wPwAAAIKBkQN9&sigv=1&esig=1~1d085748a8b5decad9ba3d49dd00b1410e883571

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Server

2406:2000:98:800::e6 , Taiwan, ASN38032 (YAHOO-HK2-AP internet content provider, HK),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:31:45 GMT
strict-transport-security: max-age=15552000
cache-control: no-store
x-content-type-options: nosniff
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=Y_4wPwAAAIKBkQN9&sigv=1&esig=1~1d085748a8b5decad9ba3d49dd00b1410e883571
Date: Thu, 16 Feb 2023 13:31:45 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 4D7C
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433
https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433&dcc=t
https://dpm.demdex.net/ibs:dpid=139200&dpuuid=F55EiaROSLSyr86IlBbdoQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=01937205230809454571799052450619272517

43 B
479 B

276ms
276ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=01937205230809454571799052450619272517

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Feb 2023 13:31:47 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: AQRSYAW0T2KAYGCDGKRM
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS: dcs-prod-apse-1-v043-064094830.edge-apse.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: u4WBiVtyQv0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=01937205230809454571799052450619272517
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 _Incapsula_Resource
www.tdrewards.com/ 1 B
35 B 16ms
16ms Image
text/plain 45.60.67.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tdrewards.com/_Incapsula_Resource?SWKMTFSR=1&e=0.6103187272295387
Requested by: Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.67.34 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/home-page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 15ms
4ms Script
text/javascript 2404:6800:4003:c0f::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/vendors.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::65 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 16 Feb 2023 12:35:37 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 3370
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 16 Feb 2023 14:35:37 GMT

POST
H2 200 login Show response
www.tdrewards.com/api/userManagement/guestUser/ 489 B
1 KB 422ms
421ms XHR
application/json 45.60.67.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tdrewards.com/api/userManagement/guestUser/login

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.67.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / Express

Resource Hash

130d6b5bee8bc8ef2d8f366a7957d890213216c4dc8bad9de024f27fc159dfef

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=31536000, max-age=157680000, max-age=157680000
X-Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Accept-Language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
X-Frame-Options: DENY
Content-Type: application/json;charset=UTF-8
Accept: application/json, text/plain, */*
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Referer: https://www.tdrewards.com/home-page
X-XSS-Protection: 1

Response headers

expires: -1
date: Thu, 16 Feb 2023 13:31:47 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=31536000, max-age=157680000, max-age=157680000
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self'
x-permitted-cross-domain-policies: master-only
x-cdn: Imperva
x-powered-by: Express
x-iinfo: 12-10621650-10621897 PNNN RT(1676554300550 5915) q(0 0 0 -1) r(4 4) U5
x-xss-protection: 1; mode=block, 1; mode=block
pragma: no-cache
server: nginx/1.18.0 (Ubuntu)
x-download-options: noopen
x-frame-options: SAMEORIGIN, SAMEORIGIN, DENY
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, PATCH
content-type: application/json
access-control-allow-origin: https://www.tdrewards.com
cache-control: no-cache, private, max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, Accept, Authentication, Authorization, X-Requested-With, Access-Control-Allow-Credentials, Access-Control-Allow-Headers, Access-Control-Allow-Origin, Auth
x-content-security-policy: default-src 'self'

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 101ms
85ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tdb/public-ca/code/21d670707824fc8bcc8207d207cfc0fa.js?conditionId0=423140

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1d26490f083b209ef29e08d092649725edf15ac2b33ad62fdeaafd37f7d79d6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 16 Feb 2023 13:31:47 GMT
last-modified: Mon, 23 Jan 2023 19:59:24 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4A69AA59F39547D1AA3D768055D86303 Ref B: SIN30EDGE0111 Ref C: 2023-02-16T13:31:47Z
etag: "076bc30652fd91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11552

GET
H2 200 B10862916.145035458;sz=1x2;ord=341602161616 Show response
ad.doubleclick.net/ddm/adj/N307601.197812NSO.CODESRV/ 11 B
454 B 24ms
7ms Script
text/javascript 142.251.10.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N307601.197812NSO.CODESRV/B10862916.145035458;sz=1x2;ord=341602161616?

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tdb/public-ca/code/21d670707824fc8bcc8207d207cfc0fa.js?conditionId0=423140

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f149.1e100.net

Software

cafe /

Resource Hash

f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 13:31:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ 1 KB
1 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c0f::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::65 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:07:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1449
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 16 Feb 2023 14:07:38 GMT

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
950 B 6ms
5ms Script
text/javascript 2404:6800:4003:c0f::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::65 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:03:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1681
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 16 Feb 2023 14:03:46 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 8 B
355 B 15ms
5ms XHR
text/plain 2404:6800:4003:c11::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-7284910-1&cid=801093752.1676554307&jid=789929309&gjid=490430448&_gid=1160907833.1676554307&_u=aGBAiQIxBAAAAEAAs~&z=635685423

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

17bd1c297a7fd1221272d080053f887bb97c03bfc16d6f96bdd7f08bf87dbbd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tdrewards.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 16 Feb 2023 13:31:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tdrewards.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 4ms
4ms Image
image/gif 2404:6800:4003:c0f::65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1248621889&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page&dp=%2Fhome-page&ul=en-us&de=UTF-8&dt=TD%20Rewards&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAiQIxBAAAAAAAs~&jid=789929309&gjid=490430448&cid=801093752.1676554307&tid=UA-7284910-1&_gid=1160907833.1676554307&z=735734778

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::65 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 07:34:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 21408
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 10ms
10ms Image
image/gif 2404:6800:4003:c11::63
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-7284910-1&cid=801093752.1676554307&jid=789929309&_u=aGBAiQIxBAAAAEAAs~&z=1744423613

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::63 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 13:31:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com.sg/ads/ 42 B
63 B 9ms
9ms Image
image/gif 2404:6800:4003:c0f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-7284910-1&cid=801093752.1676554307&jid=789929309&_u=aGBAiQIxBAAAAEAAs~&z=1744423613

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 13:31:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 5188219.js Show response
bat.bing.com/p/action/ 0
118 B 286ms
286ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5188219.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Thu, 16 Feb 2023 13:31:47 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 59A8B82B880A451990A600D38D9B8D30 Ref B: SIN30EDGE0111 Ref C: 2023-02-16T13:31:47Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
347 B 67ms
66ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5188219&Ver=2&mid=86ca7fa9-45d7-4c6e-837c-b0ba090a0177&sid=42c58c20adfe11ed8aded1861b9e9025&vid=42c58fa0adfe11ed80378d9b4af1c4be&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=TD%20Rewards&kw=TD%20Rewards,%09Points,%09Loyalty,%09Expedia,%09Redeem,%09Gift%20Cards,%09Travel,%09Apple,%09FitBit&p=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page&r=&lt=5996&evt=pageLoad&sv=1&rn=730297

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 16 Feb 2023 13:31:47 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7B5882E67C394154A5144D0D0AA65375 Ref B: SIN30EDGE0111 Ref C: 2023-02-16T13:31:47Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 angular-locale_en-ca.js Show response
www.tdrewards.com/templates/active/static/i18n/ 3 KB
3 KB 274ms
274ms Script
application/javascript 45.60.67.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tdrewards.com/templates/active/static/i18n/angular-locale_en-ca.js

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/vendors.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.67.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

67563318f781475915e443fef24576ea64e5de5a80e7ab3fd6b967de15538dcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/home-page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:31:47 GMT
strict-transport-security: max-age=157680000
last-modified: Sat, 11 Feb 2023 01:30:30 GMT
x-cdn: Imperva
x-powered-by: Express
etag: W/"a9a-1863e185ef0"
content-type: application/javascript; charset=UTF-8
x-iinfo: 12-10621650-10621895 PNNN RT(1676554300550 6340) q(0 0 0 -1) r(3 3) U5
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 2714

GET
H2 200 product Show response
www.tdrewards.com/api/productManagement/ 8 KB
8 KB 401ms
401ms XHR
application/json 45.60.67.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tdrewards.com/api/productManagement/product?name=$250+Education+Credit

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.67.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / Express

Resource Hash

e927dcebecb2c550da9428ce3ef949d06bd75ec8116b3a9df83dc7ab63c1f04c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=31536000, max-age=157680000, max-age=157680000
X-Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Accept-Language: zh-SG,zh;q=0.9
Authorization: p4QKOUzCF0p6Ud2vn44EDDtISs1UzjP4Gj0HzGNSNire03H0DwEdBDlbFLxK0Pd3gjCuPNpCOjGZzg7stB5Y8GTnlfb8RDE3YmLkM1sAQekxs4Dawm2mpI7alpqjkvXH
X-Frame-Options: DENY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Accept: application/json, text/plain, */*
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Referer: https://www.tdrewards.com/home-page
X-XSS-Protection: 1

Response headers

expires: -1
date: Thu, 16 Feb 2023 13:31:47 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=31536000, max-age=157680000, max-age=157680000
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self'
x-permitted-cross-domain-policies: master-only
x-cdn: Imperva
x-powered-by: Express
x-iinfo: 12-10621650-10621654 PNNN RT(1676554300550 6347) q(0 0 0 -1) r(4 4) U5
x-xss-protection: 1; mode=block, 1; mode=block
pragma: no-cache
server: nginx/1.18.0 (Ubuntu)
x-download-options: noopen
x-frame-options: SAMEORIGIN, SAMEORIGIN, DENY
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, PATCH
content-type: application/json
access-control-allow-origin: https://www.tdrewards.com
cache-control: no-cache, private, max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, Accept, Authentication, Authorization, X-Requested-With, Access-Control-Allow-Credentials, Access-Control-Allow-Headers, Access-Control-Allow-Origin, Auth
x-content-security-policy: default-src 'self'

GET
H2 200 catalog Show response
www.tdrewards.com/api/productManagement/ 434 B
539 B 361ms
361ms XHR
application/json 45.60.67.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tdrewards.com/api/productManagement/catalog?program_id=1

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.67.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / Express

Resource Hash

c40b0b8b73b6b119800fdbdcb3446d2b8de94b8259ae69aba87bae0eebf1c971

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=31536000, max-age=157680000, max-age=157680000
X-Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Accept-Language: zh-SG,zh;q=0.9
Authorization: p4QKOUzCF0p6Ud2vn44EDDtISs1UzjP4Gj0HzGNSNire03H0DwEdBDlbFLxK0Pd3gjCuPNpCOjGZzg7stB5Y8GTnlfb8RDE3YmLkM1sAQekxs4Dawm2mpI7alpqjkvXH
X-Frame-Options: DENY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Accept: application/json, text/plain, */*
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Referer: https://www.tdrewards.com/home-page
X-XSS-Protection: 1

Response headers

expires: -1
date: Thu, 16 Feb 2023 13:31:47 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=31536000, max-age=157680000, max-age=157680000
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self'
x-permitted-cross-domain-policies: master-only
x-cdn: Imperva
x-powered-by: Express
x-iinfo: 12-10621650-10621900 PNNN RT(1676554300550 6349) q(0 1 1 -1) r(4 4) U5
x-xss-protection: 1; mode=block, 1; mode=block
pragma: no-cache
server: nginx/1.18.0 (Ubuntu)
x-download-options: noopen
x-frame-options: SAMEORIGIN, SAMEORIGIN, DENY
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, PATCH
content-type: application/json
access-control-allow-origin: https://www.tdrewards.com
cache-control: no-cache, private, max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, Accept, Authentication, Authorization, X-Requested-With, Access-Control-Allow-Credentials, Access-Control-Allow-Headers, Access-Control-Allow-Origin, Auth
x-content-security-policy: default-src 'self'

GET
H2 200 getRoutesLastUpdatedAt Show response
www.tdrewards.com/api/utilityManagement/ 549 B
692 B 2042ms
2042ms XHR
application/json 45.60.67.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tdrewards.com/api/utilityManagement/getRoutesLastUpdatedAt

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.67.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / Express

Resource Hash

5cc7e54f3bace2e81ff07f59248110381c153134f66ec3140ebac035c18a1506

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=31536000, max-age=157680000, max-age=157680000
X-Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Accept-Language: zh-SG,zh;q=0.9
Authorization: p4QKOUzCF0p6Ud2vn44EDDtISs1UzjP4Gj0HzGNSNire03H0DwEdBDlbFLxK0Pd3gjCuPNpCOjGZzg7stB5Y8GTnlfb8RDE3YmLkM1sAQekxs4Dawm2mpI7alpqjkvXH
X-Frame-Options: DENY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Accept: application/json, text/plain, */*
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Referer: https://www.tdrewards.com/home-page
X-XSS-Protection: 1

Response headers

expires: -1
date: Thu, 16 Feb 2023 13:31:49 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=31536000, max-age=157680000, max-age=157680000
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self'
x-permitted-cross-domain-policies: master-only
x-cdn: Imperva
x-powered-by: Express
x-iinfo: 12-10621650-10623079 NNNN CT(256 1047 0) RT(1676554300550 6355) q(0 0 13 -1) r(20 20) U5
x-xss-protection: 1; mode=block, 1; mode=block
pragma: no-cache
server: nginx/1.18.0 (Ubuntu)
x-download-options: noopen
x-frame-options: SAMEORIGIN, SAMEORIGIN, DENY
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, PATCH
content-type: application/json
access-control-allow-origin: https://www.tdrewards.com
cache-control: no-cache, private, max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, Accept, Authentication, Authorization, X-Requested-With, Access-Control-Allow-Credentials, Access-Control-Allow-Headers, Access-Control-Allow-Origin, Auth
x-content-security-policy: default-src 'self'

GET
H2 200 nr-1026.min.js Show response
js-agent.newrelic.com/ 22 KB
9 KB 102ms
32ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1026.min.js
Requested by: Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2d10816bada4d94734c1cb7e191ffb89ea7d9bb5c11b3e680f6b00c3a28d4e41

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 varnish
date: Thu, 16 Feb 2023 13:31:47 GMT
x-amz-request-id: TJGR7JX3S0EDK3MF
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 8844
x-amz-id-2: 9xzCNcgAue/Y1iXpfwa+FGOnVJKq+gwNC6CTS2z+PLZZ7yMDtasxXb7gWOR4CPuy5LxJYbO63xo=
x-served-by: cache-bkk2310023-BKK
last-modified: Wed, 28 Feb 2018 23:33:30 GMT
server: AmazonS3
x-timer: S1676554308.830663,VS0,VE0
etag: "230c916aaa9194e21891a639a9c2b8eb"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2

GET
H2

200

activityi;dc_pre=COWH2b-Tmv0CFYTQcwEd7OEOOA;src=6835781;type=tdrew0;cat=tdrew0;ord=1;num=9359702034594;gtm=45fe32f0;auiddc=406728175.1676554302;u1=02035324512203471391771226136983157623;~oref=https... Show response
6835781.fls.doubleclick.net/ Frame 4F68
Redirect Chain

https://6835781.fls.doubleclick.net/activityi;src=6835781;type=tdrew0;cat=tdrew0;ord=1;num=9359702034594;gtm=45fe32f0;auiddc=406728175.1676554302;u1=02035324512203471391771226136983157623;~oref=htt...
https://6835781.fls.doubleclick.net/activityi;dc_pre=COWH2b-Tmv0CFYTQcwEd7OEOOA;src=6835781;type=tdrew0;cat=tdrew0;ord=1;num=9359702034594;gtm=45fe32f0;auiddc=406728175.1676554302;u1=02035324512203...

4 KB
1 KB

16ms
16ms

Document
text/html

142.251.12.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6835781.fls.doubleclick.net/activityi;dc_pre=COWH2b-Tmv0CFYTQcwEd7OEOOA;src=6835781;type=tdrew0;cat=tdrew0;ord=1;num=9359702034594;gtm=45fe32f0;auiddc=406728175.1676554302;u1=02035324512203471391771226136983157623;~oref=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6835781&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f148.1e100.net

Software

cafe /

Resource Hash

b23d0d266357c3aa4b7dbdca0dd59aaa0de6673656473677b379426227c63e00

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tdrewards.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 1004
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Feb 2023 13:31:47 GMT
expires: Thu, 16 Feb 2023 13:31:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Feb 2023 13:31:47 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://6835781.fls.doubleclick.net/activityi;dc_pre=COWH2b-Tmv0CFYTQcwEd7OEOOA;src=6835781;type=tdrew0;cat=tdrew0;ord=1;num=9359702034594;gtm=45fe32f0;auiddc=406728175.1676554302;u1=02035324512203471391771226136983157623;~oref=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CKSu2b-Tmv0CFacDtwAd6qsGAw;src=6868519;type=credi0;cat=tdrew00-;ord=1;num=7899310269818;gtm=45fe32f0;auiddc=406728175.1676554302;~oref=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page Show response
6868519.fls.doubleclick.net/ Frame 2D83
Redirect Chain

https://6868519.fls.doubleclick.net/activityi;src=6868519;type=credi0;cat=tdrew00-;ord=1;num=7899310269818;gtm=45fe32f0;auiddc=406728175.1676554302;~oref=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page?
https://6868519.fls.doubleclick.net/activityi;dc_pre=CKSu2b-Tmv0CFacDtwAd6qsGAw;src=6868519;type=credi0;cat=tdrew00-;ord=1;num=7899310269818;gtm=45fe32f0;auiddc=406728175.1676554302;~oref=https%3A%...

412 B
307 B

145ms
144ms

Document
text/html

142.251.12.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6868519.fls.doubleclick.net/activityi;dc_pre=CKSu2b-Tmv0CFacDtwAd6qsGAw;src=6868519;type=credi0;cat=tdrew00-;ord=1;num=7899310269818;gtm=45fe32f0;auiddc=406728175.1676554302;~oref=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6868519&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f148.1e100.net

Software

cafe /

Resource Hash

1009681b8fc3182379cc815c12dda0c02b1ff0ef2158eb341408f2b6f118fb49

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tdrewards.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 237
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Feb 2023 13:31:47 GMT
expires: Thu, 16 Feb 2023 13:31:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Feb 2023 13:31:47 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://6868519.fls.doubleclick.net/activityi;dc_pre=CKSu2b-Tmv0CFacDtwAd6qsGAw;src=6868519;type=credi0;cat=tdrew00-;ord=1;num=7899310269818;gtm=45fe32f0;auiddc=406728175.1676554302;~oref=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

activityi;dc_pre=CJOk2r-Tmv0CFV0PtwAd170PxQ;src=5322602;type=rewar0;cat=tdrew002;ord=1;num=4122597628723;gtm=45fe32f0;auiddc=406728175.1676554302;u1=02035324512203471391771226136983157623;~oref=htt... Show response
5322602.fls.doubleclick.net/ Frame CF01
Redirect Chain

https://5322602.fls.doubleclick.net/activityi;src=5322602;type=rewar0;cat=tdrew002;ord=1;num=4122597628723;gtm=45fe32f0;auiddc=406728175.1676554302;u1=02035324512203471391771226136983157623;~oref=h...
https://5322602.fls.doubleclick.net/activityi;dc_pre=CJOk2r-Tmv0CFV0PtwAd170PxQ;src=5322602;type=rewar0;cat=tdrew002;ord=1;num=4122597628723;gtm=45fe32f0;auiddc=406728175.1676554302;u1=020353245122...

454 B
288 B

18ms
17ms

Document
text/html

142.251.12.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5322602.fls.doubleclick.net/activityi;dc_pre=CJOk2r-Tmv0CFV0PtwAd170PxQ;src=5322602;type=rewar0;cat=tdrew002;ord=1;num=4122597628723;gtm=45fe32f0;auiddc=406728175.1676554302;u1=02035324512203471391771226136983157623;~oref=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-5322602&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f148.1e100.net

Software

cafe /

Resource Hash

0051caad0d1a792111d506153155406fd3b649e6f13fe20f671e79467f3abc36

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tdrewards.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 265
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Feb 2023 13:31:47 GMT
expires: Thu, 16 Feb 2023 13:31:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Feb 2023 13:31:47 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5322602.fls.doubleclick.net/activityi;dc_pre=CJOk2r-Tmv0CFV0PtwAd170PxQ;src=5322602;type=rewar0;cat=tdrew002;ord=1;num=4122597628723;gtm=45fe32f0;auiddc=406728175.1676554302;u1=02035324512203471391771226136983157623;~oref=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dc_pre=COWH2b-Tmv0CFYTQcwEd7OEOOA;src=6835781;type=tdrew0;cat=tdrew0;ord=1;num=9359702034594;gtm=45fe32f0;auiddc=*;u1=02035324512203471391771226136983157623;~oref=https%3A%2F%2Fwww.tdrewards.com%2F...
adservice.google.com/ddm/fls/z/ Frame 4F68 42 B
401 B 21ms
10ms Image
image/gif 2404:6800:4003:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=COWH2b-Tmv0CFYTQcwEd7OEOOA;src=6835781;type=tdrew0;cat=tdrew0;ord=1;num=9359702034594;gtm=45fe32f0;auiddc=*;u1=02035324512203471391771226136983157623;~oref=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page

Requested by

Host: 6835781.fls.doubleclick.net
URL: https://6835781.fls.doubleclick.net/activityi;dc_pre=COWH2b-Tmv0CFYTQcwEd7OEOOA;src=6835781;type=tdrew0;cat=tdrew0;ord=1;num=9359702034594;gtm=45fe32f0;auiddc=406728175.1676554302;u1=02035324512203471391771226136983157623;~oref=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://6835781.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 13:31:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

activityi;dc_pre=CPWq27-Tmv0CFcIMtwAdYhAA5w;src=5967600;type=invmedia;cat=tdrew000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=3020080285801.4077 Show response
5967600.fls.doubleclick.net/ Frame 0F83
Redirect Chain

https://5967600.fls.doubleclick.net/activityi;src=5967600;type=invmedia;cat=tdrew000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=3020080285801.4077?
https://5967600.fls.doubleclick.net/activityi;dc_pre=CPWq27-Tmv0CFcIMtwAdYhAA5w;src=5967600;type=invmedia;cat=tdrew000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_conse...

1 KB
511 B

61ms
61ms

Document
text/html

142.251.12.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5967600.fls.doubleclick.net/activityi;dc_pre=CPWq27-Tmv0CFcIMtwAdYhAA5w;src=5967600;type=invmedia;cat=tdrew000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=3020080285801.4077?

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f149.1e100.net

Software

cafe /

Resource Hash

1901db6bfe1ff93201bd482763a5ab6cd30756d63e645d5f145c1244b22c611a

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6835781.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 488
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Feb 2023 13:31:47 GMT
expires: Thu, 16 Feb 2023 13:31:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Feb 2023 13:31:47 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5967600.fls.doubleclick.net/activityi;dc_pre=CPWq27-Tmv0CFcIMtwAdYhAA5w;src=5967600;type=invmedia;cat=tdrew000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=3020080285801.4077?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

activityi;dc_pre=CJzL27-Tmv0CFViS2AUdhRUC-g;src=10393945;type=invmedia;cat=tdban02l;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=9613631665678.56 Show response
10393945.fls.doubleclick.net/ Frame 3762
Redirect Chain

https://10393945.fls.doubleclick.net/activityi;src=10393945;type=invmedia;cat=tdban02l;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=9613631665678.56?
https://10393945.fls.doubleclick.net/activityi;dc_pre=CJzL27-Tmv0CFViS2AUdhRUC-g;src=10393945;type=invmedia;cat=tdban02l;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_con...

422 B
261 B

15ms
14ms

Document
text/html

142.251.12.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10393945.fls.doubleclick.net/activityi;dc_pre=CJzL27-Tmv0CFViS2AUdhRUC-g;src=10393945;type=invmedia;cat=tdban02l;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=9613631665678.56?

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f149.1e100.net

Software

cafe /

Resource Hash

fccbcb80ca730c537de6362a17dfc09f2095824a4111896a7f2f812a64571e68

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6835781.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 238
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Feb 2023 13:31:47 GMT
expires: Thu, 16 Feb 2023 13:31:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Feb 2023 13:31:47 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10393945.fls.doubleclick.net/activityi;dc_pre=CJzL27-Tmv0CFViS2AUdhRUC-g;src=10393945;type=invmedia;cat=tdban02l;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=9613631665678.56?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 4F68 106 KB
28 KB 19ms
4ms Script
application/x-javascript 2a03:2880:f00c:212:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00c:212:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://6835781.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 16 Feb 2023 13:31:47 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27843
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: jjGvs1M7zuA/qF3Papt8q4PBM8ND4PPAibvvADcmaQyYybcd4ctG3Q8a9fTkGfmJetEuanugoUsRsPySM83PAg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 548340344
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 dc_pre=CJOk2r-Tmv0CFV0PtwAd170PxQ;src=5322602;type=rewar0;cat=tdrew002;ord=1;num=4122597628723;gtm=45fe32f0;auiddc=*;u1=02035324512203471391771226136983157623;~oref=https%3A%2F%2Fwww.tdrewards.com%...
adservice.google.com/ddm/fls/z/ Frame CF01 42 B
107 B 11ms
9ms Image
image/gif 2404:6800:4003:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJOk2r-Tmv0CFV0PtwAd170PxQ;src=5322602;type=rewar0;cat=tdrew002;ord=1;num=4122597628723;gtm=45fe32f0;auiddc=*;u1=02035324512203471391771226136983157623;~oref=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page

Requested by

Host: 5322602.fls.doubleclick.net
URL: https://5322602.fls.doubleclick.net/activityi;dc_pre=CJOk2r-Tmv0CFV0PtwAd170PxQ;src=5322602;type=rewar0;cat=tdrew002;ord=1;num=4122597628723;gtm=45fe32f0;auiddc=406728175.1676554302;u1=02035324512203471391771226136983157623;~oref=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://5322602.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 13:31:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_pre=CJzL27-Tmv0CFViS2AUdhRUC-g;src=10393945;type=invmedia;cat=tdban02l;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=9613631665678.56
adservice.google.com/ddm/fls/z/ Frame 3762 42 B
63 B 10ms
10ms Image
image/gif 2404:6800:4003:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJzL27-Tmv0CFViS2AUdhRUC-g;src=10393945;type=invmedia;cat=tdban02l;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=9613631665678.56

Requested by

Host: 10393945.fls.doubleclick.net
URL: https://10393945.fls.doubleclick.net/activityi;dc_pre=CJzL27-Tmv0CFViS2AUdhRUC-g;src=10393945;type=invmedia;cat=tdban02l;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=9613631665678.56?

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://10393945.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 13:31:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 category Show response
www.tdrewards.com/api/productManagement/ 918 B
1023 B 716ms
716ms XHR
application/json 45.60.67.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tdrewards.com/api/productManagement/category?catalog_id=1&category_id=&name=Gift+Cards

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.67.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / Express

Resource Hash

f50ab62eadc8755c619ac423d4ed448936c436e95562f9bc1577ffbfc1aafc78

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=31536000, max-age=157680000, max-age=157680000
X-Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Accept-Language: zh-SG,zh;q=0.9
Authorization: p4QKOUzCF0p6Ud2vn44EDDtISs1UzjP4Gj0HzGNSNire03H0DwEdBDlbFLxK0Pd3gjCuPNpCOjGZzg7stB5Y8GTnlfb8RDE3YmLkM1sAQekxs4Dawm2mpI7alpqjkvXH
X-Frame-Options: DENY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Accept: application/json, text/plain, */*
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Referer: https://www.tdrewards.com/home-page
X-XSS-Protection: 1

Response headers

expires: -1
date: Thu, 16 Feb 2023 13:31:47 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=31536000, max-age=157680000, max-age=157680000
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self'
x-permitted-cross-domain-policies: master-only
x-cdn: Imperva
x-powered-by: Express
x-iinfo: 12-10621650-10621895 PNNN RT(1676554300550 6732) q(0 0 0 -1) r(7 7) U5
x-xss-protection: 1; mode=block, 1; mode=block
pragma: no-cache
server: nginx/1.18.0 (Ubuntu)
x-download-options: noopen
x-frame-options: SAMEORIGIN, SAMEORIGIN, DENY
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, PATCH
content-type: application/json
access-control-allow-origin: https://www.tdrewards.com
cache-control: no-cache, private, max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, Accept, Authentication, Authorization, X-Requested-With, Access-Control-Allow-Credentials, Access-Control-Allow-Headers, Access-Control-Allow-Origin, Auth
x-content-security-policy: default-src 'self'

GET
H/1.1 200
OK c099ced574 Show response
bam.nr-data.net/1/ 49 B
625 B 331ms
266ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/c099ced574?a=9185954&sa=1&v=1026.7a27a3e&t=Unnamed%20Transaction&rst=6816&ref=https://www.tdrewards.com/home-page&be=1136&fe=6698&dc=5928&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1676554301046,%22n%22:0,%22f%22:64,%22dn%22:65,%22dne%22:77,%22c%22:77,%22s%22:80,%22ce%22:85,%22rq%22:85,%22rp%22:1112,%22rpe%22:1115,%22dl%22:1115,%22di%22:5927,%22ds%22:5927,%22de%22:5996,%22dc%22:6697,%22l%22:6697,%22le%22:6754%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1026.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Apex, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 16 Feb 2023 13:31:48 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
access-control-allow-credentials: true
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
CF-Ray: 79a6a5488da14d33-SIN

GET
H2 200 2368582946583330 Show response
connect.facebook.net/signals/config/ Frame 4F68 150 KB
41 KB 4ms
4ms Script
application/x-javascript 2a03:2880:f00c:212:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2368582946583330?v=2.9.95&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00c:212:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7bc954af5c2c5f341874056b0e2bae37868b044ad67d9c292f9fa5817ba00efc

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://6835781.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 16 Feb 2023 13:31:47 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 42308
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: AjpNafS+/8ONpdZnj6/B20JSi9+XYbfc58IJdflXiudp1T48TbIpFSjaU8om+M5jHY9AQsNHXzh0v2g7ytPVsg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 548340344
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 6820 Show response
www.tdrewards.com/api/productManagement/product/ 267 KB
268 KB 2229ms
2229ms XHR
application/json 45.60.67.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tdrewards.com/api/productManagement/product/6820

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.67.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / Express

Resource Hash

44fb1d73e2fb4326fed19c23cbfbf76141ae9c8892c49b4ff0cd55d03ee50005

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=31536000, max-age=157680000, max-age=157680000
X-Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Accept-Language: zh-SG,zh;q=0.9
Authorization: p4QKOUzCF0p6Ud2vn44EDDtISs1UzjP4Gj0HzGNSNire03H0DwEdBDlbFLxK0Pd3gjCuPNpCOjGZzg7stB5Y8GTnlfb8RDE3YmLkM1sAQekxs4Dawm2mpI7alpqjkvXH
X-Frame-Options: DENY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Accept: application/json, text/plain, */*
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Referer: https://www.tdrewards.com/home-page
X-XSS-Protection: 1

Response headers

expires: -1
date: Thu, 16 Feb 2023 13:31:49 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=31536000, max-age=157680000, max-age=157680000
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self'
x-permitted-cross-domain-policies: master-only
x-cdn: Imperva
x-powered-by: Express
x-iinfo: 12-10621650-10623171 NNNN CT(656 532 0) RT(1676554300550 6763) q(0 0 12 -1) r(22 22) U5
x-xss-protection: 1; mode=block, 1; mode=block
pragma: no-cache
server: nginx/1.18.0 (Ubuntu)
x-download-options: noopen
x-frame-options: SAMEORIGIN, SAMEORIGIN, DENY
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, PATCH
content-type: application/json
access-control-allow-origin: https://www.tdrewards.com
cache-control: no-cache, private, max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, Accept, Authentication, Authorization, X-Requested-With, Access-Control-Allow-Credentials, Access-Control-Allow-Headers, Access-Control-Allow-Origin, Auth
x-content-security-policy: default-src 'self'

GET
H3 200 inferredevents.js Show response
connect.facebook.net/signals/plugins/ Frame 4F68 72 KB
22 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f00c:212:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredevents.js?v=2.9.95

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00c:212:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://6835781.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 16 Feb 2023 13:31:47 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 21972
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: Lgt1YgYKe/eol/VoSQzAl+m/8D5VloZ9Q+9u9XFRSOdAtMLGbAVeo3pzAOn893LkWfLMRPNTlDiHUIPToCYhwA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame 0F83 45 KB
17 KB 35ms
10ms Script
text/javascript 74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: 5967600.fls.doubleclick.net
URL: https://5967600.fls.doubleclick.net/activityi;dc_pre=CPWq27-Tmv0CFcIMtwAdYhAA5w;src=5967600;type=invmedia;cat=tdrew000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=3020080285801.4077?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

cafe /

Resource Hash

68f274e5330a1431b6e07a6a979209097633d713576cf9620bee34a6bd898ad7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://5967600.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:31:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16815
x-xss-protection: 0
server: cafe
etag: 17544913231395580258
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 16 Feb 2023 13:31:47 GMT

GET
H3 200 dc_pre=CPWq27-Tmv0CFcIMtwAdYhAA5w;src=5967600;type=invmedia;cat=tdrew000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=3020080285801.4077
adservice.google.com/ddm/fls/z/ Frame 0F83 42 B
63 B 17ms
17ms Image
image/gif 2404:6800:4003:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CPWq27-Tmv0CFcIMtwAdYhAA5w;src=5967600;type=invmedia;cat=tdrew000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=3020080285801.4077

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://5967600.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 13:31:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 4F68 0
185 B 20ms
5ms Image
text/plain 2a03:2880:f10c:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2368582946583330&ev=RewardsLandingPageENFR&dl=https%3A%2F%2F6835781.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCOWH2b-Tmv0CFYTQcwEd7OEOOA%3Bsrc%3D6835781%3Btype%3Dtdrew0%3Bcat%3Dtdrew0%3Bord%3D1%3Bnum%3D9359702034594%3Bgtm%3D45fe32f0%3Bauiddc%3D406728175.1676554302%3Bu1%3D02035324512203471391771226136983157623%3B~oref%3Dhttps%253A%252F%252Fwww.tdrewards.com%252Fhome-page%3F&rl=https%3A%2F%2Fwww.tdrewards.com%2F&if=true&ts=1676554307922&sw=1600&sh=1200&v=2.9.95&r=stable&ec=0&o=28&it=1676554307870&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10c:181:face:b00c:0:25de , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://6835781.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 16 Feb 2023 13:31:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ Frame 4F68 0
31 B 20ms
6ms Image
text/plain 2a03:2880:f10c:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2368582946583330&ev=PageView&dl=https%3A%2F%2F6835781.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCOWH2b-Tmv0CFYTQcwEd7OEOOA%3Bsrc%3D6835781%3Btype%3Dtdrew0%3Bcat%3Dtdrew0%3Bord%3D1%3Bnum%3D9359702034594%3Bgtm%3D45fe32f0%3Bauiddc%3D406728175.1676554302%3Bu1%3D02035324512203471391771226136983157623%3B~oref%3Dhttps%253A%252F%252Fwww.tdrewards.com%252Fhome-page%3F&rl=https%3A%2F%2Fwww.tdrewards.com%2F&if=true&ts=1676554307926&sw=1600&sh=1200&v=2.9.95&r=stable&ec=1&o=28&cs_est=true&it=1676554307870&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10c:181:face:b00c:0:25de , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://6835781.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 16 Feb 2023 13:31:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 dc_pre=CKSu2b-Tmv0CFacDtwAd6qsGAw;src=6868519;type=credi0;cat=tdrew00-;ord=1;num=7899310269818;gtm=45fe32f0;auiddc=*;~oref=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page
adservice.google.com/ddm/fls/z/ Frame 2D83 42 B
63 B 9ms
8ms Image
image/gif 2404:6800:4003:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CKSu2b-Tmv0CFacDtwAd6qsGAw;src=6868519;type=credi0;cat=tdrew00-;ord=1;num=7899310269818;gtm=45fe32f0;auiddc=*;~oref=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page

Requested by

Host: 6868519.fls.doubleclick.net
URL: https://6868519.fls.doubleclick.net/activityi;dc_pre=CKSu2b-Tmv0CFacDtwAd6qsGAw;src=6868519;type=credi0;cat=tdrew00-;ord=1;num=7899310269818;gtm=45fe32f0;auiddc=406728175.1676554302;~oref=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page?

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://6868519.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 13:31:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/875695358/ Frame 0F83 2 KB
1 KB 11ms
11ms Script
text/javascript 74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/875695358/?random=1676554307959&cv=9&fst=1676554307959&num=1&npa=1&label=Yk5PCMaLxYYYEP6ZyKED&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F5967600.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPWq27-Tmv0CFcIMtwAdYhAA5w%3Bsrc%3D5967600%3Btype%3Dinvmedia%3Bcat%3Dtdrew000%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bnpa%3D%3Bgdpr%3D%3Bgdpr_consent%3D%3Bord%3D3020080285801.4077%3F&ref=https%3A%2F%2F6835781.fls.doubleclick.net%2F&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

cafe /

Resource Hash

adb9c5c4f1a86a1c4216e7c9451801f727ae02294f3c57ba85dd32d830cd25f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://5967600.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 13:31:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1182
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.com.sg/pagead/1p-conversion/875695358/ Frame 0F83
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/875695358/?random=1096094377&cv=9&fst=1676554307959&num=1&npa=1&label=Yk5PCMaLxYYYEP6ZyKED&guid=ON&resp=GooglemKTybQhCsO&eid=3756032...
https://www.google.com/pagead/1p-conversion/875695358/?random=1096094377&cv=9&fst=1676554307959&num=1&npa=1&label=Yk5PCMaLxYYYEP6ZyKED&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925&u_h=12...
https://www.google.com.sg/pagead/1p-conversion/875695358/?random=1096094377&cv=9&fst=1676554307959&num=1&npa=1&label=Yk5PCMaLxYYYEP6ZyKED&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925&u_h...

42 B
64 B

15ms
15ms

Image
image/gif

2404:6800:4003:c0f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/pagead/1p-conversion/875695358/?random=1096094377&cv=9&fst=1676554307959&num=1&npa=1&label=Yk5PCMaLxYYYEP6ZyKED&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F5967600.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPWq27-Tmv0CFcIMtwAdYhAA5w%3Bsrc%3D5967600%3Btype%3Dinvmedia%3Bcat%3Dtdrew000%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bnpa%3D%3Bgdpr%3D%3Bgdpr_consent%3D%3Bord%3D3020080285801.4077%3F&ref=https%3A%2F%2F6835781.fls.doubleclick.net%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=QzDuY_2LO8-99QOghaHwBQ&cid=CAQSKQDUE5ym3t4PYZxqv-DC69yJj7hTUf9oxdKGzoKVQr01jdQMr3LeijVe&random=1351929061&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Requested by

Protocol

Server

2404:6800:4003:c0f::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://5967600.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 13:31:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Feb 2023 13:31:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.com.sg/pagead/1p-conversion/875695358/?random=1096094377&cv=9&fst=1676554307959&num=1&npa=1&label=Yk5PCMaLxYYYEP6ZyKED&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F5967600.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPWq27-Tmv0CFcIMtwAdYhAA5w%3Bsrc%3D5967600%3Btype%3Dinvmedia%3Bcat%3Dtdrew000%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bnpa%3D%3Bgdpr%3D%3Bgdpr_consent%3D%3Bord%3D3020080285801.4077%3F&ref=https%3A%2F%2F6835781.fls.doubleclick.net%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=QzDuY_2LO8-99QOghaHwBQ&cid=CAQSKQDUE5ym3t4PYZxqv-DC69yJj7hTUf9oxdKGzoKVQr01jdQMr3LeijVe&random=1351929061&resp=GooglemKTybQhCsO&ipr=y&prhg=0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 getAppComponents Show response
www.tdrewards.com/api/utilityManagement/ 1 MB
1 MB 1989ms
1989ms XHR
application/json 45.60.67.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tdrewards.com/api/utilityManagement/getAppComponents

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.67.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / Express

Resource Hash

a869ecc45bf4e2913636044592499573a8917f1b5d47b718e6fe83dde3e52340

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=31536000, max-age=157680000, max-age=157680000
X-Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Accept-Language: zh-SG,zh;q=0.9
Authorization: p4QKOUzCF0p6Ud2vn44EDDtISs1UzjP4Gj0HzGNSNire03H0DwEdBDlbFLxK0Pd3gjCuPNpCOjGZzg7stB5Y8GTnlfb8RDE3YmLkM1sAQekxs4Dawm2mpI7alpqjkvXH
X-Frame-Options: DENY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Accept: application/json, text/plain, */*
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Referer: https://www.tdrewards.com/home-page
X-XSS-Protection: 1

Response headers

expires: -1
date: Thu, 16 Feb 2023 13:31:51 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=31536000, max-age=157680000, max-age=157680000
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self'
x-permitted-cross-domain-policies: master-only
x-cdn: Imperva
x-powered-by: Express
x-iinfo: 12-10621650-10623445 NNNN CT(257 517 0) RT(1676554300550 8393) q(0 0 8 -1) r(20 20) U5
x-xss-protection: 1; mode=block, 1; mode=block
pragma: no-cache
server: nginx/1.18.0 (Ubuntu)
x-download-options: noopen
x-frame-options: SAMEORIGIN, SAMEORIGIN, DENY
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, PATCH
content-type: application/json
access-control-allow-origin: https://www.tdrewards.com
cache-control: no-cache, private, max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, Accept, Authentication, Authorization, X-Requested-With, Access-Control-Allow-Credentials, Access-Control-Allow-Headers, Access-Control-Allow-Origin, Auth
x-content-security-policy: default-src 'self'

GET
H2 200 category Show response
www.tdrewards.com/api/productManagement/ 920 B
1 KB 1151ms
1150ms XHR
application/json 45.60.67.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tdrewards.com/api/productManagement/category?catalog_id=1&category_id=&name=eGift+Cards

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.67.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / Express

Resource Hash

ddaba87c6a1d4c1a2b8f91bfb328df22e71159bff03be314e7e2466d3a2cf704

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=31536000, max-age=157680000, max-age=157680000
X-Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Accept-Language: zh-SG,zh;q=0.9
Authorization: p4QKOUzCF0p6Ud2vn44EDDtISs1UzjP4Gj0HzGNSNire03H0DwEdBDlbFLxK0Pd3gjCuPNpCOjGZzg7stB5Y8GTnlfb8RDE3YmLkM1sAQekxs4Dawm2mpI7alpqjkvXH
X-Frame-Options: DENY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Accept: application/json, text/plain, */*
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Referer: https://www.tdrewards.com/home-page
X-XSS-Protection: 1

Response headers

expires: -1
date: Thu, 16 Feb 2023 13:31:55 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=31536000, max-age=157680000, max-age=157680000
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self'
x-permitted-cross-domain-policies: master-only
x-cdn: Imperva
x-powered-by: Express
x-iinfo: 12-10621650-10624492 NNNN CT(261 505 0) RT(1676554300550 13302) q(0 0 8 -1) r(11 11) U5
x-xss-protection: 1; mode=block, 1; mode=block
pragma: no-cache
server: nginx/1.18.0 (Ubuntu)
x-download-options: noopen
x-frame-options: SAMEORIGIN, SAMEORIGIN, DENY
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, PATCH
content-type: application/json
access-control-allow-origin: https://www.tdrewards.com
cache-control: no-cache, private, max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, Accept, Authentication, Authorization, X-Requested-With, Access-Control-Allow-Credentials, Access-Control-Allow-Headers, Access-Control-Allow-Origin, Auth
x-content-security-policy: default-src 'self'

GET
H2 200 category Show response
www.tdrewards.com/api/productManagement/ 910 B
1 KB 1149ms
1149ms XHR
application/json 45.60.67.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tdrewards.com/api/productManagement/category?catalog_id=1&category_id=&name=Weekly+Specials

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.67.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / Express

Resource Hash

9bc244571608347f094ff81e759772727ecee809f8c597039f0b787fd5f12f0f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=31536000, max-age=157680000, max-age=157680000
X-Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Accept-Language: zh-SG,zh;q=0.9
Authorization: p4QKOUzCF0p6Ud2vn44EDDtISs1UzjP4Gj0HzGNSNire03H0DwEdBDlbFLxK0Pd3gjCuPNpCOjGZzg7stB5Y8GTnlfb8RDE3YmLkM1sAQekxs4Dawm2mpI7alpqjkvXH
X-Frame-Options: DENY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Accept: application/json, text/plain, */*
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Referer: https://www.tdrewards.com/home-page
X-XSS-Protection: 1

Response headers

expires: -1
date: Thu, 16 Feb 2023 13:31:55 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=31536000, max-age=157680000, max-age=157680000
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self'
x-permitted-cross-domain-policies: master-only
x-cdn: Imperva
x-powered-by: Express
x-iinfo: 12-10621650-10624494 NNNN CT(259 501 0) RT(1676554300550 13303) q(0 0 8 -1) r(11 11) U5
x-xss-protection: 1; mode=block, 1; mode=block
pragma: no-cache
server: nginx/1.18.0 (Ubuntu)
x-download-options: noopen
x-frame-options: SAMEORIGIN, SAMEORIGIN, DENY
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, PATCH
content-type: application/json
access-control-allow-origin: https://www.tdrewards.com
cache-control: no-cache, private, max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, Accept, Authentication, Authorization, X-Requested-With, Access-Control-Allow-Credentials, Access-Control-Allow-Headers, Access-Control-Allow-Origin, Auth
x-content-security-policy: default-src 'self'

GET
H2 200 category Show response
www.tdrewards.com/api/productManagement/ 910 B
1 KB 1188ms
1188ms XHR
application/json 45.60.67.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tdrewards.com/api/productManagement/category?catalog_id=2&category_id=&name=Weekly+Specials

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.67.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / Express

Resource Hash

cca604d225665baef1d6d67b9ae34221122e3ba2c551a78e96040248fd557b8e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=31536000, max-age=157680000, max-age=157680000
X-Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Accept-Language: zh-SG,zh;q=0.9
Authorization: p4QKOUzCF0p6Ud2vn44EDDtISs1UzjP4Gj0HzGNSNire03H0DwEdBDlbFLxK0Pd3gjCuPNpCOjGZzg7stB5Y8GTnlfb8RDE3YmLkM1sAQekxs4Dawm2mpI7alpqjkvXH
X-Frame-Options: DENY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Accept: application/json, text/plain, */*
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Referer: https://www.tdrewards.com/home-page
X-XSS-Protection: 1

Response headers

expires: -1
date: Thu, 16 Feb 2023 13:31:55 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=31536000, max-age=157680000, max-age=157680000
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self'
x-permitted-cross-domain-policies: master-only
x-cdn: Imperva
x-powered-by: Express
x-iinfo: 12-10621650-10624496 NNNN CT(258 503 0) RT(1676554300550 13305) q(0 0 8 -1) r(12 12) U5
x-xss-protection: 1; mode=block, 1; mode=block
pragma: no-cache
server: nginx/1.18.0 (Ubuntu)
x-download-options: noopen
x-frame-options: SAMEORIGIN, SAMEORIGIN, DENY
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, PATCH
content-type: application/json
access-control-allow-origin: https://www.tdrewards.com
cache-control: no-cache, private, max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, Accept, Authentication, Authorization, X-Requested-With, Access-Control-Allow-Credentials, Access-Control-Allow-Headers, Access-Control-Allow-Origin, Auth
x-content-security-policy: default-src 'self'

GET
H2 200 category Show response
www.tdrewards.com/api/productManagement/ 910 B
1 KB 1172ms
1171ms XHR
application/json 45.60.67.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tdrewards.com/api/productManagement/category?catalog_id=1&category_id=&name=New+on+TD+Rewards

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.67.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / Express

Resource Hash

8a5f8315123649429a3646d59ce7e46d901d77a24447a4f8d7b2d97443e100fd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=31536000, max-age=157680000, max-age=157680000
X-Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Accept-Language: zh-SG,zh;q=0.9
Authorization: p4QKOUzCF0p6Ud2vn44EDDtISs1UzjP4Gj0HzGNSNire03H0DwEdBDlbFLxK0Pd3gjCuPNpCOjGZzg7stB5Y8GTnlfb8RDE3YmLkM1sAQekxs4Dawm2mpI7alpqjkvXH
X-Frame-Options: DENY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Accept: application/json, text/plain, */*
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Referer: https://www.tdrewards.com/home-page
X-XSS-Protection: 1

Response headers

expires: -1
date: Thu, 16 Feb 2023 13:31:55 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=31536000, max-age=157680000, max-age=157680000
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self'
x-permitted-cross-domain-policies: master-only
x-cdn: Imperva
x-powered-by: Express
x-iinfo: 12-10621650-10624498 NNNN CT(260 519 0) RT(1676554300550 13306) q(0 0 8 -1) r(12 12) U5
x-xss-protection: 1; mode=block, 1; mode=block
pragma: no-cache
server: nginx/1.18.0 (Ubuntu)
x-download-options: noopen
x-frame-options: SAMEORIGIN, SAMEORIGIN, DENY
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, PATCH
content-type: application/json
access-control-allow-origin: https://www.tdrewards.com
cache-control: no-cache, private, max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, Accept, Authentication, Authorization, X-Requested-With, Access-Control-Allow-Credentials, Access-Control-Allow-Headers, Access-Control-Allow-Origin, Auth
x-content-security-policy: default-src 'self'

GET
H2 200 category Show response
www.tdrewards.com/api/productManagement/ 908 B
1 KB 1193ms
1193ms XHR
application/json 45.60.67.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tdrewards.com/api/productManagement/category?catalog_id=2&category_id=&name=New+on+TD+Rewards

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.67.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / Express

Resource Hash

04b2596f7be617538be29f69bcfd05805400e3d44a3c603c0479fcba0e6a2677

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=31536000, max-age=157680000, max-age=157680000
X-Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Accept-Language: zh-SG,zh;q=0.9
Authorization: p4QKOUzCF0p6Ud2vn44EDDtISs1UzjP4Gj0HzGNSNire03H0DwEdBDlbFLxK0Pd3gjCuPNpCOjGZzg7stB5Y8GTnlfb8RDE3YmLkM1sAQekxs4Dawm2mpI7alpqjkvXH
X-Frame-Options: DENY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Accept: application/json, text/plain, */*
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Referer: https://www.tdrewards.com/home-page
X-XSS-Protection: 1

Response headers

expires: -1
date: Thu, 16 Feb 2023 13:31:55 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=31536000, max-age=157680000, max-age=157680000
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self'
x-permitted-cross-domain-policies: master-only
x-cdn: Imperva
x-powered-by: Express
x-iinfo: 12-10621650-10624500 NNNN CT(261 507 0) RT(1676554300550 13307) q(0 0 8 -1) r(12 12) U5
x-xss-protection: 1; mode=block, 1; mode=block
pragma: no-cache
server: nginx/1.18.0 (Ubuntu)
x-download-options: noopen
x-frame-options: SAMEORIGIN, SAMEORIGIN, DENY
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, PATCH
content-type: application/json
access-control-allow-origin: https://www.tdrewards.com
cache-control: no-cache, private, max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, Accept, Authentication, Authorization, X-Requested-With, Access-Control-Allow-Credentials, Access-Control-Allow-Headers, Access-Control-Allow-Origin, Auth
x-content-security-policy: default-src 'self'

GET
H2 200 td_shield_nowhitespace.png
www.tdrewards.com/templates/active/static/images/ 1 KB
2 KB 1009ms
1009ms Image
image/png 45.60.67.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tdrewards.com/templates/active/static/images/td_shield_nowhitespace.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.67.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

a01050f120544b659a5b01dd168b7416224587780616e22d71c1d223e7a6d92b

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/home-page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:31:55 GMT
strict-transport-security: max-age=157680000
last-modified: Sat, 11 Feb 2023 01:30:30 GMT
x-cdn: Imperva
x-powered-by: Express
etag: W/"569-1863e185ef0"
content-type: image/png
x-iinfo: 12-10621650-10624507 NNNN CT(251 502 0) RT(1676554300550 13339) q(0 0 8 -1) r(10 10) U5
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 1385

GET
H2 200 weblysleekuil-webfont.woff2
www.tdrewards.com/templates/active/static/fonts/ 18 KB
19 KB 1259ms
1258ms Font
font/woff2 45.60.67.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tdrewards.com/templates/active/static/fonts/weblysleekuil-webfont.woff2

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/templates/active/static/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.67.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

7f8f92a1913474ebb54f27bb9a908eb8006c76665ed14ed7ebea958b661b4b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Referer: https://www.tdrewards.com/templates/active/static/style.css
Origin: https://www.tdrewards.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:31:55 GMT
strict-transport-security: max-age=157680000
last-modified: Sat, 11 Feb 2023 01:30:30 GMT
x-cdn: Imperva
x-powered-by: Express
etag: W/"49e4-1863e185ef0"
content-type: font/woff2
x-iinfo: 12-10621650-10624507 PNNN RT(1676554300550 13343) q(0 10 10 -1) r(13 13) U5
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 18916

GET
H2 200 td-font.ttf
www.tdrewards.com/templates/active/static/fonts/ 5 KB
5 KB 2142ms
2142ms Font
font/ttf 45.60.67.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tdrewards.com/templates/active/static/fonts/td-font.ttf?j0pn85

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/templates/active/static/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.67.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

c39cd074b33a0348246ff987044c7650533c69afc4727bac852f8e02722d6d67

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Referer: https://www.tdrewards.com/templates/active/static/style.css
Origin: https://www.tdrewards.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:31:56 GMT
strict-transport-security: max-age=157680000
last-modified: Sat, 11 Feb 2023 01:30:30 GMT
x-cdn: Imperva
x-powered-by: Express
etag: W/"12c4-1863e185ef0"
content-type: font/ttf
x-iinfo: 12-10621650-10624787 NNNN CT(254 523 0) RT(1676554300550 13344) q(0 11 19 -1) r(22 22) U5
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 4804

GET
H2 200 e6cf7c6ec7c2d6f670ae9d762604cb0b.woff2
www.tdrewards.com/ 70 KB
71 KB 2103ms
2102ms Font
font/woff2 45.60.67.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tdrewards.com/e6cf7c6ec7c2d6f670ae9d762604cb0b.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.67.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Referer: https://www.tdrewards.com/home-page
Origin: https://www.tdrewards.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:31:56 GMT
strict-transport-security: max-age=157680000
last-modified: Sat, 11 Feb 2023 01:30:30 GMT
x-cdn: Imperva
x-powered-by: Express
etag: W/"118d8-1863e185ef0"
content-type: font/woff2
x-iinfo: 12-10621650-10624788 NNNN CT(262 536 0) RT(1676554300550 13419) q(0 10 18 -1) r(21 21) U5
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 71896

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
5ms Image
image/gif 2404:6800:4003:c0f::65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1248621889&t=pageview&_s=2&dl=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page&dp=%2Fhome-page&ul=en-us&de=UTF-8&dt=TD%20Rewards&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAiQIxBAAAAEACs~&jid=&gjid=&cid=801093752.1676554307&tid=UA-7284910-1&_gid=1160907833.1676554307&z=1603177328

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::65 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 07:34:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 21415
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 expedia_logo.svg
www.tdrewards.com/templates/active/static/images/ 5 KB
5 KB 2134ms
2127ms Image
image/svg+xml 45.60.67.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tdrewards.com/templates/active/static/images/expedia_logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.67.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

e2f5114f1b78eea5212a2aa1a74bf3c57ed7c2e8c64b4881bf5bbb266c758f1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/home-page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:31:56 GMT
strict-transport-security: max-age=157680000
last-modified: Sat, 11 Feb 2023 01:30:30 GMT
x-cdn: Imperva
x-powered-by: Express
etag: W/"1335-1863e185ef0"
content-type: image/svg+xml
x-iinfo: 12-10621650-10624807 NNNN CT(252 534 0) RT(1676554300550 13422) q(0 11 19 -1) r(21 21) U5
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 4917

GET
H2 200 amazon_logo.jpg
www.tdrewards.com/templates/active/static/images/ 9 KB
9 KB 1437ms
1430ms Image
image/jpeg 45.60.67.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tdrewards.com/templates/active/static/images/amazon_logo.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.67.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

1de90302505bf3cdb1bfce7f2d1e76a850e3097030b79cd83e2c8a119e899aaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/home-page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:31:55 GMT
strict-transport-security: max-age=157680000
last-modified: Sat, 11 Feb 2023 01:30:30 GMT
x-cdn: Imperva
x-powered-by: Express
etag: W/"2365-1863e185ef0"
content-type: image/jpeg
x-iinfo: 12-10621650-10624507 PNNN RT(1676554300550 13423) q(0 12 12 -1) r(14 14) U5
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 9061

GET
H2 200 gift_six.jpg
www.tdrewards.com/templates/active/static/images/gift/home_one/ 25 KB
26 KB 1688ms
1681ms Image
image/jpeg 45.60.67.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tdrewards.com/templates/active/static/images/gift/home_one/gift_six.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.67.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

8cd9dee34cd96472a5fd5de618fd4420fb9814517b51176314d1136d27c01364

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/home-page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:31:56 GMT
strict-transport-security: max-age=157680000
last-modified: Sat, 11 Feb 2023 01:30:30 GMT
x-cdn: Imperva
x-powered-by: Express
etag: W/"65c6-1863e185ef0"
content-type: image/jpeg
x-iinfo: 12-10621650-10624507 PNNN RT(1676554300550 13424) q(0 14 14 -1) r(17 17) U5
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 26054

GET
H2 200 gift_seven.jpg
www.tdrewards.com/templates/active/static/images/gift/home_one/ 14 KB
14 KB 1953ms
1947ms Image
image/jpeg 45.60.67.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tdrewards.com/templates/active/static/images/gift/home_one/gift_seven.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.67.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

8183f487fa94a19fb2816dca3ab186a70e2475c48e8743d56f9953b9eeabb53a

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/home-page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:31:56 GMT
strict-transport-security: max-age=157680000
last-modified: Sat, 11 Feb 2023 01:30:30 GMT
x-cdn: Imperva
x-powered-by: Express
etag: W/"3790-1863e185ef0"
content-type: image/jpeg
x-iinfo: 12-10621650-10624507 PNNN RT(1676554300550 13425) q(0 17 17 -1) r(20 20) U5
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 14224

GET
H2 200 gift_eight.jpg
www.tdrewards.com/templates/active/static/images/gift/home_one/ 21 KB
21 KB 2321ms
2315ms Image
image/jpeg 45.60.67.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tdrewards.com/templates/active/static/images/gift/home_one/gift_eight.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.67.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

2c3af664cd131d6c3ec4d824edea7425264bc8461e31b51afba285782735320f

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/home-page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:31:56 GMT
strict-transport-security: max-age=157680000
last-modified: Sat, 11 Feb 2023 01:30:30 GMT
x-cdn: Imperva
x-powered-by: Express
etag: W/"531c-1863e185ef0"
content-type: image/jpeg
x-iinfo: 12-10621650-10624787 PNNN RT(1676554300550 13426) q(0 21 21 -1) r(23 23) U5
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 21276

GET
H2 200 gift_nine.jpg
www.tdrewards.com/templates/active/static/images/gift/home_one/ 16 KB
16 KB 2388ms
2383ms Image
image/jpeg 45.60.67.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tdrewards.com/templates/active/static/images/gift/home_one/gift_nine.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.67.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

7274e17a34226a2c73e8f8d81ddeb16ee2e364982b97b0d21ee34cccce010bb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/home-page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:31:56 GMT
strict-transport-security: max-age=157680000
last-modified: Sat, 11 Feb 2023 01:30:30 GMT
x-cdn: Imperva
x-powered-by: Express
etag: W/"3fe9-1863e185ef0"
content-type: image/jpeg
x-iinfo: 12-10621650-10624807 PNNN RT(1676554300550 13427) q(0 21 21 -1) r(24 24) U5
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 16361

GET
H2 200 gift_ten.jpg
www.tdrewards.com/templates/active/static/images/gift/home_one/ 21 KB
21 KB 2498ms
2493ms Image
image/jpeg 45.60.67.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tdrewards.com/templates/active/static/images/gift/home_one/gift_ten.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.67.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

d333b91ec038474abd149162888f378fdd803d5190f15bda93d45566d5b03af6

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/home-page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:31:56 GMT
strict-transport-security: max-age=157680000
last-modified: Sat, 11 Feb 2023 01:30:30 GMT
x-cdn: Imperva
x-powered-by: Express
etag: W/"54d5-1863e185ef0"
content-type: image/jpeg
x-iinfo: 12-10621650-10624507 PNNN RT(1676554300550 13427) q(0 23 23 -1) r(25 25) U5
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 21717

GET
H/1.1 200
OK costco_banner_en_small.jpg
assets.tdrewards.com/img/ 92 KB
92 KB 1035ms
257ms Image
image/jpeg 209.15.211.147

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.tdrewards.com/img/costco_banner_en_small.jpg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

209.15.211.147 -, , ASN (),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

c8229d15724f0676dd350d16c3f9bd4ff187d30c05e0bb9724d685b6f3dda9a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 16 Feb 2023 13:31:55 GMT
Strict-Transport-Security: max-age=157680000
Last-Modified: Thu, 26 Jan 2023 21:12:21 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "63d2ecb5-16fda"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 94170

GET
H/1.1 200
OK costco_banner_en_large_001.jpg
assets.tdrewards.com/img/ 120 KB
120 KB 1036ms
257ms Image
image/jpeg 209.15.211.147

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.tdrewards.com/img/costco_banner_en_large_001.jpg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

209.15.211.147 -, , ASN (),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

b431134355745303c022637468741f6aae1bfff793ad84517d5d25d47b187f9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 16 Feb 2023 13:31:55 GMT
Strict-Transport-Security: max-age=157680000
Last-Modified: Thu, 26 Jan 2023 21:12:32 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "63d2ecc0-1debb"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 122555

GET
H/1.1 200
OK cr-1707_expedia_luxury_listings_small_opt1.jpg
assets.tdrewards.com/img/ 203 KB
203 KB 2084ms
1304ms Image
image/jpeg 209.15.211.147

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.tdrewards.com/img/cr-1707_expedia_luxury_listings_small_opt1.jpg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

209.15.211.147 -, , ASN (),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

08f8b040ee30061c83265a81c2c00cf096d4e8669de3e4cbaa669cdd4cce763f

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 16 Feb 2023 13:31:56 GMT
Strict-Transport-Security: max-age=157680000
Last-Modified: Tue, 20 Dec 2022 16:50:40 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "63a1e7e0-32c17"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 207895

GET
H/1.1 200
OK cr-1707_expedia_luxury_listings_large.jpg
assets.tdrewards.com/img/ 228 KB
228 KB 2084ms
1302ms Image
image/jpeg 209.15.211.147

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.tdrewards.com/img/cr-1707_expedia_luxury_listings_large.jpg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

209.15.211.147 -, , ASN (),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

47aae9ce4b8ad9b2911f635e273b753e51fdf4f8a6aad5fe1bcd44d49d1ab00f

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 16 Feb 2023 13:31:56 GMT
Strict-Transport-Security: max-age=157680000
Last-Modified: Tue, 20 Dec 2022 16:50:30 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "63a1e7d6-38f67"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 233319

GET
H/1.1 200
OK cr-1331_egift_card_banner_small_003.jpg
assets.tdrewards.com/img/ 87 KB
87 KB 1221ms
305ms Image
image/jpeg 209.15.211.147

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.tdrewards.com/img/cr-1331_egift_card_banner_small_003.jpg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

209.15.211.147 -, , ASN (),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

b1e6fa50f60420fef9a2489bf847c308641c38b0080515debc5fcb25958e470a

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 16 Feb 2023 13:31:55 GMT
Strict-Transport-Security: max-age=157680000
Last-Modified: Fri, 11 Mar 2022 16:32:24 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "622b7998-15b21"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 88865

GET
H/1.1 200
OK cr-1331_egift_card_banner_large_004.jpg
assets.tdrewards.com/img/ 127 KB
128 KB 1222ms
304ms Image
image/jpeg 209.15.211.147

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.tdrewards.com/img/cr-1331_egift_card_banner_large_004.jpg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

209.15.211.147 -, , ASN (),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

28f4dd52de8ad78ccfd9c8d10e6f1d8cad3d85df5963ad079f363049e7f1fe86

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 16 Feb 2023 13:31:55 GMT
Strict-Transport-Security: max-age=157680000
Last-Modified: Fri, 11 Mar 2022 16:32:12 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "622b798c-1fddc"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 130524

GET
H2 200 c5cd7f5300576ab4c88202b42f6ded62.gif
www.tdrewards.com/ 4 KB
4 KB 2533ms
2532ms Image
image/gif 45.60.67.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tdrewards.com/c5cd7f5300576ab4c88202b42f6ded62.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.67.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/home-page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:31:56 GMT
strict-transport-security: max-age=157680000
last-modified: Sat, 11 Feb 2023 01:30:30 GMT
x-cdn: Imperva
x-powered-by: Express
etag: W/"1052-1863e185ef0"
content-type: image/gif
x-iinfo: 12-10621650-10624787 PNNN RT(1676554300550 13462) q(0 22 22 -1) r(25 25) U5
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 4178

GET
H2 200 icons.ttf
www.tdrewards.com/templates/active/static/images/icons/ 35 KB
35 KB 2090ms
2090ms Font
font/ttf 45.60.67.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tdrewards.com/templates/active/static/images/icons/icons.ttf?qta720

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/templates/active/static/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.67.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

0b2a1aee7a62edd2f0edcadf59fd2e1c5635e5eb1c807b10e64c06176c9eb077

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Referer: https://www.tdrewards.com/templates/active/static/style.css
Origin: https://www.tdrewards.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:31:56 GMT
strict-transport-security: max-age=157680000
last-modified: Sat, 11 Feb 2023 01:30:30 GMT
x-cdn: Imperva
x-powered-by: Express
etag: W/"8a7c-1863e185ef0"
content-type: font/ttf
x-iinfo: 12-10621650-10624801 NNNN CT(259 540 0) RT(1676554300550 13463) q(0 10 18 -1) r(20 20) U5
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 35452

GET
H2 200 s61703507727898 Show response
smetrics.td.com/b/ss/tdtdct,tdglobal/10/JS-2.20.0/ 5 KB
2 KB 235ms
234ms Script
application/x-javascript 104.81.138.27
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.td.com/b/ss/tdtdct,tdglobal/10/JS-2.20.0/s61703507727898?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=16%2F1%2F2023%2013%3A31%3A54%204%200&d.&nsid=0&jsonv=1&.d&mid=02035324512203471391771226136983157623&aamlh=3&ce=UTF-8&ns=tdbank&pageName=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page&g=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page&ch=ca-en&server=www.tdrewards.com&events=event1&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&v1=D%3DpageName&v3=1&c4=9%3A30AM&v4=1&c5=Thursday&v5=1&c6=Weekday&c12=not-authenticated&c13=New&v18=D%3Dc4&v19=D%3Dc5&c20=D%3Ds_vi&v20=D%3Dc6&c21=D%3DUser-Agent&v32=D%3Dc12&v33=D%3Dc13&v39=D%3Ds_vi&v68=D%3Dc21&c70=tdtdct%2Ctdglobal&c71=02035324512203471391771226136983157623&c74=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page&c75=AppMeasurement%20-%202.20.0&v94=02035324512203471391771226136983157623&v151=D%3Dmid&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=A783776A5245B1E50A490D44%40AdobeOrg&lrt=284&AQE=1

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.81.138.27 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-81-138-27.deploy.static.akamaitechnologies.com

Software

jag /

Resource Hash

d9b70f721ae5c456e15bebfb004827455f753b9426114243609fe724ad61e24a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-aam-tid: j7iDt5SDR64=
date: Thu, 16 Feb 2023 13:31:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=86400
p3p: CP="This is not a P3P policy"
content-length: 1545
x-xss-protection: 1; mode=block
dcs: dcs-prod-apse-2-v043-044d4af88.edge-apse.demdex.com 5 ms
pragma: no-cache
last-modified: Fri, 17 Feb 2023 13:31:54 GMT
server: jag
etag: 3600372974718779392-4619776019419129932
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
expires: Thu, 16 Feb 2023 13:31:54 GMT

GET
H2 200 1 Show response
www.tdrewards.com/api/productManagement/catalog/ 71 KB
72 KB 1216ms
1216ms XHR
application/json 45.60.67.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tdrewards.com/api/productManagement/catalog/1?category_id=323&per_page=10

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.67.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / Express

Resource Hash

4125fd2ede4f14809f118ceb260c0503fd643dadbc444be33cb7e0d7f347acc1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=31536000, max-age=157680000, max-age=157680000
X-Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Accept-Language: zh-SG,zh;q=0.9
Authorization: p4QKOUzCF0p6Ud2vn44EDDtISs1UzjP4Gj0HzGNSNire03H0DwEdBDlbFLxK0Pd3gjCuPNpCOjGZzg7stB5Y8GTnlfb8RDE3YmLkM1sAQekxs4Dawm2mpI7alpqjkvXH
X-Frame-Options: DENY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Accept: application/json, text/plain, */*
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Referer: https://www.tdrewards.com/home-page
X-XSS-Protection: 1

Response headers

expires: -1
date: Thu, 16 Feb 2023 13:31:56 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=31536000, max-age=157680000, max-age=157680000
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self'
x-permitted-cross-domain-policies: master-only
x-cdn: Imperva
x-powered-by: Express
x-iinfo: 12-10621650-10624805 NNNN CT(254 537 0) RT(1676554300550 14460) q(0 0 8 -1) r(12 12) U5
x-xss-protection: 1; mode=block, 1; mode=block
pragma: no-cache
server: nginx/1.18.0 (Ubuntu)
x-download-options: noopen
x-frame-options: SAMEORIGIN, SAMEORIGIN, DENY
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, PATCH
content-type: application/json
access-control-allow-origin: https://www.tdrewards.com
cache-control: no-cache, private, max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, Accept, Authentication, Authorization, X-Requested-With, Access-Control-Allow-Credentials, Access-Control-Allow-Headers, Access-Control-Allow-Origin, Auth
x-content-security-policy: default-src 'self'

GET
H2 200 gift_six.jpg
www.tdrewards.com/templates/active/static/images/gift/home_one/ 25 KB
26 KB 954ms
954ms Image
image/jpeg 45.60.67.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tdrewards.com/templates/active/static/images/gift/home_one/gift_six.jpg

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/vendors.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.67.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

8cd9dee34cd96472a5fd5de618fd4420fb9814517b51176314d1136d27c01364

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/home-page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:31:56 GMT
strict-transport-security: max-age=157680000
last-modified: Sat, 11 Feb 2023 01:30:30 GMT
x-cdn: Imperva
x-powered-by: Express
etag: W/"65c6-1863e185ef0"
content-type: image/jpeg
x-iinfo: 12-10621650-10624807 PNNN RT(1676554300550 15107) q(0 7 7 -1) r(10 10) U5
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 26054

GET
H/1.1 200
OK costco_banner_en_small.jpg
assets.tdrewards.com/img/ 92 KB
92 KB 258ms
258ms Image
image/jpeg 209.15.211.147

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.tdrewards.com/img/costco_banner_en_small.jpg

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/vendors.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

209.15.211.147 -, , ASN (),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

c8229d15724f0676dd350d16c3f9bd4ff187d30c05e0bb9724d685b6f3dda9a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 16 Feb 2023 13:31:56 GMT
Strict-Transport-Security: max-age=157680000
Last-Modified: Thu, 26 Jan 2023 21:12:21 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "63d2ecb5-16fda"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 94170

GET
H/1.1 200
OK costco_banner_en_large_001.jpg
assets.tdrewards.com/img/ 120 KB
120 KB 261ms
261ms Image
image/jpeg 209.15.211.147

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.tdrewards.com/img/costco_banner_en_large_001.jpg

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/vendors.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

209.15.211.147 -, , ASN (),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

b431134355745303c022637468741f6aae1bfff793ad84517d5d25d47b187f9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 16 Feb 2023 13:31:56 GMT
Strict-Transport-Security: max-age=157680000
Last-Modified: Thu, 26 Jan 2023 21:12:32 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "63d2ecc0-1debb"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 122555

GET
H2 200 448c34a56d699c29117adc64c43affeb.woff2
www.tdrewards.com/ 18 KB
18 KB 280ms
280ms Font
font/woff2 45.60.67.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tdrewards.com/448c34a56d699c29117adc64c43affeb.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.67.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Referer: https://www.tdrewards.com/home-page
Origin: https://www.tdrewards.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:31:56 GMT
strict-transport-security: max-age=157680000
last-modified: Sat, 11 Feb 2023 01:30:30 GMT
x-cdn: Imperva
x-powered-by: Express
etag: W/"466c-1863e185ef0"
content-type: font/woff2
x-iinfo: 12-10621650-10624507 PNNN RT(1676554300550 15391) q(0 0 0 -1) r(3 3) U5
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 18028

GET
H2 200 gift_seven.jpg
www.tdrewards.com/templates/active/static/images/gift/home_one/ 14 KB
14 KB 673ms
673ms Image
image/jpeg 45.60.67.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tdrewards.com/templates/active/static/images/gift/home_one/gift_seven.jpg

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/vendors.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.67.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

8183f487fa94a19fb2816dca3ab186a70e2475c48e8743d56f9953b9eeabb53a

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/home-page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:31:56 GMT
strict-transport-security: max-age=157680000
last-modified: Sat, 11 Feb 2023 01:30:30 GMT
x-cdn: Imperva
x-powered-by: Express
etag: W/"3790-1863e185ef0"
content-type: image/jpeg
x-iinfo: 12-10621650-10624801 PNNN RT(1676554300550 15405) q(0 4 4 -1) r(7 7) U5
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 14224

GET
H/1.1 200
OK cr-1331_egift_card_banner_large_004.jpg
assets.tdrewards.com/img/ 127 KB
128 KB 304ms
304ms Image
image/jpeg 209.15.211.147

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.tdrewards.com/img/cr-1331_egift_card_banner_large_004.jpg

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/vendors.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

209.15.211.147 -, , ASN (),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

28f4dd52de8ad78ccfd9c8d10e6f1d8cad3d85df5963ad079f363049e7f1fe86

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 16 Feb 2023 13:31:56 GMT
Strict-Transport-Security: max-age=157680000
Last-Modified: Fri, 11 Mar 2022 16:32:12 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "622b798c-1fddc"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 130524

GET
H2 200 gift_eight.jpg
www.tdrewards.com/templates/active/static/images/gift/home_one/ 21 KB
21 KB 486ms
486ms Image
image/jpeg 45.60.67.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tdrewards.com/templates/active/static/images/gift/home_one/gift_eight.jpg

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/vendors.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.67.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

2c3af664cd131d6c3ec4d824edea7425264bc8461e31b51afba285782735320f

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/home-page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:31:57 GMT
strict-transport-security: max-age=157680000
last-modified: Sat, 11 Feb 2023 01:30:30 GMT
x-cdn: Imperva
x-powered-by: Express
etag: W/"531c-1863e185ef0"
content-type: image/jpeg
x-iinfo: 12-10621650-10624507 PNNN RT(1676554300550 15742) q(0 3 3 -1) r(5 5) U5
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 21276

GET
H2 200 gift_nine.jpg
www.tdrewards.com/templates/active/static/images/gift/home_one/ 16 KB
16 KB 444ms
444ms Image
image/jpeg 45.60.67.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tdrewards.com/templates/active/static/images/gift/home_one/gift_nine.jpg

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/vendors.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.67.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

7274e17a34226a2c73e8f8d81ddeb16ee2e364982b97b0d21ee34cccce010bb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/home-page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:31:57 GMT
strict-transport-security: max-age=157680000
last-modified: Sat, 11 Feb 2023 01:30:30 GMT
x-cdn: Imperva
x-powered-by: Express
etag: W/"3fe9-1863e185ef0"
content-type: image/jpeg
x-iinfo: 12-10621650-10624787 PNNN RT(1676554300550 15808) q(0 2 2 -1) r(4 4) U5
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 16361

GET
H2 200 gift_ten.jpg
www.tdrewards.com/templates/active/static/images/gift/home_one/ 21 KB
21 KB 338ms
337ms Image
image/jpeg 45.60.67.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tdrewards.com/templates/active/static/images/gift/home_one/gift_ten.jpg

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/vendors.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.67.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

d333b91ec038474abd149162888f378fdd803d5190f15bda93d45566d5b03af6

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/home-page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:31:57 GMT
strict-transport-security: max-age=157680000
last-modified: Sat, 11 Feb 2023 01:30:30 GMT
x-cdn: Imperva
x-powered-by: Express
etag: W/"54d5-1863e185ef0"
content-type: image/jpeg
x-iinfo: 12-10621650-10624788 PNNN RT(1676554300550 15975) q(0 0 0 -1) r(3 3) U5
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 21717

GET
H/1.1 200
OK cr-1331_egift_card_banner_small_003.jpg
assets.tdrewards.com/img/ 87 KB
87 KB 305ms
304ms Image
image/jpeg 209.15.211.147

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.tdrewards.com/img/cr-1331_egift_card_banner_small_003.jpg

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/vendors.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

209.15.211.147 -, , ASN (),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

b1e6fa50f60420fef9a2489bf847c308641c38b0080515debc5fcb25958e470a

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 16 Feb 2023 13:31:57 GMT
Strict-Transport-Security: max-age=157680000
Last-Modified: Fri, 11 Mar 2022 16:32:24 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "622b7998-15b21"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 88865

GET
H2 200 category Show response
www.tdrewards.com/api/productManagement/ 910 B
1016 B 382ms
382ms XHR
application/json 45.60.67.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tdrewards.com/api/productManagement/category?catalog_id=1&category_id=&name=Weekly+Specials

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.67.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / Express

Resource Hash

9bc244571608347f094ff81e759772727ecee809f8c597039f0b787fd5f12f0f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=31536000, max-age=157680000, max-age=157680000
X-Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Accept-Language: zh-SG,zh;q=0.9
Authorization: p4QKOUzCF0p6Ud2vn44EDDtISs1UzjP4Gj0HzGNSNire03H0DwEdBDlbFLxK0Pd3gjCuPNpCOjGZzg7stB5Y8GTnlfb8RDE3YmLkM1sAQekxs4Dawm2mpI7alpqjkvXH
X-Frame-Options: DENY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Accept: application/json, text/plain, */*
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Referer: https://www.tdrewards.com/home-page
X-XSS-Protection: 1

Response headers

expires: -1
date: Thu, 16 Feb 2023 13:31:57 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=31536000, max-age=157680000, max-age=157680000
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self'
x-permitted-cross-domain-policies: master-only
x-cdn: Imperva
x-powered-by: Express
x-iinfo: 12-10621650-10624788 PNNN RT(1676554300550 16442) q(0 0 0 -1) r(4 4) U5
x-xss-protection: 1; mode=block, 1; mode=block
pragma: no-cache
server: nginx/1.18.0 (Ubuntu)
x-download-options: noopen
x-frame-options: SAMEORIGIN, SAMEORIGIN, DENY
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, PATCH
content-type: application/json
access-control-allow-origin: https://www.tdrewards.com
cache-control: no-cache, private, max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, Accept, Authentication, Authorization, X-Requested-With, Access-Control-Allow-Credentials, Access-Control-Allow-Headers, Access-Control-Allow-Origin, Auth
x-content-security-policy: default-src 'self'

GET
H/1.1 200
OK cr-1707_expedia_luxury_listings_small_opt1.jpg
assets.tdrewards.com/img/ 203 KB
203 KB 260ms
260ms Image
image/jpeg 209.15.211.147

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.tdrewards.com/img/cr-1707_expedia_luxury_listings_small_opt1.jpg

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/vendors.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

209.15.211.147 -, , ASN (),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

08f8b040ee30061c83265a81c2c00cf096d4e8669de3e4cbaa669cdd4cce763f

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 16 Feb 2023 13:31:57 GMT
Strict-Transport-Security: max-age=157680000
Last-Modified: Tue, 20 Dec 2022 16:50:40 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "63a1e7e0-32c17"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 207895

GET
H/1.1 200
OK cr-1707_expedia_luxury_listings_large.jpg
assets.tdrewards.com/img/ 228 KB
228 KB 259ms
259ms Image
image/jpeg 209.15.211.147

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.tdrewards.com/img/cr-1707_expedia_luxury_listings_large.jpg

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/vendors.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

209.15.211.147 -, , ASN (),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

47aae9ce4b8ad9b2911f635e273b753e51fdf4f8a6aad5fe1bcd44d49d1ab00f

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 16 Feb 2023 13:31:57 GMT
Strict-Transport-Security: max-age=157680000
Last-Modified: Tue, 20 Dec 2022 16:50:30 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "63a1e7d6-38f67"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 233319

GET
H2 200 1 Show response
www.tdrewards.com/api/productManagement/catalog/ 71 KB
71 KB 410ms
410ms XHR
application/json 45.60.67.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tdrewards.com/api/productManagement/catalog/1?category_id=323&per_page=10

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.67.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / Express

Resource Hash

4125fd2ede4f14809f118ceb260c0503fd643dadbc444be33cb7e0d7f347acc1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=31536000, max-age=157680000, max-age=157680000
X-Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Accept-Language: zh-SG,zh;q=0.9
Authorization: p4QKOUzCF0p6Ud2vn44EDDtISs1UzjP4Gj0HzGNSNire03H0DwEdBDlbFLxK0Pd3gjCuPNpCOjGZzg7stB5Y8GTnlfb8RDE3YmLkM1sAQekxs4Dawm2mpI7alpqjkvXH
X-Frame-Options: DENY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Accept: application/json, text/plain, */*
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Referer: https://www.tdrewards.com/home-page
X-XSS-Protection: 1

Response headers

expires: -1
date: Thu, 16 Feb 2023 13:31:58 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=31536000, max-age=157680000, max-age=157680000
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self'
x-permitted-cross-domain-policies: master-only
x-cdn: Imperva
x-powered-by: Express
x-iinfo: 12-10621650-10624787 PNNN RT(1676554300550 16834) q(0 0 0 -1) r(4 4) U5
x-xss-protection: 1; mode=block, 1; mode=block
pragma: no-cache
server: nginx/1.18.0 (Ubuntu)
x-download-options: noopen
x-frame-options: SAMEORIGIN, SAMEORIGIN, DENY
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, PATCH
content-type: application/json
access-control-allow-origin: https://www.tdrewards.com
cache-control: no-cache, private, max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, Accept, Authentication, Authorization, X-Requested-With, Access-Control-Allow-Credentials, Access-Control-Allow-Headers, Access-Control-Allow-Origin, Auth
x-content-security-policy: default-src 'self'

Verdicts & Comments Add Verdict or Comment

109 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

50 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
eurox.co.th/	1969-12-31 23:59:59	Name: PHPSESSID Value: ef5p5dd6orgggorupl6rm3m5eb
.tdrewards.com/	1970-01-20 18:26:50	Name: visid_incap_2714874 Value: QDCJFHqmTqCLzKlVsJ+vDzww7mMAAAAAQUIPAAAAAAApGDihux9QIUeapHJfD1Af
.tdrewards.com/	1969-12-31 23:59:59	Name: incap_ses_961_2714874 Value: J35kHo9JzgYc0J1yNSlWDT0w7mMAAAAAZs+bvwoyZD5GmNznSRKMwQ==
.tdrewards.com/	1969-12-31 23:59:59	Name: at_check Value: true
.tdrewards.com/	1970-01-20 11:52:10	Name: _gcl_au Value: 1.1.406728175.1676554302
.demdex.net/	1970-01-20 14:01:46	Name: demdex Value: 01937205230809454571799052450619272517
.tdrewards.com/	1969-12-31 23:59:59	Name: AMCVS_A783776A5245B1E50A490D44%40AdobeOrg Value: 1
.doubleclick.net/	1970-01-20 19:18:34	Name: IDE Value: AHWqTUkg2GGsVgygKEVe_YKY2O9lFkBr_Am7JtF1t2Wjbov1LrnsY_1O8CqKosL4
.td.com/	1970-01-20 19:18:34	Name: s_ecid Value: MCMID%7C02035324512203471391771226136983157623
.tdrewards.com/	1970-01-20 10:25:46	Name: s_pers Value: %20s_vnum%3D1676592000653%2526vn%253D1%7C1676592000653%3B%20s_invisit%3Dtrue%7C1676556102786%3B%20s_nr%3D1676554302788-New%7C1679146302788%3B
.tdrewards.com/	1969-12-31 23:59:59	Name: s_sess Value: %20s_cc%3Dtrue%3B
.tdrewards.com/	1970-01-20 19:18:34	Name: mbox Value: session#edc6bdf8ad4b4d2bb70ffe95010aba08#1676556163\|PC#edc6bdf8ad4b4d2bb70ffe95010aba08.38_0#1739799103
.tdrewards.com/	1970-01-20 09:42:36	Name: mboxEdgeCluster Value: 38
.tdrewards.com/	1970-01-20 14:01:46	Name: AAMC_td_0 Value: REGION%7C3
.tdrewards.com/	1970-01-20 10:25:46	Name: aam_uuid Value: 01937205230809454571799052450619272517
.mathtag.com/	1970-01-20 19:08:29	Name: uuid Value: 206c63ee-303f-4500-9769-6c53b054b467
.rubiconproject.com/	1970-01-20 18:28:10	Name: khaos Value: LE7557KE-S-UM3
.rubiconproject.com/	1970-01-20 18:28:10	Name: audit Value: 1\|UPFTvGd3n24fYsqmOATmiyvObOkXll5jNrhq7rrxpJ7d3DGrM4nzS7nVBzoM3LQzvb2KZYNQ/SlCbuL7wqM7W5kXssBOYgMSv7/AspRIXmnFv8WgjsqkRqVM1m4dr7OfcwOMtYCN/VW3MDtNmsr9tf7OGTfO7vVG0RL7DNq2u9xJnGNoFKmPQ3AsoA3GEnQ/XjtNG+ow3pU=
.dpm.demdex.net/	1970-01-20 14:01:46	Name: dpm Value: 01937205230809454571799052450619272517
.agkn.com/	1970-01-20 18:28:10	Name: ab Value: 0001%3AKn6Ax6Ypq8mtw2lLUAyOtdhT85eSd8gA
.everesttech.net/	1970-01-20 18:28:10	Name: everest_g_v2 Value: g_surferid~Y_4wPwAAAIKBkQN9
.tdrewards.com/	1970-01-20 19:18:34	Name: AMCV_A783776A5245B1E50A490D44%40AdobeOrg Value: 359503849%7CMCIDTS%7C19405%7CMCMID%7C02035324512203471391771226136983157623%7CMCAAMLH-1677159102%7C3%7CMCAAMB-1677159102%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1676561502s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19412%7CvVersion%7C5.0.1
.tapad.com/	1970-01-20 11:08:58	Name: TapAd_TS Value: 1676554303320
.tapad.com/	1970-01-20 11:08:58	Name: TapAd_DID Value: febec45b-c047-4028-adb7-313208e96c81
.tapad.com/	1970-01-20 11:08:58	Name: TapAd_3WAY_SYNCS Value:
.twitter.com/	1970-01-20 19:18:34	Name: personalization_id Value: "v1_95n8zfiXba+SynjBiAPIfQ=="
.everesttech.net/	1970-01-20 10:27:12	Name: ev_sync_ax Value: 20230216
.everesttech.net/	1969-12-31 23:59:59	Name: everest_session_v2 Value: Y@4wPwAABZ1TzGUT
.quantserve.com/	1970-01-20 11:52:10	Name: d Value: EOUBDAGnKLmvYA
.quantserve.com/	1970-01-20 19:12:48	Name: mc Value: 63ee3040-21b0d-76659-722e3
.adnxs.com/	1970-01-20 11:52:10	Name: uuid2 Value: 5717618198874968751
.bing.com/	1970-01-20 19:04:10	Name: MUID Value: 27A650045F396E2B22F042BE5E386F57
.c.bing.com/	1970-01-20 09:52:39	Name: MR Value: 0
.ml314.com/	1970-01-20 18:28:10	Name: pi Value: 3633646459608367170
.yahoo.com/	1970-01-20 18:28:31	Name: A3 Value: d=AQABBEAw7mMCENREaQDXqZQjjXYcy3d24pAFEgEBAQGB72P4YwAAAAAA_eMAAA&S=AQAAAuGALtUVBwaZbS_GmyUrLBU
.tribalfusion.com/	1970-01-20 11:52:10	Name: ANON_ID Value: aonr6iq0I1e9yNy6QwmS4CO5F5N16Zc5RZag3EPbZbTSZb8IPBA62xxkrKw2j046QxXbMcjZbMVnD
.owneriq.net/	1970-01-20 19:18:34	Name: si Value: Q7298407041365979959
.owneriq.net/	1970-01-20 09:56:58	Name: p2 Value: adpq
.everesttech.net/	1970-01-20 10:27:12	Name: ev_sync_yh Value: 20230216
.demdex.net/	1970-01-20 14:01:46	Name: dextp Value: 21-1-1676554302804\|269-1-1676554302905\|358-1-1676554303006\|481-1-1676554303107\|540-1-1676554303209\|601-1-1676554303312\|771-1-1676554303413\|1123-1-1676554303514\|1083-1-1676554303616\|1085-1-1676554303717\|1086-1-1676554303817\|1087-1-1676554303918\|1088-1-1676554304019\|1175-1-1676554304120\|1957-1-1676554304221\|19913-1-1676554304322\|22054-1-1676554304423\|22052-1-1676554304524\|30646-1-1676554304625\|575-1-1676554304726\|53196-1-1676554304827\|59982-1-1676554304928\|83349-1-1676554305030\|139200-1-1676554305131
.tdrewards.com/	1970-01-20 09:42:54	Name: myNewName Value: GA1.2.801093752.1676554307
.tdrewards.com/	1970-01-20 09:44:00	Name: myNewName_gid Value: GA1.2.1160907833.1676554307
.tdrewards.com/	1970-01-20 09:42:34	Name: _gat Value: 1
.tdrewards.com/	1970-01-20 09:44:00	Name: _uetsid Value: 42c58c20adfe11ed8aded1861b9e9025
.tdrewards.com/	1970-01-20 19:04:10	Name: _uetvid Value: 42c58fa0adfe11ed80378d9b4af1c4be
.bat.bing.com/	1970-01-20 09:52:39	Name: MR Value: 0
.amazon-adsystem.com/	1970-01-20 15:09:27	Name: ad-id Value: A65cPBfeCEWWjpIx8q5e740
.amazon-adsystem.com/	1970-01-20 19:18:34	Name: ad-privacy Value: 0
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: ee318e91283fd517
.33across.com/	1970-01-20 18:28:10	Name: 33x_ps Value: u%3D212103185677670%3As1%3D1676554304650%3Ats%3D1676554304650

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	info	URL: https://www.tdrewards.com/home-page Message: Autofocus processing was blocked because a document already has a focused element.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=157680000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10393945.fls.doubleclick.net
5322602.fls.doubleclick.net
5967600.fls.doubleclick.net
6835781.fls.doubleclick.net
6868519.fls.doubleclick.net
a.tribalfusion.com
aa.agkn.com
ad.doubleclick.net
ads.yahoo.com
adservice.google.com
analytics.twitter.com
assets.tdrewards.com
bam.nr-data.net
bat.bing.com
c.bing.com
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
connect.facebook.net
dp2.33across.com
dpm.demdex.net
eurox.co.th
exchange.adstanding.com
fei.pro-market.net
googleads.g.doubleclick.net
ib.adnxs.com
js-agent.newrelic.com
ml314.com
nexus.ensighten.com
pixel.everesttech.net
pixel.tapad.com
px.owneriq.net
s.amazon-adsystem.com
s.tribalfusion.com
smetrics.td.com
stats.g.doubleclick.net
sync.mathtag.com
td.demdex.net
tdbankfinancialgroup.tt.omtrdc.net
token.rubiconproject.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.com.sg
www.googleadservices.com
www.googletagmanager.com
www.tdrewards.com
103.229.206.240
104.244.42.3
104.254.150.241
104.69.106.71
104.81.138.27
106.10.236.147
128.199.65.28
13.250.236.77
142.250.4.157
142.251.10.149
142.251.12.148
142.251.12.149
151.101.130.137
162.247.241.14
209.15.211.147
2404:6800:4003:c03::9c
2404:6800:4003:c04::9b
2404:6800:4003:c05::61
2404:6800:4003:c0f::5e
2404:6800:4003:c0f::65
2404:6800:4003:c11::63
2404:6800:4003:c11::9a
2406:2000:98:800::e6
2600:1901:0:8eee::
2606:4700::6812:19ad
2620:116:800e:21:46d:7e81:55ff:4c12
2620:1ec:c11::200
2a03:2880:f00c:212:face:b00c:0:3
2a03:2880:f10c:181:face:b00c:0:25de
3.232.106.236
34.111.113.62
34.111.234.236
35.76.241.249
45.60.67.34
52.220.75.199
52.221.81.3
52.46.143.56
52.74.236.208
54.179.137.60
54.192.150.72
67.202.105.22
69.173.158.64
74.125.24.157
0051caad0d1a792111d506153155406fd3b649e6f13fe20f671e79467f3abc36
0485242c27c73fe350b025a3ca7f4b28e7771ab6b14827e5e9915526a1328e18
04b2596f7be617538be29f69bcfd05805400e3d44a3c603c0479fcba0e6a2677
0521b56d822fc3c4ebbe224988004cc042921eadbfbe5a5a6d7a7aa006467dbd
07b755763c387218c31997464b34c437400229d0876f5d4c09b140f931b0b432
08f8b040ee30061c83265a81c2c00cf096d4e8669de3e4cbaa669cdd4cce763f
0b2a1aee7a62edd2f0edcadf59fd2e1c5635e5eb1c807b10e64c06176c9eb077
0e30a67ef606ad73ce659a398524ea2a6b39d92df64137f33f186a7e51e8c5be
0f40202f475781ad7acfdce82c5aa79e1809100b532af513736431a9c8cd2c9b
1009681b8fc3182379cc815c12dda0c02b1ff0ef2158eb341408f2b6f118fb49
1198988b83ca7988b5c02b6145567b98b3d42d1e534fd50a27a04283b5bec97a
130d6b5bee8bc8ef2d8f366a7957d890213216c4dc8bad9de024f27fc159dfef
1408a754490f23f259fd0126395c94f030f4a806b21beaadcf1090c8e3b332dd
17bd1c297a7fd1221272d080053f887bb97c03bfc16d6f96bdd7f08bf87dbbd5
1901db6bfe1ff93201bd482763a5ab6cd30756d63e645d5f145c1244b22c611a
1d26490f083b209ef29e08d092649725edf15ac2b33ad62fdeaafd37f7d79d6f
1d36506a57ecd85c38358b46841ebd5029ef9bfe7ed1e1ef4134f7dc07afe639
1de90302505bf3cdb1bfce7f2d1e76a850e3097030b79cd83e2c8a119e899aaa
21676ab136e387a17804cb9ea74cff3747cae41e493d20687d058efba1b4bc6d
28f4dd52de8ad78ccfd9c8d10e6f1d8cad3d85df5963ad079f363049e7f1fe86
2c3af664cd131d6c3ec4d824edea7425264bc8461e31b51afba285782735320f
2d10816bada4d94734c1cb7e191ffb89ea7d9bb5c11b3e680f6b00c3a28d4e41
2fb03a2ce745b5b139f72178cb8e06862939bc6b3ec55190260c831fb0039aae
313c3bc827cd5d8d6cffb1c681408a38aab008a12882c1bf7b42ad8d450a9fbd
3419780f825800a9a73c6afd5a23ce681cdb40c853973df484cfbe562d615cd1
3b30c57fee08b8710ae3ec4a4f44cab038c7c238fbef21adf60791b6af5d3190
3fb46196c59b803db0e641aba0b51b24d70879f45520cd9ab9d82a170981744b
40539237359c1efd9939ef5a917816ca9e1e3c86dcaae458ed4b835c41754ff5
4125fd2ede4f14809f118ceb260c0503fd643dadbc444be33cb7e0d7f347acc1
43097e50144651ec70a871b631d97fedaf2b106a2854dcb6dcc9a09292befb1e
44fb1d73e2fb4326fed19c23cbfbf76141ae9c8892c49b4ff0cd55d03ee50005
47aae9ce4b8ad9b2911f635e273b753e51fdf4f8a6aad5fe1bcd44d49d1ab00f
5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5cc7e54f3bace2e81ff07f59248110381c153134f66ec3140ebac035c18a1506
5e7ede88dfed685c223be49b44acef42e117639342fa63a256faf955e5911557
639ac24436be6ea57e40a0983eb05cecae1aa8da5fbfc98815381f7d20c9bae0
65d2ee594e960bc99076bb661cfc25eedc9c4c0d26575ec278a3a12b52fd68a5
67563318f781475915e443fef24576ea64e5de5a80e7ab3fd6b967de15538dcc
68f274e5330a1431b6e07a6a979209097633d713576cf9620bee34a6bd898ad7
7274e17a34226a2c73e8f8d81ddeb16ee2e364982b97b0d21ee34cccce010bb4
730a444ef382257b4f05f6dfd84b1477b74488b8e00e2a18f0e6b8186401468a
730aeeb7f1415c535be0ca0c33415242065e6021f88690501a4330f22ff59c6d
7500e14cd0f47f81650862c2ec5e57ba9788ab694467b98064a412d920ddbb7b
762dbd6276d1d3e6c2fae8d78bb9b3ff5744eaff90972a846649280af18d00e1
7bc954af5c2c5f341874056b0e2bae37868b044ad67d9c292f9fa5817ba00efc
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7e4c5ae8867546ea5c0bb72caf8cb9fdc77a3ac1a6f49725ad6a8a2ad7e5a705
7e558ea3d70636d5dbe91f8468d6087ca1f01d2b4e8e7664795d7428ac051cef
7f8f92a1913474ebb54f27bb9a908eb8006c76665ed14ed7ebea958b661b4b7a
8183f487fa94a19fb2816dca3ab186a70e2475c48e8743d56f9953b9eeabb53a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8430e365f8defac031dcde01850e7c9fbf4d4108b991dba7c7bb411cab7a0cff
8a5f8315123649429a3646d59ce7e46d901d77a24447a4f8d7b2d97443e100fd
8adf7be5e4b8e09896eb13e9eaa409a3bcf7d35a096c858127816cd520d8b13f
8cb53a2d0d9445493e187c2a908c2e8c2cada4164033f9888ba3d46c1c36f93f
8cd9dee34cd96472a5fd5de618fd4420fb9814517b51176314d1136d27c01364
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9aeb6cad80e7763a4b59134ed01ee6313531b075e1ca63b17cf934d492a8c6f5
9bc244571608347f094ff81e759772727ecee809f8c597039f0b787fd5f12f0f
9f8315d9a3ac8497d0d3eee3467a75e8cb5fcdda48d13788d65e0affae95aeb0
a01050f120544b659a5b01dd168b7416224587780616e22d71c1d223e7a6d92b
a869ecc45bf4e2913636044592499573a8917f1b5d47b718e6fe83dde3e52340
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
adb9c5c4f1a86a1c4216e7c9451801f727ae02294f3c57ba85dd32d830cd25f9
b1e6fa50f60420fef9a2489bf847c308641c38b0080515debc5fcb25958e470a
b23d0d266357c3aa4b7dbdca0dd59aaa0de6673656473677b379426227c63e00
b431134355745303c022637468741f6aae1bfff793ad84517d5d25d47b187f9c
b4c3fe3c99bfcbce39378f37930148a39b1f6e01a811ffb2fe6a44fe6d4152a2
b5336040c9a6931a9648d63b9db69bd5cd100f25ab9abe83a4e13b32a5ffd17d
bde0dcec69fee23a4d9549a2c5a935a8a831c8f8d5019576b7047ce5d7214064
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f
c0807a23e3481f1e98a783280c9a7a7f5cc5e1e16071f9b9cb860aa55a4f6afb
c0bb446250cac648d324fba1c1107aba165d17056419a8bb17cf2dc315708de3
c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c39cd074b33a0348246ff987044c7650533c69afc4727bac852f8e02722d6d67
c40b0b8b73b6b119800fdbdcb3446d2b8de94b8259ae69aba87bae0eebf1c971
c5db9d2ee99b5105f0ff09468f0616565745c833490ce0bbc88896eb40f4cf96
c8229d15724f0676dd350d16c3f9bd4ff187d30c05e0bb9724d685b6f3dda9a4
c89295f4cf9f044cc628d03fcdfde1d1d4a9d9398f86d20167e1f9bd90ff571b
cca604d225665baef1d6d67b9ae34221122e3ba2c551a78e96040248fd557b8e
d333b91ec038474abd149162888f378fdd803d5190f15bda93d45566d5b03af6
d8f55f018a310821aedf45ff61deef6c9a96e2dec628f01f71e254789230268b
d9b70f721ae5c456e15bebfb004827455f753b9426114243609fe724ad61e24a
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
dc4c8b4269817a4028f65fb34d0cf7410050c6e58aeb82aa9fb067e7d85b3f65
ddaba87c6a1d4c1a2b8f91bfb328df22e71159bff03be314e7e2466d3a2cf704
df6df090a7128e114a0f08b26a08c0378db2203a544741597780d9064a23e9bd
e2f5114f1b78eea5212a2aa1a74bf3c57ed7c2e8c64b4881bf5bbb266c758f1c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e54d3f4ad5c3c66a747f2a7f62e7ca28abfd2db5c57b3ba53721ee02e7e11b29
e62cd1a9f5640f2383476b5d861217ab95f3deacaaa99f22750ac887cedf7f81
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
e927dcebecb2c550da9428ce3ef949d06bd75ec8116b3a9df83dc7ab63c1f04c
ec5df636e33eeb3bbdff36280ff508935e474f299b687b58bc5aa52855e8e078
ef02361cfc918950f2432a3eba916b540437375242bd255cd3d33cd7e252fd7c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f173a09278e7d0dd54d5e2f7a30e5ce66c9421eb5208e4c9bded6d28c9214d96
f17844ee96d8deee40595b61e230182d4b726e7d66d0a49962e3b7e176648ecd
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
f26e7e4ce2db247f0c8ec9897c775da7be6032d49c1262a86ce89328006208ac
f50ab62eadc8755c619ac423d4ed448936c436e95562f9bc1577ffbfc1aafc78
f9cf35318aaf5b196c21cc34d519c243aed95474d298ce438727d299e9343892
fccbcb80ca730c537de6362a17dfc09f2095824a4111896a7f2f812a64571e68
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

www.tdrewards.com Open in urlscan Pro 45.60.67.34 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

171 Requests

85 %HTTPS

33 %IPv6

33 Domains

48 Subdomains

28 IPs

4 Countries

8085 kBTransfer

10791 kBSize

50 Cookies

0 Outgoing links

Page URL History

Redirected requests

171 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.tdrewards.com Open in urlscan Pro
45.60.67.34 Public Scan

Screenshot
Live screenshot

Full Image

171
Requests

85 %
HTTPS

33 %
IPv6

33
Domains

48
Subdomains

28
IPs

4
Countries

8085 kB
Transfer

10791 kB
Size

50
Cookies

171 HTTP transactions
0 data transactions