www.tdrewards.com Open in urlscan Pro
45.60.67.34 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://eurox.co.th/api-keys/logon.php?ttt=1673897298?idlogin=12de2235c74639cef8009f55c3f27005
Effective URL:
https://www.tdrewards.com/home-page
Submission: On February 21 via manual (February 21st 2023, 4:49:07 am UTC) from IN — Scanned from SG

Summary HTTP 130 Redirects Behaviour Indicators

Summary

This website contacted 26 IPs in 4 countries across 33 domains to perform 130 HTTP transactions. The main IP is 45.60.67.34, located in United States and belongs to INCAPSULA, US. The main domain is www.tdrewards.com.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2022 Q4 on December 13th 2022. Valid for: 6 months.

This is the only time www.tdrewards.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	128.199.65.28 128.199.65.28	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
16	45.60.67.34 45.60.67.34	19551 (INCAPSULA) (INCAPSULA)
6	13.33.88.15 13.33.88.15	16509 (AMAZON-02) (AMAZON-02)
2 18	54.191.164.145 54.191.164.145	16509 (AMAZON-02) (AMAZON-02)
23	2404:6800:400... 2404:6800:4003:c0f::61	15169 (GOOGLE) (GOOGLE)
1 9	2404:6800:400... 2404:6800:4003:c04::9c	15169 (GOOGLE) (GOOGLE)
1 10	2404:6800:400... 2404:6800:4003:c11::69	15169 (GOOGLE) (GOOGLE)
10	2404:6800:400... 2404:6800:4003:c04::5e	15169 (GOOGLE) (GOOGLE)
1	52.40.43.63 52.40.43.63	16509 (AMAZON-02) (AMAZON-02)
2	23.44.4.160 23.44.4.160	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8 8	13.251.123.168 13.251.123.168	16509 (AMAZON-02) (AMAZON-02)
1	52.221.116.71 52.221.116.71	16509 (AMAZON-02) (AMAZON-02)
1 1	13.33.33.44 13.33.33.44	16509 (AMAZON-02) (AMAZON-02)
1 1	103.229.205.242 103.229.205.242	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	104.254.150.228 104.254.150.228	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	67.202.105.22 67.202.105.22	32748 (STEADFAST) (STEADFAST)
7 7	74.125.68.156 74.125.68.156	15169 (GOOGLE) (GOOGLE)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
6 12	52.74.176.159 52.74.176.159	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:116:800e... 2620:116:800e:21:a878:7c6e:cf7b:3362	16509 (AMAZON-02) (AMAZON-02)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	34.111.234.236 34.111.234.236	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	106.10.236.147 106.10.236.147	56173 (YAHOO-SG3...) (YAHOO-SG3 internet content provider)
1 1	2600:1901:0:8... 2600:1901:0:8eee::	15169 (GOOGLE) (GOOGLE)
2 2	184.87.224.46 184.87.224.46	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	3.232.106.236 3.232.106.236	14618 (AMAZON-AES) (AMAZON-AES)
1	2406:2000:98:... 2406:2000:98:800::e6	38032 (YAHOO-HK2...) (YAHOO-HK2-AP internet content provider)
2 3	52.46.155.104 52.46.155.104	16509 (AMAZON-02) (AMAZON-02)
4	2404:6800:400... 2404:6800:4003:c04::64	15169 (GOOGLE) (GOOGLE)
1	64.233.170.148 64.233.170.148	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c11::9a	15169 (GOOGLE) (GOOGLE)
1	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
5 10	142.251.12.149 142.251.12.149	15169 (GOOGLE) (GOOGLE)
5	2404:6800:400... 2404:6800:4003:c05::9d	15169 (GOOGLE) (GOOGLE)
1	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
3	2a03:2880:f00... 2a03:2880:f00c:300:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	142.250.4.155 142.250.4.155	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f10... 2a03:2880:f10c:381:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
130	26

1 128.199.65.28 (Singapore) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

eurox.co.th	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 45.60.67.34 (United States)

ASN19551 (INCAPSULA, US)

www.tdrewards.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.33.88.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-15.sin2.r.cloudfront.net

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 54.191.164.145 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-191-164-145.us-west-2.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2404:6800:4003:c0f::61 (Singapore)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2404:6800:4003:c04::9c (Singapore) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2404:6800:4003:c11::69 (Singapore) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2404:6800:4003:c04::5e (Singapore)

ASN15169 (GOOGLE, US)

www.google.com.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.40.43.63 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-40-43-63.us-west-2.compute.amazonaws.com

td.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.44.4.160 (Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-4-160.deploy.static.akamaitechnologies.com

smetrics.td.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 13.251.123.168 (Singapore) 8 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-123-168.ap-southeast-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.221.116.71 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-221-116-71.ap-southeast-1.compute.amazonaws.com

tdbankfinancialgroup.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.33.44 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-44.sin2.r.cloudfront.net

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.229.205.242 (Singapore) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.254.150.228 (Los Angeles, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.158.64 (Singapore)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.22 (Palos Park, United States) 1 redirects

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-105.static.steadfastdns.net

dp2.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 74.125.68.156 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: sc-in-f156.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 52.74.176.159 (Singapore) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-176-159.ap-southeast-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800e:21:a878:7c6e:cf7b:3362 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.234.236 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 236.234.111.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 106.10.236.147 (Singapore) 1 redirects

ASN56173 (YAHOO-SG3 internet content provider, SG)
PTR: spcms.pbp.vip.sg3.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:8eee:: (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.87.224.46 (Central, Hong Kong) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-87-224-46.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.232.106.236 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-106-236.compute-1.amazonaws.com

exchange.adstanding.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:2000:98:800::e6 (Taiwan)

ASN38032 (YAHOO-HK2-AP internet content provider, HK)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.155.104 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4003:c04::64 (Singapore)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.170.148 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f148.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c11::9a (Singapore)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.251.12.149 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: se-in-f149.1e100.net

6835781.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
6868519.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
5322602.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
5967600.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
10393945.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4003:c05::9d (Singapore)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.241.14 (Apex, United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f00c:300:face:b00c:0:3 (Singapore)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.4.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f155.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f10c:381:face:b00c:0:25de (Singapore)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	doubleclick.net 13 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 cm.g.doubleclick.net — Cisco Umbrella Rank: 205 ad.doubleclick.net — Cisco Umbrella Rank: 164 stats.g.doubleclick.net — Cisco Umbrella Rank: 77 6835781.fls.doubleclick.net 6868519.fls.doubleclick.net — Cisco Umbrella Rank: 779441 5322602.fls.doubleclick.net 5967600.fls.doubleclick.net 10393945.fls.doubleclick.net	14 KB
23	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	1 MB
20	everesttech.net 14 redirects cm.everesttech.net — Cisco Umbrella Rank: 1029 pixel.everesttech.net — Cisco Umbrella Rank: 4493	9 KB
19	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 199 td.demdex.net — Cisco Umbrella Rank: 40372	21 KB
16	tdrewards.com www.tdrewards.com	3 MB
15	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 72	2 KB
10	google.com.sg www.google.com.sg — Cisco Umbrella Rank: 12969	1 KB
6	ensighten.com nexus.ensighten.com — Cisco Umbrella Rank: 2923	136 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	22 KB
4	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 241 bat.bing.com — Cisco Umbrella Rank: 368	13 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 149	91 KB
3	amazon-adsystem.com 2 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 274	2 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 106	216 B
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 163	18 KB
2	owneriq.net 2 redirects px.owneriq.net — Cisco Umbrella Rank: 1191	1 KB
2	yahoo.com 1 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 860 ads.yahoo.com — Cisco Umbrella Rank: 2672	1 KB
2	tribalfusion.com 2 redirects a.tribalfusion.com — Cisco Umbrella Rank: 734 s.tribalfusion.com — Cisco Umbrella Rank: 1800	951 B
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 426	1 KB
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 203	2 KB
2	td.com smetrics.td.com — Cisco Umbrella Rank: 41557	3 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 222	625 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 341	9 KB
1	adstanding.com 1 redirects exchange.adstanding.com — Cisco Umbrella Rank: 152272	169 B
1	pro-market.net 1 redirects fei.pro-market.net — Cisco Umbrella Rank: 2207	304 B
1	ml314.com 1 redirects ml314.com — Cisco Umbrella Rank: 1710	406 B
1	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 643	494 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 617	396 B
1	33across.com 1 redirects dp2.33across.com — Cisco Umbrella Rank: 9430	501 B
1	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 542	720 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 460	684 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 482	634 B
1	omtrdc.net tdbankfinancialgroup.tt.omtrdc.net — Cisco Umbrella Rank: 86817	729 B
1	eurox.co.th 1 redirects eurox.co.th	283 B
130	33

	Domain	Requested by
23	www.googletagmanager.com	nexus.ensighten.com www.googletagmanager.com
18	dpm.demdex.net	2 redirects www.tdrewards.com
16	www.tdrewards.com	www.tdrewards.com
12	pixel.everesttech.net	6 redirects www.tdrewards.com
10	www.google.com.sg	www.tdrewards.com 5967600.fls.doubleclick.net
10	www.google.com	1 redirects www.tdrewards.com
9	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
8	cm.everesttech.net	8 redirects
7	cm.g.doubleclick.net	7 redirects
6	nexus.ensighten.com	www.tdrewards.com nexus.ensighten.com
5	adservice.google.com	6868519.fls.doubleclick.net 5322602.fls.doubleclick.net 6835781.fls.doubleclick.net 5967600.fls.doubleclick.net 10393945.fls.doubleclick.net
4	www.google-analytics.com	www.tdrewards.com www.google-analytics.com
3	connect.facebook.net	6835781.fls.doubleclick.net connect.facebook.net
3	bat.bing.com	nexus.ensighten.com bat.bing.com www.tdrewards.com
3	s.amazon-adsystem.com	2 redirects
2	www.facebook.com	6835781.fls.doubleclick.net
2	www.googleadservices.com	5967600.fls.doubleclick.net www.googleadservices.com
2	10393945.fls.doubleclick.net	1 redirects 6835781.fls.doubleclick.net
2	5967600.fls.doubleclick.net	1 redirects 6835781.fls.doubleclick.net
2	5322602.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	6868519.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	6835781.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	px.owneriq.net	2 redirects
2	pixel.tapad.com	2 redirects
2	ib.adnxs.com	2 redirects
2	smetrics.td.com	www.tdrewards.com
1	bam.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	www.tdrewards.com
1	stats.g.doubleclick.net	www.tdrewards.com
1	ad.doubleclick.net	nexus.ensighten.com
1	ads.yahoo.com	www.tdrewards.com
1	exchange.adstanding.com	1 redirects
1	fei.pro-market.net	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	ml314.com	1 redirects
1	s.tribalfusion.com	1 redirects
1	a.tribalfusion.com	1 redirects
1	c.bing.com	1 redirects
1	cms.quantserve.com	1 redirects
1	analytics.twitter.com	www.tdrewards.com
1	dp2.33across.com	1 redirects
1	token.rubiconproject.com	www.tdrewards.com
1	sync.mathtag.com	1 redirects
1	aa.agkn.com	1 redirects
1	tdbankfinancialgroup.tt.omtrdc.net	www.tdrewards.com
1	td.demdex.net	nexus.ensighten.com
1	eurox.co.th	1 redirects
130	47

This site contains no links.

Subject Issuer	Validity	Valid
imperva.com GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-13` - `2023-06-11`	6 months	crt.sh
nexus.ensighten.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-07` - `2023-10-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.google.com.sg GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
smetrics.td.com Entrust Certification Authority - L1M	`2022-10-12` - `2023-10-12`	a year	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-09-01`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-03` - `2024-01-03`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-11-30` - `2023-02-28`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://www.tdrewards.com/home-page
Frame ID: 8B28D6AFD77351177E3E7F72B27F035F
Requests: 87 HTTP requests in this frame

Frame: https://td.demdex.net/dest5.html?d_nsid=0
Frame ID: 1C7FACC56C45744DC9C3C3EB69735091
Requests: 25 HTTP requests in this frame

Frame: https://6835781.fls.doubleclick.net/activityi;dc_pre=CIvSlP3npf0CFUsJtwAd8JsOag;src=6835781;type=tdrew0;cat=tdrew0;ord=1;num=8046381200834;gtm=45fe32f0;auiddc=13383402.1676954938;u1=65286991678998325220791967694572194369;~oref=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page
Frame ID: 2C8A237F57E90D0A13ECE81C354C1362
Requests: 7 HTTP requests in this frame

Frame: https://6868519.fls.doubleclick.net/activityi;dc_pre=CLWHlf3npf0CFdD6cwEdGkELmg;src=6868519;type=credi0;cat=tdrew00-;ord=1;num=6399952894497;gtm=45fe32f0;auiddc=13383402.1676954938;~oref=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page
Frame ID: 6352908FBD12334C862B6427625CB6B9
Requests: 2 HTTP requests in this frame

Frame: https://5322602.fls.doubleclick.net/activityi;dc_pre=CNmxlv3npf0CFSbBcwEdJ4MC_g;src=5322602;type=rewar0;cat=tdrew002;ord=1;num=1952114974625;gtm=45fe32f0;auiddc=13383402.1676954938;u1=65286991678998325220791967694572194369;~oref=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page
Frame ID: 58C546335B520EDB6E7582214725099B
Requests: 2 HTTP requests in this frame

Frame: https://5967600.fls.doubleclick.net/activityi;dc_pre=CM_dnf3npf0CFYvWcwEdcvoA5A;src=5967600;type=invmedia;cat=tdrew000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=3416028331337.386
Frame ID: 1BB64ACCFA851088DF601CDF684E7D98
Requests: 5 HTTP requests in this frame

Frame: https://10393945.fls.doubleclick.net/activityi;dc_pre=CNyAnv3npf0CFUHrcwEdMFwBHQ;src=10393945;type=invmedia;cat=tdban02l;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=6645594186706.512
Frame ID: 0E90C5D14F89FC562480377DEABC17A9
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TD RewardsTD Rewards

Page URL History Show full URLs

https://eurox.co.th/api-keys/logon.php?ttt=1673897298?idlogin=12de2235c74639cef8009f55c3f27005 HTTP 302
https://www.tdrewards.com/home-page Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

\bangular.{0,32}\.js

Ensighten (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

//nexus\.ensighten\.com/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

130
Requests

81 %
HTTPS

34 %
IPv6

33
Domains

47
Subdomains

26
IPs

4
Countries

4773 kB
Transfer

8029 kB
Size

50
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://eurox.co.th/api-keys/logon.php?ttt=1673897298?idlogin=12de2235c74639cef8009f55c3f27005 HTTP 302
https://www.tdrewards.com/home-page Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A783776A5245B1E50A490D44%40AdobeOrg&d_nsid=0&ts=1676954937556 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A783776A5245B1E50A490D44%40AdobeOrg&d_nsid=0&ts=1676954937556

Request Chain 62

https://cm.everesttech.net/cm/dd?d_uuid=65554699200568542640765205158559620211 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y-RNOgAAAEaDMgM5

Request Chain 65

https://aa.agkn.com/adscores/g.pixel?sid=9211132908&aam=65554699200568542640765205158559620211 HTTP 302
https://dpm.demdex.net/ibs:dpid=21&dpuuid=207460804434001876121

Request Chain 66

https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=65554699200568542640765205158559620211&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d65554699200568542640765205158559620211 HTTP 302
https://dpm.demdex.net/ibs:dpid=269&dpuuid=839963f4-4d3b-4600-b847-f418e4abbc36&ddsuuid=65554699200568542640765205158559620211

Request Chain 67

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
https://dpm.demdex.net/ibs:dpid=358&dpuuid=3933931207103664479

Request Chain 69

https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D540%26dpuuid%3D%24%7BTA_DEVICE_ID%7D&partner_device_id=65554699200568542640765205158559620211 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=ADB&partner_url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D540%26dpuuid%3D%24%7BTA_DEVICE_ID%7D&partner_device_id=65554699200568542640765205158559620211 HTTP 302
https://dpm.demdex.net/ibs:dpid=540&dpuuid=8906e4cb-5be1-4f53-8b5b-a50c399d7dfe

Request Chain 70

https://dp2.33across.com/ps/?pid=897&random=1841548178 HTTP 302
https://dpm.demdex.net/ibs:dpid=601&dpuuid=212085385848298&random=1676954940

Request Chain 71

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NjU1NTQ2OTkyMDA1Njg1NDI2NDA3NjUyMDUxNTg1NTk2MjAyMTE= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEEbgggXGXwPyxi-7_uNxs2g&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 73

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.everesttech.net%2F1x1%3F HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WS1STk9nQUFBRWFETWdNNQ&url=/1/gr%3furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F&google_gid=CAESEMgw3GzbZD34Km9BhOCa-C4&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 74

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072980%26val%3D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WS1STk9nQUFBRWFETWdNNQ&url=/1/gr%3furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEMgw3GzbZD34Km9BhOCa-C4&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 75

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fib.adnxs.com%2Fpxj%3Faction%3Dsetuid(%27__EFGSURFER__.__EFGCK__%27)%26bidder%3D51%26seg%3D2634060der%3D51%26seg%3D2634060 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WS1STk9nQUFBRWFETWdNNQ&url=/1/gr%3furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D2634060der%253D51%2526seg%253D2634060 HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D2634060der%253D51%2526seg%253D2634060&google_gid=CAESEMgw3GzbZD34Km9BhOCa-C4&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 76

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fexpires%3D30%26nid%3D2181%26put%3D__EFGSURFER__.__EFGCK__%26v%3D11782 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WS1STk9nQUFBRWFETWdNNQ&url=/1/gr%3furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2526v%253D11782 HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2526v%253D11782&google_gid=CAESEMgw3GzbZD34Km9BhOCa-C4&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 77

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%3D%26piggybackCookie%3D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WS1STk9nQUFBRWFETWdNNQ&url=/1/gr%3furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggybackCookie%253D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggybackCookie%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEMgw3GzbZD34Km9BhOCa-C4&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 78

https://cms.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=8qeRvfDwxOrp9865paDa6vD3krnp9ZHv_fADUEf8

Request Chain 79

https://c.bing.com/c.gif?uid=65554699200568542640765205158559620211&Red3=MSAdobe_pd&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=36569B042D2E6142056689BB2C7460FB

Request Chain 80

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D71%26external_user_id%3D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WS1STk9nQUFBRWFETWdNNQ&url=/1/gr%3furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEMgw3GzbZD34Km9BhOCa-C4&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 81

https://a.tribalfusion.com/i.match?p=b13&u=65554699200568542640765205158559620211&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$ HTTP 302
https://s.tribalfusion.com/z/i.match?p=b13&u=65554699200568542640765205158559620211&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$ HTTP 302
https://dpm.demdex.net/ibs:dpid=22054

Request Chain 82

https://ml314.com/utsync.ashx?eid=50112&et=0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID] HTTP 302
https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3633754004779958300

Request Chain 83

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=65554699200568542640765205158559620211&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-.fmbngdE2pHO7JF9lLsgWczEwiNnNR88gSI-~A

Request Chain 84

https://fei.pro-market.net/engine?site=141472;size=1x1;mimetype=img;du=67;csync=65554699200568542640765205158559620211 HTTP 302
https://dpm.demdex.net/ibs:dpid=575&dpuuid=5340469091507390703

Request Chain 85

https://px.owneriq.net/eucm/p/adpq?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D53196%26dpuuid%3D(OIQ_UUID) HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdpm.demdex.net%2fibs%3adpid%3d53196%26dpuuid%3dQ7302413411610826026&uid=Q7302413411610826026&ref=%2Feucm%2Fp%2Fadpq HTTP 302
https://dpm.demdex.net/ibs:dpid=53196&dpuuid=Q7302413411610826026

Request Chain 86

https://exchange.adstanding.com/partners/aam/sync.php HTTP 302
https://dpm.demdex.net/ibs:dpid=59982&dpuuid=

Request Chain 87

https://cm.everesttech.net/cm/yh HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=Y-RNOgAAAEaDMgM5&sigv=1&esig=1~98a34e8ec600fb220255803653a2a86c40aff5c4

Request Chain 88

https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433 HTTP 302
https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433&dcc=t HTTP 302
https://dpm.demdex.net/ibs:dpid=139200&dpuuid=838rUFr_SyqgoESpVeAvkQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=65554699200568542640765205158559620211

Request Chain 103

https://6835781.fls.doubleclick.net/activityi;src=6835781;type=tdrew0;cat=tdrew0;ord=1;num=8046381200834;gtm=45fe32f0;auiddc=13383402.1676954938;u1=65286991678998325220791967694572194369;~oref=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page HTTP 302
https://6835781.fls.doubleclick.net/activityi;dc_pre=CIvSlP3npf0CFUsJtwAd8JsOag;src=6835781;type=tdrew0;cat=tdrew0;ord=1;num=8046381200834;gtm=45fe32f0;auiddc=13383402.1676954938;u1=65286991678998325220791967694572194369;~oref=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page

Request Chain 104

https://6868519.fls.doubleclick.net/activityi;src=6868519;type=credi0;cat=tdrew00-;ord=1;num=6399952894497;gtm=45fe32f0;auiddc=13383402.1676954938;~oref=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page HTTP 302
https://6868519.fls.doubleclick.net/activityi;dc_pre=CLWHlf3npf0CFdD6cwEdGkELmg;src=6868519;type=credi0;cat=tdrew00-;ord=1;num=6399952894497;gtm=45fe32f0;auiddc=13383402.1676954938;~oref=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page

Request Chain 105

https://5322602.fls.doubleclick.net/activityi;src=5322602;type=rewar0;cat=tdrew002;ord=1;num=1952114974625;gtm=45fe32f0;auiddc=13383402.1676954938;u1=65286991678998325220791967694572194369;~oref=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page HTTP 302
https://5322602.fls.doubleclick.net/activityi;dc_pre=CNmxlv3npf0CFSbBcwEdJ4MC_g;src=5322602;type=rewar0;cat=tdrew002;ord=1;num=1952114974625;gtm=45fe32f0;auiddc=13383402.1676954938;u1=65286991678998325220791967694572194369;~oref=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page

Request Chain 114

https://5967600.fls.doubleclick.net/activityi;src=5967600;type=invmedia;cat=tdrew000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=3416028331337.386 HTTP 302
https://5967600.fls.doubleclick.net/activityi;dc_pre=CM_dnf3npf0CFYvWcwEdcvoA5A;src=5967600;type=invmedia;cat=tdrew000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=3416028331337.386

Request Chain 115

https://10393945.fls.doubleclick.net/activityi;src=10393945;type=invmedia;cat=tdban02l;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=6645594186706.512 HTTP 302
https://10393945.fls.doubleclick.net/activityi;dc_pre=CNyAnv3npf0CFUHrcwEdMFwBHQ;src=10393945;type=invmedia;cat=tdban02l;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=6645594186706.512

Request Chain 122

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/875695358/?random=966415143&cv=9&fst=1676954942590&num=1&npa=1&label=Yk5PCMaLxYYYEP6ZyKED&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F5967600.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCM_dnf3npf0CFYvWcwEdcvoA5A%3Bsrc%3D5967600%3Btype%3Dinvmedia%3Bcat%3Dtdrew000%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bnpa%3D%3Bgdpr%3D%3Bgdpr_consent%3D%3Bord%3D3416028331337.386%3F&ref=https%3A%2F%2F6835781.fls.doubleclick.net%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=Pk30Y5XCJJmY9fwPm96hmAM&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/875695358/?random=966415143&cv=9&fst=1676954942590&num=1&npa=1&label=Yk5PCMaLxYYYEP6ZyKED&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F5967600.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCM_dnf3npf0CFYvWcwEdcvoA5A%3Bsrc%3D5967600%3Btype%3Dinvmedia%3Bcat%3Dtdrew000%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bnpa%3D%3Bgdpr%3D%3Bgdpr_consent%3D%3Bord%3D3416028331337.386%3F&ref=https%3A%2F%2F6835781.fls.doubleclick.net%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=Pk30Y5XCJJmY9fwPm96hmAM&cid=CAQSKQDUE5ymhWXLcOrxxYAFpB_K5l9ISrF8xmygxL-BHq0OgdKF5rQydJID&random=699353179&resp=GooglemKTybQhCsO HTTP 302
https://www.google.com.sg/pagead/1p-conversion/875695358/?random=966415143&cv=9&fst=1676954942590&num=1&npa=1&label=Yk5PCMaLxYYYEP6ZyKED&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F5967600.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCM_dnf3npf0CFYvWcwEdcvoA5A%3Bsrc%3D5967600%3Btype%3Dinvmedia%3Bcat%3Dtdrew000%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bnpa%3D%3Bgdpr%3D%3Bgdpr_consent%3D%3Bord%3D3416028331337.386%3F&ref=https%3A%2F%2F6835781.fls.doubleclick.net%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=Pk30Y5XCJJmY9fwPm96hmAM&cid=CAQSKQDUE5ymhWXLcOrxxYAFpB_K5l9ISrF8xmygxL-BHq0OgdKF5rQydJID&random=699353179&resp=GooglemKTybQhCsO&ipr=y&prhg=0

130 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request home-page Show response
www.tdrewards.com/
Redirect Chain

https://eurox.co.th/api-keys/logon.php?ttt=1673897298?idlogin=12de2235c74639cef8009f55c3f27005
https://www.tdrewards.com/home-page

17 KB
17 KB

1011ms
984ms

Document
text/html

45.60.67.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tdrewards.com/home-page

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.67.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

8b169ef52fe5cea9379209bef87fabb2d938df4fc83b37c68f227441bd18cd9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-type: text/html; charset=utf-8
date: Tue, 21 Feb 2023 04:48:57 GMT
etag: W/"4302-RdelMclD9IM45gRqm4EDeALF+aI"
strict-transport-security: max-age=157680000
x-cdn: Imperva
x-iinfo: 13-6008114-6008117 NNNN CT(245 489 0) RT(1676954935986 6) q(0 0 8 0) r(10 10) U24
x-powered-by: Express

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html; charset=UTF-8
date: Tue, 21 Feb 2023 04:48:56 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://www.tdrewards.com/home-page
pragma: no-cache
server: nginx
x-powered-by: PHP/7.4.33 PleskLin
x-ua-compatible: IE=edge

GET
H2 200 Bootstrap.js Show response
nexus.ensighten.com/tdb/public-ca/ 335 KB
96 KB 38ms
7ms Script
application/javascript 13.33.88.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/tdb/public-ca/Bootstrap.js
Requested by: Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.88.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-88-15.sin2.r.cloudfront.net
Software: CloudFront /
Resource Hash: 9f8315d9a3ac8497d0d3eee3467a75e8cb5fcdda48d13788d65e0affae95aeb0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 22:12:22 GMT
x-amz-version-id: 9EB_lhFawcckbBJ1bon7.sP0tu3J.jT9
content-encoding: gzip
via: 1.1 80432223a109fcf584967597d286e714.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P2
age: 974196
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 09 Feb 2023 21:47:05 GMT
server: CloudFront
etag: W/"ec1b6263d2e6ab9d3558a5d504c60a43"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=300
x-amz-cf-id: 8Pz4dUuAlrO-MT6HJNPQmSntfwOLotb5Zj-HQrz8cCeatlN4V7QwyQ==

GET
H2 200 style.css
www.tdrewards.com/templates/active/static/ 255 KB
256 KB 253ms
252ms Stylesheet
text/css 45.60.67.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tdrewards.com/templates/active/static/style.css

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.67.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

c89295f4cf9f044cc628d03fcdfde1d1d4a9d9398f86d20167e1f9bd90ff571b

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/home-page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 04:48:57 GMT
strict-transport-security: max-age=157680000
last-modified: Tue, 21 Feb 2023 04:45:02 GMT
x-cdn: Imperva
x-powered-by: Express
etag: W/"3fc1b-186724a123b"
content-type: text/css; charset=UTF-8
x-iinfo: 13-6008114-6008117 PNNN RT(1676954935986 998) q(0 0 0 -1) r(3 3) U24
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 261147

GET
H2 200 vendors.js Show response
www.tdrewards.com/ 1 MB
1 MB 996ms
995ms Script
application/javascript 45.60.67.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tdrewards.com/vendors.js

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.67.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

8430e365f8defac031dcde01850e7c9fbf4d4108b991dba7c7bb411cab7a0cff

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/home-page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 04:48:58 GMT
strict-transport-security: max-age=157680000
last-modified: Sat, 11 Feb 2023 01:30:30 GMT
x-cdn: Imperva
x-powered-by: Express
etag: W/"13f64f-1863e185ef0"
content-type: application/javascript; charset=UTF-8
x-iinfo: 13-6008114-6008296 NNNN CT(243 496 0) RT(1676954935986 1002) q(0 0 8 -1) r(10 10) U24
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 1308239

GET
H2 200 bundle.js Show response
www.tdrewards.com/ 1 MB
1 MB 1010ms
1009ms Script
application/javascript 45.60.67.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tdrewards.com/bundle.js

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.67.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

ef02361cfc918950f2432a3eba916b540437375242bd255cd3d33cd7e252fd7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/home-page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 04:48:58 GMT
strict-transport-security: max-age=157680000
last-modified: Sat, 11 Feb 2023 01:30:30 GMT
x-cdn: Imperva
x-powered-by: Express
etag: W/"15ab28-1863e185ef0"
content-type: application/javascript; charset=UTF-8
x-iinfo: 13-6008114-6008298 NNNN CT(248 497 0) RT(1676954935986 1007) q(0 0 8 -1) r(10 10) U24
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 1420072

GET
H2 200 templateCacheHtml.js Show response
www.tdrewards.com/templates/active/static/ 336 B
551 B 1019ms
1018ms Script
application/javascript 45.60.67.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tdrewards.com/templates/active/static/templateCacheHtml.js

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.67.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

e54d3f4ad5c3c66a747f2a7f62e7ca28abfd2db5c57b3ba53721ee02e7e11b29

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/home-page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 04:48:58 GMT
strict-transport-security: max-age=157680000
last-modified: Sat, 11 Feb 2023 01:30:30 GMT
x-cdn: Imperva
x-powered-by: Express
etag: W/"150-1863e185ef0"
content-type: application/javascript; charset=UTF-8
x-iinfo: 13-6008114-6008300 NNNN CT(248 500 0) RT(1676954935986 1010) q(0 0 8 -1) r(10 10) U24
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 336

GET
H2 200 _Incapsula_Resource Show response
www.tdrewards.com/ 133 KB
19 KB 15ms
14ms Script
application/javascript 45.60.67.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tdrewards.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=526974321
Requested by: Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.67.34 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: f52552ace088590537a80213d4c95d1bed5ea213859fb22020a759a9dd447956

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/home-page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
x-robots-tag: noindex
content-length: 19219
content-type: application/javascript

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A783776A5245B1E50A490D44%40AdobeOrg&d_nsid=0&ts=1676954937556
https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A783776A5245B1E50A490D44%40AdobeOrg&d_nsid=0&ts=1676954937556

5 KB
2 KB

209ms
209ms

XHR
application/json

54.191.164.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A783776A5245B1E50A490D44%40AdobeOrg&d_nsid=0&ts=1676954937556

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

HTTP/1.1

Server

54.191.164.145 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-191-164-145.us-west-2.compute.amazonaws.com

Software

Resource Hash

3e96ba81f8f49425b9de546b2cfbdace67a1fcb4c73185008b244f27ae859e44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v042-0602384ee.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: 6gILuK8LRZ8=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.tdrewards.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1551
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-usw2-1-v042-0e694790c.edge-usw2.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: /iEwSHbATpo=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.tdrewards.com
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A783776A5245B1E50A490D44%40AdobeOrg&d_nsid=0&ts=1676954937556
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 serverComponent.php Show response
nexus.ensighten.com/tdb/public-ca/ 599 B
906 B 25ms
25ms Script
text/javascript 13.33.88.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/tdb/public-ca/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/tdb/public-ca/code/&publishedOn=Thu%20Feb%2009%2021:47:01%20GMT%202023&ClientID=822&PageID=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tdb/public-ca/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.88.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-88-15.sin2.r.cloudfront.net
Software: CloudFront /
Resource Hash: d7bf9c39fde63fb581d82d0cea5de476e2184eecda07fbdb5cbab536523ad1e0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 04:48:57 GMT
via: 1.1 80432223a109fcf584967597d286e714.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: SIN2-P2
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: no-cache, no-store
content-length: 599
x-amz-cf-id: ChK49z4MpK0PkTq3sek4x80KeIX2dDdnURHV-rPcRCy_pXReycmSFw==
expires: Tue, 21 Feb 2023 04:48:56 GMT

GET
H2 200 21d670707824fc8bcc8207d207cfc0fa.js Show response
nexus.ensighten.com/tdb/public-ca/code/ 114 KB
36 KB 8ms
6ms Script
application/javascript 13.33.88.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/tdb/public-ca/code/21d670707824fc8bcc8207d207cfc0fa.js?conditionId0=423140
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tdb/public-ca/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.88.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-88-15.sin2.r.cloudfront.net
Software: CloudFront /
Resource Hash: 3419780f825800a9a73c6afd5a23ce681cdb40c853973df484cfbe562d615cd1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 02:52:38 GMT
x-amz-version-id: CZtZCGgUnIbh89k5KNxDQXqdZN5SaAn3
content-encoding: br
via: 1.1 80432223a109fcf584967597d286e714.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P2
age: 698180
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 09 Feb 2023 21:47:05 GMT
server: CloudFront
etag: W/"a88bd8c1710c24d4c562c17f0f91eec1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: -gEkKqUqDNTKO588RVHdvFgpqYWNMhSGXlmKbnCQ6mfG869Xjb2ljw==

GET
H2 200 53806121fbcecf081a714e6527577c95.js Show response
nexus.ensighten.com/tdb/public-ca/code/ 2 KB
814 B 10ms
8ms Script
application/javascript 13.33.88.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/tdb/public-ca/code/53806121fbcecf081a714e6527577c95.js?conditionId0=4841570
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tdb/public-ca/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.88.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-88-15.sin2.r.cloudfront.net
Software: CloudFront /
Resource Hash: 3b30c57fee08b8710ae3ec4a4f44cab038c7c238fbef21adf60791b6af5d3190

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 02:14:56 GMT
x-amz-version-id: nc.xF8GSNlB.1f8m0QghLrowiumo0LJk
content-encoding: br
via: 1.1 80432223a109fcf584967597d286e714.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P2
age: 873240
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Dec 2022 18:16:52 GMT
server: CloudFront
etag: W/"e9606fc127291df4b34091477c116c44"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: CrMcbmcvO4_mLqbty1mb_RWWF5feiqJbW2cnRaj6ypeqNor_ulks0w==

GET
H2 200 e5276288d948078f4ec1dc417fdf0e2b.js Show response
nexus.ensighten.com/tdb/public-ca/code/ 3 KB
1 KB 9ms
7ms Script
application/javascript 13.33.88.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/tdb/public-ca/code/e5276288d948078f4ec1dc417fdf0e2b.js?conditionId0=505813
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tdb/public-ca/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.88.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-88-15.sin2.r.cloudfront.net
Software: CloudFront /
Resource Hash: bde0dcec69fee23a4d9549a2c5a935a8a831c8f8d5019576b7047ce5d7214064

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 20:36:31 GMT
x-amz-version-id: pyKMxTyKEGvgy7OmAcU_nIJaWSBQVguQ
content-encoding: gzip
via: 1.1 80432223a109fcf584967597d286e714.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P2
age: 2189547
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 29 Jul 2021 20:32:17 GMT
server: CloudFront
etag: W/"65bc8d3a30a05124edd12469e8a3a745"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: d6L8ut5WN_CScK7z1J7VLtQpmgLqjTaX3rIrUA7Yua8d8jMo_YHWDg==

GET
H2 200 132b94a24d0c2c50efae315c8d66deb4.js Show response
nexus.ensighten.com/tdb/public-ca/code/ 687 B
1 KB 10ms
9ms Script
application/javascript 13.33.88.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/tdb/public-ca/code/132b94a24d0c2c50efae315c8d66deb4.js?conditionId0=1218305
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tdb/public-ca/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.88.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-88-15.sin2.r.cloudfront.net
Software: CloudFront /
Resource Hash: dc4c8b4269817a4028f65fb34d0cf7410050c6e58aeb82aa9fb067e7d85b3f65

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 18:32:47 GMT
x-amz-version-id: qJZnEEBmjCokGtURZx0GHfXGqM7E8Fr5
via: 1.1 80432223a109fcf584967597d286e714.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P2
age: 3320171
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 687
last-modified: Wed, 07 Dec 2022 18:16:52 GMT
server: CloudFront
etag: "ee74c5f299abbb748fff1fa82a992117"
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: AaKknZzq7n6ug4NBylmoflLivGjqjrMTNwV4dNpPrV0WjnGpsFuLfw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 111 KB
44 KB 21ms
11ms Script
application/javascript 2404:6800:4003:c0f::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6974241

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tdb/public-ca/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f00f65568408b0ad102a40c8d407c1d2435c0cd811d72542924c337f19cea78a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 04:48:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44355
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 21 Feb 2023 04:48:57 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 192 KB
67 KB 25ms
16ms Script
application/javascript 2404:6800:4003:c0f::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1029090628

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tdb/public-ca/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d10a0a1b7687ac40fc709d0010f774dfda1b6d8b5b608366e7f90d07b80dcd20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 04:48:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68937
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 21 Feb 2023 04:48:57 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 111 KB
43 KB 21ms
8ms Script
application/javascript 2404:6800:4003:c0f::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6868520&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6974241

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

124286d220033a51d2e23e516aabe41dfa042f54c6d0671aa312399613150945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 04:48:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44366
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 21 Feb 2023 04:48:57 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 111 KB
43 KB 21ms
6ms Script
application/javascript 2404:6800:4003:c0f::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6835781&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6974241

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0b56b8c4d5220e4b9a27fa00039f6ad5b85de527ea329b5c339e2da794e14685

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 04:48:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44363
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 21 Feb 2023 04:48:57 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 111 KB
43 KB 26ms
11ms Script
application/javascript 2404:6800:4003:c0f::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6868312&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6974241

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f0f3f63d625204550455ef27ed88a3f6048d8caf4857fae4899a2832a6b78017

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 04:48:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44365
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 21 Feb 2023 04:48:57 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 111 KB
43 KB 29ms
14ms Script
application/javascript 2404:6800:4003:c0f::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6868519&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6974241

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d4f97399a33938f4e75c08aa368d568b594bf6bd7df78eeddd61892b49f76bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 04:48:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44364
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 21 Feb 2023 04:48:57 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 111 KB
43 KB 32ms
17ms Script
application/javascript 2404:6800:4003:c0f::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6867344&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6974241

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

96382b968f4188ecb61234d096064966791ff34837b350da7c1fbdd2a330aea5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 04:48:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44366
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 21 Feb 2023 04:48:57 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 111 KB
43 KB 26ms
14ms Script
application/javascript 2404:6800:4003:c0f::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6868105&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6974241

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0233f0055b6793351df070915174f7f20caeb677d89cb5f00ba079f7b419eabe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 04:48:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44365
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 21 Feb 2023 04:48:57 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 111 KB
43 KB 36ms
24ms Script
application/javascript 2404:6800:4003:c0f::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6868503&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6974241

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a80b195e566730152bb016cdbc57551eed47f3780a47128dc2c216a1e3129560

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 04:48:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44366
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 21 Feb 2023 04:48:57 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 111 KB
43 KB 31ms
21ms Script
application/javascript 2404:6800:4003:c0f::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6871112&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6974241

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b01c318a2d203648a68b4d58392fa3820247a76ef7fe6dcffcf193ff26fcec3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 04:48:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44363
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 21 Feb 2023 04:48:57 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 111 KB
43 KB 33ms
23ms Script
application/javascript 2404:6800:4003:c0f::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6868104&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6974241

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3a898777a143b7ae203f79a48fd8dce238ccf68149fe40be19856fff555a7c45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 04:48:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44366
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 21 Feb 2023 04:48:57 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 111 KB
43 KB 22ms
12ms Script
application/javascript 2404:6800:4003:c0f::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6868106&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6974241

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1d9fa614e93a37b93f4703069681109736107edd5d21e650214fd3635b630101

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 04:48:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44363
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 21 Feb 2023 04:48:57 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 111 KB
43 KB 37ms
28ms Script
application/javascript 2404:6800:4003:c0f::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6871114&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6974241

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f6493ba4748acb07d525682ac9d0d8364987f0e7c8a727a320e166955de35c4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 04:48:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44403
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 21 Feb 2023 04:48:57 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 111 KB
43 KB 40ms
31ms Script
application/javascript 2404:6800:4003:c0f::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6868309&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6974241

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c5255d7511a99bdbd69ca226437b2ea9db4c34f83c4bddfd88978ed49df9c517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 04:48:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44367
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 21 Feb 2023 04:48:57 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 111 KB
43 KB 45ms
37ms Script
application/javascript 2404:6800:4003:c0f::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6102339&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6974241

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e221f3d5c5b84e0d040d92ecbf671fda4964a5819645756453bc7db9d80f2c8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 04:48:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44365
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 21 Feb 2023 04:48:57 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 111 KB
43 KB 38ms
29ms Script
application/javascript 2404:6800:4003:c0f::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-5322602&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6974241

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d8af9af700e5265241aa2a3770da0dfc571d0ddcaa45c8d92d8ce6521be0ee2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 04:48:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44368
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 21 Feb 2023 04:48:57 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 179 KB
65 KB 43ms
34ms Script
application/javascript 2404:6800:4003:c0f::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-973175160&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6974241

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9d8d36ec991648966bcc74a24f32a76f70569c8092f29c68414dd2cb9524a831

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 04:48:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66130
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 21 Feb 2023 04:48:57 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 173 KB
63 KB 51ms
43ms Script
application/javascript 2404:6800:4003:c0f::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-986405607&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6974241

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

312e14f3a5f3be412fb683c8cfc4e624ffd74ae69f4311a21c35e2aa0e53cf18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 04:48:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64779
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 21 Feb 2023 04:48:57 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 173 KB
63 KB 45ms
37ms Script
application/javascript 2404:6800:4003:c0f::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1028536181&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6974241

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

37d362b9a9ee410b0808361b5e9d7fe6b87f90136f11af6b7aa20acfd04a1add

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 04:48:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64823
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 21 Feb 2023 04:48:57 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 175 KB
64 KB 38ms
31ms Script
application/javascript 2404:6800:4003:c0f::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-980723526&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6974241

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

543483a3d7bc475eaf84800deea944f600e6b027943caa14106a50e86d8c2401

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 04:48:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65398
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 21 Feb 2023 04:48:57 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 192 KB
67 KB 58ms
51ms Script
application/javascript 2404:6800:4003:c0f::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-707912219&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6974241

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

38e54b018e6e43f0a7b3cd3eb0579f24aa25ca81df1c7855100192655a71d525

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 04:48:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68972
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 21 Feb 2023 04:48:57 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 192 KB
67 KB 51ms
45ms Script
application/javascript 2404:6800:4003:c0f::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1029090628&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6974241

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3c8dbe5ad779a3f67f56f6baa86fa88a6a081b767e8b72dbd9d113d86f7b89c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 04:48:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68964
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 21 Feb 2023 04:48:57 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 179 KB
65 KB 46ms
40ms Script
application/javascript 2404:6800:4003:c0f::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-624489921&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6974241

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5dd541f86adc77bd7612c4b5db6b29de37ea723c207df576f7233e26c76b174e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 04:48:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66131
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 21 Feb 2023 04:48:57 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/707912219/ 2 KB
1 KB 84ms
55ms Script
text/javascript 2404:6800:4003:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/707912219/?random=1676954937746&cv=11&fst=1676954937746&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page&tiba=TD%20Rewards&auid=13383402.1676954938&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1029090628

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e8f184d14b219a6f50e76350588a0eb9c5ed6864a53f0bad9546110a8cd8e92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 04:48:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 876
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/449593252/ 2 KB
1 KB 72ms
57ms Script
text/javascript 2404:6800:4003:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/449593252/?random=1676954937775&cv=11&fst=1676954937775&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page&tiba=TD%20Rewards&auid=13383402.1676954938&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1029090628

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c435905afdceb8574bb5585f2f267706e6410ae7d66bdb6f00a7add26de2a487

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 04:48:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 876
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1029090628/ 2 KB
1 KB 27ms
27ms Script
text/javascript 2404:6800:4003:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1029090628/?random=1676954937791&cv=11&fst=1676954937791&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page&tiba=TD%20Rewards&auid=13383402.1676954938&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1029090628

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f7f0aac31b42f522acb98b30538f54700527a2ff29eefc83b5645759d7202f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 04:48:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 873
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1029090628/ 42 B
455 B 30ms
12ms Image
image/gif 2404:6800:4003:c11::69
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1029090628/?random=1676954937791&cv=11&fst=1676952000000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page&tiba=TD%20Rewards&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=497067247&rmt_tld=0&ipr=y

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::69 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 04:48:58 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com.sg/pagead/1p-user-list/1029090628/ 42 B
455 B 35ms
10ms Image
image/gif 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/pagead/1p-user-list/1029090628/?random=1676954937791&cv=11&fst=1676952000000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page&tiba=TD%20Rewards&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=497067247&rmt_tld=1&ipr=y

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 04:48:58 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1028536181/ 2 KB
1 KB 16ms
14ms Script
text/javascript 2404:6800:4003:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1028536181/?random=1676954938066&cv=11&fst=1676954938066&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page&tiba=TD%20Rewards&auid=13383402.1676954938&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1028536181&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71fe0d527ac638c5011ba09d8daffec5bd7df5adaa5a2a40a6f1bc4d60d70a9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 04:48:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 877
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/980723526/ 2 KB
900 B 79ms
79ms Script
text/javascript 2404:6800:4003:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/980723526/?random=1676954938087&cv=11&fst=1676954938087&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page&tiba=TD%20Rewards&auid=13383402.1676954938&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-980723526&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4caf2a00458d47a2bfff23de81c0f5f5210d3a3058ab7a0158e4efe91d257456

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 04:48:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 876
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/707912219/ 42 B
108 B 11ms
10ms Image
image/gif 2404:6800:4003:c11::69
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/707912219/?random=1676954937746&cv=11&fst=1676952000000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page&tiba=TD%20Rewards&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2405226884&rmt_tld=0&ipr=y

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::69 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 04:48:58 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com.sg/pagead/1p-user-list/707912219/ 42 B
108 B 9ms
9ms Image
image/gif 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/pagead/1p-user-list/707912219/?random=1676954937746&cv=11&fst=1676952000000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page&tiba=TD%20Rewards&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2405226884&rmt_tld=1&ipr=y

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 04:48:58 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/973175160/ 2 KB
899 B 21ms
20ms Script
text/javascript 2404:6800:4003:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/973175160/?random=1676954938119&cv=11&fst=1676954938119&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page&tiba=TD%20Rewards&auid=13383402.1676954938&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-973175160&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

91db30ce7bd989f8747f6fbd4904b51e4bce94402d1ac1be620cdb1b2f7cc1d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 04:48:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 875
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/986405607/ 2 KB
897 B 16ms
16ms Script
text/javascript 2404:6800:4003:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/986405607/?random=1676954938151&cv=11&fst=1676954938151&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page&tiba=TD%20Rewards&auid=13383402.1676954938&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-986405607&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b259491c5c5970fd231707d1d7ad77b8c21823ef52cd55e59b10253132bf0ade

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 04:48:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 873
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/449593252/ 42 B
64 B 11ms
11ms Image
image/gif 2404:6800:4003:c11::69
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/449593252/?random=1676954937775&cv=11&fst=1676952000000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page&tiba=TD%20Rewards&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=293386285&rmt_tld=0&ipr=y

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::69 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 04:48:58 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com.sg/pagead/1p-user-list/449593252/ 42 B
64 B 10ms
9ms Image
image/gif 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/pagead/1p-user-list/449593252/?random=1676954937775&cv=11&fst=1676952000000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page&tiba=TD%20Rewards&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=293386285&rmt_tld=1&ipr=y

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 04:48:58 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/624489921/ 2 KB
900 B 15ms
15ms Script
text/javascript 2404:6800:4003:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/624489921/?random=1676954938179&cv=11&fst=1676954938179&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page&tiba=TD%20Rewards&auid=13383402.1676954938&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-624489921&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0afcdc05175be5faf37056ea792913cf43d95f978c19d3b522080aa5170f79e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 04:48:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 876
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1028536181/ 42 B
64 B 10ms
10ms Image
image/gif 2404:6800:4003:c11::69
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1028536181/?random=1676954938066&cv=11&fst=1676952000000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page&tiba=TD%20Rewards&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3047805640&rmt_tld=0&ipr=y

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::69 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 04:48:58 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com.sg/pagead/1p-user-list/1028536181/ 42 B
64 B 9ms
8ms Image
image/gif 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/pagead/1p-user-list/1028536181/?random=1676954938066&cv=11&fst=1676952000000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page&tiba=TD%20Rewards&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3047805640&rmt_tld=1&ipr=y

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 04:48:58 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/624489921/ 42 B
64 B 13ms
12ms Image
image/gif 2404:6800:4003:c11::69
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/624489921/?random=1676954938179&cv=11&fst=1676952000000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page&tiba=TD%20Rewards&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2250909065&rmt_tld=0&ipr=y

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::69 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 04:48:58 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com.sg/pagead/1p-user-list/624489921/ 42 B
64 B 11ms
10ms Image
image/gif 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/pagead/1p-user-list/624489921/?random=1676954938179&cv=11&fst=1676952000000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page&tiba=TD%20Rewards&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2250909065&rmt_tld=1&ipr=y

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 04:48:58 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/980723526/ 42 B
64 B 12ms
11ms Image
image/gif 2404:6800:4003:c11::69
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/980723526/?random=1676954938087&cv=11&fst=1676952000000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page&tiba=TD%20Rewards&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2843925653&rmt_tld=0&ipr=y

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::69 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 04:48:58 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com.sg/pagead/1p-user-list/980723526/ 42 B
64 B 14ms
13ms Image
image/gif 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/pagead/1p-user-list/980723526/?random=1676954938087&cv=11&fst=1676952000000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page&tiba=TD%20Rewards&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2843925653&rmt_tld=1&ipr=y

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 04:48:58 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/973175160/ 42 B
64 B 10ms
9ms Image
image/gif 2404:6800:4003:c11::69
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/973175160/?random=1676954938119&cv=11&fst=1676952000000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page&tiba=TD%20Rewards&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=893439797&rmt_tld=0&ipr=y

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::69 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 04:48:58 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com.sg/pagead/1p-user-list/973175160/ 42 B
64 B 11ms
10ms Image
image/gif 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/pagead/1p-user-list/973175160/?random=1676954938119&cv=11&fst=1676952000000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page&tiba=TD%20Rewards&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=893439797&rmt_tld=1&ipr=y

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 04:48:58 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/986405607/ 42 B
64 B 15ms
14ms Image
image/gif 2404:6800:4003:c11::69
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/986405607/?random=1676954938151&cv=11&fst=1676952000000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page&tiba=TD%20Rewards&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3011463364&rmt_tld=0&ipr=y

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::69 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 04:48:58 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com.sg/pagead/1p-user-list/986405607/ 42 B
64 B 12ms
12ms Image
image/gif 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/pagead/1p-user-list/986405607/?random=1676954938151&cv=11&fst=1676952000000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page&tiba=TD%20Rewards&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3011463364&rmt_tld=1&ipr=y

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 04:48:58 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 weblysleekuisl-webfont.woff2
www.tdrewards.com/templates/active/static/fonts/ 21 KB
21 KB 255ms
254ms Font
font/woff2 45.60.67.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tdrewards.com/templates/active/static/fonts/weblysleekuisl-webfont.woff2

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/templates/active/static/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.67.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

8adf7be5e4b8e09896eb13e9eaa409a3bcf7d35a096c858127816cd520d8b13f

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Referer: https://www.tdrewards.com/templates/active/static/style.css
Origin: https://www.tdrewards.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 04:48:58 GMT
strict-transport-security: max-age=157680000
last-modified: Sat, 11 Feb 2023 01:30:30 GMT
x-cdn: Imperva
x-powered-by: Express
etag: W/"53e0-1863e185ef0"
content-type: font/woff2
x-iinfo: 13-6008114-6008300 PNNN RT(1676954935986 2025) q(0 0 0 -1) r(2 2) U24
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 21472

GET
H/1.1 200
OK dest5.html Show response
td.demdex.net/ Frame 1C7F 7 KB
3 KB 842ms
210ms Document
text/html 52.40.43.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://td.demdex.net/dest5.html?d_nsid=0

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tdb/public-ca/Bootstrap.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.40.43.63 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-40-43-63.us-west-2.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.tdrewards.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-usw2-1-v042-0fa7d96e0.edge-usw2.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: MMsAUFe5Tec=
content-encoding: gzip
date: Tue, 21 Feb 2023 04:48:59 GMT
last-modified: Wed, 8 Feb 2023 11:27:20 GMT
transfer-encoding: chunked
vary: accept-encoding

GET
H2 200 id Show response
smetrics.td.com/ 48 B
468 B 157ms
109ms XHR
application/x-javascript 23.44.4.160
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.td.com/id?d_visid_ver=5.0.1&d_fieldgroup=A&mcorgid=A783776A5245B1E50A490D44%40AdobeOrg&mid=65286991678998325220791967694572194369&ts=1676954938621

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.44.4.160 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-4-160.deploy.static.akamaitechnologies.com

Software

jag /

Resource Hash

e1a6382416ee15b3dbc8d910de8d98fd10b7e68194efec53e1bad750d2ee39df

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tdrewards.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 04:48:58 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
server: jag
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://www.tdrewards.com
p3p: CP="This is not a P3P policy"
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 48
x-xss-protection: 1; mode=block
expires: Tue, 21 Feb 2023 04:48:58 GMT

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=Y-RNOgAAAEaDMgM5
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=65554699200568542640765205158559620211
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y-RNOgAAAEaDMgM5

42 B
942 B

209ms
209ms

Image
image/gif

54.191.164.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y-RNOgAAAEaDMgM5

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

HTTP/1.1

Server

54.191.164.145 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-191-164-145.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v042-07b44fb3b.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: IJ91SHwjQ0g=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y-RNOgAAAEaDMgM5
Date: Tue, 21 Feb 2023 04:48:58 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H2 200 delivery Show response
tdbankfinancialgroup.tt.omtrdc.net/rest/v1/ 363 B
729 B 35ms
14ms XHR
application/json 52.221.116.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tdbankfinancialgroup.tt.omtrdc.net/rest/v1/delivery?client=tdbankfinancialgroup&sessionId=b89ab6076a5a46019c400c2ef20cad80&version=2.3.1
Requested by: Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.221.116.71 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-221-116-71.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6f0ec681a73576259e3c0f725a1a8c9f215ae2ce52551decf12f77723f3e5f03

Request headers

Referer: https://www.tdrewards.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 21 Feb 2023 04:48:58 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.tdrewards.com
access-control-allow-credentials: true
timing-allow-origin: *
x-request-id: c3f33aa09aaf64dde83c89724dde6748

GET
H2 200 s35331905200641 Show response
smetrics.td.com/b/ss/tdtdct,tdglobal/10/JS-2.20.0/ 5 KB
2 KB 348ms
348ms Script
application/x-javascript 23.44.4.160
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.td.com/b/ss/tdtdct,tdglobal/10/JS-2.20.0/s35331905200641?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=21%2F1%2F2023%204%3A48%3A58%202%200&d.&nsid=0&jsonv=1&.d&sdid=6FEE02BCE8D5F61C-0726E59F2EB0D432&mid=65286991678998325220791967694572194369&aamlh=9&ce=UTF-8&ns=tdbank&pageName=%2Fwww.tdrewards.com%2Fhome-page&g=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page&server=www.tdrewards.com&events=event1&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&v1=D%3DpageName&v3=1&c4=12%3A30AM&v4=1&c5=Tuesday&v5=1&c6=Weekday&c12=not-authenticated&c13=New&v18=D%3Dc4&v19=D%3Dc5&c20=D%3Ds_vi&v20=D%3Dc6&c21=D%3DUser-Agent&v32=D%3Dc12&v33=D%3Dc13&v39=D%3Ds_vi&v68=D%3Dc21&c70=tdtdct%2Ctdglobal&c74=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page&c75=AppMeasurement%20-%202.20.0&v151=D%3Dmid&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=A783776A5245B1E50A490D44%40AdobeOrg&AQE=1

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.44.4.160 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-4-160.deploy.static.akamaitechnologies.com

Software

jag /

Resource Hash

75cb640817c000c552459be3f9724ddff09dda295778fff59f8e5658b8c11778

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-aam-tid: os2hmSBbQmE=
date: Tue, 21 Feb 2023 04:48:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=86400
p3p: CP="This is not a P3P policy"
content-length: 1540
x-xss-protection: 1; mode=block
dcs: dcs-prod-usw2-1-v042-0de22e08f.edge-usw2.demdex.com 4 ms
pragma: no-cache
last-modified: Wed, 22 Feb 2023 04:48:58 GMT
server: jag
etag: 3601233308050685952-4619794959652662091
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
expires: Tue, 21 Feb 2023 04:48:59 GMT

GET
H/1.1

200
OK

ibs:dpid=21&dpuuid=207460804434001876121
dpm.demdex.net/ Frame 1C7F
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9211132908&aam=65554699200568542640765205158559620211
https://dpm.demdex.net/ibs:dpid=21&dpuuid=207460804434001876121

42 B
942 B

209ms
208ms

Image
image/gif

54.191.164.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=21&dpuuid=207460804434001876121

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

HTTP/1.1

Server

54.191.164.145 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-191-164-145.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v042-0d48fb461.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: OWfdvX6YSXU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Tue, 21 Feb 2023 04:48:59 GMT
via: 1.1 32b95ef5feec0715f987a398c50c07d0.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: SIN2-P1
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://dpm.demdex.net/ibs:dpid=21&dpuuid=207460804434001876121
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
x-amz-cf-id: 61XjWDiYCBWfQIIb75JiAwvBQeWXqkPQYOQ8Zs2WGOBCwcz725hVzw==
expires: 0

GET
H/1.1

200
OK

ibs:dpid=269&dpuuid=839963f4-4d3b-4600-b847-f418e4abbc36&ddsuuid=65554699200568542640765205158559620211
dpm.demdex.net/ Frame 1C7F
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=65554699200568542640765205158559620211&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d65554699200568...
https://dpm.demdex.net/ibs:dpid=269&dpuuid=839963f4-4d3b-4600-b847-f418e4abbc36&ddsuuid=65554699200568542640765205158559620211

42 B
942 B

339ms
210ms

Image
image/gif

54.191.164.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=269&dpuuid=839963f4-4d3b-4600-b847-f418e4abbc36&ddsuuid=65554699200568542640765205158559620211

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

HTTP/1.1

Server

54.191.164.145 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-191-164-145.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v042-0e9ed4ddf.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: A/SKs3jBQI8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date: Tue, 21 Feb 2023 04:48:59 GMT
Server: MT3 475 4bd2ccd master nrt-pixel-x22 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://dpm.demdex.net/ibs:dpid=269&dpuuid=839963f4-4d3b-4600-b847-f418e4abbc36&ddsuuid=65554699200568542640765205158559620211
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 21 Feb 2023 04:48:58 GMT

GET
H/1.1

200
OK

ibs:dpid=358&dpuuid=3933931207103664479
dpm.demdex.net/ Frame 1C7F
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
https://dpm.demdex.net/ibs:dpid=358&dpuuid=3933931207103664479

42 B
942 B

221ms
220ms

Image
image/gif

54.191.164.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=358&dpuuid=3933931207103664479

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

HTTP/1.1

Server

54.191.164.145 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-191-164-145.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v042-0f6779868.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: Sn9BVpSWSws=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date: Tue, 21 Feb 2023 04:49:01 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 103.254.153.207; 103.254.153.207; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 88bef289-83e2-41c2-a270-0c20e3f0a1cd
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dpm.demdex.net/ibs:dpid=358&dpuuid=3933931207103664479
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 1C7F 0
720 B 225ms
10ms Image
text/plain 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=6404&puid=65554699200568542640765205158559620211&gdpr=0&gdpr_consent=
Requested by: Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: dedf7fc216a5bbc739a54325e875a79f
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ibs:dpid=540&dpuuid=8906e4cb-5be1-4f53-8b5b-a50c399d7dfe
dpm.demdex.net/ Frame 1C7F
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D540%26dpuuid%3D%24%7BTA_DEVICE_ID%7D&partner_device_id=65554699200568542640765205158...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=ADB&partner_url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D540%26dpuuid%3D%24%7BTA_DEVICE_ID%7D&partner_device_id=65554699200568542640765...
https://dpm.demdex.net/ibs:dpid=540&dpuuid=8906e4cb-5be1-4f53-8b5b-a50c399d7dfe

42 B
942 B

211ms
211ms

Image
image/gif

54.191.164.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=540&dpuuid=8906e4cb-5be1-4f53-8b5b-a50c399d7dfe

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

HTTP/1.1

Server

54.191.164.145 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-191-164-145.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v042-0e694790c.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: Ct9vtewnQy0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Tue, 21 Feb 2023 04:48:59 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://dpm.demdex.net/ibs:dpid=540&dpuuid=8906e4cb-5be1-4f53-8b5b-a50c399d7dfe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

ibs:dpid=601&dpuuid=212085385848298&random=1676954940
dpm.demdex.net/ Frame 1C7F
Redirect Chain

https://dp2.33across.com/ps/?pid=897&random=1841548178
https://dpm.demdex.net/ibs:dpid=601&dpuuid=212085385848298&random=1676954940

42 B
942 B

210ms
210ms

Image
image/gif

54.191.164.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=601&dpuuid=212085385848298&random=1676954940

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

HTTP/1.1

Server

54.191.164.145 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-191-164-145.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v042-00c485568.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: dB7/7fwtROo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Tue, 21 Feb 2023 04:48:59 GMT
referrer-policy: unsafe-url
server: 33XP019
x-33x-status: 200004000C
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://dpm.demdex.net/ibs:dpid=601&dpuuid=212085385848298&random=1676954940
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEEbgggXGXwPyxi-7_uNxs2g&google_cver=1
dpm.demdex.net/ Frame 1C7F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NjU1NTQ2OTkyMDA1Njg1NDI2NDA3NjUyMDUxNTg1NTk2MjAyMTE=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEEbgggXGXwPyxi-7_uNxs2g&google_cver=1?gdpr=0&gdpr_consent=

42 B
942 B

520ms
207ms

Image
image/gif

54.191.164.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEEbgggXGXwPyxi-7_uNxs2g&google_cver=1?gdpr=0&gdpr_consent=

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

HTTP/1.1

Server

54.191.164.145 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-191-164-145.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v042-0c2d92bb7.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: UEo9vzq5T3U=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Tue, 21 Feb 2023 04:49:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEEbgggXGXwPyxi-7_uNxs2g&google_cver=1?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
analytics.twitter.com/i/ Frame 1C7F 43 B
396 B 188ms
176ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_user_id=65554699200568542640765205158559620211&p_id=38594

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_k /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-response-time: 173
date: Tue, 21 Feb 2023 04:48:59 GMT
strict-transport-security: max-age=631138519
server: tsa_k
content-type: image/gif;charset=utf-8
x-transaction-id: ec95f9acd4223c41
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 7b09a4879e4f95f5eebde5d7271b615a6b477fb2c983d6be600b23cc81217f87
content-length: 43

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 1C7F
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.everesttech.net%2F1x1%3F
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WS1STk9nQUFBRWFETWdNNQ&url=/1/gr%3furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F&google_gid=CAESEMgw3GzbZD34Km9BhOCa-C4&google_cver=1
https://pixel.everesttech.net/1x1

128 B
796 B

4ms
3ms

Image
image/png

52.74.176.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Requested by: Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page
Protocol: HTTP/1.1
Server: 52.74.176.159 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-74-176-159.ap-southeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Tue, 21 Feb 2023 04:49:00 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b521-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type: image/png
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Tue, 21 Feb 2023 04:49:00 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 1C7F
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072980%26val%3D__EFGSURFER__.__EFGCK__
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WS1STk9nQUFBRWFETWdNNQ&url=/1/gr%3furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEM...
https://pixel.everesttech.net/1x1

128 B
691 B

4ms
3ms

Image
image/png

52.74.176.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Requested by: Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page
Protocol: HTTP/1.1
Server: 52.74.176.159 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-74-176-159.ap-southeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Tue, 21 Feb 2023 04:49:00 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b521-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type: image/png
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Tue, 21 Feb 2023 04:49:00 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 1C7F
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fib.adnxs.com%2Fpxj%3Faction%3Dsetuid(%27__EFGSURFER__.__EFGCK__%27)%26bidder%3D51%26seg%3D2634060der%3D51%26seg%3D2634060
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WS1STk9nQUFBRWFETWdNNQ&url=/1/gr%3furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%25...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D26...
https://pixel.everesttech.net/1x1

128 B
691 B

6ms
5ms

Image
image/png

52.74.176.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Requested by: Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page
Protocol: HTTP/1.1
Server: 52.74.176.159 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-74-176-159.ap-southeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Tue, 21 Feb 2023 04:49:00 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b521-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type: image/png
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Tue, 21 Feb 2023 04:49:00 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 1C7F
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fexpires%3D30%26nid%3D2181%26put%3D__EFGSURFER__.__EFGCK__%26v%3D11782
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WS1STk9nQUFBRWFETWdNNQ&url=/1/gr%3furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpir...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2...
https://pixel.everesttech.net/1x1

128 B
691 B

5ms
4ms

Image
image/png

52.74.176.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Requested by: Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page
Protocol: HTTP/1.1
Server: 52.74.176.159 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-74-176-159.ap-southeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Tue, 21 Feb 2023 04:49:00 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b51c-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type: image/png
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Tue, 21 Feb 2023 04:49:00 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 1C7F
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%3D%26piggybackCookie%3D__EFGSURFER__.__EFGCK__
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WS1STk9nQUFBRWFETWdNNQ&url=/1/gr%3furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fv...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggyb...
https://pixel.everesttech.net/1x1

128 B
691 B

5ms
4ms

Image
image/png

52.74.176.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Requested by: Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page
Protocol: HTTP/1.1
Server: 52.74.176.159 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-74-176-159.ap-southeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Tue, 21 Feb 2023 04:49:00 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "36b67e-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type: image/png
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Tue, 21 Feb 2023 04:49:00 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

ibs:dpid=1175&gdpr=0&dpuuid=8qeRvfDwxOrp9865paDa6vD3krnp9ZHv_fADUEf8
dpm.demdex.net/ Frame 1C7F
Redirect Chain

https://cms.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=8qeRvfDwxOrp9865paDa6vD3krnp9ZHv_fADUEf8

42 B
942 B

211ms
211ms

Image
image/gif

54.191.164.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=8qeRvfDwxOrp9865paDa6vD3krnp9ZHv_fADUEf8

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

HTTP/1.1

Server

54.191.164.145 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-191-164-145.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v042-051d06e97.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: c8KuhnvoTQM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Tue, 21 Feb 2023 04:49:00 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=8qeRvfDwxOrp9865paDa6vD3krnp9ZHv_fADUEf8
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=1957&dpuuid=36569B042D2E6142056689BB2C7460FB
dpm.demdex.net/ Frame 1C7F
Redirect Chain

https://c.bing.com/c.gif?uid=65554699200568542640765205158559620211&Red3=MSAdobe_pd&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=36569B042D2E6142056689BB2C7460FB

42 B
942 B

214ms
213ms

Image
image/gif

54.191.164.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=1957&dpuuid=36569B042D2E6142056689BB2C7460FB

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

HTTP/1.1

Server

54.191.164.145 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-191-164-145.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v042-0e9ed4ddf.edge-usw2.demdex.com 6 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 4T4lMQqyQb4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Tue, 21 Feb 2023 04:48:59 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 53B1E1B9C913456998B66F144E4D0617 Ref B: SIN30EDGE0721 Ref C: 2023-02-21T04:49:00Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://dpm.demdex.net/ibs:dpid=1957&dpuuid=36569B042D2E6142056689BB2C7460FB
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 1C7F
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D71%26external_user_id%3D__EFGSURFER__.__EFGCK__
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WS1STk9nQUFBRWFETWdNNQ&url=/1/gr%3furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__&google_...
https://pixel.everesttech.net/1x1

128 B
691 B

5ms
5ms

Image
image/png

52.74.176.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Requested by: Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page
Protocol: HTTP/1.1
Server: 52.74.176.159 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-74-176-159.ap-southeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Tue, 21 Feb 2023 04:49:01 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b51c-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type: image/png
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Tue, 21 Feb 2023 04:49:01 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

ibs:dpid=22054
dpm.demdex.net/ Frame 1C7F
Redirect Chain

https://a.tribalfusion.com/i.match?p=b13&u=65554699200568542640765205158559620211&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$
https://s.tribalfusion.com/z/i.match?p=b13&u=65554699200568542640765205158559620211&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$
https://dpm.demdex.net/ibs:dpid=22054

42 B
956 B

207ms
207ms

Image
image/gif

54.191.164.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=22054

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

HTTP/1.1

Server

54.191.164.145 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-191-164-145.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v042-01057dedf.edge-usw2.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: Tc2T9bEjR5w=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error: 300
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Tue, 21 Feb 2023 04:49:01 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 246
content-type: text/html
location: https://dpm.demdex.net/ibs:dpid=22054
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 79ccda5f29d69fe3-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=22052&dpuuid=3633754004779958300
dpm.demdex.net/ Frame 1C7F
Redirect Chain

https://ml314.com/utsync.ashx?eid=50112&et=0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID]
https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3633754004779958300

42 B
942 B

208ms
208ms

Image
image/gif

54.191.164.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3633754004779958300

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

HTTP/1.1

Server

54.191.164.145 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-191-164-145.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v042-0ebd85dc6.edge-usw2.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: XOqCZLGYQIo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Tue, 21 Feb 2023 04:49:00 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/html; charset=utf-8
location: https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3633754004779958300
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 185
expires: 0,Tue, 21 Feb 2023 23:49:01 GMT

GET
H/1.1

200
OK

ibs:dpid=30646
dpm.demdex.net/ Frame 1C7F
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=65554699200568542640765205158559620211&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-.fmbngdE2pHO7JF9lLsgWczEwiNnNR88gSI-~A

42 B
942 B

212ms
211ms

Image
image/gif

54.191.164.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-.fmbngdE2pHO7JF9lLsgWczEwiNnNR88gSI-~A

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

HTTP/1.1

Server

54.191.164.145 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-191-164-145.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v042-0d746078e.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: GLedl/NfQK4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Tue, 21 Feb 2023 04:49:01 GMT
strict-transport-security: max-age=31536000
via: http/1.1 spdc0104.pbp.sg3.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
content-type: text/html;charset=utf-8
location: https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-.fmbngdE2pHO7JF9lLsgWczEwiNnNR88gSI-~A
content-length: 0

GET
H/1.1

200
OK

ibs:dpid=575&dpuuid=5340469091507390703
dpm.demdex.net/ Frame 1C7F
Redirect Chain

https://fei.pro-market.net/engine?site=141472;size=1x1;mimetype=img;du=67;csync=65554699200568542640765205158559620211
https://dpm.demdex.net/ibs:dpid=575&dpuuid=5340469091507390703

42 B
943 B

229ms
229ms

Image
image/gif

54.191.164.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=575&dpuuid=5340469091507390703

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

HTTP/1.1

Server

54.191.164.145 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-191-164-145.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v042-057a1a182.edge-usw2.demdex.com 12 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: tvfKvBWBTBc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Tue, 21 Feb 2023 04:49:00 GMT
via: 1.1 google
server: Apache-Coyote/1.1
anserver: gapp8.us1
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: *
location: https://dpm.demdex.net/ibs:dpid=575&dpuuid=5340469091507390703
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0
expires: Mon, 1 Jan 1990 0:0:0 GMT

GET
H/1.1

200
OK

ibs:dpid=53196&dpuuid=Q7302413411610826026
dpm.demdex.net/ Frame 1C7F
Redirect Chain

https://px.owneriq.net/eucm/p/adpq?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D53196%26dpuuid%3D(OIQ_UUID)
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdpm.demdex.net%2fibs%3adpid%3d53196%26dpuuid%3dQ7302413411610826026&uid=Q7302413411610826026&ref=%2Feucm%2Fp%2Fadpq
https://dpm.demdex.net/ibs:dpid=53196&dpuuid=Q7302413411610826026

42 B
942 B

208ms
208ms

Image
image/gif

54.191.164.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=53196&dpuuid=Q7302413411610826026

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

HTTP/1.1

Server

54.191.164.145 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-191-164-145.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v042-0bb99a7d5.edge-usw2.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: IQ4IWHWQRhI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date: Tue, 21 Feb 2023 04:49:01 GMT
Server: Apache/2.4.6 (CentOS)
X-Powered-By: PHP/7.3.33
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://dpm.demdex.net/ibs:dpid=53196&dpuuid=Q7302413411610826026
Content-Type: text/html
Cache-Control: max-age=59021
Connection: keep-alive
Content-Length: 154

GET
H/1.1

200
OK

ibs:dpid=59982&dpuuid=
dpm.demdex.net/ Frame 1C7F
Redirect Chain

https://exchange.adstanding.com/partners/aam/sync.php
https://dpm.demdex.net/ibs:dpid=59982&dpuuid=

42 B
960 B

208ms
207ms

Image
image/gif

54.191.164.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=59982&dpuuid=

Protocol

HTTP/1.1

Server

54.191.164.145 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-191-164-145.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v042-09987ade1.edge-usw2.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: l+09LRrsSIM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error: 104,300
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Tue, 21 Feb 2023 04:49:02 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
location: https://dpm.demdex.net/ibs:dpid=59982&dpuuid=
cache-control: no-store
expires: 0

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 1C7F
Redirect Chain

https://cm.everesttech.net/cm/yh
https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=Y-RNOgAAAEaDMgM5&sigv=1&esig=1~98a34e8ec600fb220255803653a2a86c40aff5c4

0
194 B

18ms
4ms

Image
text/plain

2406:2000:98:800::e6
YAHOO-HK2-AP inte...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=Y-RNOgAAAEaDMgM5&sigv=1&esig=1~98a34e8ec600fb220255803653a2a86c40aff5c4

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Server

2406:2000:98:800::e6 , Taiwan, ASN38032 (YAHOO-HK2-AP internet content provider, HK),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 04:49:01 GMT
strict-transport-security: max-age=15552000
cache-control: no-store
x-content-type-options: nosniff
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=Y-RNOgAAAEaDMgM5&sigv=1&esig=1~98a34e8ec600fb220255803653a2a86c40aff5c4
Date: Tue, 21 Feb 2023 04:49:01 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1C7F
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433
https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433&dcc=t
https://dpm.demdex.net/ibs:dpid=139200&dpuuid=838rUFr_SyqgoESpVeAvkQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=65554699200568542640765205158559620211

43 B
479 B

982ms
982ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=65554699200568542640765205158559620211

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 21 Feb 2023 04:49:04 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: H2CEBT6NEN2G5JMHS4V0
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS: dcs-prod-usw2-2-v042-0f8ee3101.edge-usw2.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: R5kVm79GSy8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=65554699200568542640765205158559620211
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 _Incapsula_Resource
www.tdrewards.com/ 1 B
52 B 9ms
8ms Image
text/plain 45.60.67.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tdrewards.com/_Incapsula_Resource?SWKMTFSR=1&e=0.01975250069130907
Requested by: Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.67.34 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/home-page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 16ms
5ms Script
text/javascript 2404:6800:4003:c04::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/vendors.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::64 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 21 Feb 2023 03:28:00 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 4861
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Tue, 21 Feb 2023 05:28:00 GMT

POST
H2 200 login Show response
www.tdrewards.com/api/userManagement/guestUser/ 489 B
1 KB 394ms
394ms XHR
application/json 45.60.67.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tdrewards.com/api/userManagement/guestUser/login

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.67.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / Express

Resource Hash

dd7922270d0b4ce7cc5742114491d0e3b9bbb2fa0710a223e6f31e27ee69291f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=31536000, max-age=157680000, max-age=157680000
X-Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Accept-Language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
X-Frame-Options: DENY
Content-Type: application/json;charset=UTF-8
Accept: application/json, text/plain, */*
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Referer: https://www.tdrewards.com/home-page
X-XSS-Protection: 1

Response headers

expires: -1
date: Tue, 21 Feb 2023 04:49:02 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=31536000, max-age=157680000, max-age=157680000
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self'
x-permitted-cross-domain-policies: master-only
x-cdn: Imperva
x-powered-by: Express
x-iinfo: 13-6008114-6008298 PNNN RT(1676954935986 5458) q(0 0 0 -1) r(4 4) U24
x-xss-protection: 1; mode=block, 1; mode=block
pragma: no-cache
server: nginx/1.18.0 (Ubuntu)
x-download-options: noopen
x-frame-options: SAMEORIGIN, SAMEORIGIN, DENY
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, PATCH
content-type: application/json
access-control-allow-origin: https://www.tdrewards.com
cache-control: no-cache, private, max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, Accept, Authentication, Authorization, X-Requested-With, Access-Control-Allow-Credentials, Access-Control-Allow-Headers, Access-Control-Allow-Origin, Auth
x-content-security-policy: default-src 'self'

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 73ms
71ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tdb/public-ca/code/21d670707824fc8bcc8207d207cfc0fa.js?conditionId0=423140

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1d26490f083b209ef29e08d092649725edf15ac2b33ad62fdeaafd37f7d79d6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 21 Feb 2023 04:49:01 GMT
last-modified: Mon, 23 Jan 2023 19:59:24 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D31E2004AC0C4D9391C9DAE2742CDAA8 Ref B: SIN30EDGE0721 Ref C: 2023-02-21T04:49:01Z
etag: "076bc30652fd91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11552

GET
H2 200 B10862916.145035458;sz=1x2;ord=96281946535 Show response
ad.doubleclick.net/ddm/adj/N307601.197812NSO.CODESRV/ 11 B
454 B 26ms
10ms Script
text/javascript 64.233.170.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N307601.197812NSO.CODESRV/B10862916.145035458;sz=1x2;ord=96281946535?

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tdb/public-ca/code/21d670707824fc8bcc8207d207cfc0fa.js?conditionId0=423140

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f148.1e100.net

Software

cafe /

Resource Hash

f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 04:49:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ 1 KB
1 KB 6ms
4ms Script
text/javascript 2404:6800:4003:c04::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::64 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 04:14:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2089
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 21 Feb 2023 05:14:12 GMT

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
950 B 6ms
5ms Script
text/javascript 2404:6800:4003:c04::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::64 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 04:16:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1945
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 21 Feb 2023 05:16:36 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 8 B
355 B 16ms
5ms XHR
text/plain 2404:6800:4003:c11::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-7284910-1&cid=1937345551.1676954942&jid=1368890905&gjid=339110349&_gid=1967928591.1676954942&_u=aGBAiQIxBAAAAEAAs~&z=1848377686

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

17bd1c297a7fd1221272d080053f887bb97c03bfc16d6f96bdd7f08bf87dbbd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tdrewards.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 21 Feb 2023 04:49:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tdrewards.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2404:6800:4003:c04::64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=587592522&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page&dp=%2Fhome-page&ul=en-us&de=UTF-8&dt=TD%20Rewards&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAiQIxBAAAAAAAs~&jid=1368890905&gjid=339110349&cid=1937345551.1676954942&tid=UA-7284910-1&_gid=1967928591.1676954942&z=722522565

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::64 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 16:59:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 42583
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 10ms
9ms Image
image/gif 2404:6800:4003:c11::69
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-7284910-1&cid=1937345551.1676954942&jid=1368890905&_u=aGBAiQIxBAAAAEAAs~&z=2109325070

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::69 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 04:49:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com.sg/ads/ 42 B
63 B 11ms
10ms Image
image/gif 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-7284910-1&cid=1937345551.1676954942&jid=1368890905&_u=aGBAiQIxBAAAAEAAs~&z=2109325070

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 04:49:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 5188219.js Show response
bat.bing.com/p/action/ 0
118 B 294ms
294ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5188219.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Tue, 21 Feb 2023 04:49:01 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A57C177540534A9A9F1568B432CB1806 Ref B: SIN30EDGE0721 Ref C: 2023-02-21T04:49:02Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
347 B 87ms
87ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5188219&Ver=2&mid=9ee40bca-d7d3-49b5-8b7f-50523d9e7a1d&sid=0fc11340b1a311ed96790335828f778d&vid=0fc150c0b1a311edaee125c96598d331&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=TD%20Rewards&kw=TD%20Rewards,%09Points,%09Loyalty,%09Expedia,%09Redeem,%09Gift%20Cards,%09Travel,%09Apple,%09FitBit&p=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page&r=&lt=6558&evt=pageLoad&sv=1&rn=522425

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 21 Feb 2023 04:49:01 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A6D51089927749E99B2111AF20B6CC7B Ref B: SIN30EDGE0721 Ref C: 2023-02-21T04:49:02Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 nr-1026.min.js Show response
js-agent.newrelic.com/ 22 KB
9 KB 109ms
31ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1026.min.js
Requested by: Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2d10816bada4d94734c1cb7e191ffb89ea7d9bb5c11b3e680f6b00c3a28d4e41

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 varnish
date: Tue, 21 Feb 2023 04:49:02 GMT
x-amz-request-id: TJGR7JX3S0EDK3MF
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 8844
x-amz-id-2: 9xzCNcgAue/Y1iXpfwa+FGOnVJKq+gwNC6CTS2z+PLZZ7yMDtasxXb7gWOR4CPuy5LxJYbO63xo=
x-served-by: cache-bkk2310032-BKK
last-modified: Wed, 28 Feb 2018 23:33:30 GMT
server: AmazonS3
x-timer: S1676954942.435181,VS0,VE0
etag: "230c916aaa9194e21891a639a9c2b8eb"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2

GET
H2

200

activityi;dc_pre=CIvSlP3npf0CFUsJtwAd8JsOag;src=6835781;type=tdrew0;cat=tdrew0;ord=1;num=8046381200834;gtm=45fe32f0;auiddc=13383402.1676954938;u1=65286991678998325220791967694572194369;~oref=https%... Show response
6835781.fls.doubleclick.net/ Frame 2C8A
Redirect Chain

https://6835781.fls.doubleclick.net/activityi;src=6835781;type=tdrew0;cat=tdrew0;ord=1;num=8046381200834;gtm=45fe32f0;auiddc=13383402.1676954938;u1=65286991678998325220791967694572194369;~oref=http...
https://6835781.fls.doubleclick.net/activityi;dc_pre=CIvSlP3npf0CFUsJtwAd8JsOag;src=6835781;type=tdrew0;cat=tdrew0;ord=1;num=8046381200834;gtm=45fe32f0;auiddc=13383402.1676954938;u1=652869916789983...

4 KB
1 KB

121ms
120ms

Document
text/html

142.251.12.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6835781.fls.doubleclick.net/activityi;dc_pre=CIvSlP3npf0CFUsJtwAd8JsOag;src=6835781;type=tdrew0;cat=tdrew0;ord=1;num=8046381200834;gtm=45fe32f0;auiddc=13383402.1676954938;u1=65286991678998325220791967694572194369;~oref=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6835781&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f149.1e100.net

Software

cafe /

Resource Hash

a8d77d3ec4edc3a5789830356c1c687526a3f702387959a7faa1b75a66095ccf

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tdrewards.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 1003
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Feb 2023 04:49:02 GMT
expires: Tue, 21 Feb 2023 04:49:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Feb 2023 04:49:02 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://6835781.fls.doubleclick.net/activityi;dc_pre=CIvSlP3npf0CFUsJtwAd8JsOag;src=6835781;type=tdrew0;cat=tdrew0;ord=1;num=8046381200834;gtm=45fe32f0;auiddc=13383402.1676954938;u1=65286991678998325220791967694572194369;~oref=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CLWHlf3npf0CFdD6cwEdGkELmg;src=6868519;type=credi0;cat=tdrew00-;ord=1;num=6399952894497;gtm=45fe32f0;auiddc=13383402.1676954938;~oref=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page Show response
6868519.fls.doubleclick.net/ Frame 6352
Redirect Chain

https://6868519.fls.doubleclick.net/activityi;src=6868519;type=credi0;cat=tdrew00-;ord=1;num=6399952894497;gtm=45fe32f0;auiddc=13383402.1676954938;~oref=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page?
https://6868519.fls.doubleclick.net/activityi;dc_pre=CLWHlf3npf0CFdD6cwEdGkELmg;src=6868519;type=credi0;cat=tdrew00-;ord=1;num=6399952894497;gtm=45fe32f0;auiddc=13383402.1676954938;~oref=https%3A%2...

412 B
349 B

16ms
15ms

Document
text/html

142.251.12.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6868519.fls.doubleclick.net/activityi;dc_pre=CLWHlf3npf0CFdD6cwEdGkELmg;src=6868519;type=credi0;cat=tdrew00-;ord=1;num=6399952894497;gtm=45fe32f0;auiddc=13383402.1676954938;~oref=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6868519&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f149.1e100.net

Software

cafe /

Resource Hash

e5d037a9028ef22299e1c0e72132a7802f189d491a6e0c8bac1ccdb83838b6bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tdrewards.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 239
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Feb 2023 04:49:02 GMT
expires: Tue, 21 Feb 2023 04:49:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Feb 2023 04:49:02 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://6868519.fls.doubleclick.net/activityi;dc_pre=CLWHlf3npf0CFdD6cwEdGkELmg;src=6868519;type=credi0;cat=tdrew00-;ord=1;num=6399952894497;gtm=45fe32f0;auiddc=13383402.1676954938;~oref=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

activityi;dc_pre=CNmxlv3npf0CFSbBcwEdJ4MC_g;src=5322602;type=rewar0;cat=tdrew002;ord=1;num=1952114974625;gtm=45fe32f0;auiddc=13383402.1676954938;u1=65286991678998325220791967694572194369;~oref=http... Show response
5322602.fls.doubleclick.net/ Frame 58C5
Redirect Chain

https://5322602.fls.doubleclick.net/activityi;src=5322602;type=rewar0;cat=tdrew002;ord=1;num=1952114974625;gtm=45fe32f0;auiddc=13383402.1676954938;u1=65286991678998325220791967694572194369;~oref=ht...
https://5322602.fls.doubleclick.net/activityi;dc_pre=CNmxlv3npf0CFSbBcwEdJ4MC_g;src=5322602;type=rewar0;cat=tdrew002;ord=1;num=1952114974625;gtm=45fe32f0;auiddc=13383402.1676954938;u1=6528699167899...

454 B
301 B

13ms
13ms

Document
text/html

142.251.12.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5322602.fls.doubleclick.net/activityi;dc_pre=CNmxlv3npf0CFSbBcwEdJ4MC_g;src=5322602;type=rewar0;cat=tdrew002;ord=1;num=1952114974625;gtm=45fe32f0;auiddc=13383402.1676954938;u1=65286991678998325220791967694572194369;~oref=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-5322602&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f149.1e100.net

Software

cafe /

Resource Hash

b2d8e4d7ec5513f64208402e398f7110bdd3752962b7cd635b1c313e29939dc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tdrewards.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 278
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Feb 2023 04:49:02 GMT
expires: Tue, 21 Feb 2023 04:49:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Feb 2023 04:49:02 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5322602.fls.doubleclick.net/activityi;dc_pre=CNmxlv3npf0CFSbBcwEdJ4MC_g;src=5322602;type=rewar0;cat=tdrew002;ord=1;num=1952114974625;gtm=45fe32f0;auiddc=13383402.1676954938;u1=65286991678998325220791967694572194369;~oref=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 angular-locale_en-ca.js Show response
www.tdrewards.com/templates/active/static/i18n/ 3 KB
3 KB 334ms
334ms Script
application/javascript 45.60.67.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tdrewards.com/templates/active/static/i18n/angular-locale_en-ca.js

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/vendors.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.67.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ Express

Resource Hash

67563318f781475915e443fef24576ea64e5de5a80e7ab3fd6b967de15538dcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/home-page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 04:49:02 GMT
strict-transport-security: max-age=157680000
last-modified: Sat, 11 Feb 2023 01:30:30 GMT
x-cdn: Imperva
x-powered-by: Express
etag: W/"a9a-1863e185ef0"
content-type: application/javascript; charset=UTF-8
x-iinfo: 13-6008114-6008296 PNNN RT(1676954935986 5913) q(0 1 1 -1) r(4 4) U24
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 2714

GET
H2 200 product Show response
www.tdrewards.com/api/productManagement/ 8 KB
8 KB 408ms
407ms XHR
application/json 45.60.67.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tdrewards.com/api/productManagement/product?name=$250+Education+Credit

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.67.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / Express

Resource Hash

e927dcebecb2c550da9428ce3ef949d06bd75ec8116b3a9df83dc7ab63c1f04c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=31536000, max-age=157680000, max-age=157680000
X-Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Accept-Language: zh-SG,zh;q=0.9
Authorization: AKlg6CJqcVNCiwSvljqATl62ReqhTHtDwuLOLUR3oi7HccK21FOc9P8qrxC7hMzV4DgiJEups4M4ZHVlRmQR2FyqSUdrVcyqs4KjdCqm3qLUNVrIbkxCiazmiu5wOBa8
X-Frame-Options: DENY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Accept: application/json, text/plain, */*
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Referer: https://www.tdrewards.com/home-page
X-XSS-Protection: 1

Response headers

expires: -1
date: Tue, 21 Feb 2023 04:49:02 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=31536000, max-age=157680000, max-age=157680000
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self'
x-permitted-cross-domain-policies: master-only
x-cdn: Imperva
x-powered-by: Express
x-iinfo: 13-6008114-6008300 PNNN RT(1676954935986 5920) q(0 0 0 -1) r(4 4) U24
x-xss-protection: 1; mode=block, 1; mode=block
pragma: no-cache
server: nginx/1.18.0 (Ubuntu)
x-download-options: noopen
x-frame-options: SAMEORIGIN, SAMEORIGIN, DENY
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, PATCH
content-type: application/json
access-control-allow-origin: https://www.tdrewards.com
cache-control: no-cache, private, max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, Accept, Authentication, Authorization, X-Requested-With, Access-Control-Allow-Credentials, Access-Control-Allow-Headers, Access-Control-Allow-Origin, Auth
x-content-security-policy: default-src 'self'

GET
H2 200 catalog Show response
www.tdrewards.com/api/productManagement/ 434 B
932 B 368ms
368ms XHR
application/json 45.60.67.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tdrewards.com/api/productManagement/catalog?program_id=1

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.67.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / Express

Resource Hash

c40b0b8b73b6b119800fdbdcb3446d2b8de94b8259ae69aba87bae0eebf1c971

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=31536000, max-age=157680000, max-age=157680000
X-Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Accept-Language: zh-SG,zh;q=0.9
Authorization: AKlg6CJqcVNCiwSvljqATl62ReqhTHtDwuLOLUR3oi7HccK21FOc9P8qrxC7hMzV4DgiJEups4M4ZHVlRmQR2FyqSUdrVcyqs4KjdCqm3qLUNVrIbkxCiazmiu5wOBa8
X-Frame-Options: DENY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Accept: application/json, text/plain, */*
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Referer: https://www.tdrewards.com/home-page
X-XSS-Protection: 1

Response headers

expires: -1
date: Tue, 21 Feb 2023 04:49:02 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=31536000, max-age=157680000, max-age=157680000
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self'
x-permitted-cross-domain-policies: master-only
x-cdn: Imperva
x-powered-by: Express
x-iinfo: 13-6008114-6008117 PNNN RT(1676954935986 5922) q(0 0 0 -1) r(3 3) U24
x-xss-protection: 1; mode=block, 1; mode=block
pragma: no-cache
server: nginx/1.18.0 (Ubuntu)
x-download-options: noopen
x-frame-options: SAMEORIGIN, SAMEORIGIN, DENY
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, PATCH
content-type: application/json
access-control-allow-origin: https://www.tdrewards.com
cache-control: no-cache, private, max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, Accept, Authentication, Authorization, X-Requested-With, Access-Control-Allow-Credentials, Access-Control-Allow-Headers, Access-Control-Allow-Origin, Auth
x-content-security-policy: default-src 'self'

GET
H2 200 getRoutesLastUpdatedAt Show response
www.tdrewards.com/api/utilityManagement/ 549 B
1 KB 1501ms
1501ms XHR
application/json 45.60.67.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tdrewards.com/api/utilityManagement/getRoutesLastUpdatedAt

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.67.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / Express

Resource Hash

905d300925852f6ba8691b604bc78cf5b2337c8ec73b7f844f0d3b69dda7e15a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=31536000, max-age=157680000, max-age=157680000
X-Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Accept-Language: zh-SG,zh;q=0.9
Authorization: AKlg6CJqcVNCiwSvljqATl62ReqhTHtDwuLOLUR3oi7HccK21FOc9P8qrxC7hMzV4DgiJEups4M4ZHVlRmQR2FyqSUdrVcyqs4KjdCqm3qLUNVrIbkxCiazmiu5wOBa8
X-Frame-Options: DENY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Accept: application/json, text/plain, */*
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Referer: https://www.tdrewards.com/home-page
X-XSS-Protection: 1

Response headers

expires: -1
date: Tue, 21 Feb 2023 04:49:03 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=31536000, max-age=157680000, max-age=157680000
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self'
x-permitted-cross-domain-policies: master-only
x-cdn: Imperva
x-powered-by: Express
x-iinfo: 13-6008114-6009218 NNNN CT(320 504 0) RT(1676954935986 5924) q(0 0 8 -1) r(15 15) U24
x-xss-protection: 1; mode=block, 1; mode=block
pragma: no-cache
server: nginx/1.18.0 (Ubuntu)
x-download-options: noopen
x-frame-options: SAMEORIGIN, SAMEORIGIN, DENY
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, PATCH
content-type: application/json
access-control-allow-origin: https://www.tdrewards.com
cache-control: no-cache, private, max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, Accept, Authentication, Authorization, X-Requested-With, Access-Control-Allow-Credentials, Access-Control-Allow-Headers, Access-Control-Allow-Origin, Auth
x-content-security-policy: default-src 'self'

GET
H2 200 dc_pre=CLWHlf3npf0CFdD6cwEdGkELmg;src=6868519;type=credi0;cat=tdrew00-;ord=1;num=6399952894497;gtm=45fe32f0;auiddc=*;~oref=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page
adservice.google.com/ddm/fls/z/ Frame 6352 42 B
401 B 19ms
8ms Image
image/gif 2404:6800:4003:c05::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLWHlf3npf0CFdD6cwEdGkELmg;src=6868519;type=credi0;cat=tdrew00-;ord=1;num=6399952894497;gtm=45fe32f0;auiddc=*;~oref=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page

Requested by

Host: 6868519.fls.doubleclick.net
URL: https://6868519.fls.doubleclick.net/activityi;dc_pre=CLWHlf3npf0CFdD6cwEdGkELmg;src=6868519;type=credi0;cat=tdrew00-;ord=1;num=6399952894497;gtm=45fe32f0;auiddc=13383402.1676954938;~oref=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://6868519.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 04:49:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CNmxlv3npf0CFSbBcwEdJ4MC_g;src=5322602;type=rewar0;cat=tdrew002;ord=1;num=1952114974625;gtm=45fe32f0;auiddc=*;u1=65286991678998325220791967694572194369;~oref=https%3A%2F%2Fwww.tdrewards.com%...
adservice.google.com/ddm/fls/z/ Frame 58C5 42 B
107 B 8ms
8ms Image
image/gif 2404:6800:4003:c05::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CNmxlv3npf0CFSbBcwEdJ4MC_g;src=5322602;type=rewar0;cat=tdrew002;ord=1;num=1952114974625;gtm=45fe32f0;auiddc=*;u1=65286991678998325220791967694572194369;~oref=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page

Requested by

Host: 5322602.fls.doubleclick.net
URL: https://5322602.fls.doubleclick.net/activityi;dc_pre=CNmxlv3npf0CFSbBcwEdJ4MC_g;src=5322602;type=rewar0;cat=tdrew002;ord=1;num=1952114974625;gtm=45fe32f0;auiddc=13383402.1676954938;u1=65286991678998325220791967694572194369;~oref=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://5322602.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 04:49:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK c099ced574 Show response
bam.nr-data.net/1/ 49 B
625 B 586ms
524ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/c099ced574?a=9185954&sa=1&v=1026.7a27a3e&t=Unnamed%20Transaction&rst=7061&ref=https://www.tdrewards.com/home-page&be=2115&fe=6942&dc=6488&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1676954935398,%22n%22:0,%22f%22:1079,%22dn%22:1080,%22dne%22:1098,%22c%22:1098,%22s%22:1100,%22ce%22:1107,%22rq%22:1107,%22rp%22:2091,%22rpe%22:2093,%22dl%22:2094,%22di%22:6486,%22ds%22:6487,%22de%22:6558,%22dc%22:6941,%22l%22:6941,%22le%22:7009%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1026.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Apex, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.tdrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Tue, 21 Feb 2023 04:49:03 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
access-control-allow-credentials: true
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
CF-Ray: 79ccda66c95e878d-SIN

GET
H2 200 dc_pre=CIvSlP3npf0CFUsJtwAd8JsOag;src=6835781;type=tdrew0;cat=tdrew0;ord=1;num=8046381200834;gtm=45fe32f0;auiddc=*;u1=65286991678998325220791967694572194369;~oref=https%3A%2F%2Fwww.tdrewards.com%2F...
adservice.google.com/ddm/fls/z/ Frame 2C8A 42 B
107 B 8ms
8ms Image
image/gif 2404:6800:4003:c05::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CIvSlP3npf0CFUsJtwAd8JsOag;src=6835781;type=tdrew0;cat=tdrew0;ord=1;num=8046381200834;gtm=45fe32f0;auiddc=*;u1=65286991678998325220791967694572194369;~oref=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page

Requested by

Host: 6835781.fls.doubleclick.net
URL: https://6835781.fls.doubleclick.net/activityi;dc_pre=CIvSlP3npf0CFUsJtwAd8JsOag;src=6835781;type=tdrew0;cat=tdrew0;ord=1;num=8046381200834;gtm=45fe32f0;auiddc=13383402.1676954938;u1=65286991678998325220791967694572194369;~oref=https%3A%2F%2Fwww.tdrewards.com%2Fhome-page?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://6835781.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 04:49:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

activityi;dc_pre=CM_dnf3npf0CFYvWcwEdcvoA5A;src=5967600;type=invmedia;cat=tdrew000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=3416028331337.386 Show response
5967600.fls.doubleclick.net/ Frame 1BB6
Redirect Chain

https://5967600.fls.doubleclick.net/activityi;src=5967600;type=invmedia;cat=tdrew000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=3416028331337.386?
https://5967600.fls.doubleclick.net/activityi;dc_pre=CM_dnf3npf0CFYvWcwEdcvoA5A;src=5967600;type=invmedia;cat=tdrew000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_conse...

1 KB
510 B

13ms
13ms

Document
text/html

142.251.12.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5967600.fls.doubleclick.net/activityi;dc_pre=CM_dnf3npf0CFYvWcwEdcvoA5A;src=5967600;type=invmedia;cat=tdrew000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=3416028331337.386?

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f149.1e100.net

Software

cafe /

Resource Hash

43c7b88cc0cb9365c178c383736728f3962eb0c1c3ea8beba05497e2fe431ca8

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6835781.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 487
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Feb 2023 04:49:02 GMT
expires: Tue, 21 Feb 2023 04:49:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Feb 2023 04:49:02 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5967600.fls.doubleclick.net/activityi;dc_pre=CM_dnf3npf0CFYvWcwEdcvoA5A;src=5967600;type=invmedia;cat=tdrew000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=3416028331337.386?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

activityi;dc_pre=CNyAnv3npf0CFUHrcwEdMFwBHQ;src=10393945;type=invmedia;cat=tdban02l;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=6645594186706.512 Show response
10393945.fls.doubleclick.net/ Frame 0E90
Redirect Chain

https://10393945.fls.doubleclick.net/activityi;src=10393945;type=invmedia;cat=tdban02l;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=6645594186706.512?
https://10393945.fls.doubleclick.net/activityi;dc_pre=CNyAnv3npf0CFUHrcwEdMFwBHQ;src=10393945;type=invmedia;cat=tdban02l;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_con...

423 B
259 B

18ms
17ms

Document
text/html

142.251.12.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10393945.fls.doubleclick.net/activityi;dc_pre=CNyAnv3npf0CFUHrcwEdMFwBHQ;src=10393945;type=invmedia;cat=tdban02l;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=6645594186706.512?

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f149.1e100.net

Software

cafe /

Resource Hash

af5abda593f02e8051047e46c4d0feab732de604dfae48868502041b69615884

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6835781.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 236
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Feb 2023 04:49:02 GMT
expires: Tue, 21 Feb 2023 04:49:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Feb 2023 04:49:02 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10393945.fls.doubleclick.net/activityi;dc_pre=CNyAnv3npf0CFUHrcwEdMFwBHQ;src=10393945;type=invmedia;cat=tdban02l;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=6645594186706.512?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 2C8A 106 KB
28 KB 24ms
6ms Script
application/x-javascript 2a03:2880:f00c:300:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dca9b6afcb6c37d6a32456973fe5f2986a348a70d11774e102de6fc420992a19

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://6835781.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 21 Feb 2023 04:49:02 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27843
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: qv8OBwD+kYfKP2A3pknFUNS8Q9h7xcziEjn4FBU+r5mrxz/+RZ+WLAKBA3CSvCMbs8UeNf19/6vg2IUWEBpDrA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 548340344
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame 1BB6 45 KB
17 KB 23ms
8ms Script
text/javascript 142.250.4.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: 5967600.fls.doubleclick.net
URL: https://5967600.fls.doubleclick.net/activityi;dc_pre=CM_dnf3npf0CFYvWcwEdcvoA5A;src=5967600;type=invmedia;cat=tdrew000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=3416028331337.386?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f155.1e100.net

Software

cafe /

Resource Hash

68f274e5330a1431b6e07a6a979209097633d713576cf9620bee34a6bd898ad7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://5967600.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 04:49:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16815
x-xss-protection: 0
server: cafe
etag: 17544913231395580258
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 21 Feb 2023 04:49:02 GMT

GET
H3 200 dc_pre=CM_dnf3npf0CFYvWcwEdcvoA5A;src=5967600;type=invmedia;cat=tdrew000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=3416028331337.386
adservice.google.com/ddm/fls/z/ Frame 1BB6 42 B
63 B 10ms
9ms Image
image/gif 2404:6800:4003:c05::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CM_dnf3npf0CFYvWcwEdcvoA5A;src=5967600;type=invmedia;cat=tdrew000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=3416028331337.386

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://5967600.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 04:49:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_pre=CNyAnv3npf0CFUHrcwEdMFwBHQ;src=10393945;type=invmedia;cat=tdban02l;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=6645594186706.512
adservice.google.com/ddm/fls/z/ Frame 0E90 42 B
63 B 9ms
9ms Image
image/gif 2404:6800:4003:c05::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CNyAnv3npf0CFUHrcwEdMFwBHQ;src=10393945;type=invmedia;cat=tdban02l;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=6645594186706.512

Requested by

Host: 10393945.fls.doubleclick.net
URL: https://10393945.fls.doubleclick.net/activityi;dc_pre=CNyAnv3npf0CFUHrcwEdMFwBHQ;src=10393945;type=invmedia;cat=tdban02l;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=6645594186706.512?

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://10393945.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 04:49:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2368582946583330 Show response
connect.facebook.net/signals/config/ Frame 2C8A 150 KB
41 KB 356ms
355ms Script
application/x-javascript 2a03:2880:f00c:300:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2368582946583330?v=2.9.96&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7bc954af5c2c5f341874056b0e2bae37868b044ad67d9c292f9fa5817ba00efc

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://6835781.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 21 Feb 2023 04:49:02 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: ip8O8Kz7kjh2vLYPJI4p/UZvfH5a/ffKSumEkXRQfGEBZRC7sPBMfXS1yU2RsHr7ujIeI9qwSSTXhrJdnTDQpg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 548340344
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/875695358/ Frame 1BB6 2 KB
1 KB 10ms
10ms Script
text/javascript 142.250.4.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/875695358/?random=1676954942590&cv=9&fst=1676954942590&num=1&npa=1&label=Yk5PCMaLxYYYEP6ZyKED&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F5967600.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCM_dnf3npf0CFYvWcwEdcvoA5A%3Bsrc%3D5967600%3Btype%3Dinvmedia%3Bcat%3Dtdrew000%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bnpa%3D%3Bgdpr%3D%3Bgdpr_consent%3D%3Bord%3D3416028331337.386%3F&ref=https%3A%2F%2F6835781.fls.doubleclick.net%2F&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f155.1e100.net

Software

cafe /

Resource Hash

ffb2caa2bc9a1e3d990a45ad6389036d04655667a306437ffd87589576a1607f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://5967600.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 04:49:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.com.sg/pagead/1p-conversion/875695358/ Frame 1BB6
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/875695358/?random=966415143&cv=9&fst=1676954942590&num=1&npa=1&label=Yk5PCMaLxYYYEP6ZyKED&guid=ON&resp=GooglemKTybQhCsO&eid=37560326...
https://www.google.com/pagead/1p-conversion/875695358/?random=966415143&cv=9&fst=1676954942590&num=1&npa=1&label=Yk5PCMaLxYYYEP6ZyKED&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926&u_h=120...
https://www.google.com.sg/pagead/1p-conversion/875695358/?random=966415143&cv=9&fst=1676954942590&num=1&npa=1&label=Yk5PCMaLxYYYEP6ZyKED&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926&u_h=...

42 B
64 B

13ms
13ms

Image
image/gif

2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/pagead/1p-conversion/875695358/?random=966415143&cv=9&fst=1676954942590&num=1&npa=1&label=Yk5PCMaLxYYYEP6ZyKED&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F5967600.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCM_dnf3npf0CFYvWcwEdcvoA5A%3Bsrc%3D5967600%3Btype%3Dinvmedia%3Bcat%3Dtdrew000%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bnpa%3D%3Bgdpr%3D%3Bgdpr_consent%3D%3Bord%3D3416028331337.386%3F&ref=https%3A%2F%2F6835781.fls.doubleclick.net%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=Pk30Y5XCJJmY9fwPm96hmAM&cid=CAQSKQDUE5ymhWXLcOrxxYAFpB_K5l9ISrF8xmygxL-BHq0OgdKF5rQydJID&random=699353179&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Requested by

Protocol

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://5967600.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 04:49:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 21 Feb 2023 04:49:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.com.sg/pagead/1p-conversion/875695358/?random=966415143&cv=9&fst=1676954942590&num=1&npa=1&label=Yk5PCMaLxYYYEP6ZyKED&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F5967600.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCM_dnf3npf0CFYvWcwEdcvoA5A%3Bsrc%3D5967600%3Btype%3Dinvmedia%3Bcat%3Dtdrew000%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bnpa%3D%3Bgdpr%3D%3Bgdpr_consent%3D%3Bord%3D3416028331337.386%3F&ref=https%3A%2F%2F6835781.fls.doubleclick.net%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=Pk30Y5XCJJmY9fwPm96hmAM&cid=CAQSKQDUE5ymhWXLcOrxxYAFpB_K5l9ISrF8xmygxL-BHq0OgdKF5rQydJID&random=699353179&resp=GooglemKTybQhCsO&ipr=y&prhg=0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 category Show response
www.tdrewards.com/api/productManagement/ 918 B
1 KB 368ms
368ms XHR
application/json 45.60.67.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tdrewards.com/api/productManagement/category?catalog_id=1&category_id=&name=Gift+Cards

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.67.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / Express

Resource Hash

c960fe716f4de22ccaa7f13c6f643a2e0db2bb94b0a25405ac3bccba0b5c6c7f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=31536000, max-age=157680000, max-age=157680000
X-Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Accept-Language: zh-SG,zh;q=0.9
Authorization: AKlg6CJqcVNCiwSvljqATl62ReqhTHtDwuLOLUR3oi7HccK21FOc9P8qrxC7hMzV4DgiJEups4M4ZHVlRmQR2FyqSUdrVcyqs4KjdCqm3qLUNVrIbkxCiazmiu5wOBa8
X-Frame-Options: DENY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Accept: application/json, text/plain, */*
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Referer: https://www.tdrewards.com/home-page
X-XSS-Protection: 1

Response headers

expires: -1
date: Tue, 21 Feb 2023 04:49:03 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=31536000, max-age=157680000, max-age=157680000
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self'
x-permitted-cross-domain-policies: master-only
x-cdn: Imperva
x-powered-by: Express
x-iinfo: 13-6008114-6008296 PNNN RT(1676954935986 6294) q(0 0 0 -1) r(4 4) U24
x-xss-protection: 1; mode=block, 1; mode=block
pragma: no-cache
server: nginx/1.18.0 (Ubuntu)
x-download-options: noopen
x-frame-options: SAMEORIGIN, SAMEORIGIN, DENY
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, PATCH
content-type: application/json
access-control-allow-origin: https://www.tdrewards.com
cache-control: no-cache, private, max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, Accept, Authentication, Authorization, X-Requested-With, Access-Control-Allow-Credentials, Access-Control-Allow-Headers, Access-Control-Allow-Origin, Auth
x-content-security-policy: default-src 'self'

GET
H2 200 6820 Show response
www.tdrewards.com/api/productManagement/product/ 268 KB
269 KB 1714ms
1713ms XHR
application/json 45.60.67.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tdrewards.com/api/productManagement/product/6820

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.67.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / Express

Resource Hash

27d8393d1d9926c6eb731657049709098c6a3aa93d875caa3b58643842a640a3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=31536000, max-age=157680000, max-age=157680000
X-Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Accept-Language: zh-SG,zh;q=0.9
Authorization: AKlg6CJqcVNCiwSvljqATl62ReqhTHtDwuLOLUR3oi7HccK21FOc9P8qrxC7hMzV4DgiJEups4M4ZHVlRmQR2FyqSUdrVcyqs4KjdCqm3qLUNVrIbkxCiazmiu5wOBa8
X-Frame-Options: DENY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Accept: application/json, text/plain, */*
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Referer: https://www.tdrewards.com/home-page
X-XSS-Protection: 1

Response headers

expires: -1
date: Tue, 21 Feb 2023 04:49:04 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=31536000, max-age=157680000, max-age=157680000
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self'
x-permitted-cross-domain-policies: master-only
x-cdn: Imperva
x-powered-by: Express
x-iinfo: 13-6008114-6009248 NNNN CT(248 498 0) RT(1676954935986 6331) q(0 0 7 -1) r(17 17) U24
x-xss-protection: 1; mode=block, 1; mode=block
pragma: no-cache
server: nginx/1.18.0 (Ubuntu)
x-download-options: noopen
x-frame-options: SAMEORIGIN, SAMEORIGIN, DENY
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, PATCH
content-type: application/json
access-control-allow-origin: https://www.tdrewards.com
cache-control: no-cache, private, max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, Accept, Authentication, Authorization, X-Requested-With, Access-Control-Allow-Credentials, Access-Control-Allow-Headers, Access-Control-Allow-Origin, Auth
x-content-security-policy: default-src 'self'

GET
H3 200 inferredevents.js Show response
connect.facebook.net/signals/plugins/ Frame 2C8A 72 KB
22 KB 8ms
4ms Script
application/x-javascript 2a03:2880:f00c:300:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredevents.js?v=2.9.96

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://6835781.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 21 Feb 2023 04:49:02 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 21972
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: QuYiXHKCBmbtZ43r9XZ/BVYVOnOCO5dntv0eoPy/XtquUgtCBqlAsCPMs41/p/G3xQ3NleMtiGi9aTaBta+aww==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 2C8A 0
185 B 33ms
3ms Image
text/plain 2a03:2880:f10c:381:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2368582946583330&ev=RewardsLandingPageENFR&dl=https%3A%2F%2F6835781.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCIvSlP3npf0CFUsJtwAd8JsOag%3Bsrc%3D6835781%3Btype%3Dtdrew0%3Bcat%3Dtdrew0%3Bord%3D1%3Bnum%3D8046381200834%3Bgtm%3D45fe32f0%3Bauiddc%3D13383402.1676954938%3Bu1%3D65286991678998325220791967694572194369%3B~oref%3Dhttps%253A%252F%252Fwww.tdrewards.com%252Fhome-page%3F&rl=https%3A%2F%2Fwww.tdrewards.com%2F&if=true&ts=1676954943008&sw=1600&sh=1200&v=2.9.96&r=stable&ec=0&o=28&it=1676954942579&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10c:381:face:b00c:0:25de , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://6835781.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 21 Feb 2023 04:49:03 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ Frame 2C8A 0
31 B 34ms
4ms Image
text/plain 2a03:2880:f10c:381:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2368582946583330&ev=PageView&dl=https%3A%2F%2F6835781.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCIvSlP3npf0CFUsJtwAd8JsOag%3Bsrc%3D6835781%3Btype%3Dtdrew0%3Bcat%3Dtdrew0%3Bord%3D1%3Bnum%3D8046381200834%3Bgtm%3D45fe32f0%3Bauiddc%3D13383402.1676954938%3Bu1%3D65286991678998325220791967694572194369%3B~oref%3Dhttps%253A%252F%252Fwww.tdrewards.com%252Fhome-page%3F&rl=https%3A%2F%2Fwww.tdrewards.com%2F&if=true&ts=1676954943018&sw=1600&sh=1200&v=2.9.96&r=stable&ec=1&o=28&cs_est=true&it=1676954942579&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10c:381:face:b00c:0:25de , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://6835781.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 21 Feb 2023 04:49:03 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 getAppComponents
www.tdrewards.com/api/utilityManagement/ 548 KB
0 1914ms
1914ms XHR
application/json 45.60.67.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tdrewards.com/api/utilityManagement/getAppComponents

Requested by

Host: www.tdrewards.com
URL: https://www.tdrewards.com/home-page

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.67.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / Express

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=31536000, max-age=157680000, max-age=157680000
X-Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Accept-Language: zh-SG,zh;q=0.9
Authorization: AKlg6CJqcVNCiwSvljqATl62ReqhTHtDwuLOLUR3oi7HccK21FOc9P8qrxC7hMzV4DgiJEups4M4ZHVlRmQR2FyqSUdrVcyqs4KjdCqm3qLUNVrIbkxCiazmiu5wOBa8
X-Frame-Options: DENY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Accept: application/json, text/plain, */*
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Referer: https://www.tdrewards.com/home-page
X-XSS-Protection: 1

Response headers

expires: -1
date: Tue, 21 Feb 2023 04:49:05 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=31536000, max-age=157680000, max-age=157680000
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self'
x-permitted-cross-domain-policies: master-only
x-cdn: Imperva
x-powered-by: Express
x-iinfo: 13-6008114-6009437 NNNN CT(246 489 0) RT(1676954935986 7427) q(0 0 7 -1) r(19 19) U24
x-xss-protection: 1; mode=block, 1; mode=block
pragma: no-cache
server: nginx/1.18.0 (Ubuntu)
x-download-options: noopen
x-frame-options: SAMEORIGIN, SAMEORIGIN, DENY
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, PATCH
content-type: application/json
access-control-allow-origin: https://www.tdrewards.com
cache-control: no-cache, private, max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, Accept, Authentication, Authorization, X-Requested-With, Access-Control-Allow-Credentials, Access-Control-Allow-Headers, Access-Control-Allow-Origin, Auth
x-content-security-policy: default-src 'self'

Verdicts & Comments Add Verdict or Comment

109 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

50 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
eurox.co.th/	1969-12-31 23:59:59	Name: PHPSESSID Value: vp89c6k298s468fsb810fji0lm
.tdrewards.com/	1970-01-20 18:34:02	Name: visid_incap_2714874 Value: /u0/7SntQY62Oq540uOzejdN9GMAAAAAQUIPAAAAAABrBDJ9PlR2NFxuQooWJPJe
.tdrewards.com/	1969-12-31 23:59:59	Name: incap_ses_961_2714874 Value: QMjuatnUqFxYYvLFNylWDThN9GMAAAAAah+V/jct+KF5lEWDgdnkjQ==
.tdrewards.com/	1969-12-31 23:59:59	Name: at_check Value: true
.tdrewards.com/	1970-01-20 11:58:50	Name: _gcl_au Value: 1.1.13383402.1676954938
.doubleclick.net/	1970-01-20 19:25:14	Name: IDE Value: AHWqTUliv4F_pYO0K_EDpcHheIcIt10Cv-JXy-YUiPlU0SugVfsg2T0uQUTJrDWy
.demdex.net/	1970-01-20 14:08:26	Name: demdex Value: 65554699200568542640765205158559620211
.tdrewards.com/	1969-12-31 23:59:59	Name: AMCVS_A783776A5245B1E50A490D44%40AdobeOrg Value: 1
.tdrewards.com/	1970-01-20 19:25:14	Name: mbox Value: session#b89ab6076a5a46019c400c2ef20cad80#1676956798\|PC#b89ab6076a5a46019c400c2ef20cad80.38_0#1740199739
.tdrewards.com/	1970-01-20 09:49:16	Name: mboxEdgeCluster Value: 38
.td.com/	1970-01-20 19:25:14	Name: s_ecid Value: MCMID%7C65286991678998325220791967694572194369
.everesttech.net/	1970-01-20 18:34:50	Name: everest_g_v2 Value: g_surferid~Y-RNOgAAAEaDMgM5
.tdrewards.com/	1970-01-20 10:32:26	Name: s_pers Value: %20s_vnum%3D1677024000040%2526vn%253D1%7C1677024000040%3B%20s_invisit%3Dtrue%7C1676956738793%3B%20s_nr%3D1676954938796-New%7C1679546938796%3B
.tdrewards.com/	1969-12-31 23:59:59	Name: s_sess Value: %20s_cc%3Dtrue%3B
.dpm.demdex.net/	1970-01-20 14:08:26	Name: dpm Value: 65554699200568542640765205158559620211
.tdrewards.com/	1970-01-20 19:25:14	Name: AMCV_A783776A5245B1E50A490D44%40AdobeOrg Value: 359503849%7CMCIDTS%7C19410%7CMCMID%7C65286991678998325220791967694572194369%7CMCAAMLH-1677559738%7C9%7CMCAAMB-1677559738%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1676962138s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19417%7CvVersion%7C5.0.1
.tdrewards.com/	1970-01-20 14:08:26	Name: AAMC_td_0 Value: REGION%7C9
.tdrewards.com/	1970-01-20 10:32:26	Name: aam_uuid Value: 65554699200568542640765205158559620211
.agkn.com/	1970-01-20 18:34:50	Name: ab Value: 0001%3AiyvYmCUip3SuSEEmCvZFszDcFh%2BwSGrp
.tapad.com/	1970-01-20 11:15:38	Name: TapAd_TS Value: 1676954939926
.tapad.com/	1970-01-20 11:15:38	Name: TapAd_DID Value: 8906e4cb-5be1-4f53-8b5b-a50c399d7dfe
.tapad.com/	1970-01-20 11:15:38	Name: TapAd_3WAY_SYNCS Value:
.rubiconproject.com/	1970-01-20 18:34:50	Name: khaos Value: LEDRO8YR-1A-BRCW
.rubiconproject.com/	1970-01-20 18:34:50	Name: audit Value: 1\|CoxhWiRPmcSfT3hf5SuBtkik5Ruuh85YMfUh7Waxl5LE50xgAul76S4kESAnODSmM3Sx6uevExdBK03vAHceEOzJ7rckCi5u3JnAOXg7G4RSOAFlY8yEEnkxU9qOv+pvKawvTDtVJj798cFCP8VqeC1i16q/CKGC5cmAxi7+9V1o8946LEpae9kIb4G5wtpyAWUOhSrDlPzc6UO785F0Pw==
.mathtag.com/	1970-01-20 19:15:10	Name: uuid Value: 839963f4-4d3b-4600-b847-f418e4abbc36
.twitter.com/	1970-01-20 19:25:14	Name: personalization_id Value: "v1_K0PkiQzI+r8qySxgyZ9xXw=="
.everesttech.net/	1970-01-20 10:33:53	Name: ev_sync_ax Value: 20230221
.everesttech.net/	1969-12-31 23:59:59	Name: everest_session_v2 Value: Y-RNPAAAAFE2PS63
.33across.com/	1970-01-20 18:34:50	Name: 33x_ps Value: u%3D212085385848298%3As1%3D1676954940565%3Ats%3D1676954940565
.quantserve.com/	1970-01-20 11:58:50	Name: d Value: EO4BDAGsKLmvYA
.quantserve.com/	1970-01-20 19:19:29	Name: mc Value: 63f44d3c-c90a4-c4ce0-aff9d
.bing.com/	1970-01-20 19:10:50	Name: MUID Value: 36569B042D2E6142056689BB2C7460FB
.c.bing.com/	1970-01-20 09:59:19	Name: MR Value: 0
.adnxs.com/	1970-01-20 11:58:50	Name: uuid2 Value: 3933931207103664479
.ml314.com/	1970-01-20 18:34:50	Name: pi Value: 3633754004779958300
.yahoo.com/	1970-01-20 18:35:12	Name: A3 Value: d=AQABBD1N9GMCEN6JV7hCg2aJSQdvGZVXcfcFEgEBAQGe9WP-YwAAAAAA_eMAAA&S=AQAAAnXdsrG5dk-fSf-n6AaQ3Sg
.tribalfusion.com/	1970-01-20 11:58:50	Name: ANON_ID Value: aanr6ix2eNlSE0U7bdvpGIQKvvvMOluLWNxFwgZbFZdGWMRZdf2P2O2ZaZaGavOXE1SPfrSZcT1Ipu
.owneriq.net/	1970-01-20 19:25:14	Name: si Value: Q7302413411610826026
.owneriq.net/	1970-01-20 10:03:38	Name: p2 Value: adpq
.everesttech.net/	1970-01-20 10:33:53	Name: ev_sync_yh Value: 20230221
.demdex.net/	1970-01-20 14:08:26	Name: dextp Value: 21-1-1676954939483\|269-1-1676954939584\|358-1-1676954939686\|481-1-1676954939787\|540-1-1676954939889\|601-1-1676954939989\|771-1-1676954940090\|1123-1-1676954940191\|1083-1-1676954940293\|1085-1-1676954940394\|1086-1-1676954940494\|1087-1-1676954940595\|1088-1-1676954940696\|1175-1-1676954940797\|1957-1-1676954940898\|19913-1-1676954940999\|22054-1-1676954941100\|22052-1-1676954941201\|30646-1-1676954941302\|575-1-1676954941403\|53196-1-1676954941535\|59982-1-1676954941637\|83349-1-1676954941739\|139200-1-1676954941855
.tdrewards.com/	1970-01-20 09:49:34	Name: myNewName Value: GA1.2.1937345551.1676954942
.tdrewards.com/	1970-01-20 09:50:41	Name: myNewName_gid Value: GA1.2.1967928591.1676954942
.tdrewards.com/	1970-01-20 09:49:15	Name: _gat Value: 1
.tdrewards.com/	1970-01-20 09:50:41	Name: _uetsid Value: 0fc11340b1a311ed96790335828f778d
.tdrewards.com/	1970-01-20 19:10:50	Name: _uetvid Value: 0fc150c0b1a311edaee125c96598d331
.bat.bing.com/	1970-01-20 09:59:19	Name: MR Value: 0
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 584fbe456b1fc0b1
.amazon-adsystem.com/	1970-01-20 15:08:55	Name: ad-id Value: A3yZeWWxr09um7Wg3azGtOc
.amazon-adsystem.com/	1970-01-20 19:25:14	Name: ad-privacy Value: 0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=157680000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10393945.fls.doubleclick.net
5322602.fls.doubleclick.net
5967600.fls.doubleclick.net
6835781.fls.doubleclick.net
6868519.fls.doubleclick.net
a.tribalfusion.com
aa.agkn.com
ad.doubleclick.net
ads.yahoo.com
adservice.google.com
analytics.twitter.com
bam.nr-data.net
bat.bing.com
c.bing.com
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
connect.facebook.net
dp2.33across.com
dpm.demdex.net
eurox.co.th
exchange.adstanding.com
fei.pro-market.net
googleads.g.doubleclick.net
ib.adnxs.com
js-agent.newrelic.com
ml314.com
nexus.ensighten.com
pixel.everesttech.net
pixel.tapad.com
px.owneriq.net
s.amazon-adsystem.com
s.tribalfusion.com
smetrics.td.com
stats.g.doubleclick.net
sync.mathtag.com
td.demdex.net
tdbankfinancialgroup.tt.omtrdc.net
token.rubiconproject.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.com.sg
www.googleadservices.com
www.googletagmanager.com
www.tdrewards.com
103.229.205.242
104.244.42.131
104.254.150.228
106.10.236.147
128.199.65.28
13.251.123.168
13.33.33.44
13.33.88.15
142.250.4.155
142.251.12.149
151.101.130.137
162.247.241.14
184.87.224.46
23.44.4.160
2404:6800:4003:c04::5e
2404:6800:4003:c04::64
2404:6800:4003:c04::9c
2404:6800:4003:c05::9d
2404:6800:4003:c0f::61
2404:6800:4003:c11::69
2404:6800:4003:c11::9a
2406:2000:98:800::e6
2600:1901:0:8eee::
2606:4700::6812:19ad
2620:116:800e:21:a878:7c6e:cf7b:3362
2620:1ec:c11::200
2a03:2880:f00c:300:face:b00c:0:3
2a03:2880:f10c:381:face:b00c:0:25de
3.232.106.236
34.111.113.62
34.111.234.236
45.60.67.34
52.221.116.71
52.40.43.63
52.46.155.104
52.74.176.159
54.191.164.145
64.233.170.148
67.202.105.22
69.173.158.64
74.125.68.156
0233f0055b6793351df070915174f7f20caeb677d89cb5f00ba079f7b419eabe
0b56b8c4d5220e4b9a27fa00039f6ad5b85de527ea329b5c339e2da794e14685
124286d220033a51d2e23e516aabe41dfa042f54c6d0671aa312399613150945
17bd1c297a7fd1221272d080053f887bb97c03bfc16d6f96bdd7f08bf87dbbd5
1d26490f083b209ef29e08d092649725edf15ac2b33ad62fdeaafd37f7d79d6f
1d9fa614e93a37b93f4703069681109736107edd5d21e650214fd3635b630101
27d8393d1d9926c6eb731657049709098c6a3aa93d875caa3b58643842a640a3
2d10816bada4d94734c1cb7e191ffb89ea7d9bb5c11b3e680f6b00c3a28d4e41
312e14f3a5f3be412fb683c8cfc4e624ffd74ae69f4311a21c35e2aa0e53cf18
3419780f825800a9a73c6afd5a23ce681cdb40c853973df484cfbe562d615cd1
37d362b9a9ee410b0808361b5e9d7fe6b87f90136f11af6b7aa20acfd04a1add
38e54b018e6e43f0a7b3cd3eb0579f24aa25ca81df1c7855100192655a71d525
3a898777a143b7ae203f79a48fd8dce238ccf68149fe40be19856fff555a7c45
3b30c57fee08b8710ae3ec4a4f44cab038c7c238fbef21adf60791b6af5d3190
3c8dbe5ad779a3f67f56f6baa86fa88a6a081b767e8b72dbd9d113d86f7b89c0
3e8f184d14b219a6f50e76350588a0eb9c5ed6864a53f0bad9546110a8cd8e92
3e96ba81f8f49425b9de546b2cfbdace67a1fcb4c73185008b244f27ae859e44
43c7b88cc0cb9365c178c383736728f3962eb0c1c3ea8beba05497e2fe431ca8
4caf2a00458d47a2bfff23de81c0f5f5210d3a3058ab7a0158e4efe91d257456
543483a3d7bc475eaf84800deea944f600e6b027943caa14106a50e86d8c2401
5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5dd541f86adc77bd7612c4b5db6b29de37ea723c207df576f7233e26c76b174e
67563318f781475915e443fef24576ea64e5de5a80e7ab3fd6b967de15538dcc
68f274e5330a1431b6e07a6a979209097633d713576cf9620bee34a6bd898ad7
6f0ec681a73576259e3c0f725a1a8c9f215ae2ce52551decf12f77723f3e5f03
71fe0d527ac638c5011ba09d8daffec5bd7df5adaa5a2a40a6f1bc4d60d70a9b
75cb640817c000c552459be3f9724ddff09dda295778fff59f8e5658b8c11778
7bc954af5c2c5f341874056b0e2bae37868b044ad67d9c292f9fa5817ba00efc
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8430e365f8defac031dcde01850e7c9fbf4d4108b991dba7c7bb411cab7a0cff
8adf7be5e4b8e09896eb13e9eaa409a3bcf7d35a096c858127816cd520d8b13f
8b169ef52fe5cea9379209bef87fabb2d938df4fc83b37c68f227441bd18cd9b
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
905d300925852f6ba8691b604bc78cf5b2337c8ec73b7f844f0d3b69dda7e15a
91db30ce7bd989f8747f6fbd4904b51e4bce94402d1ac1be620cdb1b2f7cc1d9
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
96382b968f4188ecb61234d096064966791ff34837b350da7c1fbdd2a330aea5
9d8d36ec991648966bcc74a24f32a76f70569c8092f29c68414dd2cb9524a831
9f7f0aac31b42f522acb98b30538f54700527a2ff29eefc83b5645759d7202f4
9f8315d9a3ac8497d0d3eee3467a75e8cb5fcdda48d13788d65e0affae95aeb0
a80b195e566730152bb016cdbc57551eed47f3780a47128dc2c216a1e3129560
a8d77d3ec4edc3a5789830356c1c687526a3f702387959a7faa1b75a66095ccf
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
af5abda593f02e8051047e46c4d0feab732de604dfae48868502041b69615884
b01c318a2d203648a68b4d58392fa3820247a76ef7fe6dcffcf193ff26fcec3b
b259491c5c5970fd231707d1d7ad77b8c21823ef52cd55e59b10253132bf0ade
b2d8e4d7ec5513f64208402e398f7110bdd3752962b7cd635b1c313e29939dc9
bde0dcec69fee23a4d9549a2c5a935a8a831c8f8d5019576b7047ce5d7214064
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c40b0b8b73b6b119800fdbdcb3446d2b8de94b8259ae69aba87bae0eebf1c971
c435905afdceb8574bb5585f2f267706e6410ae7d66bdb6f00a7add26de2a487
c5255d7511a99bdbd69ca226437b2ea9db4c34f83c4bddfd88978ed49df9c517
c89295f4cf9f044cc628d03fcdfde1d1d4a9d9398f86d20167e1f9bd90ff571b
c960fe716f4de22ccaa7f13c6f643a2e0db2bb94b0a25405ac3bccba0b5c6c7f
d10a0a1b7687ac40fc709d0010f774dfda1b6d8b5b608366e7f90d07b80dcd20
d4f97399a33938f4e75c08aa368d568b594bf6bd7df78eeddd61892b49f76bf5
d7bf9c39fde63fb581d82d0cea5de476e2184eecda07fbdb5cbab536523ad1e0
d8af9af700e5265241aa2a3770da0dfc571d0ddcaa45c8d92d8ce6521be0ee2d
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
dc4c8b4269817a4028f65fb34d0cf7410050c6e58aeb82aa9fb067e7d85b3f65
dca9b6afcb6c37d6a32456973fe5f2986a348a70d11774e102de6fc420992a19
dd7922270d0b4ce7cc5742114491d0e3b9bbb2fa0710a223e6f31e27ee69291f
e0afcdc05175be5faf37056ea792913cf43d95f978c19d3b522080aa5170f79e
e1a6382416ee15b3dbc8d910de8d98fd10b7e68194efec53e1bad750d2ee39df
e221f3d5c5b84e0d040d92ecbf671fda4964a5819645756453bc7db9d80f2c8d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e54d3f4ad5c3c66a747f2a7f62e7ca28abfd2db5c57b3ba53721ee02e7e11b29
e5d037a9028ef22299e1c0e72132a7802f189d491a6e0c8bac1ccdb83838b6bc
e927dcebecb2c550da9428ce3ef949d06bd75ec8116b3a9df83dc7ab63c1f04c
ef02361cfc918950f2432a3eba916b540437375242bd255cd3d33cd7e252fd7c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f00f65568408b0ad102a40c8d407c1d2435c0cd811d72542924c337f19cea78a
f0f3f63d625204550455ef27ed88a3f6048d8caf4857fae4899a2832a6b78017
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
f52552ace088590537a80213d4c95d1bed5ea213859fb22020a759a9dd447956
f6493ba4748acb07d525682ac9d0d8364987f0e7c8a727a320e166955de35c4b
ffb2caa2bc9a1e3d990a45ad6389036d04655667a306437ffd87589576a1607f

www.tdrewards.com Open in urlscan Pro 45.60.67.34 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

130 Requests

81 %HTTPS

34 %IPv6

33 Domains

47 Subdomains

26 IPs

4 Countries

4773 kBTransfer

8029 kBSize

50 Cookies

0 Outgoing links

Page URL History

Redirected requests

130 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.tdrewards.com Open in urlscan Pro
45.60.67.34 Public Scan

Screenshot
Live screenshot

Full Image

130
Requests

81 %
HTTPS

34 %
IPv6

33
Domains

47
Subdomains

26
IPs

4
Countries

4773 kB
Transfer

8029 kB
Size

50
Cookies

130 HTTP transactions
0 data transactions