urlscan.io logo urlscan.io
SecurityTrails logo

www.rsvprewards.com Open in urlscan Pro
2606:4700::6811:b664  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://flow.sandmanhotels.com/tr/c/837t36v39n3bu34d33332x39j36e36p32h37l32k00/1731508
Effective URL: https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3...
Submission: On September 28 via api from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 1 countries across 12 domains to perform 55 HTTP transactions. The main IP is 2606:4700::6811:b664, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.rsvprewards.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 7th 2022. Valid for: a year.
This is the only time www.rsvprewards.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 23.219.82.59 20940 (AKAMAI-ASN1)
25 2606:4700::68... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
4 34.120.195.249 15169 (GOOGLE)
2 195.244.31.25 63140 (IGUANA-WO...)
2 3.216.49.13 14618 (AMAZON-AES)
2 2600:9000:251... 16509 (AMAZON-02)
6 2607:f8b0:400... 15169 (GOOGLE)
2 2600:141b:13:... 20940 (AKAMAI-ASN1)
55 13
2    23.219.82.59 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-219-82-59.deploy.static.akamaitechnologies.com
flow.sandmanhotels.com
25    2606:4700::6811:b664 (United States)

ASN13335 (CLOUDFLARENET, US)
www.rsvprewards.com
1    2607:f8b0:4006:806::200a (Rockville, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2607:f8b0:4006:808::2008 (Rockville, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2607:f8b0:4006:80f::2003 (Rockville, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700::6811:b964 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.galaxy.tf
2    2606:4700::6811:b764 (United States)

ASN13335 (CLOUDFLARENET, US)
image-tc.galaxy.tf
4    34.120.195.249 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o478535.ingest.sentry.io
2    195.244.31.25 (Newark, United States)

ASN63140 (IGUANA-WORLDWIDE, US)
PTR: xo7-viplb-01-new.ny.ig-1.net
dynamic.travelclick-websolutions.com
2    3.216.49.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-49-13.compute-1.amazonaws.com
tc.galaxy.tf
2    2600:9000:2512:6200:16:41f8:18c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
api.tsa-db.com
6    2607:f8b0:4006:81c::200e (Rockville, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2600:141b:13:79a::14b9 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
api.travelclick.com
Apex Domain
Subdomains		 Transfer
25 rsvprewards.com
www.rsvprewards.com
1012 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 28
20 KB
5 galaxy.tf
cdn.galaxy.tf — Cisco Umbrella Rank: 118898
image-tc.galaxy.tf — Cisco Umbrella Rank: 94128
tc.galaxy.tf — Cisco Umbrella Rank: 224464
202 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 64
311 KB
4 sentry.io
o478535.ingest.sentry.io — Cisco Umbrella Rank: 145654
738 B
2 travelclick.com
api.travelclick.com — Cisco Umbrella Rank: 84845
936 B
2 tsa-db.com
api.tsa-db.com — Cisco Umbrella Rank: 77201
1 KB
2 travelclick-websolutions.com
dynamic.travelclick-websolutions.com — Cisco Umbrella Rank: 122912
2 KB
2 gstatic.com
fonts.gstatic.com
62 KB
2 sandmanhotels.com
flow.sandmanhotels.com
603 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 208
6 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 41
1 KB
55 12
Domain Requested by
25 www.rsvprewards.com www.rsvprewards.com
6 www.google-analytics.com www.googletagmanager.com
www.rsvprewards.com
5 www.googletagmanager.com www.rsvprewards.com
www.googletagmanager.com
4 o478535.ingest.sentry.io www.rsvprewards.com
2 api.travelclick.com www.rsvprewards.com
2 api.tsa-db.com www.rsvprewards.com
2 tc.galaxy.tf www.rsvprewards.com
2 dynamic.travelclick-websolutions.com www.rsvprewards.com
2 image-tc.galaxy.tf www.rsvprewards.com
2 fonts.gstatic.com fonts.googleapis.com
2 flow.sandmanhotels.com 2 redirects
1 cdn.galaxy.tf www.rsvprewards.com
1 cdnjs.cloudflare.com www.rsvprewards.com
1 fonts.googleapis.com www.rsvprewards.com
55 14
Subject Issuer Validity Valid
www.rsvprewards.com
Cloudflare Inc ECC CA-3		 2022-03-07 -
2023-03-07		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
cdn.galaxy.tf
Cloudflare Inc ECC CA-3		 2022-05-06 -
2023-05-06		 a year crt.sh
image-tc.galaxy.tf
Cloudflare Inc ECC CA-3		 2022-06-08 -
2023-06-07		 a year crt.sh
*.ingest.sentry.io
R3		 2022-08-20 -
2022-11-18		 3 months crt.sh
*.travelclick-websolutions.com
Gandi Standard SSL CA 2		 2022-06-16 -
2023-07-08		 a year crt.sh
*.galaxy.tf
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
*.tsa-db.com
Amazon		 2022-03-30 -
2023-04-28		 a year crt.sh
*.travelclick.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-28 -
2023-03-29		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
Frame ID: 5D3A5DFA6C5B0136B5A2C5F193D864C9
Requests: 49 HTTP requests in this frame

Frame: https://www.rsvprewards.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1664366400
Frame ID: 209F18A6BED6DAC8215F320D26FC14C0
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign Up Page | RSVP Rewardsarrow-rightarrow-leftarrow-bottomarrow-topcalendarphonewebsitedownload-arrowfacebooktwittergoogle-plusupload

Page URL History Show full URLs

  1. http://flow.sandmanhotels.com/tr/c/837t36v39n3bu34d33332x39j36e36p32h37l32k00/1731508 HTTP 301
    https://flow.sandmanhotels.com/tr/c/837t36v39n3bu34d33332x39j36e36p32h37l32k00/1731508 HTTP 301
    https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LT... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cookieconsent\.min\.js

Page Statistics

55
Requests

100 %
HTTPS

71 %
IPv6

12
Domains

14
Subdomains

13
IPs

1
Countries

1619 kB
Transfer

5235 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://flow.sandmanhotels.com/tr/c/837t36v39n3bu34d33332x39j36e36p32h37l32k00/1731508 HTTP 301
    https://flow.sandmanhotels.com/tr/c/837t36v39n3bu34d33332x39j36e36p32h37l32k00/1731508 HTTP 301
    https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

55 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request sign-up
www.rsvprewards.com/
Redirect Chain
  • http://flow.sandmanhotels.com/tr/c/837t36v39n3bu34d33332x39j36e36p32h37l32k00/1731508
  • https://flow.sandmanhotels.com/tr/c/837t36v39n3bu34d33332x39j36e36p32h37l32k00/1731508
  • https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
84 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d14f1d4d3534e1cf327ec99f86268befaa8853b7b113a84022d1ac2527659ca6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=1200
cf-cache-status
MISS
cf-ray
751d1e0e2dcdecee-YUL
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 28 Sep 2022 14:20:01 GMT
expires
Wed, 28 Sep 2022 14:40:01 GMT
last-modified
Wed, 28 Sep 2022 00:01:01 GMT
referrer-policy
no-referrer-when-downgrade
server
cloudflare
strict-transport-security
max-age=31536000; includeSubdomains; preload
vary
Accept-Encoding
via
1.1 7dc3ea7fad289ec41f03744503a6b984.cloudfront.net (CloudFront)
x-amz-cf-id
DMOkKTJPY7PEmMPVXfzVbHRfxS0t0UQyFh1dbOuzDzmMLDu8WRIzCg==
x-amz-cf-pop
EWR53-C3
x-amz-version-id
mAZKIakKn8bgTiZ.AIwiSBFv8.h3vCnC
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

content-length
0
content-security-policy
upgrade-insecure-requests
date
Wed, 28 Sep 2022 14:20:01 GMT
location
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
server
Apache-Coyote/1.1
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,400i,700,700i&display=swap&subset=latin,latin-ext
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
584dfc26a09b20f29619b9e8e25003f632b9849808d0bdac4c3d18809aaad8f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 28 Sep 2022 14:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 14:08:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 28 Sep 2022 14:20:02 GMT
main.css
www.rsvprewards.com/css/custom/3947/1/aa8f93c8b0fb80a1fdda1047634007fa/ 		720 KB
100 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.rsvprewards.com/css/custom/3947/1/aa8f93c8b0fb80a1fdda1047634007fa/main.css
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73c16f2477aede0bc21684477ea5e898d9f283350ec844838fea5eace497d826
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 14:20:02 GMT
x-amz-version-id
iHbBGavH6xl..Y_vZsfzEIf3XGndu8fU
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 05df0d22c8cc3d4b946b6f2dc43d6b9c.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
ORD58-P1
age
51351
content-encoding
br
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 28 Sep 2022 00:01:13 GMT
server
cloudflare
etag
W/"ec5de2328d29d131b6fe7d64b1a1b9fe"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
751d1e10c95becee-YUL
x-amz-cf-id
JrmNwh2Zb2-GhcMPpQqSFpz7pUenhyHbILmUhKT4iWS5Q79W1G3uRw==
expires
Thu, 28 Sep 2023 14:20:02 GMT
gtm.js
www.googletagmanager.com/ 		197 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TL2MM4B
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2008 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b085cf7e8c7a10d3b30b0f551d1668ec5e59ccf486d7f6c15d4a58cb49bc162e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 14:20:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62103
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 28 Sep 2022 14:20:02 GMT
gtm.js
www.googletagmanager.com/ 		171 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MBPBFS9
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2008 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
71cd3bc07e64065862ece89092fc2f7d30ae9150e63a755f7a492d3b0d2081bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 14:20:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53702
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 28 Sep 2022 14:20:02 GMT
svg-icons.svg
www.rsvprewards.com/integration/tc-theme/public/svg/ 		59 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rsvprewards.com/integration/tc-theme/public/svg/svg-icons.svg
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fad351e76cdfee295c42a628938000ad1d909d6ac7adaa3f749c03f6e16230a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 14:20:02 GMT
x-amz-version-id
xGda4vmgAfKfANJqfwkOSEN6u2FkiyLq
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 124fcc45b0cac625cd0077abe70a7c60.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
ORD58-P1
age
51351
content-encoding
br
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 22 Sep 2022 00:00:33 GMT
server
cloudflare
etag
W/"7f2e56792059baaf943072d2d2d052d1"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
751d1e117907ecfa-YUL
x-amz-meta-md5chksum
fy5WeSBZuq+UMHLS0tBS0Q==
x-amz-cf-id
bMSvLbaKnn6SzBHZX_ENjbD05ysuNuFbsXxgxDGOgSKp_iT1PNlw6g==
expires
Thu, 28 Sep 2023 14:20:02 GMT
cookieconsent.min.js
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 14:20:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
17443
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5676
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-4d5a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gLgtllJKlNPyksuCVd7aW%2FzqsYAeqDverswg5VbCzeahFPFnBih4pPcKbK2AD2ZhdUuWWbNzZ%2FR9Epix1td6WlSV2gV3K9w91t070X4XhRuE%2Fuhlh3Ul%2BOXJF1tuzsCwOv1wEilYAT6%2BPbs2uSkFmk0a"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
751d1e11dc24ece6-YUL
expires
Mon, 18 Sep 2023 14:20:02 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,400i,700,700i&display=swap&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.rsvprewards.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 10:24:41 GMT
x-content-type-options
nosniff
age
446121
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30928
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Sep 2023 10:24:41 GMT
gms-latest.min.js
cdn.galaxy.tf/asset-galaxy/js/ 		148 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.galaxy.tf/asset-galaxy/js/gms-latest.min.js?v6be3e621e5d5b84e1daca29f4ef1eca1
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b964 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce4f1b48eedafeaa3d9b02d15dc642b4cc9a995b6e517d6d9bd91d007a420a6c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 14:20:02 GMT
strict-transport-security
max-age=15768000
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 23 Aug 2022 10:13:26 GMT
server
cloudflare
age
396167
etag
W/"250c8-5e6e5d0abf027-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
751d1e124c22ecf6-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 28 Sep 2023 14:20:02 GMT
main.bundle.js
www.rsvprewards.com/integration/tc-theme/public/shared-gms-v2/js/ 		206 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rsvprewards.com/integration/tc-theme/public/shared-gms-v2/js/main.bundle.js?v6be3e621e5d5b84e1daca29f4ef1eca1
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
986fb201005bbe98bd8bd1d4a93c34bc89f58dd2118acbfd385ee4402fc99b34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 14:20:02 GMT
x-amz-version-id
z2DJ1wgdjabf94g6RfJHnx_OafYE2gFk
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 bd02c4a72f88f2bbd693051675941962.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
ORD58-P1
age
51351
content-encoding
br
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 22 Sep 2022 00:00:18 GMT
server
cloudflare
etag
W/"dcbfb95dd013bb7571815d181fe381ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
751d1e12aa8decfa-YUL
x-amz-meta-md5chksum
3L+5XdATu3VxgV0YH+OBzg==
x-amz-cf-id
SfVYJXCxpAxUg74CpER9H0050rx4JxZU8-eiW_Hr60rfpiPp-Te36g==
expires
Thu, 28 Sep 2023 14:20:02 GMT
main.css
www.rsvprewards.com/integration/tc-theme/public/shared-gms-v2/css/ 		97 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.rsvprewards.com/integration/tc-theme/public/shared-gms-v2/css/main.css?v6be3e621e5d5b84e1daca29f4ef1eca1
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23389ade8da2559ee3c1813b024a5432047652981bb8e2e84e3a943b967a1385
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 14:20:02 GMT
x-amz-version-id
FbIoEL.9TMGAM6ikXGGmBDL6Bq7t_8ET
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 452324c4cfd54555e3a2d8c074edaf78.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
ORD58-P1
age
48555
content-encoding
br
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 13 Sep 2022 00:00:56 GMT
server
cloudflare
etag
W/"90e26334849fecf19b80bb5c84fd3c8d"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
751d1e12ba97ecfa-YUL
x-amz-meta-md5chksum
kOJjNISf7PGbgLtchP08jQ==
x-amz-cf-id
afTzr1MJ9MirKMLHe8d8k7HA5SaCDOoApf81z7t6lBSfMO6Mk1lhnw==
expires
Thu, 28 Sep 2023 14:20:02 GMT
authorization.bundle.js
www.rsvprewards.com/integration/tc-theme/public/shared-gms-v2/js/ 		70 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rsvprewards.com/integration/tc-theme/public/shared-gms-v2/js/authorization.bundle.js?v6be3e621e5d5b84e1daca29f4ef1eca1
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b7aa60ffedd04abd7ecdbc42cf403bc376df7e13a0cfadefb45c3053b343695
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 14:20:02 GMT
x-amz-version-id
dPxNqpbZ8K.PHoo9It1oJEM4ev5lrNw.
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 f31fa40e0863bae8e02d0ba21cedaeb0.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
ORD58-P1
age
48555
content-encoding
br
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 22 Sep 2022 00:00:32 GMT
server
cloudflare
etag
W/"beacfe998ab185b949d8e68fe9951ca1"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
751d1e135b80ecfa-YUL
x-amz-meta-md5chksum
vqz+mYqxhblJ2OaP6ZUcoQ==
x-amz-cf-id
xtcoyHmAlj9Rn9C3uRUQwqXnc16rz35zjORVfynkFckA05hl8qhqvA==
expires
Thu, 28 Sep 2023 14:20:02 GMT
personalization-gms.js
www.rsvprewards.com/widgets/js/personalisation_trigger/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rsvprewards.com/widgets/js/personalisation_trigger/personalization-gms.js?69b42c5e87b35b0798a2ddc9a47c4a98426fcd82
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e4b768550e76908bf473c085ba0c8847cac5bb2c50ad3a8b8817116a177e3e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 14:20:02 GMT
x-amz-version-id
coKw5nM9df_GSntqaclCoJeH5p1sp77_
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 2bdfafaaaec33c116889588ecd9de280.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
ORD58-P1
age
51351
content-encoding
br
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 28 Sep 2022 00:01:17 GMT
server
cloudflare
etag
W/"633ffd5366aef00cd0f7d85b736bf72e"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
751d1e13dbfbecfa-YUL
x-amz-cf-id
SuQn5_KAMmGBeyZz5ocjG4v1qJ9FqqPwY7j2uFhgOrR-zqFLaxAfHg==
expires
Thu, 28 Sep 2023 14:20:02 GMT
rsvp-sign-up.jpg
image-tc.galaxy.tf/wijpeg-cumsx1ax36yq8w2ytpezw5c53/ 		152 KB
153 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image-tc.galaxy.tf/wijpeg-cumsx1ax36yq8w2ytpezw5c53/rsvp-sign-up.jpg
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b764 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3ee891d09918b640073d78e8742d582c57ea6a883331ce1d0239b921439c2fb
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 14:20:02 GMT
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
via
1.1 ac8301cb52f27894048b5f9019631930.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubdomains; preload
cf-cache-status
HIT
x-content-type-options
nosniff
x-amz-version-id
bvz76o.bY3DSSdkHC5gTcovG79.8jLu0
x-amz-cf-pop
MSP50-C2
age
487401
cf-polished
status=not_needed
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
155310
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
cf-bgj
imgq:100,h2pri
last-modified
Wed, 13 Oct 2021 00:00:46 GMT
server
cloudflare
etag
"c8a3d4c8a3f6483099a95b339dd31765"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
751d1e140ba54bd0-YUL
x-amz-cf-id
08e_OWN-Bm9l8xzuv3nguTuRM8EmZArgscxZlhaO6rk6alH8twyPCQ==
expires
Thu, 28 Sep 2023 14:20:02 GMT
galaxy-helpers.js
www.rsvprewards.com/frontend/galaxy-helpers/public/ 		64 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rsvprewards.com/frontend/galaxy-helpers/public/galaxy-helpers.js?v=l-9e250131-e65e-4083-865c-aa1c4e6a0658
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e04815d2b44ded36554b60220d7a4e8b199747ae6f2911a8de71ed4781d5add5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 14:20:02 GMT
x-amz-version-id
2JI3zh21eP_BZ1AFBPN0uIZOQCnS17cc
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 57f0537bdb26692a5be92bbbe93e4ea2.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
ORD58-P1
age
51351
content-encoding
br
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 01 Jun 2022 19:14:28 GMT
server
cloudflare
etag
W/"b23d95a1d83a7fa91efa4244e94a8511"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
751d1e142c68ecfa-YUL
x-amz-meta-md5chksum
sj2Vodg6f6ke+kJE6UqFEQ==
x-amz-cf-id
oYXyWuW6sMpmw87X6Lnvzb3WLywINtXWavni-1yA06D4ewSemRr11Q==
expires
Thu, 28 Sep 2023 14:20:02 GMT
bundle.js
www.rsvprewards.com/integration/tc-theme/public/js/ 		2 MB
482 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v6be3e621e5d5b84e1daca29f4ef1eca1
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b787054ff2a52209646894f900a8e02806a7ee6cdb7758409b209d684472a8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 14:20:02 GMT
x-amz-version-id
QjYe94sqg5u_M1gqhj931fhKYrC7TiaO
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 5a3010bd9376613ba1249daca87b27a2.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
ORD58-P1
age
51351
content-encoding
br
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 24 Sep 2022 00:15:54 GMT
server
cloudflare
etag
W/"b39638dca47de2d7108c55af3634c422"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
751d1e148cd8ecfa-YUL
x-amz-meta-md5chksum
s5Y43KR94tcQjFWvNjTEIg==
x-amz-cf-id
Nk8r9gAO9PRWaMYl9uNtNcY6cMbibzOkYe-Xx7bFo-dEgIg3HA4gog==
expires
Thu, 28 Sep 2023 14:20:02 GMT
7334-63c3e419f7dfd7955fa4.js
www.rsvprewards.com/integration/tc-theme/public/js/chunk/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rsvprewards.com/integration/tc-theme/public/js/chunk/7334-63c3e419f7dfd7955fa4.js
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v6be3e621e5d5b84e1daca29f4ef1eca1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad143d75162342bd9978cbbbc5d0a20a081d78c954f6b09b3d1f358806a73fb2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 14:20:03 GMT
x-amz-version-id
zyT3tbKB72KRwRJRiWZqsKPLaTBnW3KU
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 c8780798b589dc6b55523ca0a9bc3c02.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
ORD58-P1
age
51351
content-encoding
br
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 22 Sep 2022 00:00:25 GMT
server
cloudflare
etag
W/"bf498adc8a488bbba160852e6c188c72"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
751d1e16cf94ecfa-YUL
x-amz-meta-md5chksum
v0mK3IpIi7uhYIUubBiMcg==
x-amz-cf-id
dC8QTUuUHT72heaVgCo0onjdQSG7A8lP6C7lP2yKn8uEfTZ3MsJADg==
expires
Thu, 28 Sep 2023 14:20:03 GMT
/
o478535.ingest.sentry.io/api/282725/envelope/ 		2 B
280 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o478535.ingest.sentry.io/api/282725/envelope/?sentry_key=74e3662d86224213a76f365f800bfb4f&sentry_version=7
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v6be3e621e5d5b84e1daca29f4ef1eca1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.rsvprewards.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 28 Sep 2022 14:20:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.rsvprewards.com
access-control-expose-headers
x-sentry-error, retry-after, x-sentry-rate-limits
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
svg-icons.svg
www.rsvprewards.com/integration/tc-theme/public/svg/ 		59 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.rsvprewards.com/integration/tc-theme/public/svg/svg-icons.svg
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v6be3e621e5d5b84e1daca29f4ef1eca1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fad351e76cdfee295c42a628938000ad1d909d6ac7adaa3f749c03f6e16230a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
sentry-trace
cd109b225cf647a69d196b9b6531e13d-97efe34dfe748d0e-1

Response headers

date
Wed, 28 Sep 2022 14:20:03 GMT
x-amz-version-id
xGda4vmgAfKfANJqfwkOSEN6u2FkiyLq
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 124fcc45b0cac625cd0077abe70a7c60.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
ORD58-P1
age
51352
content-encoding
br
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 22 Sep 2022 00:00:33 GMT
server
cloudflare
etag
W/"7f2e56792059baaf943072d2d2d052d1"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
751d1e171ff3ecfa-YUL
x-amz-meta-md5chksum
fy5WeSBZuq+UMHLS0tBS0Q==
x-amz-cf-id
bMSvLbaKnn6SzBHZX_ENjbD05ysuNuFbsXxgxDGOgSKp_iT1PNlw6g==
expires
Thu, 28 Sep 2023 14:20:03 GMT
1
dynamic.travelclick-websolutions.com/token/ 		686 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dynamic.travelclick-websolutions.com/token/1
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v6be3e621e5d5b84e1daca29f4ef1eca1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.244.31.25 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
xo7-viplb-01-new.ny.ig-1.net
Software
Apache /
Resource Hash
ce400e5eb2aba5ad07d71ad1932d519e121cb6728a3e39e4bb59eeafb80ebe89
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Sep 2022 14:20:03 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=15768000
Server
Apache
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
X-Real-Hostname
xo7-web-05
Content-Length
554
Expires
Thu, 19 Nov 1981 08:52:00 GMT
invisible.js
www.rsvprewards.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 209F 		38 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rsvprewards.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1664366400
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
658996ad1ba7eeee4aeeee3e62d3e26c9f1231171b24f74773637b366131b82d

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 14:20:03 GMT
content-encoding
br
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
751d1e17c8d7ecfa-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
7269-9c94ce25d6ee1857bee8.js
www.rsvprewards.com/integration/tc-theme/public/js/chunk/ 		70 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rsvprewards.com/integration/tc-theme/public/js/chunk/7269-9c94ce25d6ee1857bee8.js
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v6be3e621e5d5b84e1daca29f4ef1eca1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
142a8f93328ab96cd295c87c0e1a0b357b88249989468a52c502dff0ebbae49d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 14:20:03 GMT
x-amz-version-id
V9dVcH5UfztAm1m8XsNdfsA7G2c8nrNi
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 36c050103b969d83a8b90ba7cba12542.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
YTO50-P2
age
51351
content-encoding
br
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 07 Sep 2022 00:00:22 GMT
server
cloudflare
etag
W/"5e331feb437105997a24e337782b373d"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
751d1e17f8fcecfa-YUL
x-amz-meta-md5chksum
XjMf60NxBZl6JOM3eCs3PQ==
x-amz-cf-id
v41jak64-3MrTL81FqbqnKIgDUq-mpMzSwmgyX31jB2_5EmB6oMGCA==
expires
Thu, 28 Sep 2023 14:20:03 GMT
8196-c0124707f7a0b596e92e.js
www.rsvprewards.com/integration/tc-theme/public/js/chunk/ 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rsvprewards.com/integration/tc-theme/public/js/chunk/8196-c0124707f7a0b596e92e.js
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v6be3e621e5d5b84e1daca29f4ef1eca1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e9575ea089a989683e0519998ae57ad2bb058d2f6687072c108da736447513b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 14:20:03 GMT
x-amz-version-id
geBBNQ0WLe6Oy8_jTWtp755gAeNrTddF
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 c8780798b589dc6b55523ca0a9bc3c02.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
ORD58-P1
age
51351
content-encoding
br
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 22 Sep 2022 00:00:23 GMT
server
cloudflare
etag
W/"0817bf482f091ab57beaeeba3cc278e9"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
751d1e17f8feecfa-YUL
x-amz-meta-md5chksum
CBe/SC8JGrV76u66PMJ46Q==
x-amz-cf-id
Ztt8mftBF5U4ArmoT_iSIRZedj2DmLNF0g9Rkt-tzPt2NIC5qjJFdA==
expires
Thu, 28 Sep 2023 14:20:03 GMT
header-one-3a44c3fbd1fcdc8ac577.js
www.rsvprewards.com/integration/tc-theme/public/js/chunk/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rsvprewards.com/integration/tc-theme/public/js/chunk/header-one-3a44c3fbd1fcdc8ac577.js
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v6be3e621e5d5b84e1daca29f4ef1eca1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99d17a83324f7424947279a42446b046e1ac6a7ca8438d3a62f7bf15e935aab2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 14:20:03 GMT
x-amz-version-id
sDCn83G18bQxEulnvfERDLC1gNlaXagP
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 57f0537bdb26692a5be92bbbe93e4ea2.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
ORD58-P1
age
51351
content-encoding
br
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 22 Sep 2022 00:00:08 GMT
server
cloudflare
etag
W/"0bae501266459b34b543f40548ce0dd0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
751d1e17f900ecfa-YUL
x-amz-meta-md5chksum
C65QEmZFmzS1Q/QFSM4N0A==
x-amz-cf-id
Uivmrk6B7Y9l6xCGOwiUQZsQbhTiFH9odyVtRa9Sc1BskIkc3MVXKQ==
expires
Thu, 28 Sep 2023 14:20:03 GMT
pica.js
www.rsvprewards.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame 209F 		22 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.rsvprewards.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce4897fcf5d08167d6478e7e11377a81399faede8526507a66bf6e01f3ba399a

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 14:20:03 GMT
content-encoding
br
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
751d1e1899aaecfa-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
calendar
tc.galaxy.tf/tc/shop/v1/hotel/113129/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tc.galaxy.tf/tc/shop/v1/hotel/113129/calendar?dateIn=2022-09-28&lang=en
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.49.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-49-13.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-galaxy-key
Access-Control-Request-Method
GET
Origin
https://www.rsvprewards.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-headers
authorization,content-type,x-amz-date,x-amz-security-token,x-amz-user-agent,x-galaxy-key,x-referer-override
access-control-allow-methods
DELETE,GET,PATCH,POST,PUT
access-control-allow-origin
*
apigw-requestid
ZLKzIgDTIAMEPRg=
date
Wed, 28 Sep 2022 14:20:03 GMT
1100262
api.tsa-db.com/v1/data/BID/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.tsa-db.com/v1/data/BID/1100262
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2512:6200:16:41f8:18c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.rsvprewards.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
access-control-allow-methods
OPTIONS,GET
access-control-allow-origin
*
access-control-max-age
86400
age
4379
cache-control
max-age=86400, s-maxage=86400, proxy-revalidate
content-length
0
content-type
application/json
date
Wed, 28 Sep 2022 13:07:04 GMT
via
1.1 e4139980c923137f619eb979df36e416.cloudfront.net (CloudFront)
x-amz-apigw-id
ZLAG2He8oAMFb4w=
x-amz-cf-id
ix945zuSHzk3qRyQB0rMTMtB7drKAggD7z6yMXswjOzkhE7TU4ZfOg==
x-amz-cf-pop
JFK50-P7
x-amzn-requestid
11f9d14a-51dc-49f6-a5c5-411c7bd7c2ca
x-cache
Hit from cloudfront
rsvp.svg
image-tc.galaxy.tf/wisvg-1ryve29oki9zgjhzg6zkh5c7z/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image-tc.galaxy.tf/wisvg-1ryve29oki9zgjhzg6zkh5c7z/rsvp.svg?width=500
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b764 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f28fa10529c01d52222edea9a7e9e5f45edaf7b33a0e44245f187a4f9a66166
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 14:20:03 GMT
x-amz-version-id
7AIhVvMU7VTpwJluh6ZGGpBIM9rOtVB4
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 8504d76345ac5d175fb1aabd19e8fede.cloudfront.net (CloudFront)
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop
MSP50-C2
age
1865036
cf-cache-status
HIT
content-encoding
br
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 12 Oct 2021 09:24:37 GMT
server
cloudflare
etag
W/"1e039c13abeebb837ec31939b4ecfe1f"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
751d1e18fa58714a-YUL
x-amz-cf-id
Xy_db6u_ExsS2FNgmR2TLkztyuxGOorKrIwaAEuD4sdF3I29_MeZkQ==
expires
Thu, 28 Sep 2023 14:20:03 GMT
calendar
tc.galaxy.tf/tc/shop/v1/hotel/113129/ 		65 B
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tc.galaxy.tf/tc/shop/v1/hotel/113129/calendar?dateIn=2022-09-28&lang=en
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v6be3e621e5d5b84e1daca29f4ef1eca1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.49.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-49-13.compute-1.amazonaws.com
Software
/
Resource Hash
ce45a7ca7917fe51dbae2582057253d3a733c341963d7419752c647802e64d6f

Request headers

Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
X-Galaxy-Key
3f605a80075953b629e198dfad3df367
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 28 Sep 2022 14:20:03 GMT
content-length
65
apigw-requestid
ZLKzIjThIAMEPtA=
content-type
application/json
3947
dynamic.travelclick-websolutions.com/view/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dynamic.travelclick-websolutions.com/view/3947
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v6be3e621e5d5b84e1daca29f4ef1eca1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.244.31.25 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
xo7-viplb-01-new.ny.ig-1.net
Software
Apache /
Resource Hash
8b7075624d46313ab63cc94128649bdfdb7bda764ecd77e449554315e02e1a9f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 28 Sep 2022 14:20:03 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=15768000
Server
Apache
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
X-Real-Hostname
xo7-web-05
Content-Length
650
Expires
Thu, 19 Nov 1981 08:52:00 GMT
chunk-tc-GMS-188c0c98eb1b17c048ae.js
www.rsvprewards.com/integration/tc-theme/public/js/chunk/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rsvprewards.com/integration/tc-theme/public/js/chunk/chunk-tc-GMS-188c0c98eb1b17c048ae.js
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v6be3e621e5d5b84e1daca29f4ef1eca1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6477c99fdb15187e3c895b87a03d06c3a984927f827650932c4979f12a2bb51f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 14:20:03 GMT
x-amz-version-id
1hqWlLpvkC.b7TYE49sbOi8g7vCt5zP4
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 595c26368a4c8eede29e4b5da7206efc.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
ORD58-P1
age
51351
content-encoding
br
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 07 Sep 2022 00:00:14 GMT
server
cloudflare
etag
W/"a17172b3929fb36caf3b6449ce7d9c48"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
751d1e19fb46ecfa-YUL
x-amz-meta-md5chksum
oXFys5Kfs2yvO2RJzn2cSA==
x-amz-cf-id
05TDZ2hH_-N9PDolK_6I1KmAtLrZE0pt1w0_UZsl6z5jzxIIloNBpQ==
expires
Thu, 28 Sep 2023 14:20:03 GMT
1100262
api.tsa-db.com/v1/data/BID/ 		683 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.tsa-db.com/v1/data/BID/1100262
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v6be3e621e5d5b84e1daca29f4ef1eca1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2512:6200:16:41f8:18c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
958704d05d4be8019f515074008637b86eba742801afbc048924daad6d3cc437

Request headers

Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 28 Sep 2022 14:13:03 GMT
via
1.1 e4139980c923137f619eb979df36e416.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P7
age
420
x-amzn-trace-id
Root=1-6334566e-15a680d9028eccd43de395fb;Sampled=0
x-amzn-requestid
4dd4459b-9791-49a6-bb96-00f0d36cc399
x-cache
Hit from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
access-control-allow-credentials
true
x-amz-apigw-id
ZLJxXEoEIAMFmeA=
content-length
683
x-amz-cf-id
K4PL3QgCx-rTAdCiK-jrbKnLPBwa0t3GP4D-yQs5MRKiU1CtCvQhmQ==
vendors~gms-auth-popup~gms-full-app.31c6ea613732810e2359.js
www.rsvprewards.com/integration/tc-theme/public/shared-gms-v2/js/chunks/ 		180 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rsvprewards.com/integration/tc-theme/public/shared-gms-v2/js/chunks/vendors~gms-auth-popup~gms-full-app.31c6ea613732810e2359.js
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/shared-gms-v2/js/main.bundle.js?v6be3e621e5d5b84e1daca29f4ef1eca1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1204955a700f9eeef8dd6dde38b07ed0c879a3b015e0b6b755c3264381119ad9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 14:20:03 GMT
x-amz-version-id
WWZyjn.xlLQu2yEPLYPb9WUbSf4AvGQu
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 4716bcbdc4e9f27ba0fec4fee66dbffa.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
ORD58-P1
age
48555
content-encoding
br
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 22 Sep 2022 00:00:16 GMT
server
cloudflare
etag
W/"99506e3b6a4e79d0b71e7c6a4a80c521"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
751d1e1a2b81ecfa-YUL
x-amz-meta-md5chksum
mVBuO2pOedC3HnxqSoDFIQ==
x-amz-cf-id
S7ppn8gLqHWi4-rEdiq630trwIU_I_TsIb9_oiEykD_PfAGs5gMr9A==
expires
Thu, 28 Sep 2023 14:20:03 GMT
vendors~gms-full-app.c2094260a92b34d7f53e.js
www.rsvprewards.com/integration/tc-theme/public/shared-gms-v2/js/chunks/ 		101 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rsvprewards.com/integration/tc-theme/public/shared-gms-v2/js/chunks/vendors~gms-full-app.c2094260a92b34d7f53e.js
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/shared-gms-v2/js/main.bundle.js?v6be3e621e5d5b84e1daca29f4ef1eca1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84fadf9c95fe6a80d80ae48c55edd022e611841e752d225c08c20b8a64536a67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 14:20:03 GMT
x-amz-version-id
JYkd.SfakHgYYvPjAryqew79PoZy_txr
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 e61f6cd3dfbf1a805c935627b416490e.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
ORD58-P1
age
48555
content-encoding
br
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 22 Sep 2022 00:00:17 GMT
server
cloudflare
etag
W/"028572d465c46d9174f1f8d1084c4382"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
751d1e1a3b86ecfa-YUL
x-amz-meta-md5chksum
AoVy1GXEbZF08fjRCExDgg==
x-amz-cf-id
ede_HyNg7oxUbYfa7eGo-8sCDuR16kqyQwLIK9r4cEHNpKPJ-YrY7g==
expires
Thu, 28 Sep 2023 14:20:03 GMT
gms-full-app.4525368f13557e0177c7.js
www.rsvprewards.com/integration/tc-theme/public/shared-gms-v2/js/chunks/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rsvprewards.com/integration/tc-theme/public/shared-gms-v2/js/chunks/gms-full-app.4525368f13557e0177c7.js
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/shared-gms-v2/js/main.bundle.js?v6be3e621e5d5b84e1daca29f4ef1eca1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e19bc80b0133290c6bea5524fdae3ff6081841463646ef3c6548a349bb5b91e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 14:20:03 GMT
x-amz-version-id
8NOrz5WoFEzLTvtmETe61kqMZoiIf7C7
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 40867fef594010a8d9ec2cb0a5cb2350.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
ORD58-P1
age
48555
content-encoding
br
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 22 Sep 2022 00:00:19 GMT
server
cloudflare
etag
W/"3d9838a2aa27e791b566f9d0606e6faa"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
751d1e1a3b8aecfa-YUL
x-amz-meta-md5chksum
PZg4oqon55G1ZvnQYG5vqg==
x-amz-cf-id
EcIofRz4jnZc15oKeFGSoM9weds7TS1nZSaOQaVX35Ud5fJGzNY_pw==
expires
Thu, 28 Sep 2023 14:20:03 GMT
vendors~gms-app-auth~gms-app-non-auth~gms-auth-popup.379ace2e696192610c57.js
www.rsvprewards.com/integration/tc-theme/public/shared-gms-v2/js/chunks/ 		142 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rsvprewards.com/integration/tc-theme/public/shared-gms-v2/js/chunks/vendors~gms-app-auth~gms-app-non-auth~gms-auth-popup.379ace2e696192610c57.js
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/shared-gms-v2/js/main.bundle.js?v6be3e621e5d5b84e1daca29f4ef1eca1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d14a9f7d3d66bb5b76d50f2f3808b4bd6ca16a4545884c5dfa13f178e5ce442
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 14:20:03 GMT
x-amz-version-id
_4CtkotZBnIjc3PBGXrojmDFVvGs3XFa
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 bd02c4a72f88f2bbd693051675941962.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
ORD58-P1
age
48554
content-encoding
br
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 22 Sep 2022 00:00:15 GMT
server
cloudflare
etag
W/"9db0ef5b0715aab8016512937c55b9c5"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
751d1e1aec71ecfa-YUL
x-amz-meta-md5chksum
nbDvWwcVqrgBZRKTfFW5xQ==
x-amz-cf-id
fNs8xRMJl_AI1q5egBneViIJu5a6cSNlDsxE_-MtnY6hEeWAlog-fw==
expires
Thu, 28 Sep 2023 14:20:03 GMT
gms-app-auth~gms-app-non-auth~gms-auth-popup.d18f0a633bc553eb657d.js
www.rsvprewards.com/integration/tc-theme/public/shared-gms-v2/js/chunks/ 		54 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rsvprewards.com/integration/tc-theme/public/shared-gms-v2/js/chunks/gms-app-auth~gms-app-non-auth~gms-auth-popup.d18f0a633bc553eb657d.js
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/shared-gms-v2/js/main.bundle.js?v6be3e621e5d5b84e1daca29f4ef1eca1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f452b1661c91988946649e0bc800b48c238c87aa4d6c612f03fabf3b078f3d1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 14:20:03 GMT
x-amz-version-id
AW66PeaBbC_ZqGxAJNJMkJaqD.EufmJb
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 4716bcbdc4e9f27ba0fec4fee66dbffa.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
ORD58-P1
age
48554
content-encoding
br
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 22 Sep 2022 00:00:21 GMT
server
cloudflare
etag
W/"8b11c973a40478e9a683da2c6c351f31"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
751d1e1aec72ecfa-YUL
x-amz-meta-md5chksum
ixHJc6QEeOmmg9osbDUfMQ==
x-amz-cf-id
ReWvE1ZOf-yq4I6lWqGg9H3osDIFYm0tiZPsmaU7a12Rs_p-NPwP5Q==
expires
Thu, 28 Sep 2023 14:20:03 GMT
gms-app-non-auth.dd67ed615ad6eaa859b4.js
www.rsvprewards.com/integration/tc-theme/public/shared-gms-v2/js/chunks/ 		62 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rsvprewards.com/integration/tc-theme/public/shared-gms-v2/js/chunks/gms-app-non-auth.dd67ed615ad6eaa859b4.js
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/shared-gms-v2/js/main.bundle.js?v6be3e621e5d5b84e1daca29f4ef1eca1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fcef795b52be9a1865d4ad7cbc0e767b33aa07884762c6e5ed5b3969a6a8aee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 14:20:03 GMT
x-amz-version-id
ok08JrhNC1IeZ.z8WqP_7_OoyhkKkIdR
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 ed78483d37e5338746e5a4b545e5818e.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
ORD58-P1
age
48553
content-encoding
br
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 22 Sep 2022 00:00:33 GMT
server
cloudflare
etag
W/"55690665e4f3cd3ebe827afc6cfffd80"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
751d1e1aec73ecfa-YUL
x-amz-meta-md5chksum
VWkGZeTzzT6+gnr8bP/9gA==
x-amz-cf-id
dAnuRYqaHvyD3PNwVtkJoD-KKdHhaiMsYFuw15Tji86AW_Te8Rrwyw==
expires
Thu, 28 Sep 2023 14:20:03 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TL2MM4B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 28 Sep 2022 13:02:20 GMT
last-modified
Sun, 11 Sep 2022 13:50:09 GMT
server
Golfe2
age
4663
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19826
expires
Wed, 28 Sep 2022 15:02:20 GMT
js
www.googletagmanager.com/gtag/ 		126 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TL2MM4B
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2008 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c6b87ca5e635c6f57ee1a98dc22daad61b5655fe77fb9a448e356d6dd69c974a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 14:20:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50602
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 28 Sep 2022 14:20:03 GMT
js
www.googletagmanager.com/gtag/ 		212 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-H4228VNMFE&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MBPBFS9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2008 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a95c28c4a106f5389d338903d65c5c8973fbd189c11dd3be97e51a24bc4c37b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 14:20:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
75628
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 28 Sep 2022 14:20:03 GMT
js
www.googletagmanager.com/gtag/ 		212 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3S5G3ZLFWB&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MBPBFS9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2008 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5d3a263f796603edfa7ac5670190db6aab3b0921c3b2b81bc7695e92c12a7022
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 14:20:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
75711
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 28 Sep 2022 14:20:03 GMT
recaptcha
api.travelclick.com/loyalty/v2/NPC/auth/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.travelclick.com/loyalty/v2/NPC/auth/recaptcha
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:79a::14b9 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://www.rsvprewards.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

accept
*/*
accept-encoding
gzip
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, x-tc-user-auth
access-control-allow-methods
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, CONNECT, PATCH
access-control-allow-origin
https://www.rsvprewards.com
access-control-max-age
3600
access-control-request-headers
authorization
access-control-request-method
GET
akamai-origin-hop
1
breadcrumbid
ID-areaapil004-prod-res-ldc-tcinfra-com-1661412916169-0-10400129
content-length
0
date
Wed, 28 Sep 2022 14:20:04 GMT
enterpriseid
NPC
origin
https://www.rsvprewards.com
referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
sec-fetch-dest
empty
sec-fetch-mode
cors
sec-fetch-site
cross-site
true-client-ip
2607:5300:60:7867::5
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
x-akamai-config-log-detail
true
x-akamai-device-characteristics
is_mobile=false;is_tablet=false
x-akamai-edgescape
georegion=300,country_code=CA,region_code=QC,city=MONTREAL,lat=45.50,long=-73.58,timezone=EST,zip=H1A+H1B+H1C+H1E+H1G+H1H+H1K+H1L+H1M+H1N+H1R+H1S+H1T+H1V+H1W+H1X+H1Y+H1Z+H2A+H2B+H2C+H2E+H2G+H2H+H2J+H2K+H2L+H2M+H2N+H2P+H2R+H2S+H2T+H2V+H2W+H2X+H2Y+H2Z+H3A+H3B+H3C+H3G+H3H+H3J+H3K+H3L+H3M+H3N+H3P+H3R+H3S+H3T+H3V+H3W+H3X+H3Y+H3Z+H4A+H4B+H4C+H4E+H4J+H4K+H4N+H4P+H4V+H4W+H4Z+H5A+H5B,continent=NA,throughput=low,bw=1,asnum=16276,network_type=hosted,location_id=0
x-application-context
application:server,prod1:8070
x-forwarded-for
2607:5300:60:7867::5
recaptcha
api.travelclick.com/loyalty/v2/NPC/auth/ 		34 B
936 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.travelclick.com/loyalty/v2/NPC/auth/recaptcha
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v6be3e621e5d5b84e1daca29f4ef1eca1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:79a::14b9 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2640603c81e84936fe90cb8f1697c47eee36d4f6013352d6fc917bb38507a291

Request headers

Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
accept-language
en-CA,en;q=0.9
Authorization
Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJhcHAiOiJHQUxBWFkiLCJhY2MiOiJkMGE0ZTE0Yi0zMjBmLTQ1ZGItYjg2Yi01Njg0N2JlMjVlY2IiLCJzdWIiOiIiLCJjaGFpbiI6IiIsInBhcnRuZXIiOiIiLCJjaG4iOiIiLCJpc3MiOiJ0cmF2ZWxjbGljayIsImV4cCI6MTY2NDM3Njg0OSwianRpIjoiZjBiZjI0NjMtMzVjYS00YTU5LThjNDAtNzk4OGE2NWM4MzkzIiwibWVjaCI6IiJ9.NvG2pSGD67_QZRMYmtUODotuRuRsRMgS9vM_bZOEd1zl91I2zWvSKfGi7qvwQc3ga2DbSvQz-xad-3Y0BwAdBEDKLVN-Ng4IoUCLywP7DKN94RBaq5raDvvGyK6zfuSyrxeHkI_ZBBJCJ08e4lEmQRCx6lLWWWpAYK_CCFx49mJYsdSaq0IEOyktznhWSpQUeBn55FKkmf-uSAKcfLuSsJFS0PTRZg2Wi0y7KEV2t4bR34Cm4j9wWnWgS5Tvf7NDpqkwXXyJvmDAjSMgYheUjupYcUjxwHhP82eqGiTkBbxqPyebZf5YgUZxRR3JuJnMuySPK-fAioe2V2sLnQxm9w
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 14:20:04 GMT
content-encoding
gzip
access-control-max-age
3600
access-control-allow-methods
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, CONNECT, PATCH
content-type
application/json
access-control-allow-origin
https://www.rsvprewards.com
vary
Accept-Encoding
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, x-tc-user-auth
content-length
60
x-application-context
application:server,prod1:8070
thick.svg
www.rsvprewards.com/integration/tc-theme/public/shared-gms-v2/resources/svg/ 		145 B
660 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rsvprewards.com/integration/tc-theme/public/shared-gms-v2/resources/svg/thick.svg
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/shared-gms-v2/css/main.css?v6be3e621e5d5b84e1daca29f4ef1eca1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff4748da828fd12795da27db137e2345cd6301f80b9b95f7da7ef2ee72b0abb1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/integration/tc-theme/public/shared-gms-v2/css/main.css?v6be3e621e5d5b84e1daca29f4ef1eca1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 14:20:04 GMT
x-amz-version-id
i.J90AZIo8Q2tvK6s3FQpGucXBQehzw9
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 21c66eb5f493a6e3ddbaa803cebfe014.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
YTO50-P2
age
42833
content-encoding
br
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 17 Sep 2021 23:57:06 GMT
server
cloudflare
etag
W/"394e2ffa049f730d5bf622c74b5249c2"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
751d1e1cfea1ecfa-YUL
x-amz-meta-md5chksum
OU4v+gSfcw1b9iLHS1JJwg==
x-amz-cf-id
9Ax1okXcabtU9pGFUpVsvMXe_hu7UmQvRdBAb2zj2LOoQ36Ou4oo0Q==
expires
Thu, 28 Sep 2023 14:20:04 GMT
JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
fonts.gstatic.com/s/montserrat/v25/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,400i,700,700i&display=swap&subset=latin,latin-ext
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.rsvprewards.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 15:18:37 GMT
x-content-type-options
nosniff
age
514887
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31760
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:54:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Sep 2023 15:18:37 GMT
751d1e0e2dcdecee
www.rsvprewards.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 209F 		2 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.rsvprewards.com/cdn-cgi/challenge-platform/h/b/cv/result/751d1e0e2dcdecee
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1664366400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 28 Sep 2022 14:20:04 GMT
content-encoding
br
server
cloudflare
cf-ray
751d1e1f99b6ecfa-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8
/
o478535.ingest.sentry.io/api/282725/envelope/ 		2 B
20 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o478535.ingest.sentry.io/api/282725/envelope/?sentry_key=74e3662d86224213a76f365f800bfb4f&sentry_version=7
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v6be3e621e5d5b84e1daca29f4ef1eca1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.rsvprewards.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 28 Sep 2022 14:20:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.rsvprewards.com
access-control-expose-headers
retry-after, x-sentry-rate-limits, x-sentry-error
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
/
o478535.ingest.sentry.io/api/282725/store/ 		198 B
219 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o478535.ingest.sentry.io/api/282725/store/?sentry_key=74e3662d86224213a76f365f800bfb4f&sentry_version=7
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v6be3e621e5d5b84e1daca29f4ef1eca1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
bac10d17440dcd6f6c6c4e0bd7eca2e1a7eec030ef3b1143d4be3791dcf91263
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.rsvprewards.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 28 Sep 2022 14:20:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.rsvprewards.com
access-control-expose-headers
x-sentry-error, x-sentry-rate-limits, retry-after
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
198
x-sentry-rate-limits
35:default;error;security;attachment:organization:error_usage_exceeded
retry-after
35
/
o478535.ingest.sentry.io/api/282725/envelope/ 		198 B
219 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o478535.ingest.sentry.io/api/282725/envelope/?sentry_key=74e3662d86224213a76f365f800bfb4f&sentry_version=7
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v6be3e621e5d5b84e1daca29f4ef1eca1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
bac10d17440dcd6f6c6c4e0bd7eca2e1a7eec030ef3b1143d4be3791dcf91263
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.rsvprewards.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 28 Sep 2022 14:20:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.rsvprewards.com
access-control-expose-headers
x-sentry-error, retry-after, x-sentry-rate-limits
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
198
x-sentry-rate-limits
60:transaction:organization:transaction_usage_exceeded
retry-after
60
collect
www.google-analytics.com/j/ 		1 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j97&aip=1&a=1906466637&t=pageview&_s=1&dl=https%3A%2F%2Fwww.rsvprewards.com%2Fsign-up%3Futm_medium%3Demail%26utm_source%3DAB%2BSplit%2BEmail%26utm_campaign%3DSHG_Sep27_LTOVHDA%26pl%3D837t36v39n3bu34d33332x39j36e36p32h37l32k00&dp=%2Fsign-up%3Futm_medium%3Demail%26utm_source%3DAB%2BSplit%2BEmail%26utm_campaign%3DSHG_Sep27_LTOVHDA%26pl%3D837t36v39n3bu34d33332x39j36e36p32h37l32k00&ul=en-us&de=UTF-8&dt=Sign%20Up%20Page%20%7C%20RSVP%20Rewards&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAAC~&jid=1545803398&gjid=1373593592&cid=863088389.1664374804&tid=UA-162681275-1&_gid=1681151711.1664374804&_r=1&gtm=2wg9q0TL2MM4B&cg1=guest_portal&cg2=not_applicable&cg3=group_property&cd1=1100262&cd2=not_applicable&cd3=Northland%20Properties%20Corp&cd4=The%20Sutton%20Place%20Hotels&cd5=not_applicable&cd6=not_applicable&cd7=not_applicable&cd8=not_applicable&cd9=not_applicable&cd10=not_applicable&cd11=not_applicable&cd12=galaxy&cd13=essentials&cd14=th1&cd15=hd1&cd16=ft3&cd19=tvs_no&cd20=not_applicable&cd21=group_property&cd22=not_applicable&cd23=not_applicable&cd24=2&cd25=en&cd26=guest_portal&cd27=not_applicable&cd28=not_applicable&cd29=not_applicable&cd30=no&cd31=no&cd34=%7C&cd36=%7C&cd38=https%3A%2F%2Fwww.rsvprewards.com%2Fsign-up%3Futm_medium%3Demail%26utm_source%3DAB%2BSplit%2BEmail%26utm_campaign%3DSHG_Sep27_LTOVHDA%26pl%3D837t36v39n3bu34d33332x39j36e36p32h37l32k00&cd39=not_applicable&cd40=rsvprewards.com&cd41=GTM-TL2MM4B&cd42=51&cd54=be4&cd59=0&z=1851659046
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v6be3e621e5d5b84e1daca29f4ef1eca1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 14:20:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.rsvprewards.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j97&aip=1&a=1906466637&t=pageview&_s=1&dl=https%3A%2F%2Fwww.rsvprewards.com%2Fsign-up%3Futm_medium%3Demail%26utm_source%3DAB%2BSplit%2BEmail%26utm_campaign%3DSHG_Sep27_LTOVHDA%26pl%3D837t36v39n3bu34d33332x39j36e36p32h37l32k00&dp=%2Fsign-up%3Futm_medium%3Demail%26utm_source%3DAB%2BSplit%2BEmail%26utm_campaign%3DSHG_Sep27_LTOVHDA%26pl%3D837t36v39n3bu34d33332x39j36e36p32h37l32k00&ul=en-us&de=UTF-8&dt=Sign%20Up%20Page%20%7C%20RSVP%20Rewards&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACEABBAAAAC~&jid=551686789&gjid=687920505&cid=863088389.1664374804&tid=UA-193984690-1&_gid=1681151711.1664374804&_r=1&gtm=2wg9q0MBPBFS9&cd1=not_available&cd2=not_available&cd3=not_available&cd4=Guest&cd5=not_available&cd6=not_available&cd7=not_available&cd8=not_available&cd9=not_available&cd10=not_applicable&cd11=not_applicable&cd12=not_applicable&cd14=not_applicable&cd15=not_applicable&cd16=no&cd19=https%3A%2F%2Fwww.rsvprewards.com%2Fsign-up%3Futm_medium%3Demail%26utm_source%3DAB%2BSplit%2BEmail%26utm_campaign%3DSHG_Sep27_LTOVHDA%26pl%3D837t36v39n3bu34d33332x39j36e36p32h37l32k00&z=600486866
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v6be3e621e5d5b84e1daca29f4ef1eca1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 14:20:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.rsvprewards.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j97&aip=1&a=1906466637&t=pageview&_s=1&dl=https%3A%2F%2Fwww.rsvprewards.com%2Fsign-up%3Futm_medium%3Demail%26utm_source%3DAB%2BSplit%2BEmail%26utm_campaign%3DSHG_Sep27_LTOVHDA%26pl%3D837t36v39n3bu34d33332x39j36e36p32h37l32k00&dp=%2Fsign-up%3Futm_medium%3Demail%26utm_source%3DAB%2BSplit%2BEmail%26utm_campaign%3DSHG_Sep27_LTOVHDA%26pl%3D837t36v39n3bu34d33332x39j36e36p32h37l32k00&ul=en-us&de=UTF-8&dt=Sign%20Up%20Page%20%7C%20RSVP%20Rewards&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACEABBAAAAC~&jid=1997258880&gjid=266581974&cid=863088389.1664374804&tid=UA-193985224-1&_gid=1681151711.1664374804&_r=1&gtm=2wg9q0MBPBFS9&cd1=not_available&cd2=not_available&cd3=not_available&cd4=Guest&cd5=not_available&cd6=not_available&cd7=not_available&cd8=not_available&cd9=not_available&cd10=not_applicable&cd11=not_applicable&cd12=not_applicable&cd14=not_applicable&cd15=not_applicable&cd16=no&cd19=https%3A%2F%2Fwww.rsvprewards.com%2Fsign-up%3Futm_medium%3Demail%26utm_source%3DAB%2BSplit%2BEmail%26utm_campaign%3DSHG_Sep27_LTOVHDA%26pl%3D837t36v39n3bu34d33332x39j36e36p32h37l32k00&z=1537462813
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/integration/tc-theme/public/js/bundle.js?v6be3e621e5d5b84e1daca29f4ef1eca1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 14:20:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.rsvprewards.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-H4228VNMFE&gtm=2oe9q0&_p=1906466637&cid=863088389.1664374804&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=1&dl=%2Fsign-up%3Futm_medium%3Demail%26utm_source%3DAB%2BSplit%2BEmail%26utm_campaign%3DSHG_Sep27_LTOVHDA%26pl%3D837t36v39n3bu34d33332x39j36e36p32h37l32k00&sid=1664374804&sct=1&seg=0&dt=Sign%20Up%20Page%20%7C%20RSVP%20Rewards&en=page_view&_fv=1&_ss=1&ep.page_section=not_applicable&ep.page_subsection=not_applicable&ep.page_content_group=not_applicable&ep.page_full_url=https%3A%2F%2Fwww.rsvprewards.com%2Fsign-up%3Futm_medium%3Demail%26utm_source%3DAB%2BSplit%2BEmail%26utm_campaign%3DSHG_Sep27_LTOVHDA%26pl%3D837t36v39n3bu34d33332x39j36e36p32h37l32k00&ep.page_language=en&ep.page_containing_tvs=no&ep.hotel_city=not_applicable&ep.hotel_country=not_applicable&ep.hotel_state=not_applicable&ep.hotel_continent=not_applicable&ep.hotel_brand_name=The%20Sutton%20Place%20Hotels&ep.hotel_id=not_applicable&ep.hotel_name=not_applicable&ep.hotel_star_rating=not_applicable&ep.hotel_property_type=group_property&ep.hotel_booking_engine_provider=not_applicable&up.user_logged_in_session=no
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 14:20:04 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.rsvprewards.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-3S5G3ZLFWB&gtm=2oe9q0&_p=1906466637&cid=863088389.1664374804&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=Q&_z=ccd.v9B&_s=1&dl=%2Fsign-up%3Futm_medium%3Demail%26utm_source%3DAB%2BSplit%2BEmail%26utm_campaign%3DSHG_Sep27_LTOVHDA%26pl%3D837t36v39n3bu34d33332x39j36e36p32h37l32k00&sid=1664374804&sct=1&seg=0&dt=Sign%20Up%20Page%20%7C%20RSVP%20Rewards&en=page_view&_fv=1&_ss=1&ep.page_section=not_applicable&ep.page_subsection=not_applicable&ep.page_content_group=not_applicable&ep.page_full_url=https%3A%2F%2Fwww.rsvprewards.com%2Fsign-up%3Futm_medium%3Demail%26utm_source%3DAB%2BSplit%2BEmail%26utm_campaign%3DSHG_Sep27_LTOVHDA%26pl%3D837t36v39n3bu34d33332x39j36e36p32h37l32k00&ep.page_language=en&ep.page_containing_tvs=no&ep.hotel_city=not_applicable&ep.hotel_country=not_applicable&ep.hotel_state=not_applicable&ep.hotel_continent=not_applicable&ep.hotel_brand_name=The%20Sutton%20Place%20Hotels&ep.hotel_id=not_applicable&ep.hotel_name=not_applicable&ep.hotel_star_rating=not_applicable&ep.hotel_property_type=group_property&ep.hotel_booking_engine_provider=not_applicable&up.user_logged_in_session=no
Requested by
Host: www.rsvprewards.com
URL: https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.rsvprewards.com/sign-up?utm_medium=email&utm_source=AB+Split+Email&utm_campaign=SHG_Sep27_LTOVHDA&pl=837t36v39n3bu34d33332x39j36e36p32h37l32k00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 14:20:04 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.rsvprewards.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

95 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| galaxyGMS string| BIDnumber number| websiteID number| cms object| ts_analytics object| dl object| dataLayer object| galaxyInfo string| _dynamic_base object| websiteGlobalVariables object| cookieconsent string| gmsUrlReservation boolean| gmsUrlReservationTarget string| endpointBase string| tokenEndpoint string| reservationUrl string| gmsModifyBookingURL string| language string| gmsLoginURL string| gmsHomeURL string| gmsSignUpURL string| gmsResetPasswordURL string| gmsSignUpSuccessURL string| gmsResetPasswordCodeSuccessURL string| gmsDateFormat string| gmsDatePlaceholder object| gmsCalendars string| gmsDefaultTierColor string| gmsDefaultTierColorText string| gmsMembershipBgColor string| gmsMembershipTxtColor string| gmsPointsBgColor string| gmsPointsTxtColor object| gmsConfigObject string| gmsHotelsData boolean| gmsSDKSession string| gmsJSPath object| google_tag_manager object| google_tag_data object| __ga4Redact function| setImmediate function| clearImmediate object| GMS function| base64 function| isLocalStorageAvailable object| GMSVendor object| headerMenu object| headerConfigs object| cms_configs string| GMS_required_status object| gmsVisaIframe object| webpackJsonp object| regeneratorRuntime object| tcGMSHelpers object| GalaxyPersonalization function| triggerCheck_gms object| glxhprs object| webpackJsonpglxhprs object| GalaxyHelpers object| traductionBM object| validationMessages object| tcthemejsonpFunction object| picturefillCFG function| picturefill boolean| VimeoPlayerResizeEmbeds_ boolean| VimeoSeoMetadataAppended object| lazySizes object| BM object| __SENTRY__ function| SVGInject object| CustomMap object| CustomMapUI object| GoogleAPIs function| $ function| jQuery function| _ object| errorOptions function| alite object| tcTool string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady

10 Cookies

Domain/Path Name / Value
flow.sandmanhotels.com/tr Name: GMS_REDIRECT
Value: B8A6E39F18F395EA500D859ABBE1F252
flow.sandmanhotels.com/ Name: 10547921074405
Value: 604a97701428
.www.rsvprewards.com/ Name: __cf_bm
Value: Cj5qC2fQmTXOtMaPIpWmtotPB2c18.VaE29qQxF6wtM-1664374804-0-AUtUjqSJNkKBOp48ekj+O7ZatAccvJI6mjZhtFP90NJpqdS5YXXMe2VmGGbBScx6OSsHQXhJkt39IUMr1qFmeaYIZ79szBsnwBf6AEu9siVkiNZOv3Hr8i1dZ1V76LB1qA==
.rsvprewards.com/ Name: _gid
Value: GA1.2.1681151711.1664374804
.rsvprewards.com/ Name: _gat_tct
Value: 1
.rsvprewards.com/ Name: _gat_tc_client
Value: 1
.rsvprewards.com/ Name: _gat_tc_client_roll_up
Value: 1
.rsvprewards.com/ Name: _ga_H4228VNMFE
Value: GS1.1.1664374804.1.0.1664374804.0.0.0
.rsvprewards.com/ Name: _ga
Value: GA1.1.863088389.1664374804
.rsvprewards.com/ Name: _ga_3S5G3ZLFWB
Value: GS1.1.1664374804.1.0.1664374804.0.0.0

3 Console Messages

Source Level URL
Text
network error URL: https://tc.galaxy.tf/tc/shop/v1/hotel/113129/calendar?dateIn=2022-09-28&lang=en
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://o478535.ingest.sentry.io/api/282725/store/?sentry_key=74e3662d86224213a76f365f800bfb4f&sentry_version=7
Message:
Failed to load resource: the server responded with a status of 429 ()
network error URL: https://o478535.ingest.sentry.io/api/282725/envelope/?sentry_key=74e3662d86224213a76f365f800bfb4f&sentry_version=7
Message:
Failed to load resource: the server responded with a status of 429 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.travelclick.com
api.tsa-db.com
cdn.galaxy.tf
cdnjs.cloudflare.com
dynamic.travelclick-websolutions.com
flow.sandmanhotels.com
fonts.googleapis.com
fonts.gstatic.com
image-tc.galaxy.tf
o478535.ingest.sentry.io
tc.galaxy.tf
www.google-analytics.com
www.googletagmanager.com
www.rsvprewards.com
195.244.31.25
23.219.82.59
2600:141b:13:79a::14b9
2600:9000:2512:6200:16:41f8:18c0:93a1
2606:4700::6811:190e
2606:4700::6811:b664
2606:4700::6811:b764
2606:4700::6811:b964
2607:f8b0:4006:806::200a
2607:f8b0:4006:808::2008
2607:f8b0:4006:80f::2003
2607:f8b0:4006:81c::200e
3.216.49.13
34.120.195.249
0b7aa60ffedd04abd7ecdbc42cf403bc376df7e13a0cfadefb45c3053b343695
0e9575ea089a989683e0519998ae57ad2bb058d2f6687072c108da736447513b
1204955a700f9eeef8dd6dde38b07ed0c879a3b015e0b6b755c3264381119ad9
142a8f93328ab96cd295c87c0e1a0b357b88249989468a52c502dff0ebbae49d
1fcef795b52be9a1865d4ad7cbc0e767b33aa07884762c6e5ed5b3969a6a8aee
23389ade8da2559ee3c1813b024a5432047652981bb8e2e84e3a943b967a1385
2640603c81e84936fe90cb8f1697c47eee36d4f6013352d6fc917bb38507a291
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2e4b768550e76908bf473c085ba0c8847cac5bb2c50ad3a8b8817116a177e3e7
2f28fa10529c01d52222edea9a7e9e5f45edaf7b33a0e44245f187a4f9a66166
2fad351e76cdfee295c42a628938000ad1d909d6ac7adaa3f749c03f6e16230a
33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
584dfc26a09b20f29619b9e8e25003f632b9849808d0bdac4c3d18809aaad8f8
5d3a263f796603edfa7ac5670190db6aab3b0921c3b2b81bc7695e92c12a7022
6477c99fdb15187e3c895b87a03d06c3a984927f827650932c4979f12a2bb51f
658996ad1ba7eeee4aeeee3e62d3e26c9f1231171b24f74773637b366131b82d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
71cd3bc07e64065862ece89092fc2f7d30ae9150e63a755f7a492d3b0d2081bc
73c16f2477aede0bc21684477ea5e898d9f283350ec844838fea5eace497d826
7b787054ff2a52209646894f900a8e02806a7ee6cdb7758409b209d684472a8f
7d14a9f7d3d66bb5b76d50f2f3808b4bd6ca16a4545884c5dfa13f178e5ce442
84fadf9c95fe6a80d80ae48c55edd022e611841e752d225c08c20b8a64536a67
8b7075624d46313ab63cc94128649bdfdb7bda764ecd77e449554315e02e1a9f
958704d05d4be8019f515074008637b86eba742801afbc048924daad6d3cc437
986fb201005bbe98bd8bd1d4a93c34bc89f58dd2118acbfd385ee4402fc99b34
99d17a83324f7424947279a42446b046e1ac6a7ca8438d3a62f7bf15e935aab2
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
a95c28c4a106f5389d338903d65c5c8973fbd189c11dd3be97e51a24bc4c37b5
ad143d75162342bd9978cbbbc5d0a20a081d78c954f6b09b3d1f358806a73fb2
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
b085cf7e8c7a10d3b30b0f551d1668ec5e59ccf486d7f6c15d4a58cb49bc162e
bac10d17440dcd6f6c6c4e0bd7eca2e1a7eec030ef3b1143d4be3791dcf91263
c6b87ca5e635c6f57ee1a98dc22daad61b5655fe77fb9a448e356d6dd69c974a
ce400e5eb2aba5ad07d71ad1932d519e121cb6728a3e39e4bb59eeafb80ebe89
ce45a7ca7917fe51dbae2582057253d3a733c341963d7419752c647802e64d6f
ce4897fcf5d08167d6478e7e11377a81399faede8526507a66bf6e01f3ba399a
ce4f1b48eedafeaa3d9b02d15dc642b4cc9a995b6e517d6d9bd91d007a420a6c
d14f1d4d3534e1cf327ec99f86268befaa8853b7b113a84022d1ac2527659ca6
d3ee891d09918b640073d78e8742d582c57ea6a883331ce1d0239b921439c2fb
e04815d2b44ded36554b60220d7a4e8b199747ae6f2911a8de71ed4781d5add5
e19bc80b0133290c6bea5524fdae3ff6081841463646ef3c6548a349bb5b91e2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f452b1661c91988946649e0bc800b48c238c87aa4d6c612f03fabf3b078f3d1f
ff4748da828fd12795da27db137e2345cd6301f80b9b95f7da7ef2ee72b0abb1