www.rsvprewards.com Open in urlscan Pro
2606:4700::6811:ba64 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://flow.sandmanhotels.com/tr/c/837n37c3ba35133n33h32h34c33p38r33337632k00/1787215
Effective URL:
https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&...
Submission: On October 05 via api (October 5th 2022, 8:42:33 am UTC) from CA — Scanned from CA

Summary HTTP 48 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 13 IPs in 1 countries across 11 domains to perform 48 HTTP transactions. The main IP is 2606:4700::6811:ba64, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.rsvprewards.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 7th 2022. Valid for: a year.

This is the only time www.rsvprewards.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	23.219.82.8 23.219.82.8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
16	2606:4700::68... 2606:4700::6811:ba64	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:823::200a	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:81f::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:808::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:b964	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700::68... 2606:4700::6811:b864	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	195.244.31.25 195.244.31.25	63140 (IGUANA-WO...) (IGUANA-WORLDWIDE)
2	3.229.27.39 3.229.27.39	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:251... 2600:9000:2512:a800:16:41f8:18c0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2607:f8b0:400... 2607:f8b0:4006:821::200e	15169 (GOOGLE) (GOOGLE)
48	13

1 23.219.82.8 (New York, United States) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-219-82-8.deploy.static.akamaitechnologies.com

flow.sandmanhotels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700::6811:ba64 (United States)

ASN13335 (CLOUDFLARENET, US)

www.rsvprewards.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:823::200a (Rockville, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:81f::2008 (Rockville, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:808::2003 (Rockville, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:b964 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.galaxy.tf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6811:b864 (United States)

ASN13335 (CLOUDFLARENET, US)

image-tc.galaxy.tf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o478535.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.244.31.25 (Newark, United States)

ASN63140 (IGUANA-WORLDWIDE, US)
PTR: xo7-viplb-01-new.ny.ig-1.net

dynamic.travelclick-websolutions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.229.27.39 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-27-39.compute-1.amazonaws.com

tc.galaxy.tf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2512:a800:16:41f8:18c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

api.tsa-db.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:821::200e (Rockville, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	rsvprewards.com www.rsvprewards.com	720 KB
10	galaxy.tf cdn.galaxy.tf — Cisco Umbrella Rank: 185962 image-tc.galaxy.tf — Cisco Umbrella Rank: 149855 tc.galaxy.tf — Cisco Umbrella Rank: 289910	2 MB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94	20 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 129	312 KB
4	sentry.io o478535.ingest.sentry.io — Cisco Umbrella Rank: 217267	578 B
2	tsa-db.com api.tsa-db.com — Cisco Umbrella Rank: 115249	1 KB
2	travelclick-websolutions.com dynamic.travelclick-websolutions.com — Cisco Umbrella Rank: 186319	2 KB
1	gstatic.com fonts.gstatic.com	31 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 358	6 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118	1 KB
1	sandmanhotels.com 1 redirects flow.sandmanhotels.com	327 B
48	11

	Domain	Requested by
16	www.rsvprewards.com	www.rsvprewards.com
7	image-tc.galaxy.tf	www.rsvprewards.com
6	www.google-analytics.com	www.googletagmanager.com www.rsvprewards.com
5	www.googletagmanager.com	www.rsvprewards.com www.googletagmanager.com
4	o478535.ingest.sentry.io	www.rsvprewards.com
2	api.tsa-db.com	www.rsvprewards.com
2	tc.galaxy.tf	www.rsvprewards.com
2	dynamic.travelclick-websolutions.com	www.rsvprewards.com
1	cdn.galaxy.tf	www.rsvprewards.com
1	fonts.gstatic.com	fonts.googleapis.com
1	cdnjs.cloudflare.com	www.rsvprewards.com
1	fonts.googleapis.com	www.rsvprewards.com
1	flow.sandmanhotels.com	1 redirects
48	13

This site contains links to these domains. Also see Links.

Domain
www.sandmanhotels.com
www.sandmansignature.co.uk
www.suttonplace.com
northland.ca
media.sandmanhotels.com

Subject Issuer	Validity	Valid
www.rsvprewards.com Cloudflare Inc ECC CA-3	`2022-03-07` - `2023-03-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
cdn.galaxy.tf Cloudflare Inc ECC CA-3	`2022-05-06` - `2023-05-06`	a year	crt.sh
image-tc.galaxy.tf Cloudflare Inc ECC CA-3	`2022-06-08` - `2023-06-07`	a year	crt.sh
*.ingest.sentry.io R3	`2022-08-20` - `2022-11-18`	3 months	crt.sh
*.travelclick-websolutions.com Gandi Standard SSL CA 2	`2022-06-16` - `2023-07-08`	a year	crt.sh
*.galaxy.tf Amazon	`2022-08-06` - `2023-09-04`	a year	crt.sh
*.tsa-db.com Amazon	`2022-03-30` - `2023-04-28`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
Frame ID: B7AD7B37D508876383BC70DD1D4E15DE
Requests: 44 HTTP requests in this frame

Frame: https://www.rsvprewards.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1664956800
Frame ID: F0E8C5D9B6DF6AC460B154B0B9903E9B
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Visa Canada | RSVP Rewardsarrow-rightarrow-leftarrow-bottomarrow-topcalendarphonewebsitedownload-arrowfacebooktwittergoogle-plusupload

Page URL History Show full URLs

https://flow.sandmanhotels.com/tr/c/837n37c3ba35133n33h32h34c33p38r33337632k00/1787215 HTTP 301
https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_... Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

Page Statistics

48
Requests

100 %
HTTPS

69 %
IPv6

11
Domains

13
Subdomains

13
IPs

1
Countries

2720 kB
Transfer

5618 kB
Size

10
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.sandmanhotels.com/
Title: Sandman Hotels

Search URL Search Domain Scan URL

URL: https://www.sandmansignature.co.uk/
Title: Sandman Signature UK

Search URL Search Domain Scan URL

URL: https://www.suttonplace.com/
Title: The Sutton Place Hotels

Search URL Search Domain Scan URL

URL: https://northland.ca/
Title: A Northland Properties Company

Search URL Search Domain Scan URL

URL: https://media.sandmanhotels.com/SHG/Human-Trafficking-Abusive-Acts-Prevention-Policy.pdf
Title: Human Trafficking Prevention & Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://flow.sandmanhotels.com/tr/c/837n37c3ba35133n33h32h34c33p38r33337632k00/1787215 HTTP 301
https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

48 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request visacanada Show response
www.rsvprewards.com/
Redirect Chain

https://flow.sandmanhotels.com/tr/c/837n37c3ba35133n33h32h34c33p38r33337632k00/1787215
https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00

91 KB
18 KB

231ms
137ms

Document
text/html

2606:4700::6811:ba64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b04f4affb860f1e63166c692014a1b7d8117bfc9f599f4704b6985a92e5bb6f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=1200
cf-cache-status: MISS
cf-ray: 7554dd220f27ecee-YUL
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 05 Oct 2022 08:42:25 GMT
expires: Wed, 05 Oct 2022 09:02:25 GMT
last-modified: Wed, 05 Oct 2022 00:02:54 GMT
referrer-policy: no-referrer-when-downgrade
server: cloudflare
strict-transport-security: max-age=31536000; includeSubdomains; preload
vary: Accept-Encoding
via: 1.1 df950c8670c9d795c825a74bce398a40.cloudfront.net (CloudFront)
x-amz-cf-id: Bd7k39DgB-IAw8rLI6fuOxdJJ_IylnkGDgP9kaDBeRHm_5hPYY7RWA==
x-amz-cf-pop: YUL62-C2
x-amz-version-id: HqBQaQabaOf_PClPtR6gwVAkzMMZoLUp
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

content-length: 0
content-security-policy: upgrade-insecure-requests
date: Wed, 05 Oct 2022 08:42:24 GMT
location: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
server: Apache-Coyote/1.1

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 96ms
38ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,400i,700,700i&display=swap&subset=latin,latin-ext

Requested by

Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

584dfc26a09b20f29619b9e8e25003f632b9849808d0bdac4c3d18809aaad8f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 05 Oct 2022 08:42:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 05 Oct 2022 08:26:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 05 Oct 2022 08:42:25 GMT

GET
H2 200 main.css
www.rsvprewards.com/css/custom/3947/1/624176d6759e735886571cffb212cc58/ 721 KB
100 KB 36ms
35ms Stylesheet
text/css 2606:4700::6811:ba64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rsvprewards.com/css/custom/3947/1/624176d6759e735886571cffb212cc58/main.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aabf4ade368e4af3c56ce6d190bc3b7f42d51c1d355de66564f3c944d190b092

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 08:42:25 GMT
x-amz-version-id: cYn4aJXradjnmTzBdkt2YzyqTvP2fUbi
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 04fa8a9e73b27e301fb4b6d36f313186.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: YTO50-P2
age: 29760
content-encoding: br
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 05 Oct 2022 00:06:22 GMT
server: cloudflare
etag: W/"8875b6d9db7dbbaa7158c848cfec5d0f"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 7554dd231f94ecee-YUL
x-amz-cf-id: OIgr82Dj3lp3ZKVRo5niJOFrtXM0woBMeJ1gAhwXHoQgIqB4AkMN3Q==
expires: Thu, 05 Oct 2023 08:42:25 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 197 KB
61 KB 88ms
35ms Script
application/javascript 2607:f8b0:4006:81f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TL2MM4B

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2008 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d19f9545dc146e03fd04be6c2c14922a8090188f9aeb9074e50e7918bd75bcf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 08:42:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62135
x-xss-protection: 0
last-modified: Wed, 05 Oct 2022 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 05 Oct 2022 08:42:25 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 171 KB
53 KB 119ms
67ms Script
application/javascript 2607:f8b0:4006:81f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MBPBFS9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2008 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a79fb3c976014ed463d70512dad94ceac5dc11d92799ea6cf7d486e88c3d9fff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 08:42:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53784
x-xss-protection: 0
last-modified: Wed, 05 Oct 2022 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 05 Oct 2022 08:42:25 GMT

GET
H3 200 svg-icons.svg
www.rsvprewards.com/integration/tc-theme/public/svg/ 59 KB
19 KB 19ms
19ms Image
image/svg+xml 2606:4700::6811:ba64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rsvprewards.com/integration/tc-theme/public/svg/svg-icons.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fad351e76cdfee295c42a628938000ad1d909d6ac7adaa3f749c03f6e16230a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 08:42:25 GMT
x-amz-version-id: xGda4vmgAfKfANJqfwkOSEN6u2FkiyLq
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 fdbf0bf4022c61868d8dad6b7d72a71a.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: YTO50-P2
age: 29760
content-encoding: br
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 22 Sep 2022 00:00:33 GMT
server: cloudflare
etag: W/"7f2e56792059baaf943072d2d2d052d1"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 7554dd23ddb37144-YUL
x-amz-meta-md5chksum: fy5WeSBZuq+UMHLS0tBS0Q==
x-amz-cf-id: ser9Ljxm_1yhzmq1Ww9vQmlOgfbAFUNPNMJI3n1rQfEcfPpm9aj2qg==
expires: Thu, 05 Oct 2023 08:42:25 GMT

GET
H2 200 cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 19 KB
6 KB 42ms
16ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 08:42:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 601986
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5676
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-4d5a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mv59CLNLPa%2FSVqd5ZYWG%2BvZBXOg7LjzdZ5lCDfURzwSV6YyjUeG43hjHboT4K13DwwsDTvDF6a6%2FvR4iQl99SQJpiWqzCM5EEoQEMqc9Zo7%2FhJO1wskoz0Kop7PiOTHXLn0o0MYNkOOT85whLCJDcVhb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7554dd23f8c27157-YUL
expires: Mon, 25 Sep 2023 08:42:25 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
31 KB 72ms
21ms Font
font/woff2 2607:f8b0:4006:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,400i,700,700i&display=swap&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.rsvprewards.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 10:24:41 GMT
x-content-type-options: nosniff
age: 425864
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Sep 2023 10:24:41 GMT

GET
H2 200 gms-latest.min.js Show response
cdn.galaxy.tf/asset-galaxy/js/ 148 KB
46 KB 73ms
28ms Script
application/javascript 2606:4700::6811:b964
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.galaxy.tf/asset-galaxy/js/gms-latest.min.js?v281a4f702daf804e71e974a29739b72b

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b964 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce4f1b48eedafeaa3d9b02d15dc642b4cc9a995b6e517d6d9bd91d007a420a6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 08:42:25 GMT
strict-transport-security: max-age=15768000
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 23 Aug 2022 10:13:41 GMT
server: cloudflare
age: 145201
etag: W/"250c8-5e6e5d19a30a6-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7554dd246cf14bd7-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 05 Oct 2023 08:42:25 GMT

GET
H3 200 main.bundle.js Show response
www.rsvprewards.com/integration/tc-theme/public/shared-gms-v2/js/ 206 KB
66 KB 25ms
24ms Script
application/javascript 2606:4700::6811:ba64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rsvprewards.com/integration/tc-theme/public/shared-gms-v2/js/main.bundle.js?v281a4f702daf804e71e974a29739b72b

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

986fb201005bbe98bd8bd1d4a93c34bc89f58dd2118acbfd385ee4402fc99b34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 08:42:25 GMT
x-amz-version-id: z2DJ1wgdjabf94g6RfJHnx_OafYE2gFk
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 6589108eb8812ce79de8a8eef3f72bee.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: YTO50-P2
age: 29759
content-encoding: br
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 22 Sep 2022 00:00:18 GMT
server: cloudflare
etag: W/"dcbfb95dd013bb7571815d181fe381ce"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7554dd24ee5e7144-YUL
x-amz-meta-md5chksum: 3L+5XdATu3VxgV0YH+OBzg==
x-amz-cf-id: nzVhpWXdz9svs3LQNmvN5lAPiu66wgVat-b3A5uwV_RW3F_Hj5zvvA==
expires: Thu, 05 Oct 2023 08:42:25 GMT

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 file.jpg
image-tc.galaxy.tf/wijpeg-13dn889xay1uobmahoem4xigg/ 37 KB
38 KB 71ms
25ms Image
image/jpeg 2606:4700::6811:b864
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-13dn889xay1uobmahoem4xigg/file.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b864 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cafa815650e794e77e9869b600255edebbe141eb1becb504a5fe2ead656e4dff

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 08:42:25 GMT
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
via: 1.1 101faeb149b23d8a2ab2e8bae2efec18.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubdomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
x-amz-version-id: qOBZN.zRh.nd6xCK6z3S1JEaXjHlsDkz
x-amz-cf-pop: YTO50-P1
age: 106113
cf-polished: status=not_needed
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37981
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: imgq:100,h2pri
last-modified: Wed, 01 Jun 2022 17:08:26 GMT
server: cloudflare
etag: "d58c445712f16f56afb2cab77ff3fc4a"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7554dd2558e3713e-YUL
x-amz-cf-id: nxn5nu2pP0b2ufVvbAHfFnPnG3XY4s0UZVu0G1klC0AfuayeJaXfzQ==
expires: Thu, 05 Oct 2023 08:42:25 GMT

GET
H3 200 personalization-gms.js Show response
www.rsvprewards.com/widgets/js/personalisation_trigger/ 3 KB
1 KB 20ms
19ms Script
application/javascript 2606:4700::6811:ba64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rsvprewards.com/widgets/js/personalisation_trigger/personalization-gms.js?69b42c5e87b35b0798a2ddc9a47c4a98426fcd82

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e4b768550e76908bf473c085ba0c8847cac5bb2c50ad3a8b8817116a177e3e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 08:42:25 GMT
x-amz-version-id: vK2yEmdFPT245TGAWgX_jNjFPRKgQVxE
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 019b4503d2ffede0ae900992ff140770.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: YTO50-P2
age: 29759
content-encoding: br
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 05 Oct 2022 00:03:08 GMT
server: cloudflare
etag: W/"633ffd5366aef00cd0f7d85b736bf72e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7554dd252e797144-YUL
x-amz-cf-id: oPthj3A5Ofx6CQs1Qel-MoLuMgoLYqcCvmly5o4t0DzNHdF59Dc_iw==
expires: Thu, 05 Oct 2023 08:42:25 GMT

GET
H3 200 galaxy-helpers.js Show response
www.rsvprewards.com/frontend/galaxy-helpers/public/ 64 KB
23 KB 33ms
20ms Script
application/javascript 2606:4700::6811:ba64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rsvprewards.com/frontend/galaxy-helpers/public/galaxy-helpers.js?v=l-c813efbf-4d41-4384-886a-ea951d8d0d17

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e04815d2b44ded36554b60220d7a4e8b199747ae6f2911a8de71ed4781d5add5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 08:42:25 GMT
x-amz-version-id: 2JI3zh21eP_BZ1AFBPN0uIZOQCnS17cc
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 a7af18c87ffc07d74544efce5f2b0f9c.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: YTO50-P2
age: 29759
content-encoding: br
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 01 Jun 2022 19:14:28 GMT
server: cloudflare
etag: W/"b23d95a1d83a7fa91efa4244e94a8511"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7554dd257ea97144-YUL
x-amz-meta-md5chksum: sj2Vodg6f6ke+kJE6UqFEQ==
x-amz-cf-id: sT5iI1IoTJcVM-tsFZxX6_iN7YUdhYbowMtRy3u_KOU0gxzuagly6g==
expires: Thu, 05 Oct 2023 08:42:25 GMT

GET
H3 200 bundle.js Show response
www.rsvprewards.com/integration/tc-theme/public/js/ 1 MB
413 KB 33ms
32ms Script
application/javascript 2606:4700::6811:ba64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v281a4f702daf804e71e974a29739b72b

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d19cf64a3bc3bb57bb729faaba1a75727ad1b2983245ab0f271c82bad4c1d9dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 08:42:25 GMT
x-amz-version-id: f.bkAX3lwd.M8qtHh5oBmCFk8JgBAt.K
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 10f12ad63ad88e4e38e4e73deb3e9570.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: YTO50-P2
age: 29759
content-encoding: br
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 03 Oct 2022 16:14:20 GMT
server: cloudflare
etag: W/"29c382ea01050b12a178885e487d8f23"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7554dd25bef17144-YUL
x-amz-meta-md5chksum: KcOC6gEFCxKheIheSH2PIw==
x-amz-cf-id: M2LR8Ac8TnlhpuplOLVthhop8XyRPIkH0RL0N_Iks-HN3-4GbwzG2A==
expires: Thu, 05 Oct 2023 08:42:25 GMT

GET
H3 200 7334-63c3e419f7dfd7955fa4.js Show response
www.rsvprewards.com/integration/tc-theme/public/js/chunk/ 5 KB
3 KB 18ms
18ms Script
application/javascript 2606:4700::6811:ba64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rsvprewards.com/integration/tc-theme/public/js/chunk/7334-63c3e419f7dfd7955fa4.js

Requested by

Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v281a4f702daf804e71e974a29739b72b

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad143d75162342bd9978cbbbc5d0a20a081d78c954f6b09b3d1f358806a73fb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 08:42:25 GMT
x-amz-version-id: zyT3tbKB72KRwRJRiWZqsKPLaTBnW3KU
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 81e839ce31651517fdd5c593655bd0d6.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: ORD58-P1
age: 29758
content-encoding: br
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 22 Sep 2022 00:00:25 GMT
server: cloudflare
etag: W/"bf498adc8a488bbba160852e6c188c72"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7554dd26ff987144-YUL
x-amz-meta-md5chksum: v0mK3IpIi7uhYIUubBiMcg==
x-amz-cf-id: Bx8rD5zHrx1jh8CXhQOxS98_H5oq6DZsJjvLKiEAEX1iwudnMWnWIg==
expires: Thu, 05 Oct 2023 08:42:25 GMT

POST
H2 200 / Show response
o478535.ingest.sentry.io/api/282725/envelope/ 2 B
280 B 111ms
42ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o478535.ingest.sentry.io/api/282725/envelope/?sentry_key=74e3662d86224213a76f365f800bfb4f&sentry_version=7

Requested by

Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v281a4f702daf804e71e974a29739b72b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.rsvprewards.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 05 Oct 2022 08:42:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.rsvprewards.com
access-control-expose-headers: retry-after, x-sentry-error, x-sentry-rate-limits
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H3 200 svg-icons.svg Show response
www.rsvprewards.com/integration/tc-theme/public/svg/ 59 KB
19 KB 25ms
24ms XHR
image/svg+xml 2606:4700::6811:ba64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rsvprewards.com/integration/tc-theme/public/svg/svg-icons.svg

Requested by

Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v281a4f702daf804e71e974a29739b72b

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fad351e76cdfee295c42a628938000ad1d909d6ac7adaa3f749c03f6e16230a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
sentry-trace: 704c27fb9b7d4923afced6a070859b0c-96bde3b17ca45a39-1

Response headers

date: Wed, 05 Oct 2022 08:42:25 GMT
x-amz-version-id: xGda4vmgAfKfANJqfwkOSEN6u2FkiyLq
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 fdbf0bf4022c61868d8dad6b7d72a71a.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: YTO50-P2
age: 29760
content-encoding: br
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 22 Sep 2022 00:00:33 GMT
server: cloudflare
etag: W/"7f2e56792059baaf943072d2d2d052d1"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 7554dd274fc87144-YUL
x-amz-meta-md5chksum: fy5WeSBZuq+UMHLS0tBS0Q==
x-amz-cf-id: ser9Ljxm_1yhzmq1Ww9vQmlOgfbAFUNPNMJI3n1rQfEcfPpm9aj2qg==
expires: Thu, 05 Oct 2023 08:42:25 GMT

POST
H/1.1 200
OK 1 Show response
dynamic.travelclick-websolutions.com/token/ 686 B
1 KB 334ms
83ms XHR
application/json 195.244.31.25
IGUANA-WORLDWIDE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.travelclick-websolutions.com/token/1

Requested by

Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v281a4f702daf804e71e974a29739b72b

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

195.244.31.25 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),

Reverse DNS

xo7-viplb-01-new.ny.ig-1.net

Software

Apache /

Resource Hash

407949eb31027774e981964010a110719fa88c0d054d27e43a3ffee9607d218f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 08:42:26 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=15768000
Server: Apache
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
X-Real-Hostname: xo7-web-01
Content-Length: 554
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 invisible.js Show response
www.rsvprewards.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame F0E8 36 KB
13 KB 17ms
16ms Script
application/javascript 2606:4700::6811:ba64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rsvprewards.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1664956800
Requested by: Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8eb5206e5623ba86ca71de9c67d2fa7be563d0fcf6a0ee5a2cd3843aee498a7c

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 08:42:25 GMT
content-encoding: br
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7554dd27b80a7144-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 7269-9c94ce25d6ee1857bee8.js Show response
www.rsvprewards.com/integration/tc-theme/public/js/chunk/ 70 KB
26 KB 23ms
22ms Script
application/javascript 2606:4700::6811:ba64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rsvprewards.com/integration/tc-theme/public/js/chunk/7269-9c94ce25d6ee1857bee8.js

Requested by

Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v281a4f702daf804e71e974a29739b72b

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

142a8f93328ab96cd295c87c0e1a0b357b88249989468a52c502dff0ebbae49d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 08:42:25 GMT
x-amz-version-id: V9dVcH5UfztAm1m8XsNdfsA7G2c8nrNi
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 05df0d22c8cc3d4b946b6f2dc43d6b9c.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: ORD58-P1
age: 29758
content-encoding: br
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 07 Sep 2022 00:00:22 GMT
server: cloudflare
etag: W/"5e331feb437105997a24e337782b373d"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7554dd27d8187144-YUL
x-amz-meta-md5chksum: XjMf60NxBZl6JOM3eCs3PQ==
x-amz-cf-id: 49GObvZ94_gfvuA8sb3pTszFRu7ccKfTbtOFzIWDeaMTE3axKY9Mfw==
expires: Thu, 05 Oct 2023 08:42:25 GMT

GET
H3 200 8196-c0124707f7a0b596e92e.js Show response
www.rsvprewards.com/integration/tc-theme/public/js/chunk/ 26 KB
7 KB 22ms
21ms Script
application/javascript 2606:4700::6811:ba64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rsvprewards.com/integration/tc-theme/public/js/chunk/8196-c0124707f7a0b596e92e.js

Requested by

Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v281a4f702daf804e71e974a29739b72b

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e9575ea089a989683e0519998ae57ad2bb058d2f6687072c108da736447513b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 08:42:25 GMT
x-amz-version-id: geBBNQ0WLe6Oy8_jTWtp755gAeNrTddF
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 603f7fca6e96da4aaee2b5219f231c92.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: ORD58-P1
age: 29758
content-encoding: br
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 22 Sep 2022 00:00:23 GMT
server: cloudflare
etag: W/"0817bf482f091ab57beaeeba3cc278e9"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7554dd27d8197144-YUL
x-amz-meta-md5chksum: CBe/SC8JGrV76u66PMJ46Q==
x-amz-cf-id: AwV-ETZH3aRVPfd7UYiFctdGcpi3_IozH5PeAmDALOJlRTuITg87tw==
expires: Thu, 05 Oct 2023 08:42:25 GMT

GET
H3 200 header-one-3a44c3fbd1fcdc8ac577.js Show response
www.rsvprewards.com/integration/tc-theme/public/js/chunk/ 7 KB
3 KB 18ms
18ms Script
application/javascript 2606:4700::6811:ba64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rsvprewards.com/integration/tc-theme/public/js/chunk/header-one-3a44c3fbd1fcdc8ac577.js

Requested by

Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v281a4f702daf804e71e974a29739b72b

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99d17a83324f7424947279a42446b046e1ac6a7ca8438d3a62f7bf15e935aab2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 08:42:25 GMT
x-amz-version-id: sDCn83G18bQxEulnvfERDLC1gNlaXagP
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 4d2c5c41363515293c0b9e781386951e.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: YTO50-C3
age: 29758
content-encoding: br
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 22 Sep 2022 00:00:08 GMT
server: cloudflare
etag: W/"0bae501266459b34b543f40548ce0dd0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7554dd27d81a7144-YUL
x-amz-meta-md5chksum: C65QEmZFmzS1Q/QFSM4N0A==
x-amz-cf-id: -XjOKTQL9GZ-S77O-aDgcmjR_FzLnoTS5RfHb634PWAAuRSdOcmihw==
expires: Thu, 05 Oct 2023 08:42:25 GMT

GET
H3 200 rsvpxvisa-sandman-hamilton.jpg
image-tc.galaxy.tf/wijpeg-2yjquncftfu5quuck3hoc7ddg/ 368 KB
369 KB 48ms
21ms Image
image/jpeg 2606:4700::6811:b864
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-2yjquncftfu5quuck3hoc7ddg/rsvpxvisa-sandman-hamilton.jpg?width=1920

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b864 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29adca8e192470a127de194799e03fd301f6755977c2c015b84a559208f86549

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 08:42:25 GMT
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
via: 1.1 c8ddfdb8cb371fe15c8c6e3acd4f74ea.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubdomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
x-amz-version-id: nreWPxxBf867khaBLeqRT40goQ.JU2K4
x-amz-cf-pop: MSP50-C2
age: 824133
cf-polished: status=not_needed
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 376699
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: imgq:100,h2pri
last-modified: Tue, 17 May 2022 22:58:09 GMT
server: cloudflare
etag: "f5aebd37127f6b1b36f77a0a5dc4842d"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7554dd2859ffca53-YUL
x-amz-cf-id: u5z2_6qSv8484gktnjdtr-LeA7zvwoXijV--VkdzHdzo42n-zLu7hA==
expires: Thu, 05 Oct 2023 08:42:25 GMT

GET
H3 200 rsvpxvisa-sutton-vancouver-01.jpg
image-tc.galaxy.tf/wijpeg-dcrs8m8jrfxeh1oz2aw4hh29j/ 248 KB
249 KB 103ms
76ms Image
image/jpeg 2606:4700::6811:b864
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-dcrs8m8jrfxeh1oz2aw4hh29j/rsvpxvisa-sutton-vancouver-01.jpg?width=1920

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b864 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8428d56cd6ccfd682b0a8541fe5168aa8365422eacca6e07704d952d37b507b3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 08:42:25 GMT
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
via: 1.1 b5c1f99a1985819c0c422c9ce2cc03fc.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubdomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
x-amz-version-id: 1ExU.dd7EelUBceLIiH2y6Ic1aDT8mZ9
x-amz-cf-pop: JFK50-P1
age: 824133
cf-polished: status=not_needed
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 254001
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: imgq:100,h2pri
last-modified: Tue, 17 May 2022 22:58:08 GMT
server: cloudflare
etag: "5a01fd6fbbcbe82461eeb0fb66cac8f9"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7554dd285a00ca53-YUL
x-amz-cf-id: quvCoprm2HqY-QUlCs_MxyGcUdc543b4OgoSe1dLgKazeLPQlRg7bw==
expires: Thu, 05 Oct 2023 08:42:25 GMT

OPTIONS
H2 204 calendar
tc.galaxy.tf/tc/shop/v1/hotel/113129/ Frame 0
0 123ms
25ms Preflight 3.229.27.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tc.galaxy.tf/tc/shop/v1/hotel/113129/calendar?dateIn=2022-10-05&lang=en
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.27.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-27-39.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-galaxy-key
Access-Control-Request-Method: GET
Origin: https://www.rsvprewards.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-headers: authorization,content-type,x-amz-date,x-amz-security-token,x-amz-user-agent,x-galaxy-key,x-referer-override
access-control-allow-methods: DELETE,GET,PATCH,POST,PUT
access-control-allow-origin: *
apigw-requestid: Zhd53iaLIAMEPxw=
date: Wed, 05 Oct 2022 08:42:26 GMT

OPTIONS
H2 200 1100262
api.tsa-db.com/v1/data/BID/ Frame 0
0 81ms
20ms Preflight
application/json 2600:9000:2512:a800:16:41f8:18c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.tsa-db.com/v1/data/BID/1100262
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2512:a800:16:41f8:18c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.rsvprewards.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: *
access-control-max-age: 86400
age: 69147
cache-control: max-age=86400, s-maxage=86400, proxy-revalidate
content-length: 0
content-type: application/json
date: Tue, 04 Oct 2022 13:29:59 GMT
via: 1.1 f54bc880c0d35571a4883f7c10838532.cloudfront.net (CloudFront)
x-amz-apigw-id: Ze1FsFeNoAMFtXA=
x-amz-cf-id: P8ZI8Y732vECq0U65V8xnxOc__oFEPvR3XBIZMK57CH0HNQ-9xNHrg==
x-amz-cf-pop: JFK50-P7
x-amzn-requestid: 98cc6384-1bf3-40cd-98f0-63be2d499858
x-cache: Hit from cloudfront

GET
H3 200 rsvp.svg
image-tc.galaxy.tf/wisvg-1ryve29oki9zgjhzg6zkh5c7z/ 6 KB
3 KB 49ms
48ms Image
image/svg+xml 2606:4700::6811:b864
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wisvg-1ryve29oki9zgjhzg6zkh5c7z/rsvp.svg?width=500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b864 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f28fa10529c01d52222edea9a7e9e5f45edaf7b33a0e44245f187a4f9a66166

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 08:42:26 GMT
x-amz-version-id: 7AIhVvMU7VTpwJluh6ZGGpBIM9rOtVB4
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 8504d76345ac5d175fb1aabd19e8fede.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: MSP50-C2
age: 2449579
cf-cache-status: HIT
content-encoding: br
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 Oct 2021 09:24:37 GMT
server: cloudflare
etag: W/"1e039c13abeebb837ec31939b4ecfe1f"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7554dd289a1eca53-YUL
x-amz-cf-id: Xy_db6u_ExsS2FNgmR2TLkztyuxGOorKrIwaAEuD4sdF3I29_MeZkQ==
expires: Thu, 05 Oct 2023 08:42:26 GMT

GET
H2 403 calendar Show response
tc.galaxy.tf/tc/shop/v1/hotel/113129/ 65 B
188 B 46ms
43ms XHR
application/json 3.229.27.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tc.galaxy.tf/tc/shop/v1/hotel/113129/calendar?dateIn=2022-10-05&lang=en
Requested by: Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v281a4f702daf804e71e974a29739b72b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.27.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-27-39.compute-1.amazonaws.com
Software: /
Resource Hash: ce45a7ca7917fe51dbae2582057253d3a733c341963d7419752c647802e64d6f

Request headers

Referer: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
X-Galaxy-Key: 3f605a80075953b629e198dfad3df367
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 05 Oct 2022 08:42:26 GMT
content-length: 65
apigw-requestid: Zhd53iYgIAMEPLw=
content-type: application/json

POST
H/1.1 200
OK 3947 Show response
dynamic.travelclick-websolutions.com/view/ 1 KB
1 KB 446ms
381ms XHR
application/json 195.244.31.25
IGUANA-WORLDWIDE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.travelclick-websolutions.com/view/3947

Requested by

Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v281a4f702daf804e71e974a29739b72b

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

195.244.31.25 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),

Reverse DNS

xo7-viplb-01-new.ny.ig-1.net

Software

Apache /

Resource Hash

ca926d35c8eb4cec6efbc4a9ea183febeb93bb077f27379eb168a07dc5238e2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Referer: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 08:42:26 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=15768000
Server: Apache
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
X-Real-Hostname: xo7-web-03
Content-Length: 650
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 chunk-tc-GMS-188c0c98eb1b17c048ae.js Show response
www.rsvprewards.com/integration/tc-theme/public/js/chunk/ 3 KB
2 KB 28ms
28ms Script
application/javascript 2606:4700::6811:ba64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rsvprewards.com/integration/tc-theme/public/js/chunk/chunk-tc-GMS-188c0c98eb1b17c048ae.js

Requested by

Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v281a4f702daf804e71e974a29739b72b

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6477c99fdb15187e3c895b87a03d06c3a984927f827650932c4979f12a2bb51f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 08:42:26 GMT
x-amz-version-id: 1hqWlLpvkC.b7TYE49sbOi8g7vCt5zP4
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 ed78483d37e5338746e5a4b545e5818e.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: ORD58-P1
age: 29759
content-encoding: br
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 07 Sep 2022 00:00:14 GMT
server: cloudflare
etag: W/"a17172b3929fb36caf3b6449ce7d9c48"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7554dd29390c7144-YUL
x-amz-meta-md5chksum: oXFys5Kfs2yvO2RJzn2cSA==
x-amz-cf-id: JjU-dqvX9607nvbhV5Up-DNKxZlSlxc78dx5vWMiVYANlK8a99OiJg==
expires: Thu, 05 Oct 2023 08:42:26 GMT

GET
H2 200 1100262 Show response
api.tsa-db.com/v1/data/BID/ 683 B
1 KB 21ms
20ms XHR
application/json 2600:9000:2512:a800:16:41f8:18c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.tsa-db.com/v1/data/BID/1100262
Requested by: Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v281a4f702daf804e71e974a29739b72b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2512:a800:16:41f8:18c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 958704d05d4be8019f515074008637b86eba742801afbc048924daad6d3cc437

Request headers

Referer: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 05 Oct 2022 08:37:05 GMT
via: 1.1 f54bc880c0d35571a4883f7c10838532.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 321
x-amzn-trace-id: Root=1-633d4231-7b6fc1863f5af2fa3d291ce1;Sampled=0
x-amzn-requestid: 376bb3ca-96a0-433d-bc29-04229415f086
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
access-control-allow-credentials: true
x-amz-apigw-id: ZhdH0GlJoAMFcqw=
content-length: 683
x-amz-cf-id: 6ZiB-EygMqqU1YygD2NXzNOs0mdEICnlu06BC0QkdwyrNF2ZYeAw-g==

GET
H3 200 rsvpxvisa-signature-kamloops.jpg
image-tc.galaxy.tf/wijpeg-1kqkv8n82e43wouc7a41qoief/ 359 KB
360 KB 24ms
23ms Image
image/jpeg 2606:4700::6811:b864
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-1kqkv8n82e43wouc7a41qoief/rsvpxvisa-signature-kamloops.jpg?width=1920

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b864 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

515cfe7dbec6ba692ce61436c70cfd2c1b82f4ab45f773959682aa53ac3ce561

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 08:42:26 GMT
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
via: 1.1 4f3c1338af36440a148f23bdc9214efe.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubdomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
x-amz-version-id: T.I9oK7Ph0MTWbInrl.FCHS8p7LTFf6v
x-amz-cf-pop: JFK50-P1
age: 396543
cf-polished: status=not_needed
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 367733
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: imgq:100,h2pri
last-modified: Tue, 17 May 2022 22:58:11 GMT
server: cloudflare
etag: "814fd626784e1eea68d0fce883e3da0b"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7554dd296a6bca53-YUL
x-amz-cf-id: Cr_IBgL64wAX5Tr1viI2_C0RxQoYFwObLsJmq0EpkPswZvocRGUQBA==
expires: Thu, 05 Oct 2023 08:42:26 GMT

GET
H3 200 pica.js
www.rsvprewards.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame F0E8 24 KB
9 KB 17ms
17ms Other
application/javascript 2606:4700::6811:ba64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rsvprewards.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by: Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 388e086410431f0ded9b31c734961983112551ae7f8fabab5f270a8c95f0be64

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 08:42:26 GMT
content-encoding: br
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7554dd29894a7144-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 71ms
19ms Script
text/javascript 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TL2MM4B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200e Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 05 Oct 2022 08:34:58 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 448
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 05 Oct 2022 10:34:58 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 126 KB
50 KB 76ms
34ms Script
application/javascript 2607:f8b0:4006:81f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TL2MM4B

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2008 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

63a62f96d75ff5989611f66d710d354f64a1808052ababe305e2aed3924a4205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 08:42:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50704
x-xss-protection: 0
last-modified: Wed, 05 Oct 2022 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 05 Oct 2022 08:42:26 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 214 KB
74 KB 80ms
50ms Script
application/javascript 2607:f8b0:4006:81f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H4228VNMFE&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MBPBFS9

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2008 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

54af52473c5c015d512d0d55eac0baf8b3e85d35b6cd6125f488420163e19dfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 08:42:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75837
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 05 Oct 2022 08:42:26 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 214 KB
74 KB 87ms
57ms Script
application/javascript 2607:f8b0:4006:81f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3S5G3ZLFWB&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MBPBFS9

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2008 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1072196461e514f000781162bbb6df8482ecc115563824c7de16fa7052b14c86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 08:42:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75822
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 05 Oct 2022 08:42:26 GMT

GET
H3 200 rsvpxvisa-sutton-vancouver-02.jpg
image-tc.galaxy.tf/wijpeg-eugnt7vuztt7150l6bf1ab009/ 313 KB
314 KB 21ms
20ms Image
image/jpeg 2606:4700::6811:b864
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-eugnt7vuztt7150l6bf1ab009/rsvpxvisa-sutton-vancouver-02.jpg?width=1920

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b864 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18bbe359c2fef1303c3456498994048795c143e198b44c62b3ee348ade2a8d72

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 08:42:26 GMT
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
via: 1.1 b58d5fc06e70f14ce49bfebe2491c5f8.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubdomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
x-amz-version-id: CxNX5s8qL5fT.v1jx138JXunS8Ush1Ci
x-amz-cf-pop: MSP50-C2
age: 824134
cf-polished: status=not_needed
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 320386
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: imgq:100,h2pri
last-modified: Tue, 17 May 2022 22:58:14 GMT
server: cloudflare
etag: "00012e0cb534a610ccb45c553b2ff16f"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7554dd2a2ab2ca53-YUL
x-amz-cf-id: Sab5ikdDvK-kUxPsezH7H2pB65lHsYED5bvqQRZHw_TC02R27u8QcQ==
expires: Thu, 05 Oct 2023 08:42:26 GMT

POST
H3 200 / Show response
o478535.ingest.sentry.io/api/282725/envelope/ 2 B
20 B 69ms
44ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o478535.ingest.sentry.io/api/282725/envelope/?sentry_key=74e3662d86224213a76f365f800bfb4f&sentry_version=7

Requested by

Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v281a4f702daf804e71e974a29739b72b

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.rsvprewards.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 05 Oct 2022 08:42:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.rsvprewards.com
access-control-expose-headers: retry-after, x-sentry-error, x-sentry-rate-limits
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

POST
H3 429 / Show response
o478535.ingest.sentry.io/api/282725/store/ 198 B
219 B 68ms
45ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o478535.ingest.sentry.io/api/282725/store/?sentry_key=74e3662d86224213a76f365f800bfb4f&sentry_version=7

Requested by

Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v281a4f702daf804e71e974a29739b72b

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

bac10d17440dcd6f6c6c4e0bd7eca2e1a7eec030ef3b1143d4be3791dcf91263

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.rsvprewards.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 05 Oct 2022 08:42:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.rsvprewards.com
access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 198
x-sentry-rate-limits: 31:default;error;security;attachment:organization:error_usage_exceeded
retry-after: 31

GET
H3 200 rsvpxvisa-sutton-revelstoke.jpg
image-tc.galaxy.tf/wijpeg-4jxirey4a1e9xbnvc72uvm2b5/ 249 KB
249 KB 23ms
22ms Image
image/jpeg 2606:4700::6811:b864
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-4jxirey4a1e9xbnvc72uvm2b5/rsvpxvisa-sutton-revelstoke.jpg?width=1920

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b864 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

813e53317103de60f6f23dbf4ef3ad5061c6ee39dd5fea0dea2033457d127125

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 08:42:26 GMT
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
via: 1.1 f7f31420756ca58f7776c2ab4a33c4ac.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubdomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
x-amz-version-id: qCcAChZjq.22lITd8Vq78AAqT8lbJlHT
x-amz-cf-pop: MSP50-C2
age: 824134
cf-polished: status=not_needed
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 254493
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: imgq:100,h2pri
last-modified: Tue, 17 May 2022 22:58:16 GMT
server: cloudflare
etag: "4442252ae54f19e338893eac27e654f1"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7554dd2a7acbca53-YUL
x-amz-cf-id: oeLN_KYUF3pAZjneslQFcJ7UgbRfWuglDnHeqJul8yu778MG7YJOyg==
expires: Thu, 05 Oct 2023 08:42:26 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 78ms
34ms XHR
text/plain 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&aip=1&a=626504601&t=pageview&_s=1&dl=https%3A%2F%2Fwww.rsvprewards.com%2Fvisacanada%3Futm_medium%3Demail%26utm_source%3DAB%2BSplit%2BEmail%26utm_campaign%3DSHG_Oct4_Stay%2526Dine_Seniors%26pl%3D837n37c3ba35133n33h32h34c33p38r33337632k00&ul=en-us&de=UTF-8&dt=Visa%20Canada%20%7C%20RSVP%20Rewards&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAACAEK~&jid=693344714&gjid=415951401&cid=68367017.1664959346&tid=UA-162681275-1&_gid=1837890122.1664959346&_r=1&gtm=2wga30TL2MM4B&cg1=web&cg2=not_applicable&cg3=group_property&cd1=1100262&cd2=not_applicable&cd3=Northland%20Properties%20Corp&cd4=The%20Sutton%20Place%20Hotels&cd5=not_applicable&cd6=not_applicable&cd7=not_applicable&cd8=not_applicable&cd9=not_applicable&cd10=not_applicable&cd11=not_applicable&cd12=galaxy&cd13=essentials&cd14=th1&cd15=hd1&cd16=ft3&cd19=tvs_no&cd20=not_applicable&cd21=group_property&cd22=not_applicable&cd23=not_applicable&cd24=2&cd25=en&cd26=web&cd27=not_applicable&cd28=not_applicable&cd29=not_applicable&cd30=no&cd31=no&cd34=%7C&cd36=%7C&cd38=https%3A%2F%2Fwww.rsvprewards.com%2Fvisacanada%3Futm_medium%3Demail%26utm_source%3DAB%2BSplit%2BEmail%26utm_campaign%3DSHG_Oct4_Stay%26Dine_Seniors%26pl%3D837n37c3ba35133n33h32h34c33p38r33337632k00&cd39=not_applicable&cd40=rsvprewards.com&cd41=GTM-TL2MM4B&cd42=51&cd54=be4&cd59=0&z=1643344003

Requested by

Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v281a4f702daf804e71e974a29739b72b

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200e Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 08:42:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.rsvprewards.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 72ms
34ms XHR
text/plain 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&aip=1&a=626504601&t=pageview&_s=1&dl=https%3A%2F%2Fwww.rsvprewards.com%2Fvisacanada%3Futm_medium%3Demail%26utm_source%3DAB%2BSplit%2BEmail%26utm_campaign%3DSHG_Oct4_Stay%2526Dine_Seniors%26pl%3D837n37c3ba35133n33h32h34c33p38r33337632k00&ul=en-us&de=UTF-8&dt=Visa%20Canada%20%7C%20RSVP%20Rewards&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACEABBAAAACAEK~&jid=1090581106&gjid=1396845310&cid=68367017.1664959346&tid=UA-193984690-1&_gid=1837890122.1664959346&_r=1&gtm=2wga30MBPBFS9&cd1=not_available&cd2=not_available&cd3=not_available&cd4=Guest&cd5=not_available&cd6=not_available&cd7=not_available&cd8=not_available&cd9=not_available&cd10=not_applicable&cd11=not_applicable&cd12=not_applicable&cd14=not_applicable&cd15=not_applicable&cd16=no&cd19=https%3A%2F%2Fwww.rsvprewards.com%2Fvisacanada%3Futm_medium%3Demail%26utm_source%3DAB%2BSplit%2BEmail%26utm_campaign%3DSHG_Oct4_Stay%26Dine_Seniors%26pl%3D837n37c3ba35133n33h32h34c33p38r33337632k00&z=617169415

Requested by

Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v281a4f702daf804e71e974a29739b72b

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200e Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 08:42:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.rsvprewards.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 62ms
32ms XHR
text/plain 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&aip=1&a=626504601&t=pageview&_s=1&dl=https%3A%2F%2Fwww.rsvprewards.com%2Fvisacanada%3Futm_medium%3Demail%26utm_source%3DAB%2BSplit%2BEmail%26utm_campaign%3DSHG_Oct4_Stay%2526Dine_Seniors%26pl%3D837n37c3ba35133n33h32h34c33p38r33337632k00&ul=en-us&de=UTF-8&dt=Visa%20Canada%20%7C%20RSVP%20Rewards&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACEABBAAAACAEK~&jid=1554287183&gjid=476878919&cid=68367017.1664959346&tid=UA-193985224-1&_gid=1837890122.1664959346&_r=1&gtm=2wga30MBPBFS9&cd1=not_available&cd2=not_available&cd3=not_available&cd4=Guest&cd5=not_available&cd6=not_available&cd7=not_available&cd8=not_available&cd9=not_available&cd10=not_applicable&cd11=not_applicable&cd12=not_applicable&cd14=not_applicable&cd15=not_applicable&cd16=no&cd19=https%3A%2F%2Fwww.rsvprewards.com%2Fvisacanada%3Futm_medium%3Demail%26utm_source%3DAB%2BSplit%2BEmail%26utm_campaign%3DSHG_Oct4_Stay%26Dine_Seniors%26pl%3D837n37c3ba35133n33h32h34c33p38r33337632k00&z=903329741

Requested by

Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v281a4f702daf804e71e974a29739b72b

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200e Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 08:42:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.rsvprewards.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 34ms
33ms Ping
text/plain 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-H4228VNMFE&gtm=2oea30&_p=626504601&cid=68367017.1664959346&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=1&sid=1664959346&sct=1&seg=0&dl=https%3A%2F%2Fwww.rsvprewards.com%2Fvisacanada%3Futm_medium%3Demail%26utm_source%3DAB%2BSplit%2BEmail%26utm_campaign%3DSHG_Oct4_Stay%2526Dine_Seniors%26pl%3D837n37c3ba35133n33h32h34c33p38r33337632k00&dt=Visa%20Canada%20%7C%20RSVP%20Rewards&en=page_view&_fv=1&_ss=1&ep.page_section=not_applicable&ep.page_subsection=not_applicable&ep.page_content_group=not_applicable&ep.page_full_url=https%3A%2F%2Fwww.rsvprewards.com%2Fvisacanada%3Futm_medium%3Demail%26utm_source%3DAB%2BSplit%2BEmail%26utm_campaign%3DSHG_Oct4_Stay%26Dine_Seniors%26pl%3D837n37c3ba35133n33h32h34c33p38r33337632k00&ep.page_language=en&ep.page_containing_tvs=no&ep.hotel_city=not_applicable&ep.hotel_country=not_applicable&ep.hotel_state=not_applicable&ep.hotel_continent=not_applicable&ep.hotel_brand_name=The%20Sutton%20Place%20Hotels&ep.hotel_id=not_applicable&ep.hotel_name=not_applicable&ep.hotel_star_rating=not_applicable&ep.hotel_property_type=group_property&ep.hotel_booking_engine_provider=not_applicable&up.user_logged_in_session=no
Requested by: Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:821::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 08:42:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.rsvprewards.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 34ms
33ms Ping
text/plain 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-3S5G3ZLFWB&gtm=2oea30&_p=626504601&cid=68367017.1664959346&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=Q&_z=ccd.v9B&_s=1&sid=1664959346&sct=1&seg=0&dl=https%3A%2F%2Fwww.rsvprewards.com%2Fvisacanada%3Futm_medium%3Demail%26utm_source%3DAB%2BSplit%2BEmail%26utm_campaign%3DSHG_Oct4_Stay%2526Dine_Seniors%26pl%3D837n37c3ba35133n33h32h34c33p38r33337632k00&dt=Visa%20Canada%20%7C%20RSVP%20Rewards&en=page_view&_fv=1&_ss=1&ep.page_section=not_applicable&ep.page_subsection=not_applicable&ep.page_content_group=not_applicable&ep.page_full_url=https%3A%2F%2Fwww.rsvprewards.com%2Fvisacanada%3Futm_medium%3Demail%26utm_source%3DAB%2BSplit%2BEmail%26utm_campaign%3DSHG_Oct4_Stay%26Dine_Seniors%26pl%3D837n37c3ba35133n33h32h34c33p38r33337632k00&ep.page_language=en&ep.page_containing_tvs=no&ep.hotel_city=not_applicable&ep.hotel_country=not_applicable&ep.hotel_state=not_applicable&ep.hotel_continent=not_applicable&ep.hotel_brand_name=The%20Sutton%20Place%20Hotels&ep.hotel_id=not_applicable&ep.hotel_name=not_applicable&ep.hotel_star_rating=not_applicable&ep.hotel_property_type=group_property&ep.hotel_booking_engine_provider=not_applicable&up.user_logged_in_session=no
Requested by: Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:821::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.rsvprewards.com/visacanada?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Oct4_Stay%26Dine_Seniors&pl=837n37c3ba35133n33h32h34c33p38r33337632k00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 08:42:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.rsvprewards.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 7554dd220f27ecee Show response
www.rsvprewards.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame F0E8 2 B
375 B 33ms
33ms XHR
text/plain 2606:4700::6811:ba64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rsvprewards.com/cdn-cgi/challenge-platform/h/b/cv/result/7554dd220f27ecee
Requested by: Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1664956800
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:ba64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 05 Oct 2022 08:42:26 GMT
content-encoding: br
server: cloudflare
cf-ray: 7554dd2e8c977144-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: text/plain; charset=UTF-8

POST
H3 200 / Show response
o478535.ingest.sentry.io/api/282725/envelope/ 41 B
59 B 44ms
41ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o478535.ingest.sentry.io/api/282725/envelope/?sentry_key=74e3662d86224213a76f365f800bfb4f&sentry_version=7

Requested by

Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v281a4f702daf804e71e974a29739b72b

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

4dc32b64192d380343f9bdf9e1f544b062214cf443bce9af0efef0c9e2122094

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.rsvprewards.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 05 Oct 2022 08:42:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.rsvprewards.com
access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
flow.sandmanhotels.com/tr	1969-12-31 23:59:59	Name: GMS_REDIRECT Value: E4FD9D9F652AC90D9E76A65F057ED430
flow.sandmanhotels.com/	1970-01-20 07:12:31	Name: 10559311021615 Value: 604a97744749
.rsvprewards.com/	1970-01-20 06:30:45	Name: _gid Value: GA1.2.1837890122.1664959346
.rsvprewards.com/	1970-01-20 06:29:19	Name: _gat_tct Value: 1
.rsvprewards.com/	1970-01-20 06:29:19	Name: _gat_tc_client Value: 1
.rsvprewards.com/	1970-01-20 06:29:19	Name: _gat_tc_client_roll_up Value: 1
.rsvprewards.com/	1970-01-20 16:05:19	Name: _ga_H4228VNMFE Value: GS1.1.1664959346.1.0.1664959346.0.0.0
.rsvprewards.com/	1970-01-20 16:05:19	Name: _ga Value: GA1.1.68367017.1664959346
.rsvprewards.com/	1970-01-20 16:05:19	Name: _ga_3S5G3ZLFWB Value: GS1.1.1664959346.1.0.1664959346.0.0.0
.www.rsvprewards.com/	1970-01-20 06:29:21	Name: __cf_bm Value: 8e5h5FQSwxEBF7NhBP1GDbB6jKPL9FMfpvpwaFPa35g-1664959346-0-Aa1O/W/Sxj8Q/iU8WxOkg1EAbLRp5smNX46acg1wXRbTbGkeF4pewMQNQlWWxF4guSRdVGEPa1o2u+gywl4kr7eYuDr29Rzm2m3JhAoMe0VHwquOgkIFj4PQCAW9gRwk/Q==

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://tc.galaxy.tf/tc/shop/v1/hotel/113129/calendar?dateIn=2022-10-05&lang=en Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://o478535.ingest.sentry.io/api/282725/store/?sentry_key=74e3662d86224213a76f365f800bfb4f&sentry_version=7 Message: Failed to load resource: the server responded with a status of 429 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.tsa-db.com
cdn.galaxy.tf
cdnjs.cloudflare.com
dynamic.travelclick-websolutions.com
flow.sandmanhotels.com
fonts.googleapis.com
fonts.gstatic.com
image-tc.galaxy.tf
o478535.ingest.sentry.io
tc.galaxy.tf
www.google-analytics.com
www.googletagmanager.com
www.rsvprewards.com
195.244.31.25
23.219.82.8
2600:9000:2512:a800:16:41f8:18c0:93a1
2606:4700::6811:180e
2606:4700::6811:b864
2606:4700::6811:b964
2606:4700::6811:ba64
2607:f8b0:4006:808::2003
2607:f8b0:4006:81f::2008
2607:f8b0:4006:821::200e
2607:f8b0:4006:823::200a
3.229.27.39
34.120.195.249
0e9575ea089a989683e0519998ae57ad2bb058d2f6687072c108da736447513b
1072196461e514f000781162bbb6df8482ecc115563824c7de16fa7052b14c86
142a8f93328ab96cd295c87c0e1a0b357b88249989468a52c502dff0ebbae49d
18bbe359c2fef1303c3456498994048795c143e198b44c62b3ee348ade2a8d72
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
29adca8e192470a127de194799e03fd301f6755977c2c015b84a559208f86549
2e4b768550e76908bf473c085ba0c8847cac5bb2c50ad3a8b8817116a177e3e7
2f28fa10529c01d52222edea9a7e9e5f45edaf7b33a0e44245f187a4f9a66166
2fad351e76cdfee295c42a628938000ad1d909d6ac7adaa3f749c03f6e16230a
388e086410431f0ded9b31c734961983112551ae7f8fabab5f270a8c95f0be64
407949eb31027774e981964010a110719fa88c0d054d27e43a3ffee9607d218f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4dc32b64192d380343f9bdf9e1f544b062214cf443bce9af0efef0c9e2122094
515cfe7dbec6ba692ce61436c70cfd2c1b82f4ab45f773959682aa53ac3ce561
54af52473c5c015d512d0d55eac0baf8b3e85d35b6cd6125f488420163e19dfa
584dfc26a09b20f29619b9e8e25003f632b9849808d0bdac4c3d18809aaad8f8
63a62f96d75ff5989611f66d710d354f64a1808052ababe305e2aed3924a4205
6477c99fdb15187e3c895b87a03d06c3a984927f827650932c4979f12a2bb51f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
813e53317103de60f6f23dbf4ef3ad5061c6ee39dd5fea0dea2033457d127125
8428d56cd6ccfd682b0a8541fe5168aa8365422eacca6e07704d952d37b507b3
8eb5206e5623ba86ca71de9c67d2fa7be563d0fcf6a0ee5a2cd3843aee498a7c
958704d05d4be8019f515074008637b86eba742801afbc048924daad6d3cc437
986fb201005bbe98bd8bd1d4a93c34bc89f58dd2118acbfd385ee4402fc99b34
99d17a83324f7424947279a42446b046e1ac6a7ca8438d3a62f7bf15e935aab2
a79fb3c976014ed463d70512dad94ceac5dc11d92799ea6cf7d486e88c3d9fff
aabf4ade368e4af3c56ce6d190bc3b7f42d51c1d355de66564f3c944d190b092
ad143d75162342bd9978cbbbc5d0a20a081d78c954f6b09b3d1f358806a73fb2
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
b04f4affb860f1e63166c692014a1b7d8117bfc9f599f4704b6985a92e5bb6f8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
bac10d17440dcd6f6c6c4e0bd7eca2e1a7eec030ef3b1143d4be3791dcf91263
ca926d35c8eb4cec6efbc4a9ea183febeb93bb077f27379eb168a07dc5238e2c
cafa815650e794e77e9869b600255edebbe141eb1becb504a5fe2ead656e4dff
ce45a7ca7917fe51dbae2582057253d3a733c341963d7419752c647802e64d6f
ce4f1b48eedafeaa3d9b02d15dc642b4cc9a995b6e517d6d9bd91d007a420a6c
d19cf64a3bc3bb57bb729faaba1a75727ad1b2983245ab0f271c82bad4c1d9dd
d19f9545dc146e03fd04be6c2c14922a8090188f9aeb9074e50e7918bd75bcf7
e04815d2b44ded36554b60220d7a4e8b199747ae6f2911a8de71ed4781d5add5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

www.rsvprewards.com Open in urlscan Pro 2606:4700::6811:ba64 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

48 Requests

100 %HTTPS

69 %IPv6

11 Domains

13 Subdomains

13 IPs

1 Countries

2720 kBTransfer

5618 kBSize

10 Cookies

5 Outgoing links

Page URL History

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.rsvprewards.com Open in urlscan Pro
2606:4700::6811:ba64 Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

100 %
HTTPS

69 %
IPv6

11
Domains

13
Subdomains

13
IPs

1
Countries

2720 kB
Transfer

5618 kB
Size

10
Cookies

48 HTTP transactions
1 data transactions