rdturbo.ca Open in urlscan Pro
2606:4700::6811:c549 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://rdturbo.ca/
Effective URL:
https://rdturbo.ca/
Submission: On April 14 via api (April 14th 2023, 1:38:11 am UTC) from US — Scanned from CA

Summary HTTP 52 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 14 IPs in 1 countries across 9 domains to perform 52 HTTP transactions. The main IP is 2606:4700::6811:c549, located in United States and belongs to CLOUDFLARENET, US. The main domain is rdturbo.ca.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 13th 2022. Valid for: a year.

This is the only time rdturbo.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700::68... 2606:4700::6811:c849	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6811:c549	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	151.101.193.21 151.101.193.21	54113 (FASTLY) (FASTLY)
4	54.211.242.95 54.211.242.95	14618 (AMAZON-AES) (AMAZON-AES)
1	52.217.100.52 52.217.100.52	16509 (AMAZON-02) (AMAZON-02)
20	108.138.128.44 108.138.128.44	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:fc71	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	192.229.210.155 192.229.210.155	15133 (EDGECAST) (EDGECAST)
1	151.101.193.35 151.101.193.35	54113 (FASTLY) (FASTLY)
1	52.207.204.28 52.207.204.28	14618 (AMAZON-AES) (AMAZON-AES)
6	151.101.129.35 151.101.129.35	54113 (FASTLY) (FASTLY)
1 2	34.106.92.18 34.106.92.18	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
52	14

1 2606:4700::6811:c849 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

rdturbo.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:c549 (United States)

ASN13335 (CLOUDFLARENET, US)

rdturbo.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.193.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.211.242.95 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-211-242-95.compute-1.amazonaws.com

fonts.digital.vistaprint.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.100.52 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

vp-digital-tower-etc.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 108.138.128.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-44.jfk50.r.cloudfront.net

imageprocessor.digital.vistaprint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:fc71 (United States)

ASN13335 (CLOUDFLARENET, US)

static.websimages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.229.210.155 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.207.204.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-204-28.compute-1.amazonaws.com

statscollector.digital.vistaprint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.129.35 (United States)

ASN54113 (FASTLY, US)

c.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c6.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.106.92.18 (Salt Lake City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 18.92.106.34.bc.googleusercontent.com

b.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
slc.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	vistaprint.com imageprocessor.digital.vistaprint.com — Cisco Umbrella Rank: 155092 statscollector.digital.vistaprint.com — Cisco Umbrella Rank: 164111	4 MB
17	paypal.com 1 redirects www.paypal.com — Cisco Umbrella Rank: 2477 t.paypal.com — Cisco Umbrella Rank: 3199 c.paypal.com — Cisco Umbrella Rank: 5512 b.stats.paypal.com — Cisco Umbrella Rank: 5099 slc.stats.paypal.com — Cisco Umbrella Rank: 9753 c6.paypal.com — Cisco Umbrella Rank: 6640	347 KB
6	rdturbo.ca 1 redirects rdturbo.ca	138 KB
4	vistaprint.io fonts.digital.vistaprint.io — Cisco Umbrella Rank: 188457	47 KB
2	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2321	2 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 220	19 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1030	6 KB
1	websimages.com static.websimages.com — Cisco Umbrella Rank: 137812	974 B
1	amazonaws.com vp-digital-tower-etc.s3.amazonaws.com — Cisco Umbrella Rank: 328982	11 KB
52	9

	Domain	Requested by
20	imageprocessor.digital.vistaprint.com	rdturbo.ca
8	www.paypal.com	rdturbo.ca www.paypal.com cdnjs.cloudflare.com
6	rdturbo.ca	1 redirects rdturbo.ca cdnjs.cloudflare.com
5	c.paypal.com	www.paypal.com c.paypal.com
4	fonts.digital.vistaprint.io	rdturbo.ca fonts.digital.vistaprint.io
2	www.paypalobjects.com	rdturbo.ca
1	c6.paypal.com
1	slc.stats.paypal.com
1	b.stats.paypal.com	1 redirects
1	statscollector.digital.vistaprint.com	rdturbo.ca
1	t.paypal.com	rdturbo.ca
1	cdnjs.cloudflare.com	rdturbo.ca
1	static.cloudflareinsights.com	rdturbo.ca
1	static.websimages.com	rdturbo.ca
1	vp-digital-tower-etc.s3.amazonaws.com	rdturbo.ca
52	15

This site contains links to these domains. Also see Links.

Domain
rdturbo.setmore.com

Subject Issuer	Validity	Valid
rdturbo.ca Cloudflare Inc ECC CA-3	`2022-10-13` - `2023-10-12`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-11-10` - `2023-11-10`	a year	crt.sh
fonts.digital.vistaprint.io Amazon RSA 2048 M02	`2023-03-01` - `2023-10-05`	7 months	crt.sh
*.s3.amazonaws.com Amazon	`2022-09-21` - `2023-08-26`	a year	crt.sh
imageprocessor.digital.vistaprint.com Amazon RSA 2048 M01	`2023-02-21` - `2023-05-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-04` - `2023-06-03`	a year	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-10-19` - `2023-11-19`	a year	crt.sh
statscollector.digital.vistaprint.com Amazon RSA 2048 M01	`2022-12-05` - `2024-01-03`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://rdturbo.ca/
Frame ID: 4D0B9C35936BE4245FB65097D48D0DFB
Requests: 39 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?sdkVersion=5.0.363&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVpfaHZNVXBFQVAzbzB2SjRoZEFmTC02eFpqZzU3ZUp2SzVSeUZFNEI4ck5nMHFEQ2ZWcnFXemdFSkNOaEZrSWpacUJwVm42bl85U3FOY0gmbWVyY2hhbnQtaWQ9cmR0dXJib3Byb2R1Y3Rpb24lNDBsaXZlLmNhJmN1cnJlbmN5PUNBRCZkaXNhYmxlLWZ1bmRpbmc9YmFuY29udGFjdCUyQ2JsaWslMkNlcHMlMkNnaXJvcGF5JTJDaWRlYWwlMkNtZXJjYWRvcGFnbyUyQ215YmFuayUyQ3AyNCUyQ3NlcGElMkNzb2ZvcnQiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF95cG5hdXRobHBmdHBqZWtpc2V3eXdmcnFjY3lwenMifX0&clientID=AZ_hvMUpEAP3o0vJ4hdAfL-6xZjg57eJvK5RyFE4B8rNg0qDCfVrqWzgEJCNhFkIjZqBpVn6n_9SqNcH&sdkCorrelationID=f585596102ea8&storageID=uid_ea9c9e91b7_mde6mzg6mdm&sessionID=uid_56f8bd19ef_mde6mzg6mdm&buttonSessionID=uid_773061c6e3_mde6mzg6mdm&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9fSwiZ3Vlc3RFbmFibGVkIjp0cnVlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG9iYW5jYXJpbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtdWx0aWJhbmNvIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNhdGlzcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBhaWR5Ijp7ImVsaWdpYmxlIjpmYWxzZX19&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=CAD&intent=capture&commit=true&vault=false&disableFunding.0=bancontact&disableFunding.1=blik&disableFunding.2=eps&disableFunding.3=giropay&disableFunding.4=ideal&disableFunding.5=mercadopago&disableFunding.6=mybank&disableFunding.7=p24&disableFunding.8=sepa&disableFunding.9=sofort&merchantID.0=rdturboproduction%40live.ca&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Frame ID: 2B2A3D77AB19FF426FE85841D7924446
Requests: 7 HTTP requests in this frame

Frame: https://www.paypalobjects.com/js-sdk-logos/2.2.7/paypal-blue.svg
Frame ID: C3E11FD2FAF672DA3EEBE406D1F304B2
Requests: 2 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: D62A837DA382DC5185FECB5F8823497F
Requests: 5 HTTP requests in this frame

Frame: https://slc.stats.paypal.com/v2/counter2.cgi?p=uid_56f8bd19ef_mde6mzg6mdm&s=SMART_PAYMENT_BUTTONS
Frame ID: 6167CA86B98699B1B40DFEDD8A2C1F3E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

RD Turbo - Performance Speed shopChevronChevronChevronChevron

Page URL History Show full URLs

http://rdturbo.ca/ HTTP 301
https://rdturbo.ca/ Page URL

Detected technologies

Rollbar (Issue trackers) Expand

Overall confidence: 100%
Detected patterns

rollbar\.js/([0-9.]+)

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Page Statistics

52
Requests

98 %
HTTPS

36 %
IPv6

9
Domains

15
Subdomains

14
IPs

1
Countries

5164 kB
Transfer

6492 kB
Size

9
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://rdturbo.setmore.com/
Title: .pip[data-tower-id="2e161da6c82a4d7a84c884fc4bcc9230-0-0-1"]{margin-left:auto;margin-right:auto;margin-top:0;width:67.88461538461542%;}@media screen and (min-width: 30em){.pip[data-tower-id="2e161da6c82a4d7a84c884fc4bcc9230-0-0-1"]{margin-left:auto;margin-right:auto;margin-top:0;width:67.88461538461542%;}}@media screen and (min-width: 60em){.pip[data-tower-id="2e161da6c82a4d7a84c884fc4bcc9230-0-0-1"]{margin-left:auto;margin-right:auto;margin-top:0;width:67.88461538461542%;}}.pip[data-tower-id="2e161da6c82a4d7a84c884fc4bcc9230-0-0-1"] .image-media__image-container{padding-bottom:46.42857142857143%;}

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://rdturbo.ca/ HTTP 301
https://rdturbo.ca/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://b.stats.paypal.com/v2/counter.cgi?p=uid_56f8bd19ef_mde6mzg6mdm&s=SMART_PAYMENT_BUTTONS HTTP 302
https://slc.stats.paypal.com/v2/counter2.cgi?p=uid_56f8bd19ef_mde6mzg6mdm&s=SMART_PAYMENT_BUTTONS

52 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
rdturbo.ca/
Redirect Chain

http://rdturbo.ca/
https://rdturbo.ca/

177 KB
30 KB

535ms
394ms

Document
text/html

2606:4700::6811:c549
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rdturbo.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:c549 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8805efec00fbfdc11d95ee6cdfed91cf7993b1c0d17d27f5633ad0f42b6f063

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-origin: https://developer.cimpress.io
cache-control: public, s-maxage=43200, max-age=60
cf-cache-status: MISS
cf-ray: 7b783a196e794bd1-YUL
content-encoding: gzip
content-language: en_gb
content-type: text/html; charset=utf-8
date: Fri, 14 Apr 2023 01:38:02 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

CF-RAY: 7b783a180ca933ee-YUL
Cache-Control: max-age=3600
Connection: keep-alive
Date: Fri, 14 Apr 2023 01:38:01 GMT
Expires: Fri, 14 Apr 2023 02:38:01 GMT
Location: https://rdturbo.ca/
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 /
rdturbo.ca/.css/ 205 KB
32 KB 628ms
606ms Stylesheet
text/css 2606:4700::6811:c549
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rdturbo.ca/.css/?cacheId=1680185160542
Requested by: Host: rdturbo.ca
URL: https://rdturbo.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:c549 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c407c7dc8e58f4ceed9ee4cfb18d6ce1bdb823603ac392c43ef68cafcb30f44

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rdturbo.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 01:38:02 GMT
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
etag: W/"335be-YIpcwqBv0Nlz/LECnxkoeXgAR8s"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: https://developer.cimpress.io
content-language: en_gb
cache-control: public, s-maxage=43200, max-age=60
cf-ray: 7b783a1c1b604bd1-YUL

GET
H2 200 / Show response
rdturbo.ca/.js/ 316 KB
75 KB 311ms
288ms Script
application/javascript 2606:4700::6811:c549
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rdturbo.ca/.js/?cacheId=1680185160542&locale=en-GB
Requested by: Host: rdturbo.ca
URL: https://rdturbo.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:c549 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b56192920e8a89aadb98e5c6199cdd2a614e196d7cf6248ba5e8d9a488a74a2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rdturbo.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 01:38:02 GMT
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
etag: W/"4f061-d47xKMk/epZMMPXI7XOtghoecMg"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://developer.cimpress.io
content-language: en_gb
cache-control: public, s-maxage=43200, max-age=60
cf-ray: 7b783a1c1b614bd1-YUL

GET
H2 200 js Show response
www.paypal.com/sdk/ 271 KB
76 KB 193ms
111ms Script
application/javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AZ_hvMUpEAP3o0vJ4hdAfL-6xZjg57eJvK5RyFE4B8rNg0qDCfVrqWzgEJCNhFkIjZqBpVn6n_9SqNcH&merchant-id=rdturboproduction%40live.ca&currency=CAD&disable-funding=bancontact%2Cblik%2Ceps%2Cgiropay%2Cideal%2Cmercadopago%2Cmybank%2Cp24%2Csepa%2Csofort

Requested by

Host: rdturbo.ca
URL: https://rdturbo.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a58dddb45eb2c97b332ea59393bf92aa6bd090d06786feb968904e3707accd2a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-BHvlrRlcYEbQGEfEArLh9QkIVsrguW9/+FkCAjCARuvtmETz' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-BHvlrRlcYEbQGEfEArLh9QkIVsrguW9/+FkCAjCARuvtmETz' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rdturbo.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-BHvlrRlcYEbQGEfEArLh9QkIVsrguW9/+FkCAjCARuvtmETz' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-BHvlrRlcYEbQGEfEArLh9QkIVsrguW9/+FkCAjCARuvtmETz' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 14 Apr 2023 01:38:02 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 231
x-cache: HIT, MISS
p3p: true
paypal-debug-id: f922003ac1c6d
server-timing: "traceparent;desc="00-0000000000000000000f922003ac1c6d-3d68942a5fa2afe5-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 76227
x-xss-protection: 1; mode=block
x-served-by: cache-bur-kbur8200060-BUR, cache-yyz4581-YYZ
traceparent: 00-0000000000000000000f922003ac1c6d-58722e606a92af06-01
x-timer: S1681436282.325471,VS0,VE89
etag: W/"129c3-Jt1QpHjOVusvywfyD8q+j+DlgLM"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 css
fonts.digital.vistaprint.io/ 3 KB
4 KB 156ms
51ms Stylesheet
text/css 54.211.242.95
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.digital.vistaprint.io/css?family=Josefin%20Sans%3A100%2C400%2C700%7CJosefin%20Sans%3A100%2C400%2C700

Requested by

Host: rdturbo.ca
URL: https://rdturbo.ca/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.211.242.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-211-242-95.compute-1.amazonaws.com

Software

nginx/1.15.6 /

Resource Hash

7c7802d0ac2b4ad4414d18ec7fbd1b0a14aa3984d311ef08721786522b7d32df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rdturbo.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 01:38:02 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: nginx/1.15.6
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
accept-ranges: none
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 Apr 2023 01:38:02 GMT

GET
H2 200 css
fonts.digital.vistaprint.io/ 705 B
1 KB 156ms
52ms Stylesheet
text/css 54.211.242.95
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.digital.vistaprint.io/css?family=Unlock%3A100%2C400%2C700

Requested by

Host: rdturbo.ca
URL: https://rdturbo.ca/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.211.242.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-211-242-95.compute-1.amazonaws.com

Software

nginx/1.15.6 /

Resource Hash

27e1845f8d42ab8b51c270d7e58c56b1623794ade5db03f653e9009545456445

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rdturbo.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 01:38:02 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: nginx/1.15.6
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
accept-ranges: none
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 Apr 2023 01:38:02 GMT

GET
H/1.1 200
OK celebrate.png
vp-digital-tower-etc.s3.amazonaws.com/stock-assets/ 10 KB
11 KB 135ms
60ms Image
image/png 52.217.100.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vp-digital-tower-etc.s3.amazonaws.com/stock-assets/celebrate.png
Requested by: Host: rdturbo.ca
URL: https://rdturbo.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.100.52 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d4cff8de2398964e05c8efe129c043b5a9c1863201e4054ec0b20ac92a4191af

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rdturbo.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 01:38:03 GMT
Last-Modified: Thu, 12 Nov 2020 18:43:33 GMT
Server: AmazonS3
x-amz-request-id: B0M8S2W6GC0Z93EF
ETag: "704e4ac5de30951d68ade8ea443aeca6"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 10443
x-amz-id-2: ml6IcxsM2QjjftRMjNHpZXRYD1XAiTNVYIrRBz9oiTyYMbkDoBb41M45SI+Z2hm64TRtPpH+aRg=

GET
H/1.1 200
OK original
imageprocessor.digital.vistaprint.com/crop/77,227,1926x309/maxWidth/1000/https://uploads.documents.cimpress.io/v1/uploads/9fe94431-8af3-4c15-9c34-346a2fde9797~110/ 41 KB
41 KB 187ms
40ms Image
image/png 108.138.128.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageprocessor.digital.vistaprint.com/crop/77,227,1926x309/maxWidth/1000/https://uploads.documents.cimpress.io/v1/uploads/9fe94431-8af3-4c15-9c34-346a2fde9797~110/original?tenant=vbu-digital
Requested by: Host: rdturbo.ca
URL: https://rdturbo.ca/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-44.jfk50.r.cloudfront.net
Software: / Express
Resource Hash: 0d6acbedd5ba8136a7bb8b0de691f7d149a048b00c803d0ecab00ba08f42c2a8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rdturbo.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 30 Mar 2023 13:59:47 GMT
Via: 1.1 609b92127df3778f333c9eba7213368e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: JFK50-P4
Age: 1251495
X-Powered-By: Express
RequestId: 753ad090-63cc-4db0-88aa-87d1081a9183
ETag: W/"a380-uzQlQtHHj8oWpRoKTqMviR6gCOY"
Content-Type: image/png
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Cache-Control: public, s-maxage=604800,max-age=604800
Connection: keep-alive
Content-Length: 41856
X-Amz-Cf-Id: l2LxKfTx4zBfLfLCqXkDXdQj4jkY-_X0TIJx2gEHd3w48kQJRiCk_g==

GET
H/1.1 200
OK original
imageprocessor.digital.vistaprint.com/crop/0,0,476x221/maxWidth/1000/https://uploads.documents.cimpress.io/v1/uploads/cc497492-d4d2-41d0-95ef-531ef29d7fe3~110/ 70 KB
70 KB 95ms
28ms Image
image/png 108.138.128.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageprocessor.digital.vistaprint.com/crop/0,0,476x221/maxWidth/1000/https://uploads.documents.cimpress.io/v1/uploads/cc497492-d4d2-41d0-95ef-531ef29d7fe3~110/original?tenant=vbu-digital
Requested by: Host: rdturbo.ca
URL: https://rdturbo.ca/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-44.jfk50.r.cloudfront.net
Software: / Express
Resource Hash: 6e578390f1ae9f9b704088b9e7db582d899c1fec5990147b79c87d9f70d46d46

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rdturbo.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 15:56:51 GMT
Via: 1.1 f7c13eeb01f01c4623bb4e70dbaa731a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: JFK50-P4
Age: 2367671
X-Powered-By: Express
RequestId: 0caed350-7a30-47d7-8979-059eb8ae814e
ETag: W/"1161a-i0d0aHJqpIP6JmjGBvWMLCstdx0"
Content-Type: image/png
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Cache-Control: public, s-maxage=604800,max-age=604800
Connection: keep-alive
Content-Length: 71194
X-Amz-Cf-Id: StJENFc7bx4Mz-7bCsenwKhR7hW2EWHzjyr8x3sXwLqY4iV5Fry8xQ==

GET
H/1.1 200
OK original
imageprocessor.digital.vistaprint.com/crop/818,0,922x922/maxWidth/1000/https://uploads.documents.cimpress.io/v1/uploads/b864753d-c8e5-42c4-8ab1-2f0b430512bf~110/ 113 KB
113 KB 141ms
75ms Image
image/jpeg 108.138.128.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageprocessor.digital.vistaprint.com/crop/818,0,922x922/maxWidth/1000/https://uploads.documents.cimpress.io/v1/uploads/b864753d-c8e5-42c4-8ab1-2f0b430512bf~110/original?tenant=vbu-digital
Requested by: Host: rdturbo.ca
URL: https://rdturbo.ca/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-44.jfk50.r.cloudfront.net
Software: / Express
Resource Hash: c3776fcedb07d16343b2b7d37bb43724508328d8d966f3488922121a65d1b37d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rdturbo.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Fri, 07 Apr 2023 03:13:49 GMT
Via: 1.1 8cade7b1319c32b4f7e5477c5302d6c8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: JFK50-P4
Age: 599054
X-Powered-By: Express
RequestId: 86f0b16f-ba2a-4145-9836-0a7e25253bbf
ETag: W/"1c395-3RGOVV2bTa/epnMzLAb2FniKnUA"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Cache-Control: public, s-maxage=604800,max-age=604800
Connection: keep-alive
Content-Length: 115605
X-Amz-Cf-Id: tt0DwzHUN17GdH-6f7J3vyOsKAWCxTVFoDuCDo1-j09xBLNU2crBPg==

GET
H/1.1 200
OK original
imageprocessor.digital.vistaprint.com/crop/96,248,1426x1426/maxWidth/1000/https://uploads.documents.cimpress.io/v1/uploads/e0f6e33e-37b4-45fa-b88e-19bd0e0b02b4~110/ 134 KB
135 KB 91ms
25ms Image
image/jpeg 108.138.128.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageprocessor.digital.vistaprint.com/crop/96,248,1426x1426/maxWidth/1000/https://uploads.documents.cimpress.io/v1/uploads/e0f6e33e-37b4-45fa-b88e-19bd0e0b02b4~110/original?tenant=vbu-digital
Requested by: Host: rdturbo.ca
URL: https://rdturbo.ca/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-44.jfk50.r.cloudfront.net
Software: / Express
Resource Hash: e57f13ec4141befe08e732dcf7910633987451dd0a8d5551be1f3bf8b1a54503

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rdturbo.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 30 Mar 2023 13:59:47 GMT
Via: 1.1 57eada8217c838cfdc4ec177bbe3523c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: JFK50-P4
Age: 1251496
X-Powered-By: Express
RequestId: c25e5443-ee76-421b-a711-1808ec8116f0
ETag: W/"218b9-n0TWBoWGTIMkJP7wZFDvxiks6Zs"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Cache-Control: public, s-maxage=604800,max-age=604800
Connection: keep-alive
Content-Length: 137401
X-Amz-Cf-Id: v9LTFpFZdOKJgI-sSEslFiGUhaezlufRMxwoJzxtYtDJtPVNBm5Aew==

GET
H/1.1 200
OK original
imageprocessor.digital.vistaprint.com/crop/309,0,924x924/maxWidth/1000/https://uploads.documents.cimpress.io/v1/uploads/13dc5519-62e1-4b1c-9e54-d118abeb8f4c~110/ 1 MB
1 MB 129ms
64ms Image
image/png 108.138.128.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageprocessor.digital.vistaprint.com/crop/309,0,924x924/maxWidth/1000/https://uploads.documents.cimpress.io/v1/uploads/13dc5519-62e1-4b1c-9e54-d118abeb8f4c~110/original?tenant=vbu-digital
Requested by: Host: rdturbo.ca
URL: https://rdturbo.ca/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-44.jfk50.r.cloudfront.net
Software: / Express
Resource Hash: dc5828725fcd24b1e88d97bffcf05ee384eebf9ec82320e1da835c5247013afb

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rdturbo.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 28 Mar 2023 16:37:18 GMT
Via: 1.1 5d3699e517195152b2b0917312ab80b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: JFK50-P4
Age: 1414845
X-Powered-By: Express
RequestId: cc63a083-19db-4bdd-919c-b30cdc70adc2
ETag: W/"1329e7-5bTtWAXewlEjQDSZfkdlUC8bJOc"
Content-Type: image/png
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Cache-Control: public, s-maxage=604800,max-age=604800
Connection: keep-alive
Content-Length: 1255911
X-Amz-Cf-Id: 7Yo2beciFEMW8VfkleENqEeCQhxDbdTxHMRSvn0StMJF-7dDxwkSQQ==

GET
H/1.1 200
OK original
imageprocessor.digital.vistaprint.com/crop/37,0,1108x1108/maxWidth/1000/https://uploads.documents.cimpress.io/v1/uploads/8a03f202-89da-4866-94e7-d59dc94e3905~110/ 105 KB
106 KB 114ms
49ms Image
image/jpeg 108.138.128.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageprocessor.digital.vistaprint.com/crop/37,0,1108x1108/maxWidth/1000/https://uploads.documents.cimpress.io/v1/uploads/8a03f202-89da-4866-94e7-d59dc94e3905~110/original?tenant=vbu-digital
Requested by: Host: rdturbo.ca
URL: https://rdturbo.ca/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-44.jfk50.r.cloudfront.net
Software: / Express
Resource Hash: 39f3bca90be5fcea5e1ea59b0e23153a569b418c1482983888f8e6d45e40e548

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rdturbo.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Sun, 26 Mar 2023 12:57:17 GMT
Via: 1.1 1631ac35bac9cbaaa7c65e1bf3666d7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: JFK50-P4
Age: 1600845
X-Powered-By: Express
RequestId: aff9a96b-e9b3-4a4f-b32d-49abb3c25fff
ETag: W/"1a44f-403rCmIZFr+f9eMDw0PPfqz0Klo"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Cache-Control: public, s-maxage=604800,max-age=604800
Connection: keep-alive
Content-Length: 107599
X-Amz-Cf-Id: OOi2cvq4wEEi5BqaoNLSKptyVJgaJrlSMJMACw_WSoZzmbSQOJCelg==

GET
H/1.1 200
OK original
imageprocessor.digital.vistaprint.com/crop/269,0,1502x1502/maxWidth/1000/https://uploads.documents.cimpress.io/v1/uploads/8eae8b50-7ced-4b51-970e-c5a3f38ebffd~110/ 2 MB
2 MB 79ms
71ms Image
image/png 108.138.128.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageprocessor.digital.vistaprint.com/crop/269,0,1502x1502/maxWidth/1000/https://uploads.documents.cimpress.io/v1/uploads/8eae8b50-7ced-4b51-970e-c5a3f38ebffd~110/original?tenant=vbu-digital
Requested by: Host: rdturbo.ca
URL: https://rdturbo.ca/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-44.jfk50.r.cloudfront.net
Software: / Express
Resource Hash: 90fc5b743a94e0a5c2f022fa77ea5bcc8fb379b24b54acd4a9459d745c645f50

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rdturbo.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 30 Mar 2023 13:59:48 GMT
Via: 1.1 8cade7b1319c32b4f7e5477c5302d6c8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: JFK50-P4
Age: 1251495
X-Powered-By: Express
RequestId: 7e64a392-3233-45ca-9c71-936bef483aed
ETag: W/"22dc70-rJqkykvDWOyKcyw1/ysS8FLMlXI"
Content-Type: image/png
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Cache-Control: public, s-maxage=604800,max-age=604800
Connection: keep-alive
Content-Length: 2284656
X-Amz-Cf-Id: 14PIlMXc6glo4o7BYp1z2cMSt-ujvpzp05kIpHrem-IujWZYBkmLlQ==

GET
H/1.1 200
OK original
imageprocessor.digital.vistaprint.com/crop/333,0,1170x1170/maxWidth/1000/https://uploads.documents.cimpress.io/v1/uploads/31427860-7e53-44cd-84ff-57a2f2ce0ac4~110/ 109 KB
109 KB 64ms
49ms Image
image/jpeg 108.138.128.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageprocessor.digital.vistaprint.com/crop/333,0,1170x1170/maxWidth/1000/https://uploads.documents.cimpress.io/v1/uploads/31427860-7e53-44cd-84ff-57a2f2ce0ac4~110/original?tenant=vbu-digital
Requested by: Host: rdturbo.ca
URL: https://rdturbo.ca/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-44.jfk50.r.cloudfront.net
Software: / Express
Resource Hash: 50abed324bc23775f3cccb9ddd3c88c11ecc5eb3f6627785c4e5761fb1f418b1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rdturbo.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Sun, 26 Mar 2023 12:57:18 GMT
Via: 1.1 1631ac35bac9cbaaa7c65e1bf3666d7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: JFK50-P4
Age: 1600845
X-Powered-By: Express
RequestId: 85dfc671-b246-4f94-bde9-a7e8984e55d8
ETag: W/"1b24e-eLtn0enpyJlneed40ftlaclHqhU"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Cache-Control: public, s-maxage=604800,max-age=604800
Connection: keep-alive
Content-Length: 111182
X-Amz-Cf-Id: thChPHpMCUdmr0cUsjvpYHK4NHHclIPebrDc8TwkV7wD5RZSfNEUWA==

GET
H/1.1 200
OK original
imageprocessor.digital.vistaprint.com/crop/75,556,824x824/maxWidth/1000/https://uploads.documents.cimpress.io/v1/uploads/651dd435-5769-4b55-8c03-82ea4f264b4e~110/ 100 KB
100 KB 49ms
34ms Image
image/jpeg 108.138.128.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageprocessor.digital.vistaprint.com/crop/75,556,824x824/maxWidth/1000/https://uploads.documents.cimpress.io/v1/uploads/651dd435-5769-4b55-8c03-82ea4f264b4e~110/original?tenant=vbu-digital
Requested by: Host: rdturbo.ca
URL: https://rdturbo.ca/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-44.jfk50.r.cloudfront.net
Software: / Express
Resource Hash: dccbdbec299f707e25378b5bcaf7a012cf3c76d0987677c724b8390f44a1fd20

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rdturbo.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Sun, 26 Mar 2023 12:57:18 GMT
Via: 1.1 609b92127df3778f333c9eba7213368e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: JFK50-P4
Age: 1600845
X-Powered-By: Express
RequestId: 495eb994-5032-452d-8d7b-ee90885082e5
ETag: W/"18e3a-TRwOTc1FOoHZMOW/z2WUJqT+nc8"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Cache-Control: public, s-maxage=604800,max-age=604800
Connection: keep-alive
Content-Length: 101946
X-Amz-Cf-Id: 6J_aTPPMSWvjOz4yPfFUImlSejMLbhlEQvWBPVLVG4wmAqPLqIIOUA==

GET
H/1.1 200
OK original
imageprocessor.digital.vistaprint.com/crop/202,0,1500x1500/maxWidth/1000/https://uploads.documents.cimpress.io/v1/uploads/28bcb192-4814-422a-abe7-f1c1050cdc13~110/ 210 KB
211 KB 66ms
38ms Image
image/jpeg 108.138.128.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageprocessor.digital.vistaprint.com/crop/202,0,1500x1500/maxWidth/1000/https://uploads.documents.cimpress.io/v1/uploads/28bcb192-4814-422a-abe7-f1c1050cdc13~110/original?tenant=vbu-digital
Requested by: Host: rdturbo.ca
URL: https://rdturbo.ca/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-44.jfk50.r.cloudfront.net
Software: / Express
Resource Hash: bcea735a0c4fa83ede2f7504a1cc9c7a84ae1c6581a806644ada9eac5612896a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rdturbo.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 23 Mar 2023 12:25:40 GMT
Via: 1.1 609b92127df3778f333c9eba7213368e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: JFK50-P4
Age: 1861943
X-Powered-By: Express
RequestId: f2779e11-87d7-4bc0-a373-40cb1566cc5f
ETag: W/"348f3-8hFjtBvPkw6umd94NeplQMJFVfQ"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Cache-Control: public, s-maxage=604800,max-age=604800
Connection: keep-alive
Content-Length: 215283
X-Amz-Cf-Id: umdXYpfFvR6o_m-QZwYUBB9zIeirbobBjsLGq_rAK9SRSI6wb69qsA==

GET
H2 200 email-decode.min.js Show response
rdturbo.ca/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
848 B 65ms
18ms Script
application/javascript 2606:4700::6811:c549
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rdturbo.ca/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: rdturbo.ca
URL: https://rdturbo.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c549 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rdturbo.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 01:38:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Apr 2023 15:48:48 GMT
server: cloudflare
etag: W/"642ee9e0-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 7b783a1f89034bd1-YUL
expires: Sun, 16 Apr 2023 01:38:02 GMT

GET
H2 200 collector.js Show response
static.websimages.com/active-static/target/stats/ 1 KB
974 B 254ms
42ms Script
application/javascript 2606:4700::6811:fc71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.websimages.com/active-static/target/stats/collector.js
Requested by: Host: rdturbo.ca
URL: https://rdturbo.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:fc71 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 098618125383f339b61490acd432891e79d7ce980dfcc6e0261e93fab5500d89

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rdturbo.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 01:38:03 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 16 Mar 2022 14:08:29 GMT
server: cloudflare
age: 658334
cf-polished: origSize=1803
etag: W/"70b-5da5672a4d140-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=18000
cf-ray: 7b783a21dc497136-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 11 Mar 2023 15:59:16 GMT

GET
H2 200 v2b4487d741ca48dcbadcaf954e159fc61680799950996 Show response
static.cloudflareinsights.com/beacon.min.js/ 16 KB
6 KB 402ms
175ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v2b4487d741ca48dcbadcaf954e159fc61680799950996
Requested by: Host: rdturbo.ca
URL: https://rdturbo.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4860695983e79ae4c596701d7203945837da206d3fdba56684661a5cd60b16c2

Request headers

Referer: https://rdturbo.ca/
Origin: https://rdturbo.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 01:38:03 GMT
content-encoding: gzip
last-modified: Thu, 06 Apr 2023 16:52:30 GMT
server: cloudflare
etag: W/2023.4.1
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7b783a21fdddecee-YUL

GET
H2 200 rollbar.min.js Show response
cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/ 69 KB
19 KB 148ms
64ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js

Requested by

Host: rdturbo.ca
URL: https://rdturbo.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b140f87ff144db782e0cddbdd64decbaa35b5c7c890f1e45b05fe2d8478b42e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://rdturbo.ca/
Origin: https://rdturbo.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 01:38:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3034567
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18862
last-modified: Mon, 04 May 2020 16:16:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fc1-112f9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pvBKoh2fLXc6Q6iHvzGvzAchua9B9bLRRnBYlG2FsNDSCiDu0l2K2NDmD2Nf3UuHc5pUI48mtSINP4W9BB1sN2fjUwwi%2FJXuHX8%2BMKShmGyq78GJKvI7xGbHfboxa1RgqsCWbSXbHmi0WsB7Aj4j%2BFdX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7b783a211d7333fa-YUL
expires: Wed, 03 Apr 2024 01:38:03 GMT

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 12 KB
5 KB 181ms
140ms Script
application/x-javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=rdturbo.ca&t=xo&v=5.0.363&source=payments_sdk&mrid=rdturboproduction@live.ca&client_id=AZ_hvMUpEAP3o0vJ4hdAfL-6xZjg57eJvK5RyFE4B8rNg0qDCfVrqWzgEJCNhFkIjZqBpVn6n_9SqNcH&vault=false

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AZ_hvMUpEAP3o0vJ4hdAfL-6xZjg57eJvK5RyFE4B8rNg0qDCfVrqWzgEJCNhFkIjZqBpVn6n_9SqNcH&merchant-id=rdturboproduction%40live.ca&currency=CAD&disable-funding=bancontact%2Cblik%2Ceps%2Cgiropay%2Cideal%2Cmercadopago%2Cmybank%2Cp24%2Csepa%2Csofort

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-NdLYK7h3BzI2/01jD36tIUj6JpAm4ldovy/nWKy8Ms9/ICsW' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rdturbo.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-NdLYK7h3BzI2/01jD36tIUj6JpAm4ldovy/nWKy8Ms9/ICsW' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 14 Apr 2023 01:38:03 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 0
x-cache: MISS, MISS
paypal-debug-id: f480473ecdc89
server-timing: "traceparent;desc="00-0000000000000000000f480473ecdc89-7f2925dfacfb6b3b-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 4299
x-xss-protection: 1; mode=block
x-served-by: cache-bur-kbur8200175-BUR, cache-yyz4581-YYZ
traceparent: 00-0000000000000000000f480473ecdc89-4d7fd8c6c7cf3818-01
x-timer: S1681436283.013125,VS0,VE116
etag: W/"2f34-zQQ0FVqIlbkbuS4WgpPW/nUPXC4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H/1.1 200
OK original
imageprocessor.digital.vistaprint.com/maxWidth/2000/progressive/https://uploads.documents.cimpress.io/v1/uploads/a5928277-5bae-47d6-b3bc-fa5f34fdd365~110/ 118 KB
118 KB 39ms
29ms Image
image/jpeg 108.138.128.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageprocessor.digital.vistaprint.com/maxWidth/2000/progressive/https://uploads.documents.cimpress.io/v1/uploads/a5928277-5bae-47d6-b3bc-fa5f34fdd365~110/original?tenant=vbu-digital
Requested by: Host: rdturbo.ca
URL: https://rdturbo.ca/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-44.jfk50.r.cloudfront.net
Software: / Express
Resource Hash: d07628c4340b2b33b868b745ff441346970daa68009f5fe6528e5b3412eab55d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rdturbo.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Sun, 26 Mar 2023 12:57:18 GMT
Via: 1.1 57eada8217c838cfdc4ec177bbe3523c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: JFK50-P4
Age: 1600845
X-Powered-By: Express
RequestId: bc8f9a33-4a7c-419c-9a55-3a48d2a3d5a7
ETag: W/"1d618-OpW6PIxwfVZV0oRE2nZ0BQjOYIc"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Cache-Control: public, s-maxage=604800,max-age=604800
Connection: keep-alive
Content-Length: 120344
X-Amz-Cf-Id: YoT1sBScDOg3PaL47s8GZK4lPU-hXv1zeJ2d1f1-sJyhT6ASLjcCCA==

GET
DATA 200
OK truncated
/ 372 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4a7824883e93c8a936ddbe02c352f1e9407da517a618f705b1f80f45952f44f2

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2
fonts.digital.vistaprint.io/gstatic/s/josefinsans/v25/ 26 KB
27 KB 213ms
34ms Font
font/woff2 54.211.242.95
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.digital.vistaprint.io/gstatic/s/josefinsans/v25/Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2

Requested by

Host: fonts.digital.vistaprint.io
URL: https://fonts.digital.vistaprint.io/css?family=Josefin%20Sans%3A100%2C400%2C700%7CJosefin%20Sans%3A100%2C400%2C700

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.211.242.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-211-242-95.compute-1.amazonaws.com

Software

nginx/1.15.6 /

Resource Hash

3701f4ae604d8fccb4ddca393e076a456aebfb06c1a9d94c1c13089293f55716

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.digital.vistaprint.io/css?family=Josefin%20Sans%3A100%2C400%2C700%7CJosefin%20Sans%3A100%2C400%2C700
Origin: https://rdturbo.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 01:38:03 GMT
x-content-type-options: nosniff
age: 123309
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26592
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:56:22 GMT
server: nginx/1.15.6
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Apr 2024 15:22:54 GMT

GET
H2 200 7Au-p_8ykD-cDl72LwLT.woff2
fonts.digital.vistaprint.io/gstatic/s/unlock/v24/ 15 KB
16 KB 327ms
157ms Font
font/woff2 54.211.242.95
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.digital.vistaprint.io/gstatic/s/unlock/v24/7Au-p_8ykD-cDl72LwLT.woff2

Requested by

Host: fonts.digital.vistaprint.io
URL: https://fonts.digital.vistaprint.io/css?family=Unlock%3A100%2C400%2C700

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.211.242.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-211-242-95.compute-1.amazonaws.com

Software

nginx/1.15.6 /

Resource Hash

086ca7ba8280210762df3c1d167cf159dc7a9ae2f79bca2e9fa5c204fc6a9011

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.digital.vistaprint.io/css?family=Unlock%3A100%2C400%2C700
Origin: https://rdturbo.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 01:38:03 GMT
x-content-type-options: nosniff
age: 81582
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15632
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 21:13:40 GMT
server: nginx/1.15.6
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Apr 2024 02:58:21 GMT

GET
H/1.1 200
OK original
imageprocessor.digital.vistaprint.com/maxWidth/2000/progressive/https://uploads.documents.cimpress.io/v1/uploads/9fe94431-8af3-4c15-9c34-346a2fde9797~110/ 119 KB
119 KB 35ms
31ms Image
image/png 108.138.128.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageprocessor.digital.vistaprint.com/maxWidth/2000/progressive/https://uploads.documents.cimpress.io/v1/uploads/9fe94431-8af3-4c15-9c34-346a2fde9797~110/original?tenant=vbu-digital
Requested by: Host: rdturbo.ca
URL: https://rdturbo.ca/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-44.jfk50.r.cloudfront.net
Software: / Express
Resource Hash: e6cdd371b37329f543fc895a9ed44182f4dc074e10547625e065b5c22f99564f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rdturbo.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 30 Mar 2023 13:59:47 GMT
Via: 1.1 57eada8217c838cfdc4ec177bbe3523c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: JFK50-P4
Age: 1251496
X-Powered-By: Express
RequestId: 30d5f87e-91d1-48c8-a903-717090d51f8d
ETag: W/"1db1b-oQPMx71IIH1F6XOSzzN7YiQXWbk"
Content-Type: image/png
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Cache-Control: public, s-maxage=604800,max-age=604800
Connection: keep-alive
Content-Length: 121627
X-Amz-Cf-Id: zmDPyHYOa5fEUEPJirJlF9WZWN0-d6l0j7Q6kHr81Ix5BTQSG1pc6A==

GET
H2 200 buttons Show response
www.paypal.com/smart/ Frame 2B2A 384 KB
140 KB 311ms
300ms Document
text/html 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/smart/buttons?sdkVersion=5.0.363&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVpfaHZNVXBFQVAzbzB2SjRoZEFmTC02eFpqZzU3ZUp2SzVSeUZFNEI4ck5nMHFEQ2ZWcnFXemdFSkNOaEZrSWpacUJwVm42bl85U3FOY0gmbWVyY2hhbnQtaWQ9cmR0dXJib3Byb2R1Y3Rpb24lNDBsaXZlLmNhJmN1cnJlbmN5PUNBRCZkaXNhYmxlLWZ1bmRpbmc9YmFuY29udGFjdCUyQ2JsaWslMkNlcHMlMkNnaXJvcGF5JTJDaWRlYWwlMkNtZXJjYWRvcGFnbyUyQ215YmFuayUyQ3AyNCUyQ3NlcGElMkNzb2ZvcnQiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF95cG5hdXRobHBmdHBqZWtpc2V3eXdmcnFjY3lwenMifX0&clientID=AZ_hvMUpEAP3o0vJ4hdAfL-6xZjg57eJvK5RyFE4B8rNg0qDCfVrqWzgEJCNhFkIjZqBpVn6n_9SqNcH&sdkCorrelationID=f585596102ea8&storageID=uid_ea9c9e91b7_mde6mzg6mdm&sessionID=uid_56f8bd19ef_mde6mzg6mdm&buttonSessionID=uid_773061c6e3_mde6mzg6mdm&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9fSwiZ3Vlc3RFbmFibGVkIjp0cnVlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG9iYW5jYXJpbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtdWx0aWJhbmNvIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNhdGlzcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBhaWR5Ijp7ImVsaWdpYmxlIjpmYWxzZX19&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=CAD&intent=capture&commit=true&vault=false&disableFunding.0=bancontact&disableFunding.1=blik&disableFunding.2=eps&disableFunding.3=giropay&disableFunding.4=ideal&disableFunding.5=mercadopago&disableFunding.6=mybank&disableFunding.7=p24&disableFunding.8=sepa&disableFunding.9=sofort&merchantID.0=rdturboproduction%40live.ca&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a2d9faacf2f0c236d75eb6fad1372109229c73d798a381ed701b385a4dee60a9

Security Headers

Name	Value
Content-Security-Policy	form-action 'self' https://.paypal.com https://.cardinalcommerce.com; default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com: https://.paypalobjects.com https://.googleapis.com https://.firebaseio.com wss://.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://.qualtrics.com; frame-src 'self' https://.paypal.com:* https://.paypalobjects.com https://.cardinalcommerce.com https://.firebaseapp.com https://.qualtrics.com; script-src 'self' https://.paypal.com: https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://.paypal.com:* https://.paypalobjects.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rdturbo.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Full
accept-ranges: none
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-disposition: inline
content-encoding: br
content-security-policy: form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
date: Fri, 14 Apr 2023 01:38:04 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"601be-dldbHo083PKsOhKHnmzl8BRI16Q"
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
p3p: true
paypal-debug-id: f9267144b4c11
server-timing: "traceparent;desc="00-0000000000000000000f9267144b4c11-d92974afd4bb6c23-01"";content-encoding;desc="br",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f9267144b4c11-d15e852a08d981b5-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-csrf-jwt: __blank__
x-served-by: cache-bur-kbur8200080-BUR, cache-yyz4581-YYZ
x-timer: S1681436284.741022,VS0,VE272
x-xss-protection: 1; mode=block

GET
H2 200 paypal-blue.svg
www.paypalobjects.com/js-sdk-logos/2.2.7/ Frame C3E1 3 KB
2 KB 237ms
26ms Image
image/svg+xml 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/js-sdk-logos/2.2.7/paypal-blue.svg

Requested by

Host: rdturbo.ca
URL: https://rdturbo.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nya/1C6F) /

Resource Hash

25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 01:38:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 1867a673a7a0f
dc: ccg11-origin-www-1.paypal.com
content-length: 1217
last-modified: Tue, 04 Apr 2023 21:46:19 GMT
server: ECAcc (nya/1C6F)
traceparent: 00-00000000000000000001867a673a7a0f-f3dfb61d7baab926-01
etag: W/"642c9aab-cc2"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Fri, 14 Apr 2023 02:38:03 GMT

GET
H2 200 card-white.svg
www.paypalobjects.com/js-sdk-logos/2.2.7/ Frame C3E1 1 KB
761 B 239ms
28ms Image
image/svg+xml 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/js-sdk-logos/2.2.7/card-white.svg

Requested by

Host: rdturbo.ca
URL: https://rdturbo.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nya/7993) /

Resource Hash

1c4c2e6fd8a12889bc2ab350338566579ae079850e59701c8bf55ba52abd4d6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 01:38:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 1d478ed69fe51
dc: ccg11-origin-www-1.paypal.com
content-length: 637
last-modified: Tue, 04 Apr 2023 21:46:19 GMT
server: ECAcc (nya/7993)
traceparent: 00-00000000000000000001d478ed69fe51-f4a949f38f31de5d-01
etag: W/"642c9aab-54e"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Fri, 14 Apr 2023 02:38:03 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
848 B 293ms
125ms Image
image/gif 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=RD%20Turbo%20-%20Performance%20Speed%20shop&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1681436283752&g=0&completeurl=https%3A%2F%2Frdturbo.ca%2F&ru=https%3A%2F%2Frdturbo.ca%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D

Requested by

Host: rdturbo.ca
URL: https://rdturbo.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rdturbo.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Fri, 14 Apr 2023 01:38:04 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: ae5ef1985c27a
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
content-length: 42
x-served-by: cache-bur-kbur8200106-BUR, cache-yyz4521-YYZ
pragma: no-cache
traceparent: 00-0000000000000000000ae5ef1985c27a-6f9b9c4dc182dd75-01
x-timer: S1681436284.944973,VS0,VE98
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Apr 2023 01:38:04 GMT

GET
H2 200 record
statscollector.digital.vistaprint.com/ 0
114 B 178ms
35ms Image
text/plain 52.207.204.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://statscollector.digital.vistaprint.com/record?siteId=2685151763&pageId=2685151763&pageTitle=%20Accueil&parentPageId=&builderType=tower&premium=true&referrer=&location=https%3A%2F%2Frdturbo.ca%2F&visitorId=606145139
Requested by: Host: rdturbo.ca
URL: https://rdturbo.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.207.204.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-204-28.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rdturbo.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin: https://developer.cimpress.io
date: Fri, 14 Apr 2023 01:38:03 GMT
x-powered-by: Express
content-type: text/plain

GET
H/1.1 200
OK original
imageprocessor.digital.vistaprint.com/crop/818,0,922x922/maxWidth/20/https://uploads.documents.cimpress.io/v1/uploads/b864753d-c8e5-42c4-8ab1-2f0b430512bf~110/ 823 B
1 KB 75ms
59ms Image
image/jpeg 108.138.128.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageprocessor.digital.vistaprint.com/crop/818,0,922x922/maxWidth/20/https://uploads.documents.cimpress.io/v1/uploads/b864753d-c8e5-42c4-8ab1-2f0b430512bf~110/original?tenant=vbu-digital
Requested by: Host: rdturbo.ca
URL: https://rdturbo.ca/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-44.jfk50.r.cloudfront.net
Software: / Express
Resource Hash: a71817cd6ef1c64552b00178fd1512d952210b03d2a9b8cf74647397cfa2c7bd

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rdturbo.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Sun, 26 Mar 2023 12:57:19 GMT
Via: 1.1 f7c13eeb01f01c4623bb4e70dbaa731a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: JFK50-P4
Age: 1600844
X-Powered-By: Express
RequestId: 54dce90b-93c7-4525-8d46-520f6557ebc0
ETag: W/"337-+MJyM6TAx3lEvqexXG/Huv5hnBM"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Cache-Control: public, s-maxage=604800,max-age=604800
Connection: keep-alive
Content-Length: 823
X-Amz-Cf-Id: gt4VWxZbDxO_1ez5y_jXnCMklaQSyFzoIuXiXNfuQt9STyHFQSvjvw==

GET
H/1.1 200
OK original
imageprocessor.digital.vistaprint.com/crop/96,248,1426x1426/maxWidth/20/https://uploads.documents.cimpress.io/v1/uploads/e0f6e33e-37b4-45fa-b88e-19bd0e0b02b4~110/ 790 B
1 KB 62ms
46ms Image
image/jpeg 108.138.128.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageprocessor.digital.vistaprint.com/crop/96,248,1426x1426/maxWidth/20/https://uploads.documents.cimpress.io/v1/uploads/e0f6e33e-37b4-45fa-b88e-19bd0e0b02b4~110/original?tenant=vbu-digital
Requested by: Host: rdturbo.ca
URL: https://rdturbo.ca/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-44.jfk50.r.cloudfront.net
Software: / Express
Resource Hash: 9098db9b59b46dc165bf17a9613e001496d66b2b51e4a3582374284e2ad568ba

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rdturbo.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 23 Mar 2023 12:25:40 GMT
Via: 1.1 1631ac35bac9cbaaa7c65e1bf3666d7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: JFK50-P4
Age: 1861943
X-Powered-By: Express
RequestId: fcff0047-776f-49f4-9b65-fd6b8f45521c
ETag: W/"316-Y3Hr32HRqr+2T9WSaju3laxjVk4"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Cache-Control: public, s-maxage=604800,max-age=604800
Connection: keep-alive
Content-Length: 790
X-Amz-Cf-Id: zRDz-16S7HOxYT6BpqMcB4E-Mj-LPuOkKLp7UXOSA2-qwoipDkwrjQ==

GET
H/1.1 200
OK original
imageprocessor.digital.vistaprint.com/crop/309,0,924x924/maxWidth/20/https://uploads.documents.cimpress.io/v1/uploads/13dc5519-62e1-4b1c-9e54-d118abeb8f4c~110/ 1 KB
2 KB 80ms
62ms Image
image/png 108.138.128.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageprocessor.digital.vistaprint.com/crop/309,0,924x924/maxWidth/20/https://uploads.documents.cimpress.io/v1/uploads/13dc5519-62e1-4b1c-9e54-d118abeb8f4c~110/original?tenant=vbu-digital
Requested by: Host: rdturbo.ca
URL: https://rdturbo.ca/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-44.jfk50.r.cloudfront.net
Software: / Express
Resource Hash: 5b33a25b7ca89660010b5d66f5d133dd7b937eba4982fd3f276e4b0a5edea1af

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rdturbo.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Sat, 25 Mar 2023 14:14:36 GMT
Via: 1.1 5d3699e517195152b2b0917312ab80b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: JFK50-P4
Age: 1682607
X-Powered-By: Express
RequestId: 5de1e356-a576-43c5-bfa7-8b2e47119328
ETag: W/"4fe-bsfki2LwUYUsUCf6MJXSYHCne9Y"
Content-Type: image/png
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Cache-Control: public, s-maxage=604800,max-age=604800
Connection: keep-alive
Content-Length: 1278
X-Amz-Cf-Id: 3DvDDduD2UAcm-bLtKwN2lF_uFiU9_DdaAP1bSnIdUY_OKHNYl8Z5Q==

GET
H/1.1 200
OK original
imageprocessor.digital.vistaprint.com/crop/37,0,1108x1108/maxWidth/20/https://uploads.documents.cimpress.io/v1/uploads/8a03f202-89da-4866-94e7-d59dc94e3905~110/ 781 B
1 KB 36ms
29ms Image
image/jpeg 108.138.128.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageprocessor.digital.vistaprint.com/crop/37,0,1108x1108/maxWidth/20/https://uploads.documents.cimpress.io/v1/uploads/8a03f202-89da-4866-94e7-d59dc94e3905~110/original?tenant=vbu-digital
Requested by: Host: rdturbo.ca
URL: https://rdturbo.ca/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-44.jfk50.r.cloudfront.net
Software: / Express
Resource Hash: 736cc2954cb147f362f13895f7534e9e1d4618e8118420595da73c14532423a4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rdturbo.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 29 Mar 2023 08:16:51 GMT
Via: 1.1 609b92127df3778f333c9eba7213368e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: JFK50-P4
Age: 1358472
X-Powered-By: Express
RequestId: f4c1b42a-ed98-40b4-ab1a-9678557a3eb3
ETag: W/"30d-7CCS2VqJwUdWNv3BlRq8hjNiFxg"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Cache-Control: public, s-maxage=604800,max-age=604800
Connection: keep-alive
Content-Length: 781
X-Amz-Cf-Id: GTiuhAuVaxcxdYQuj_X3LBKdiCPU2FUjIjHE_cMEPZUe_UXm2oNE8Q==

GET
H/1.1 200
OK original
imageprocessor.digital.vistaprint.com/crop/269,0,1502x1502/maxWidth/20/https://uploads.documents.cimpress.io/v1/uploads/8eae8b50-7ced-4b51-970e-c5a3f38ebffd~110/ 1 KB
2 KB 29ms
22ms Image
image/png 108.138.128.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageprocessor.digital.vistaprint.com/crop/269,0,1502x1502/maxWidth/20/https://uploads.documents.cimpress.io/v1/uploads/8eae8b50-7ced-4b51-970e-c5a3f38ebffd~110/original?tenant=vbu-digital
Requested by: Host: rdturbo.ca
URL: https://rdturbo.ca/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-44.jfk50.r.cloudfront.net
Software: / Express
Resource Hash: 11a72f9f273c46566230d9e1b588e2b5cd9beae6a3c429f6f7c02e6e7ba579ff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rdturbo.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:33:37 GMT
Via: 1.1 57eada8217c838cfdc4ec177bbe3523c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: JFK50-P4
Age: 2498665
X-Powered-By: Express
RequestId: 7109cfd6-9c1b-488f-8bc2-50bb0b1e2af2
ETag: W/"51d-Hn74t+WLHOQcy7fxqX6kuESUVTA"
Content-Type: image/png
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Cache-Control: public, s-maxage=604800,max-age=604800
Connection: keep-alive
Content-Length: 1309
X-Amz-Cf-Id: UbJvl90i3GWeBA8YeiDaeNm1wn3476g5NDOyaxd4WfHT67Q_-WWnlQ==

GET
H/1.1 200
OK original
imageprocessor.digital.vistaprint.com/crop/333,0,1170x1170/maxWidth/20/https://uploads.documents.cimpress.io/v1/uploads/31427860-7e53-44cd-84ff-57a2f2ce0ac4~110/ 944 B
1 KB 42ms
34ms Image
image/jpeg 108.138.128.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageprocessor.digital.vistaprint.com/crop/333,0,1170x1170/maxWidth/20/https://uploads.documents.cimpress.io/v1/uploads/31427860-7e53-44cd-84ff-57a2f2ce0ac4~110/original?tenant=vbu-digital
Requested by: Host: rdturbo.ca
URL: https://rdturbo.ca/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-44.jfk50.r.cloudfront.net
Software: / Express
Resource Hash: 327c87e73aa397e5f3f404ae7cce06c3d2b89b4b2c5f344d65a59bd0dde92a56

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rdturbo.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 17:22:35 GMT
Via: 1.1 5d3699e517195152b2b0917312ab80b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: JFK50-P4
Age: 2448928
X-Powered-By: Express
RequestId: 293cbdee-577e-4393-ace6-0061f64a40e6
ETag: W/"3b0-s7VQgXwVqw25DemgZ//hQspHRGU"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Cache-Control: public, s-maxage=604800,max-age=604800
Connection: keep-alive
Content-Length: 944
X-Amz-Cf-Id: 8FP_mVGamFSjv3biYCghVr6xNwpgQhv1ZpBMqcKvxgJo3ahUM51jPA==

GET
H/1.1 200
OK original
imageprocessor.digital.vistaprint.com/crop/75,556,824x824/maxWidth/20/https://uploads.documents.cimpress.io/v1/uploads/651dd435-5769-4b55-8c03-82ea4f264b4e~110/ 799 B
1 KB 33ms
25ms Image
image/jpeg 108.138.128.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageprocessor.digital.vistaprint.com/crop/75,556,824x824/maxWidth/20/https://uploads.documents.cimpress.io/v1/uploads/651dd435-5769-4b55-8c03-82ea4f264b4e~110/original?tenant=vbu-digital
Requested by: Host: rdturbo.ca
URL: https://rdturbo.ca/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-44.jfk50.r.cloudfront.net
Software: / Express
Resource Hash: fadfb39ef07f01cf241cb048fb60c204cd1ac639190aa397cb71d3646a43302a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rdturbo.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 29 Mar 2023 08:16:51 GMT
Via: 1.1 f7c13eeb01f01c4623bb4e70dbaa731a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: JFK50-P4
Age: 1358472
X-Powered-By: Express
RequestId: 65fb0b36-ebc5-4052-aa99-9c6807f253c0
ETag: W/"31f-kolZA+zfpaP3l6YDy7txlfokKGE"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Cache-Control: public, s-maxage=604800,max-age=604800
Connection: keep-alive
Content-Length: 799
X-Amz-Cf-Id: 8F_Sw7JU13D11h2xYQqOxAG1SvzC0Qo1fQ4jTDteLDQyWRjCWki0EA==

GET
H/1.1 200
OK original
imageprocessor.digital.vistaprint.com/crop/202,0,1500x1500/maxWidth/20/https://uploads.documents.cimpress.io/v1/uploads/28bcb192-4814-422a-abe7-f1c1050cdc13~110/ 882 B
1 KB 40ms
32ms Image
image/jpeg 108.138.128.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageprocessor.digital.vistaprint.com/crop/202,0,1500x1500/maxWidth/20/https://uploads.documents.cimpress.io/v1/uploads/28bcb192-4814-422a-abe7-f1c1050cdc13~110/original?tenant=vbu-digital
Requested by: Host: rdturbo.ca
URL: https://rdturbo.ca/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-44.jfk50.r.cloudfront.net
Software: / Express
Resource Hash: 9d87511039f2deff3eb0e9cc3429b4131e4ff642ad31853cc2b748676a2d5943

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://rdturbo.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 28 Mar 2023 16:37:18 GMT
Via: 1.1 1631ac35bac9cbaaa7c65e1bf3666d7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: JFK50-P4
Age: 1414845
X-Powered-By: Express
RequestId: 1e6df7cf-8861-4476-883d-758eaf4b5acd
ETag: W/"372-MpbOLGwLGsQHjEbdKfgL4g18gqE"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Cache-Control: public, s-maxage=604800,max-age=604800
Connection: keep-alive
Content-Length: 882
X-Amz-Cf-Id: dP_ivCTAQ1osPoJZoJPjIcY3Ny5AUu3MTt93V2Qu0rpL7do9coIWig==

GET
H2 200 js Show response
www.paypal.com/sdk/ Frame 2B2A 271 KB
75 KB 32ms
29ms Script
application/javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?sdkVersion=5.0.363&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVpfaHZNVXBFQVAzbzB2SjRoZEFmTC02eFpqZzU3ZUp2SzVSeUZFNEI4ck5nMHFEQ2ZWcnFXemdFSkNOaEZrSWpacUJwVm42bl85U3FOY0gmbWVyY2hhbnQtaWQ9cmR0dXJib3Byb2R1Y3Rpb24lNDBsaXZlLmNhJmN1cnJlbmN5PUNBRCZkaXNhYmxlLWZ1bmRpbmc9YmFuY29udGFjdCUyQ2JsaWslMkNlcHMlMkNnaXJvcGF5JTJDaWRlYWwlMkNtZXJjYWRvcGFnbyUyQ215YmFuayUyQ3AyNCUyQ3NlcGElMkNzb2ZvcnQiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF95cG5hdXRobHBmdHBqZWtpc2V3eXdmcnFjY3lwenMifX0&clientID=AZ_hvMUpEAP3o0vJ4hdAfL-6xZjg57eJvK5RyFE4B8rNg0qDCfVrqWzgEJCNhFkIjZqBpVn6n_9SqNcH&sdkCorrelationID=f585596102ea8&storageID=uid_ea9c9e91b7_mde6mzg6mdm&sessionID=uid_56f8bd19ef_mde6mzg6mdm&buttonSessionID=uid_773061c6e3_mde6mzg6mdm&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9fSwiZ3Vlc3RFbmFibGVkIjp0cnVlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG9iYW5jYXJpbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtdWx0aWJhbmNvIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNhdGlzcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBhaWR5Ijp7ImVsaWdpYmxlIjpmYWxzZX19&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=CAD&intent=capture&commit=true&vault=false&disableFunding.0=bancontact&disableFunding.1=blik&disableFunding.2=eps&disableFunding.3=giropay&disableFunding.4=ideal&disableFunding.5=mercadopago&disableFunding.6=mybank&disableFunding.7=p24&disableFunding.8=sepa&disableFunding.9=sofort&merchantID.0=rdturboproduction%40live.ca&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a58dddb45eb2c97b332ea59393bf92aa6bd090d06786feb968904e3707accd2a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-BHvlrRlcYEbQGEfEArLh9QkIVsrguW9/+FkCAjCARuvtmETz' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-BHvlrRlcYEbQGEfEArLh9QkIVsrguW9/+FkCAjCARuvtmETz' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.paypal.com/smart/buttons?sdkVersion=5.0.363&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVpfaHZNVXBFQVAzbzB2SjRoZEFmTC02eFpqZzU3ZUp2SzVSeUZFNEI4ck5nMHFEQ2ZWcnFXemdFSkNOaEZrSWpacUJwVm42bl85U3FOY0gmbWVyY2hhbnQtaWQ9cmR0dXJib3Byb2R1Y3Rpb24lNDBsaXZlLmNhJmN1cnJlbmN5PUNBRCZkaXNhYmxlLWZ1bmRpbmc9YmFuY29udGFjdCUyQ2JsaWslMkNlcHMlMkNnaXJvcGF5JTJDaWRlYWwlMkNtZXJjYWRvcGFnbyUyQ215YmFuayUyQ3AyNCUyQ3NlcGElMkNzb2ZvcnQiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF95cG5hdXRobHBmdHBqZWtpc2V3eXdmcnFjY3lwenMifX0&clientID=AZ_hvMUpEAP3o0vJ4hdAfL-6xZjg57eJvK5RyFE4B8rNg0qDCfVrqWzgEJCNhFkIjZqBpVn6n_9SqNcH&sdkCorrelationID=f585596102ea8&storageID=uid_ea9c9e91b7_mde6mzg6mdm&sessionID=uid_56f8bd19ef_mde6mzg6mdm&buttonSessionID=uid_773061c6e3_mde6mzg6mdm&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9fSwiZ3Vlc3RFbmFibGVkIjp0cnVlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG9iYW5jYXJpbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtdWx0aWJhbmNvIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNhdGlzcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBhaWR5Ijp7ImVsaWdpYmxlIjpmYWxzZX19&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=CAD&intent=capture&commit=true&vault=false&disableFunding.0=bancontact&disableFunding.1=blik&disableFunding.2=eps&disableFunding.3=giropay&disableFunding.4=ideal&disableFunding.5=mercadopago&disableFunding.6=mybank&disableFunding.7=p24&disableFunding.8=sepa&disableFunding.9=sofort&merchantID.0=rdturboproduction%40live.ca&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-BHvlrRlcYEbQGEfEArLh9QkIVsrguW9/+FkCAjCARuvtmETz' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-BHvlrRlcYEbQGEfEArLh9QkIVsrguW9/+FkCAjCARuvtmETz' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 14 Apr 2023 01:38:04 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 233
x-cache: HIT, HIT
p3p: true
paypal-debug-id: f922003ac1c6d
server-timing: "traceparent;desc="00-0000000000000000000f922003ac1c6d-3d68942a5fa2afe5-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 76227
x-xss-protection: 1; mode=block
x-served-by: cache-bur-kbur8200060-BUR, cache-yyz4581-YYZ
traceparent: 00-0000000000000000000f922003ac1c6d-58722e606a92af06-01
x-timer: S1681436284.112240,VS0,VE2
etag: W/"129c3-Jt1QpHjOVusvywfyD8q+j+DlgLM"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
accept-ranges: bytes
x-cache-hits: 1, 1

GET
DATA 200
OK truncated
/ Frame 2B2A 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2B2A 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c4c2e6fd8a12889bc2ab350338566579ae079850e59701c8bf55ba52abd4d6b

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame 2B2A 59 KB
21 KB 83ms
18ms Script
application/javascript 151.101.129.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

dcc49c76e2faccba32a3f6c2c419e8f6724a46f2ccd16c822be0bae10268294b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits: 17, 1, 1966590
date: Fri, 14 Apr 2023 01:38:04 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 6235810
x-cache: HIT, HIT, HIT
paypal-debug-id: 8d02b3197927f
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 20545
x-served-by: cache-sjc10074-SJC, cache-yul12830-YUL, cache-yul12834-YUL
last-modified: Tue, 31 Jan 2023 20:30:46 GMT
traceparent: 00-00000000000000000008d02b3197927f-a6cbabdc8c2b29e1-01
x-timer: S1681436285.510515,VS0,VE1
etag: W/"63d97a76-ecbf"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=86400
access-control-allow-credentials: false
access-control-max-age: 86400
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Apr 2023 01:38:04 GMT

GET
H2 200 i Show response
c.paypal.com/v1/r/d/ Frame D62A 160 B
1 KB 121ms
120ms Document
text/html 151.101.129.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA, Sec-CH-UA-Full
accept-ranges: none
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy-report-only: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html;charset=UTF-8
correlation-id: fbf9f1d92b24a
date: Fri, 14 Apr 2023 01:38:04 GMT
origin-trial: A+THamRrv1ypMR6JeaJx7Wmo8rytLELMAeCL0XGhTihfUtp+dVqcCNYiWxOzySlH2Xk7lzRrFY3mxv6viKT1qggAAACKeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9
paypal-debug-id: fbf9f1d92b24a
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-0000000000000000000fbf9f1d92b24a-2a251b41d3ac1ac4-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-served-by: cache-bur-kbur8200096-BUR, cache-yul12834-YUL
x-timer: S1681436285.619033,VS0,VE103
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

counter2.cgi
slc.stats.paypal.com/v2/ Frame 6167
Redirect Chain

https://b.stats.paypal.com/v2/counter.cgi?p=uid_56f8bd19ef_mde6mzg6mdm&s=SMART_PAYMENT_BUTTONS
https://slc.stats.paypal.com/v2/counter2.cgi?p=uid_56f8bd19ef_mde6mzg6mdm&s=SMART_PAYMENT_BUTTONS

42 B
299 B

288ms
92ms

Image
image/jpeg

34.106.92.18
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://slc.stats.paypal.com/v2/counter2.cgi?p=uid_56f8bd19ef_mde6mzg6mdm&s=SMART_PAYMENT_BUTTONS
Protocol: HTTP/1.1
Server: 34.106.92.18 Salt Lake City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 18.92.106.34.bc.googleusercontent.com
Software: PayPal-B.Stats/1.0 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 01:38:05 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 42
Content-Type: image/jpeg

Redirect headers

Location: https://slc.stats.paypal.com/v2/counter2.cgi?p=uid_56f8bd19ef_mde6mzg6mdm&s=SMART_PAYMENT_BUTTONS
Date: Fri, 14 Apr 2023 01:38:04 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 0
Content-Type: application/octet-stream

POST
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 2B2A 1004 B
2 KB 190ms
188ms Ping
application/json 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

547ce61e579c90df9021a49830a40670f775f119d93b3620d413a31fdafd4392

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/smart/buttons?sdkVersion=5.0.363&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVpfaHZNVXBFQVAzbzB2SjRoZEFmTC02eFpqZzU3ZUp2SzVSeUZFNEI4ck5nMHFEQ2ZWcnFXemdFSkNOaEZrSWpacUJwVm42bl85U3FOY0gmbWVyY2hhbnQtaWQ9cmR0dXJib3Byb2R1Y3Rpb24lNDBsaXZlLmNhJmN1cnJlbmN5PUNBRCZkaXNhYmxlLWZ1bmRpbmc9YmFuY29udGFjdCUyQ2JsaWslMkNlcHMlMkNnaXJvcGF5JTJDaWRlYWwlMkNtZXJjYWRvcGFnbyUyQ215YmFuayUyQ3AyNCUyQ3NlcGElMkNzb2ZvcnQiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF95cG5hdXRobHBmdHBqZWtpc2V3eXdmcnFjY3lwenMifX0&clientID=AZ_hvMUpEAP3o0vJ4hdAfL-6xZjg57eJvK5RyFE4B8rNg0qDCfVrqWzgEJCNhFkIjZqBpVn6n_9SqNcH&sdkCorrelationID=f585596102ea8&storageID=uid_ea9c9e91b7_mde6mzg6mdm&sessionID=uid_56f8bd19ef_mde6mzg6mdm&buttonSessionID=uid_773061c6e3_mde6mzg6mdm&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9fSwiZ3Vlc3RFbmFibGVkIjp0cnVlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG9iYW5jYXJpbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtdWx0aWJhbmNvIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNhdGlzcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBhaWR5Ijp7ImVsaWdpYmxlIjpmYWxzZX19&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=CAD&intent=capture&commit=true&vault=false&disableFunding.0=bancontact&disableFunding.1=blik&disableFunding.2=eps&disableFunding.3=giropay&disableFunding.4=ideal&disableFunding.5=mercadopago&disableFunding.6=mybank&disableFunding.7=p24&disableFunding.8=sepa&disableFunding.9=sofort&merchantID.0=rdturboproduction%40live.ca&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 14 Apr 2023 01:38:04 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS, MISS
paypal-debug-id: f84046476cd07
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-bur-kbur8200103-BUR, cache-yyz4581-YYZ
accept-ch: Sec-CH-UA-Full
traceparent: 00-0000000000000000000f84046476cd07-be118a596c8dc080-01
x-timer: S1681436285.642341,VS0,VE152
etag: W/"3ec-gUPFNNLcPPTY/sA/nkaSXFTQUt0"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
accept-ranges: none
x-cache-hits: 0, 0

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame D62A 59 KB
21 KB 20ms
18ms Script
application/javascript 151.101.129.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

dcc49c76e2faccba32a3f6c2c419e8f6724a46f2ccd16c822be0bae10268294b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits: 17, 1, 1966592
date: Fri, 14 Apr 2023 01:38:04 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 6235810
x-cache: HIT, HIT, HIT
paypal-debug-id: 8d02b3197927f
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 20545
x-served-by: cache-sjc10074-SJC, cache-yul12830-YUL, cache-yul12834-YUL
last-modified: Tue, 31 Jan 2023 20:30:46 GMT
traceparent: 00-00000000000000000008d02b3197927f-a6cbabdc8c2b29e1-01
x-timer: S1681436285.792367,VS0,VE1
etag: W/"63d97a76-ecbf"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=86400
access-control-allow-credentials: false
access-control-max-age: 86400
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Apr 2023 01:38:04 GMT

POST
H2 204 rum Show response
rdturbo.ca/cdn-cgi/ 0
161 B 52ms
50ms XHR
text/plain 2606:4700::6811:c549
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rdturbo.ca/cdn-cgi/rum?

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c549 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://rdturbo.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
content-type: application/json

Response headers

date: Fri, 14 Apr 2023 01:38:04 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://rdturbo.ca
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7b783a2c6f364bd1-YUL

POST
H2 200 p1 Show response
c.paypal.com/v1/r/d/b/ Frame D62A 125 B
912 B 157ms
151ms XHR
application/json 151.101.129.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/p1

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

aa1f3e04fcd18d6900d87e165e4f07f672d040db86caa17ceada4068b13c192a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 14 Apr 2023 01:38:05 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id: 26a627756ff59
server-timing: "traceparent;desc="00-000000000000000000026a627756ff59-a37ac553f3630b3c-01"";content-encoding;desc="",x-cdn;desc="fastly"
content-length: 125
x-served-by: cache-bur-kbur8200072-BUR, cache-yul12834-YUL
correlation-id: 26a627756ff59
traceparent: 00-000000000000000000026a627756ff59-17a2a513658ef3d9-01
content-type: application/json
access-control-allow-origin: https://www.paypal.com
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 0

POST
H2 204 e Show response
c.paypal.com/v1/r/d/b/ Frame D62A 0
409 B 137ms
132ms XHR
text/plain 151.101.129.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/e

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 14 Apr 2023 01:38:05 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
paypal-debug-id: b27819742a2d6
server-timing: "traceparent;desc="00-0000000000000000000b27819742a2d6-952c5f8b2ef8d9dc-01"";content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-bur-kbur8200136-BUR, cache-yul12834-YUL
correlation-id: b27819742a2d6
traceparent: 00-0000000000000000000b27819742a2d6-a432e141d1fa6449-01
access-control-allow-origin: https://www.paypal.com
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 0

GET
H2 200 p3
c6.paypal.com/v1/r/d/b/ Frame D62A 0
255 B 187ms
150ms Image
text/plain 151.101.129.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c6.paypal.com/v1/r/d/b/p3?f=uid_56f8bd19ef_mde6mzg6mdm&s=SMART_PAYMENT_BUTTONS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 01:38:05 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
paypal-debug-id: 5e0d325918c31
server-timing: "traceparent;desc="00-00000000000000000005e0d325918c31-f465eb4319b6675d-01"";content-encoding;desc="",x-cdn;desc="fastly"
content-length: 0
x-served-by: cache-bur-kbur8200162-BUR, cache-yul12834-YUL
correlation-id: 5e0d325918c31
traceparent: 00-00000000000000000005e0d325918c31-1c4338e7e4d2d7fa-01
x-timer: S1681436285.956331,VS0,VE136
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 0

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ Frame 2B2A 985 B
1 KB 177ms
176ms XHR
application/json 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f936c0aea78b39dde3933546996e3b2271ba73c30d7895167e907bdf00034208

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.paypal.com/smart/buttons?sdkVersion=5.0.363&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVpfaHZNVXBFQVAzbzB2SjRoZEFmTC02eFpqZzU3ZUp2SzVSeUZFNEI4ck5nMHFEQ2ZWcnFXemdFSkNOaEZrSWpacUJwVm42bl85U3FOY0gmbWVyY2hhbnQtaWQ9cmR0dXJib3Byb2R1Y3Rpb24lNDBsaXZlLmNhJmN1cnJlbmN5PUNBRCZkaXNhYmxlLWZ1bmRpbmc9YmFuY29udGFjdCUyQ2JsaWslMkNlcHMlMkNnaXJvcGF5JTJDaWRlYWwlMkNtZXJjYWRvcGFnbyUyQ215YmFuayUyQ3AyNCUyQ3NlcGElMkNzb2ZvcnQiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF95cG5hdXRobHBmdHBqZWtpc2V3eXdmcnFjY3lwenMifX0&clientID=AZ_hvMUpEAP3o0vJ4hdAfL-6xZjg57eJvK5RyFE4B8rNg0qDCfVrqWzgEJCNhFkIjZqBpVn6n_9SqNcH&sdkCorrelationID=f585596102ea8&storageID=uid_ea9c9e91b7_mde6mzg6mdm&sessionID=uid_56f8bd19ef_mde6mzg6mdm&buttonSessionID=uid_773061c6e3_mde6mzg6mdm&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9fSwiZ3Vlc3RFbmFibGVkIjp0cnVlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG9iYW5jYXJpbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtdWx0aWJhbmNvIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNhdGlzcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBhaWR5Ijp7ImVsaWdpYmxlIjpmYWxzZX19&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=CAD&intent=capture&commit=true&vault=false&disableFunding.0=bancontact&disableFunding.1=blik&disableFunding.2=eps&disableFunding.3=giropay&disableFunding.4=ideal&disableFunding.5=mercadopago&disableFunding.6=mybank&disableFunding.7=p24&disableFunding.8=sepa&disableFunding.9=sofort&merchantID.0=rdturboproduction%40live.ca&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
content-type: application/json

Response headers

date: Fri, 14 Apr 2023 01:38:05 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS, MISS
paypal-debug-id: f840464cfa76b
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-bur-kbur8200031-BUR, cache-yyz4581-YYZ
accept-ch: Sec-CH-UA-Full
traceparent: 00-0000000000000000000f840464cfa76b-b76b8d44ed591640-01
x-timer: S1681436285.929275,VS0,VE158
etag: W/"3d9-Lmh+Utv5/2Ie+E6MeUTpiMn3NP0"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
accept-ranges: none
x-cache-hits: 0, 0

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1000 B
2 KB 228ms
227ms XHR
application/json 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

072f5f62ee5c89081ed31d93c6e6830533708e0f9a4fcced423bea74836c10b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://rdturbo.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
content-type: application/json

Response headers

date: Fri, 14 Apr 2023 01:38:05 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS, MISS
paypal-debug-id: f840464c95d52
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-bur-kbur8200064-BUR, cache-yyz4551-YYZ
accept-ch: Sec-CH-UA-Full
traceparent: 00-0000000000000000000f840464c95d52-7e88fba9983f6b2b-01
x-timer: S1681436285.208025,VS0,VE159
etag: W/"3e8-UqwwlDDHPXFbjuTr650zonsd9M0"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://rdturbo.ca
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
accept-ranges: none
x-cache-hits: 0, 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 277ms
228ms Preflight 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://rdturbo.ca
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Full
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://rdturbo.ca
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Fri, 14 Apr 2023 01:38:05 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f840464bac738
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f840464bac738-6bb1fb3f89e91706-01
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-served-by: cache-bur-kbur8200047-BUR, cache-yyz4551-YYZ
x-timer: S1681436285.977750,VS0,VE209

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
rdturbo.ca/	1970-01-20 11:05:22	Name: webs-stats-visitor-id Value: 606145139
.paypal.com/	1970-01-20 11:03:58	Name: l7_az Value: dcg14.slc
.paypal.com/	1970-01-20 11:04:27	Name: LANG Value: en_US%3BCA
.paypal.com/	1970-01-20 11:08:15	Name: tsrce Value: loggernodeweb
.c.paypal.com/	1970-01-20 20:39:56	Name: sc_f Value: gdA-ouGXouYIE8G0KblVLOaoMh2plb02oyaJuLnYM6Fuz6cn53Q_0rWG9xIsEisQRD9fw94bXYPsoNAA6-XKwvIbdtKfqQcS4SftcG
.paypal.com/	1970-01-20 20:39:56	Name: KHcl0EuY7AKSMgfvHl7J5E7hPtK Value: U1knooWpZuR0U79MuyjPCVd0NFK8Xz4AUSmRclGA0vIQ9jIUoUcYmmPJILuaVth3VNXRr7MLe2aMr8Ta
.paypal.com/	1969-12-31 23:59:59	Name: x-pp-s Value: eyJ0IjoiMTY4MTQzNjI4NTAyOCIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/	1970-01-20 20:39:56	Name: ts Value: vreXpYrS%3D1776130684%26vteXpYrS%3D1681438084%26vr%3D7d6998371870ad04b935d771ffb4281f%26vt%3D7d6998371870ad04b935d771ffb4281e%26vtyp%3Dnew
.paypal.com/	1970-01-20 20:39:56	Name: ts_c Value: vr%3D7d6998371870ad04b935d771ffb4281f%26vt%3D7d6998371870ad04b935d771ffb4281e

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b.stats.paypal.com
c.paypal.com
c6.paypal.com
cdnjs.cloudflare.com
fonts.digital.vistaprint.io
imageprocessor.digital.vistaprint.com
rdturbo.ca
slc.stats.paypal.com
static.cloudflareinsights.com
static.websimages.com
statscollector.digital.vistaprint.com
t.paypal.com
vp-digital-tower-etc.s3.amazonaws.com
www.paypal.com
www.paypalobjects.com
108.138.128.44
151.101.129.35
151.101.193.21
151.101.193.35
192.229.210.155
2606:4700::6810:3865
2606:4700::6811:190e
2606:4700::6811:c549
2606:4700::6811:c849
2606:4700::6811:fc71
34.106.92.18
52.207.204.28
52.217.100.52
54.211.242.95
072f5f62ee5c89081ed31d93c6e6830533708e0f9a4fcced423bea74836c10b1
086ca7ba8280210762df3c1d167cf159dc7a9ae2f79bca2e9fa5c204fc6a9011
098618125383f339b61490acd432891e79d7ce980dfcc6e0261e93fab5500d89
0b140f87ff144db782e0cddbdd64decbaa35b5c7c890f1e45b05fe2d8478b42e
0d6acbedd5ba8136a7bb8b0de691f7d149a048b00c803d0ecab00ba08f42c2a8
11a72f9f273c46566230d9e1b588e2b5cd9beae6a3c429f6f7c02e6e7ba579ff
1c4c2e6fd8a12889bc2ab350338566579ae079850e59701c8bf55ba52abd4d6b
25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b
27e1845f8d42ab8b51c270d7e58c56b1623794ade5db03f653e9009545456445
327c87e73aa397e5f3f404ae7cce06c3d2b89b4b2c5f344d65a59bd0dde92a56
3701f4ae604d8fccb4ddca393e076a456aebfb06c1a9d94c1c13089293f55716
39f3bca90be5fcea5e1ea59b0e23153a569b418c1482983888f8e6d45e40e548
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4860695983e79ae4c596701d7203945837da206d3fdba56684661a5cd60b16c2
4a7824883e93c8a936ddbe02c352f1e9407da517a618f705b1f80f45952f44f2
50abed324bc23775f3cccb9ddd3c88c11ecc5eb3f6627785c4e5761fb1f418b1
547ce61e579c90df9021a49830a40670f775f119d93b3620d413a31fdafd4392
5b33a25b7ca89660010b5d66f5d133dd7b937eba4982fd3f276e4b0a5edea1af
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6e578390f1ae9f9b704088b9e7db582d899c1fec5990147b79c87d9f70d46d46
736cc2954cb147f362f13895f7534e9e1d4618e8118420595da73c14532423a4
7b56192920e8a89aadb98e5c6199cdd2a614e196d7cf6248ba5e8d9a488a74a2
7c7802d0ac2b4ad4414d18ec7fbd1b0a14aa3984d311ef08721786522b7d32df
9098db9b59b46dc165bf17a9613e001496d66b2b51e4a3582374284e2ad568ba
90fc5b743a94e0a5c2f022fa77ea5bcc8fb379b24b54acd4a9459d745c645f50
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
9c407c7dc8e58f4ceed9ee4cfb18d6ce1bdb823603ac392c43ef68cafcb30f44
9d87511039f2deff3eb0e9cc3429b4131e4ff642ad31853cc2b748676a2d5943
a2d9faacf2f0c236d75eb6fad1372109229c73d798a381ed701b385a4dee60a9
a58dddb45eb2c97b332ea59393bf92aa6bd090d06786feb968904e3707accd2a
a71817cd6ef1c64552b00178fd1512d952210b03d2a9b8cf74647397cfa2c7bd
aa1f3e04fcd18d6900d87e165e4f07f672d040db86caa17ceada4068b13c192a
bcea735a0c4fa83ede2f7504a1cc9c7a84ae1c6581a806644ada9eac5612896a
c3776fcedb07d16343b2b7d37bb43724508328d8d966f3488922121a65d1b37d
d07628c4340b2b33b868b745ff441346970daa68009f5fe6528e5b3412eab55d
d4cff8de2398964e05c8efe129c043b5a9c1863201e4054ec0b20ac92a4191af
dc5828725fcd24b1e88d97bffcf05ee384eebf9ec82320e1da835c5247013afb
dcc49c76e2faccba32a3f6c2c419e8f6724a46f2ccd16c822be0bae10268294b
dccbdbec299f707e25378b5bcaf7a012cf3c76d0987677c724b8390f44a1fd20
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e57f13ec4141befe08e732dcf7910633987451dd0a8d5551be1f3bf8b1a54503
e6cdd371b37329f543fc895a9ed44182f4dc074e10547625e065b5c22f99564f
f8805efec00fbfdc11d95ee6cdfed91cf7993b1c0d17d27f5633ad0f42b6f063
f936c0aea78b39dde3933546996e3b2271ba73c30d7895167e907bdf00034208
fadfb39ef07f01cf241cb048fb60c204cd1ac639190aa397cb71d3646a43302a

rdturbo.ca Open in urlscan Pro 2606:4700::6811:c549 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

52 Requests

98 %HTTPS

36 %IPv6

9 Domains

15 Subdomains

14 IPs

1 Countries

5164 kBTransfer

6492 kBSize

9 Cookies

1 Outgoing links

Page URL History

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

rdturbo.ca Open in urlscan Pro
2606:4700::6811:c549 Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

98 %
HTTPS

36 %
IPv6

9
Domains

15
Subdomains

14
IPs

1
Countries

5164 kB
Transfer

6492 kB
Size

9
Cookies

52 HTTP transactions
3 data transactions