urlscan.io logo urlscan.io
SecurityTrails logo

2rrprowebsite.z23.web.core.windows.net Open in urlscan Pro
20.150.86.129  Public Scan

Go To Rescan Add Verdict Report
URL: https://2rrprowebsite.z23.web.core.windows.net/
Submission: On November 19 via manual from PH — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 26 IPs in 3 countries across 22 domains to perform 84 HTTP transactions. The main IP is 20.150.86.129, located in Singapore, Singapore and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is 2rrprowebsite.z23.web.core.windows.net.
TLS certificate: Issued by Microsoft Azure TLS Issuing CA 01 on October 25th 2023. Valid for: 8 months.
This is the only time 2rrprowebsite.z23.web.core.windows.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
20 20.150.86.129 8075 (MICROSOFT...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
3 2404:6800:400... 15169 (GOOGLE)
1 2a04:4e42:200... 54113 (FASTLY)
1 2a04:4e42:200... 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
6 2404:6800:400... 15169 (GOOGLE)
8 151.101.193.21 54113 (FASTLY)
1 132.148.165.11 26496 (AS-26496-...)
1 52.69.13.227 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 13.227.254.117 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 35.186.249.72 15169 (GOOGLE)
2 192.229.232.89 15133 (EDGECAST)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 151.101.1.35 54113 (FASTLY)
2 2404:6800:400... 15169 (GOOGLE)
1 34.96.99.245 396982 (GOOGLE-CL...)
3 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
20 2606:4700:303... 13335 (CLOUDFLAR...)
1 151.101.2.137 54113 (FASTLY)
1 2404:6800:400... 15169 (GOOGLE)
1 162.247.243.29 54113 (FASTLY)
84 26
20    20.150.86.129 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
2rrprowebsite.z23.web.core.windows.net
3    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
3    2404:6800:4003:c01::5f (Singapore, Singapore)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
ajax.googleapis.com
1    2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    2606:4700::6811:616c (United States)

ASN13335 (CLOUDFLARENET, US)
static.getclicky.com
6    2404:6800:4003:c0f::9c (Singapore, Singapore)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
8    151.101.193.21 (United States)

ASN54113 (FASTLY, US)
www.paypal.com
1    132.148.165.11 (Ashburn, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: 11.165.148.132.host.secureserver.net
www.triumphscalper.com
1    52.69.13.227 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-69-13-227.ap-northeast-1.compute.amazonaws.com
affili.fromjapan.co.jp
1    2606:4700:10::6816:32f5 (United States)

ASN13335 (CLOUDFLARENET, US)
www.powr.io
1    13.227.254.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-117.sin52.r.cloudfront.net
js.stripe.com
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    35.186.249.72 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 72.249.186.35.bc.googleusercontent.com
utt.impactcdn.com
2    192.229.232.89 (Marlborough, United States)

ASN15133 (EDGECAST, US)
www.paypalobjects.com
2    2606:4700:10::ac43:592 (United States)

ASN13335 (CLOUDFLARENET, US)
vcdn.powr.io
1    151.101.1.35 (United States)

ASN54113 (FASTLY, US)
t.paypal.com
2    2404:6800:4003:c01::9b (Singapore, Singapore)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    34.96.99.245 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 245.99.96.34.bc.googleusercontent.com
vidine.evyy.net
3    2404:6800:4003:c04::84 (Singapore, Singapore)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2404:6800:4003:c1a::69 (Singapore, Singapore)

ASN15169 (GOOGLE, US)
www.google.com
20    2606:4700:3036::6815:2528 (United States)

ASN13335 (CLOUDFLARENET, US)
public.powrcdn.com
www.powrcdn.com
1    151.101.2.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    2404:6800:4003:c11::5e (Singapore, Singapore)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    162.247.243.29 (United States)

ASN54113 (FASTLY, US)
bam.nr-data.net
Apex Domain
Subdomains		 Transfer
20 powrcdn.com
public.powrcdn.com — Cisco Umbrella Rank: 38311
www.powrcdn.com — Cisco Umbrella Rank: 60890
986 KB
20 windows.net
2rrprowebsite.z23.web.core.windows.net
12 MB
9 paypal.com
www.paypal.com — Cisco Umbrella Rank: 2811
t.paypal.com — Cisco Umbrella Rank: 3468
270 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
677 KB
3 powr.io
www.powr.io — Cisco Umbrella Rank: 15135
vcdn.powr.io — Cisco Umbrella Rank: 44482
28 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
ajax.googleapis.com — Cisco Umbrella Rank: 364
31 KB
3 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1137
57 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
5 KB
2 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2612
2 KB
1 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 225
487 B
1 gstatic.com
fonts.gstatic.com
21 KB
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 562
11 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 evyy.net
vidine.evyy.net
529 B
1 impactcdn.com
utt.impactcdn.com — Cisco Umbrella Rank: 3163
8 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 223
7 KB
1 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1287
4 KB
1 fromjapan.co.jp
affili.fromjapan.co.jp
1 triumphscalper.com
www.triumphscalper.com
24 KB
1 getclicky.com
static.getclicky.com — Cisco Umbrella Rank: 11582
329 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 762
30 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 335
26 KB
84 22
Domain Requested by
20 2rrprowebsite.z23.web.core.windows.net 2rrprowebsite.z23.web.core.windows.net
15 public.powrcdn.com vcdn.powr.io
public.powrcdn.com
8 www.paypal.com 2rrprowebsite.z23.web.core.windows.net
www.paypal.com
6 pagead2.googlesyndication.com 2rrprowebsite.z23.web.core.windows.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
5 www.powrcdn.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 maxcdn.bootstrapcdn.com 2rrprowebsite.z23.web.core.windows.net
vcdn.powr.io
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 vcdn.powr.io www.powr.io
2 www.paypalobjects.com 2rrprowebsite.z23.web.core.windows.net
2 fonts.googleapis.com 2rrprowebsite.z23.web.core.windows.net
public.powrcdn.com
1 bam.nr-data.net js-agent.newrelic.com
1 fonts.gstatic.com fonts.googleapis.com
1 js-agent.newrelic.com vcdn.powr.io
1 www.google.com tpc.googlesyndication.com
1 vidine.evyy.net utt.impactcdn.com
1 t.paypal.com 2rrprowebsite.z23.web.core.windows.net
1 utt.impactcdn.com 2rrprowebsite.z23.web.core.windows.net
1 cdnjs.cloudflare.com 2rrprowebsite.z23.web.core.windows.net
1 ajax.googleapis.com 2rrprowebsite.z23.web.core.windows.net
1 js.stripe.com 2rrprowebsite.z23.web.core.windows.net
1 www.powr.io 2rrprowebsite.z23.web.core.windows.net
1 affili.fromjapan.co.jp 2rrprowebsite.z23.web.core.windows.net
1 www.triumphscalper.com 2rrprowebsite.z23.web.core.windows.net
1 static.getclicky.com 2rrprowebsite.z23.web.core.windows.net
1 code.jquery.com 2rrprowebsite.z23.web.core.windows.net
1 cdn.jsdelivr.net 2rrprowebsite.z23.web.core.windows.net
84 27
Subject Issuer Validity Valid
*.web.core.windows.net
Microsoft Azure TLS Issuing CA 01		 2023-10-25 -
2024-06-27		 8 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-12-30 -
2023-12-30		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.getclicky.com
E1		 2023-10-05 -
2024-01-03		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2023-10-13 -
2024-08-20		 10 months crt.sh
triumphscalper.com
R3		 2023-10-07 -
2024-01-05		 3 months crt.sh
fromjapan.co.jp
Amazon RSA 2048 M02		 2023-02-10 -
2024-01-19		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2023-10-30 -
2024-01-25		 3 months crt.sh
utt.impactcdn.com
GTS CA 1D4		 2023-11-07 -
2024-02-05		 3 months crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2023-09-21 -
2024-10-21		 a year crt.sh
*.evyy.net
Sectigo RSA Domain Validation Secure Server CA		 2022-12-09 -
2024-01-07		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
powrcdn.com
GTS CA 1P5		 2023-09-27 -
2023-12-26		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-04-13 -
2024-05-14		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.nr-data.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-29 -
2024-10-01		 a year crt.sh

This page contains 8 frames:

Primary Page: https://2rrprowebsite.z23.web.core.windows.net/
Frame ID: FBC3DCB63F6CB6C9584B54B19E027814
Requests: 44 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?style.label=subscribe&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.410&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVU3bXoyS3h3emNicTFlVks3SGVMYlpHdlowN1FNNThOUjlFRkRxLW9GeDRZcDdsdkg3eFNkdXBPb0RGS2ZJZjhLSjJaVVpIT3dVYndCTGomdmF1bHQ9dHJ1ZSZpbnRlbnQ9c3Vic2NyaXB0aW9uIiwiYXR0cnMiOnsiZGF0YS1zZGstaW50ZWdyYXRpb24tc291cmNlIjoiYnV0dG9uLWZhY3RvcnkiLCJkYXRhLXVpZCI6InVpZF9tamhuYmR2dGpxc2VnaHppZXVvZWFidGh6anJsYmcifX0&clientID=AU7mz2Kxwzcbq1eVK7HeLbZGvZ07QM58NR9EFDq-oFx4Yp7lvH7xSdupOoDFKfIf8KJ2ZUZHOwUbwBLj&sdkCorrelationID=f1776152e5992&storageID=uid_ef49bd7886_mtu6mjy6ntm&sessionID=uid_b4a274cf99_mtu6mjy6ntm&buttonSessionID=uid_478c2999cd_mtu6mjy6ntm&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&flow=subscription_setup&currency=USD&intent=subscription&commit=true&vault=true&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true&experimentation.experience=107634&experimentation.treatment=137602
Frame ID: 15B669CFE6FFA3306B9C60174FA88F66
Requests: 6 HTTP requests in this frame

Frame: https://www.paypalobjects.com/js-sdk-logos/2.2.7/paypal-blue.svg
Frame ID: 814BCED27287B4F94F23D49DA6E6B661
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup.html
Frame ID: 55FCBA6A116ED887D5256412253C51F1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2510448780224396&output=html&adk=1812271804&adf=3025194257&lmt=1699734230&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2F2rrprowebsite.z23.web.core.windows.net%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~5~6&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700407614857&bpp=3&bdt=2100&idt=404&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=914635580716&frm=20&pv=2&ga_vid=1702100330.1700407615&ga_sid=1700407615&ga_hid=2018758181&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44798934%2C31078301%2C31079699%2C44807749%2C44807764%2C44808148%2C44808285%2C44809057&oid=2&pvsid=3029916903850716&tmod=699065417&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=432
Frame ID: ECFE2134F0D25C2568CF39257F6A0F02
Requests: 1 HTTP requests in this frame

Frame: https://vcdn.powr.io/v/paypalButton/html/paypal-button-0738fe89_1698169777.html
Frame ID: F492ECD54C70FAFB0BE9693EC9869B1D
Requests: 27 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C5C988E984F2109D0F46623E65C6EB4D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CF5DF3D16F8D5C5A42A9F7F21999A3F1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Top-Rated Products

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • static\.getclicky\.com
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • /popper\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

84
Requests

100 %
HTTPS

56 %
IPv6

22
Domains

27
Subdomains

26
IPs

3
Countries

14588 kB
Transfer

25819 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

84 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
2rrprowebsite.z23.web.core.windows.net/ 		11 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2rrprowebsite.z23.web.core.windows.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.86.129 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ad1920a2c900798fba5b6918b634d1f3438228d6607bdd770cef4e43d5223cbe

Request headers

Upgrade-Insecure-Requests
1
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)
accept-language
zh-SG,zh;q=0.9

Response headers

Accept-Ranges
bytes
Content-Length
10804
Content-MD5
+UyqOMYYBy1GR02eFMA6mA==
Content-Type
text/html
Date
Sun, 19 Nov 2023 15:26:52 GMT
ETag
"0x8DBE2F41E17F23A"
Last-Modified
Sat, 11 Nov 2023 20:23:50 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id
6fc3111d-601e-0061-3afc-1ac011000000
x-ms-version
2018-03-28
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/ 		157 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css
Requested by
Host: 2rrprowebsite.z23.web.core.windows.net
URL: https://2rrprowebsite.z23.web.core.windows.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://2rrprowebsite.z23.web.core.windows.net/
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

date
Sun, 19 Nov 2023 15:26:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
995
age
1606657
cdn-cachedat
09/25/2022 20:57:45
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:11 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
W/"816af0eddd3b4822c2756227c7e7b7ee"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
3ee97987375616f7c14db231a3c25e9a
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
8289795bdd593e2a-SIN
cdn-requestpullsuccess
True
css2
fonts.googleapis.com/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans|Montserrat|Roboto|Raleway&display=swap
Requested by
Host: 2rrprowebsite.z23.web.core.windows.net
URL: https://2rrprowebsite.z23.web.core.windows.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::5f Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://2rrprowebsite.z23.web.core.windows.net/
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/ 		160 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css
Requested by
Host: 2rrprowebsite.z23.web.core.windows.net
URL: https://2rrprowebsite.z23.web.core.windows.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://2rrprowebsite.z23.web.core.windows.net/
Origin
https://2rrprowebsite.z23.web.core.windows.net
accept-language
zh-SG,zh;q=0.9
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 19 Nov 2023 15:26:53 GMT
x-content-type-options
nosniff
content-encoding
br
age
15904001
x-jsd-version
5.1.3
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
26333
x-served-by
cache-fra-eddf8230037-FRA, cache-maa10226-MAA
x-jsd-version-type
version
etag
W/"28021-7Ba9Gb9K6bwuIzasQJpQO7varK0"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
style.css
2rrprowebsite.z23.web.core.windows.net/ 		4 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2rrprowebsite.z23.web.core.windows.net/style.css
Requested by
Host: 2rrprowebsite.z23.web.core.windows.net
URL: https://2rrprowebsite.z23.web.core.windows.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.86.129 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
40a28ebd7ee4a6b14aa1bd762626ee3fe1d50c410854b277149aa84f2118be14

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://2rrprowebsite.z23.web.core.windows.net/
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

Date
Sun, 19 Nov 2023 15:26:52 GMT
Last-Modified
Sat, 24 Jun 2023 02:27:09 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
smaydIttHe/1tHvqGmYJVQ==
ETag
"0x8DB745A82B7055D"
Content-Type
text/css
x-ms-request-id
6fc3112c-601e-0061-45fc-1ac011000000
x-ms-version
2018-03-28
Accept-Ranges
bytes
Content-Length
3835
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: 2rrprowebsite.z23.web.core.windows.net
URL: https://2rrprowebsite.z23.web.core.windows.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://2rrprowebsite.z23.web.core.windows.net/
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

date
Sun, 19 Nov 2023 15:26:53 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
5169514
x-cache
HIT, HIT
content-length
30875
x-served-by
cache-lga21931-LGA, cache-maa10239-MAA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1700407613.132600,VS0,VE0
etag
W/"28feccc0-15d9d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
52, 1048745
101404260.js
static.getclicky.com/ 		56 B
329 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.getclicky.com/101404260.js
Requested by
Host: 2rrprowebsite.z23.web.core.windows.net
URL: https://2rrprowebsite.z23.web.core.windows.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:616c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
865c1c32639768561183be05e49483dbe59a31050e0e5f7c380ee781967380c5

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://2rrprowebsite.z23.web.core.windows.net/
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

x-proxy-cache
MISS
date
Sun, 19 Nov 2023 15:26:53 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 19 Nov 2023 15:26:41 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cf-ray
8289795f8ea64050-SIN
alt-svc
h3=":443"; ma=86400
expires
Mon, 20 Nov 2023 15:26:53 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		180 KB
181 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2510448780224396
Requested by
Host: 2rrprowebsite.z23.web.core.windows.net
URL: https://2rrprowebsite.z23.web.core.windows.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c0f::9c Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5c3894973434f0452b432248d7588575b8b29de807f7b5852b45621c85e09e28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2rrprowebsite.z23.web.core.windows.net/
Origin
https://2rrprowebsite.z23.web.core.windows.net
accept-language
zh-SG,zh;q=0.9
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

date
Sun, 19 Nov 2023 15:26:53 GMT
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
184590
x-xss-protection
0
server
cafe
etag
16726878839084176101
vary
Accept-Encoding
content-type
text/javascript; charset=GB2312
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 19 Nov 2023 15:26:53 GMT
webimg.jpg
2rrprowebsite.z23.web.core.windows.net/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2rrprowebsite.z23.web.core.windows.net/webimg.jpg
Requested by
Host: 2rrprowebsite.z23.web.core.windows.net
URL: https://2rrprowebsite.z23.web.core.windows.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.86.129 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0acb1c2da1a11c9d63ced743279e356d74c93e67afafbfa4706fdccfee10b32f

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://2rrprowebsite.z23.web.core.windows.net/
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

Date
Sun, 19 Nov 2023 15:26:53 GMT
Last-Modified
Sat, 24 Jun 2023 02:27:10 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
cFHYSTPyNZRCZbp87NaZ/Q==
ETag
"0x8DB745A83757ECA"
Content-Type
image/jpeg
x-ms-request-id
6fc31353-601e-0061-30fc-1ac011000000
x-ms-version
2018-03-28
Accept-Ranges
bytes
Content-Length
1074164
js
www.paypal.com/sdk/ 		291 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?client-id=AU7mz2Kxwzcbq1eVK7HeLbZGvZ07QM58NR9EFDq-oFx4Yp7lvH7xSdupOoDFKfIf8KJ2ZUZHOwUbwBLj&vault=true&intent=subscription
Requested by
Host: 2rrprowebsite.z23.web.core.windows.net
URL: https://2rrprowebsite.z23.web.core.windows.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b99ca2b3ae4f0061a14e016d6dc3dcd3371889d20bfc4b1393da6a6428e693a1
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-QNV8XEonr0NHL/jXOhmlE48DxBzf14amaWzET3NvGh6+4nnf' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-QNV8XEonr0NHL/jXOhmlE48DxBzf14amaWzET3NvGh6+4nnf' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://2rrprowebsite.z23.web.core.windows.net/
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-QNV8XEonr0NHL/jXOhmlE48DxBzf14amaWzET3NvGh6+4nnf' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-QNV8XEonr0NHL/jXOhmlE48DxBzf14amaWzET3NvGh6+4nnf' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
disable-set-cookie
true
via
1.1 varnish, 1.1 varnish
date
Sun, 19 Nov 2023 15:26:52 GMT
age
12
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT, MISS
p3p
true
paypal-debug-id
f655019015f6c
server-timing
"traceparent;desc="00-0000000000000000000f655019015f6c-dfeb24b16feb8eaf-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
79340
x-xss-protection
1; mode=block
x-served-by
cache-qpg1246-QPG, cache-qpg1246-QPG
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f655019015f6c-be9f735390a2a90e-01
x-timer
S1700407613.776699,VS0,VE7
etag
W/"135ec-+8RALnACxuUT8FiFEfRoHp/GOUM"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600, s-maxage=10800
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
1, 0
Triumph_banner_728-90.png
www.triumphscalper.com/images/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.triumphscalper.com/images/Triumph_banner_728-90.png
Requested by
Host: 2rrprowebsite.z23.web.core.windows.net
URL: https://2rrprowebsite.z23.web.core.windows.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
132.148.165.11 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
11.165.148.132.host.secureserver.net
Software
nginx /
Resource Hash
7360d44d5be6482f2d113b7ca8aacbee5ca353f3d22303932197095044619ba3

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://2rrprowebsite.z23.web.core.windows.net/
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

Date
Sun, 19 Nov 2023 15:26:53 GMT
Last-Modified
Wed, 21 Jul 2021 15:15:30 GMT
Server
nginx
ETag
"60f83a12-5f97"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
24471
Expires
Thu, 31 Dec 2037 23:55:55 GMT
234-2.gif
affili.fromjapan.co.jp/images/en/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://affili.fromjapan.co.jp/images/en/234-2.gif
Requested by
Host: 2rrprowebsite.z23.web.core.windows.net
URL: https://2rrprowebsite.z23.web.core.windows.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.69.13.227 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-69-13-227.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://2rrprowebsite.z23.web.core.windows.net/
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers
boominati.jpg
2rrprowebsite.z23.web.core.windows.net/images/banner/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2rrprowebsite.z23.web.core.windows.net/images/banner/boominati.jpg
Requested by
Host: 2rrprowebsite.z23.web.core.windows.net
URL: https://2rrprowebsite.z23.web.core.windows.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.86.129 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1929097b4e5f55569016a99e8d0a61f7fd603cc4b928e740bfcc1b30f7fc91f5

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://2rrprowebsite.z23.web.core.windows.net/
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

Date
Sun, 19 Nov 2023 15:26:52 GMT
Last-Modified
Wed, 05 Jul 2023 15:13:52 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
xtac3afXu0jmQHPDVQwiMQ==
ETag
"0x8DB7D6A71286D47"
Content-Type
image/jpeg
x-ms-request-id
6fc31246-601e-0061-05fc-1ac011000000
x-ms-version
2018-03-28
Accept-Ranges
bytes
Content-Length
7416
powr.js
www.powr.io/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.powr.io/powr.js?platform=html
Requested by
Host: 2rrprowebsite.z23.web.core.windows.net
URL: https://2rrprowebsite.z23.web.core.windows.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:32f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
faee10cba58c168a94d6fe87d83f86ddec7de039be3a4b63cf2796c4f4ce54cf
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.powr.io *.wix.com *.mybigcommerce.com *.weebly.com *.stripe.com *.myshopify.com *.shopify.com *.editorx.com *.sharethis.com sharethis.com *.webydo.com;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://2rrprowebsite.z23.web.core.windows.net/
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

date
Sun, 19 Nov 2023 15:26:53 GMT
content-security-policy
frame-ancestors *.powr.io *.wix.com *.mybigcommerce.com *.weebly.com *.stripe.com *.myshopify.com *.shopify.com *.editorx.com *.sharethis.com sharethis.com *.webydo.com;
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-origin-instance
gke
age
186551
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
last-modified
Fri, 17 Nov 2023 10:20:55 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
cf-ray
8289795d9ddf3fda-SIN
expires
Sun, 17 Nov 2024 10:21:12 GMT
pagination.js
2rrprowebsite.z23.web.core.windows.net/ 		27 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2rrprowebsite.z23.web.core.windows.net/pagination.js
Requested by
Host: 2rrprowebsite.z23.web.core.windows.net
URL: https://2rrprowebsite.z23.web.core.windows.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.86.129 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
fbc46745c1937be28ac139d003565769b7b2e336ac28c38ad67d877c7f8deb7e

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://2rrprowebsite.z23.web.core.windows.net/
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

Date
Sun, 19 Nov 2023 15:26:52 GMT
Last-Modified
Tue, 24 Oct 2023 16:39:06 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
J7WbwrFt6mgjMV4yP7pE7g==
ETag
"0x8DBD4AFBD6CB2FD"
Content-Type
text/javascript
x-ms-request-id
6fc31284-601e-0061-29fc-1ac011000000
x-ms-version
2018-03-28
Accept-Ranges
bytes
Content-Length
27941
buy-button.js
js.stripe.com/v3/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/buy-button.js
Requested by
Host: 2rrprowebsite.z23.web.core.windows.net
URL: https://2rrprowebsite.z23.web.core.windows.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-117.sin52.r.cloudfront.net
Software
Cloudfront /
Resource Hash
e0b90a181805f520c8646517192982825bddfa8b7cbd472209a9a4cdd7a6d27c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://2rrprowebsite.z23.web.core.windows.net/
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

date
Sun, 19 Nov 2023 15:26:54 GMT
content-encoding
br
via
1.1 8c73194b247676a80d86714cba2447a4.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-amz-cf-pop
SIN52-C3
x-cache
RefreshHit from cloudfront
last-modified
Fri, 17 Nov 2023 21:03:02 GMT
server
Cloudfront
etag
W/"7358d8f59d52f9a9104c0c7fcc7de43b"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
msJv_7NZ9l0OYxowiOn95MX3w8mWaEq5kNg0qoq23ymmocErUgFxMA==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: 2rrprowebsite.z23.web.core.windows.net
URL: https://2rrprowebsite.z23.web.core.windows.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::5f Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://2rrprowebsite.z23.web.core.windows.net/
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

date
Wed, 15 Nov 2023 06:54:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
376369
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Nov 2024 06:54:04 GMT
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js
Requested by
Host: 2rrprowebsite.z23.web.core.windows.net
URL: https://2rrprowebsite.z23.web.core.windows.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://2rrprowebsite.z23.web.core.windows.net/
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

date
Sun, 19 Nov 2023 15:26:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1536392
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6696
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-5309"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lLX%2Fql7ivrn1uIHXVKnjJFI6DJ7txkAMUKWR41ZKsmboVXMLzHNdnrY4fFs7HK%2BzNeYUtIaOZnReTk0OlCnZWXfEgtkDM%2FuYZAz7GmAqbXb3LLlhbT0GaJkNz2LcY60PN8yKCHcqwM%2FWH2nc6Jkw6T%2FQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8289795dff593ded-SIN
expires
Fri, 08 Nov 2024 15:26:53 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.5.2/js/ 		59 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js
Requested by
Host: 2rrprowebsite.z23.web.core.windows.net
URL: https://2rrprowebsite.z23.web.core.windows.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://2rrprowebsite.z23.web.core.windows.net/
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

date
Sun, 19 Nov 2023 15:26:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
994
age
1689322
cdn-cachedat
09/24/2022 22:11:19
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:11 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
W/"02d223393e00c273efdcb1ade8f4f8b1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
013f6aed705ed569d35d37b2b6bbe72a
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
8289795e084c3e2a-SIN
cdn-requestpullsuccess
True
P-A3663231-0da5-4594-95e6-38958384d3b31.js
utt.impactcdn.com/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://utt.impactcdn.com/P-A3663231-0da5-4594-95e6-38958384d3b31.js
Requested by
Host: 2rrprowebsite.z23.web.core.windows.net
URL: https://2rrprowebsite.z23.web.core.windows.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.249.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
72.249.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3b5d77bc1d10555d3bc2d7e3d1f6ac950dc09f87bfe0a4ac19b246bd90518de5

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://2rrprowebsite.z23.web.core.windows.net/
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

date
Sun, 19 Nov 2023 15:26:53 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPrNzDRH3MOowPZhc1o3pReq0BKgypDFjlvj3KQ7FDUJmIxsq45U19JaeL0vrC8nxjUxy3DRSJ4w5GZUhRIpsYCgHQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7905
last-modified
Tue, 31 Oct 2023 23:59:43 GMT
server
UploadServer
etag
"f0d4fe07760201cc57143df28e228f8d"
vary
Accept-Encoding
x-goog-generation
1698796783711674
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-goog-hash
crc32c=GUhOyA==, md5=8NT+B3YCAcxXFD3yjiKPjQ==
cache-control
public,max-age=900,s-maxage=300
x-goog-stored-content-length
7905
accept-ranges
bytes
expires
Sun, 19 Nov 2023 15:31:53 GMT
pptm.js
www.paypal.com/tagmanager/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=2rrprowebsite.z23.web.core.windows.net&t=xo&v=5.0.410&source=payments_sdk&client_id=AU7mz2Kxwzcbq1eVK7HeLbZGvZ07QM58NR9EFDq-oFx4Yp7lvH7xSdupOoDFKfIf8KJ2ZUZHOwUbwBLj&disableSetCookie=true&vault=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AU7mz2Kxwzcbq1eVK7HeLbZGvZ07QM58NR9EFDq-oFx4Yp7lvH7xSdupOoDFKfIf8KJ2ZUZHOwUbwBLj&vault=true&intent=subscription
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7b43cb1814ca80746730f4207edcd1175bb5e95baf32398cfa5c891cb06713d7
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-2N1ard8untuBedUA+/2vDtUsJhxb6lnJpQM0RfLB+4fpoXnE' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://2rrprowebsite.z23.web.core.windows.net/
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-2N1ard8untuBedUA+/2vDtUsJhxb6lnJpQM0RfLB+4fpoXnE' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 19 Nov 2023 15:26:53 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
12
x-cache
HIT, MISS
paypal-debug-id
f6550195bd75e
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
4338
x-xss-protection
1; mode=block
x-served-by
cache-qpg1246-QPG, cache-qpg1246-QPG
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f6550195bd75e-ae4c7b0df03d5807-01
x-timer
S1700407613.386124,VS0,VE6
etag
W/"2f8b-lWMMAqH5NWBufCerdpb7DcGAARo"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=3600
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
1, 0
buttons
www.paypal.com/smart/ Frame 15B6 		407 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/smart/buttons?style.label=subscribe&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.410&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVU3bXoyS3h3emNicTFlVks3SGVMYlpHdlowN1FNNThOUjlFRkRxLW9GeDRZcDdsdkg3eFNkdXBPb0RGS2ZJZjhLSjJaVVpIT3dVYndCTGomdmF1bHQ9dHJ1ZSZpbnRlbnQ9c3Vic2NyaXB0aW9uIiwiYXR0cnMiOnsiZGF0YS1zZGstaW50ZWdyYXRpb24tc291cmNlIjoiYnV0dG9uLWZhY3RvcnkiLCJkYXRhLXVpZCI6InVpZF9tamhuYmR2dGpxc2VnaHppZXVvZWFidGh6anJsYmcifX0&clientID=AU7mz2Kxwzcbq1eVK7HeLbZGvZ07QM58NR9EFDq-oFx4Yp7lvH7xSdupOoDFKfIf8KJ2ZUZHOwUbwBLj&sdkCorrelationID=f1776152e5992&storageID=uid_ef49bd7886_mtu6mjy6ntm&sessionID=uid_b4a274cf99_mtu6mjy6ntm&buttonSessionID=uid_478c2999cd_mtu6mjy6ntm&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&flow=subscription_setup&currency=USD&intent=subscription&commit=true&vault=true&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true&experimentation.experience=107634&experimentation.treatment=137602
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AU7mz2Kxwzcbq1eVK7HeLbZGvZ07QM58NR9EFDq-oFx4Yp7lvH7xSdupOoDFKfIf8KJ2ZUZHOwUbwBLj&vault=true&intent=subscription
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ac99adf8da871bf7110923d048182f0634125a2b48aeec12007f4e911ba2360a
Security Headers
Name Value
Content-Security-Policy form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://2rrprowebsite.z23.web.core.windows.net/
Upgrade-Insecure-Requests
1
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-disposition
inline
content-encoding
gzip
content-security-policy
form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html; charset=utf-8
date
Sun, 19 Nov 2023 15:26:53 GMT
dc
ccg11-origin-www-1.paypal.com
etag
W/"65b8c-FUqVaHylG4sQU37r9K+iCPFMtxE"
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
p3p
true
paypal-debug-id
f129991ddc093
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
"traceparent;desc="00-0000000000000000000f129991ddc093-a3794c4495d2aa31-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f129991ddc093-c3e68552e13e964d-01
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-content-type-options
nosniff
x-csrf-jwt
__blank__
x-served-by
cache-qpg1246-QPG, cache-qpg1246-QPG
x-timer
S1700407613.460210,VS0,VE448
x-xss-protection
1; mode=block
paypal-blue.svg
www.paypalobjects.com/js-sdk-logos/2.2.7/ Frame 814B 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/js-sdk-logos/2.2.7/paypal-blue.svg
Requested by
Host: 2rrprowebsite.z23.web.core.windows.net
URL: https://2rrprowebsite.z23.web.core.windows.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.232.89 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (hkc/BD08) /
Resource Hash
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

date
Sun, 19 Nov 2023 15:26:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
7ed7926b977c3
dc
ccg11-origin-www-1.paypal.com
content-length
1217
last-modified
Tue, 04 Apr 2023 21:46:19 GMT
server
ECAcc (hkc/BD08)
traceparent
00-00000000000000000007ed7926b977c3-22fc533023ace44c-01
etag
W/"642c9aab-cc2"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Sun, 19 Nov 2023 16:26:53 GMT
card-white.svg
www.paypalobjects.com/js-sdk-logos/2.2.7/ Frame 814B 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/js-sdk-logos/2.2.7/card-white.svg
Requested by
Host: 2rrprowebsite.z23.web.core.windows.net
URL: https://2rrprowebsite.z23.web.core.windows.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.232.89 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (hkc/BDB9) /
Resource Hash
1c4c2e6fd8a12889bc2ab350338566579ae079850e59701c8bf55ba52abd4d6b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

date
Sun, 19 Nov 2023 15:26:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
4490f216292b
dc
ccg11-origin-www-1.paypal.com
content-length
637
last-modified
Tue, 04 Apr 2023 21:46:19 GMT
server
ECAcc (hkc/BDB9)
traceparent
00-000000000000000000004490f216292b-db9de96ec7956fac-01
etag
W/"642c9aab-54e"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Sun, 19 Nov 2023 16:26:53 GMT
paypal-button-0738fe89_1698169777.html
vcdn.powr.io/v/paypalButton/html/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vcdn.powr.io/v/paypalButton/html/paypal-button-0738fe89_1698169777.html
Requested by
Host: www.powr.io
URL: https://www.powr.io/powr.js?platform=html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://2rrprowebsite.z23.web.core.windows.net/
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

date
Sun, 19 Nov 2023 15:26:55 GMT
content-encoding
br
cf-cache-status
MISS
x-guploader-uploadid
ABPtcPrn241fA-WIiHJvJjxYSeEhiaeNIlQm4fNzIYXXqO4S6-CowB9Pa4CXsRDluZLpILF5cxs8ihjpmw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 24 Oct 2023 18:20:45 GMT
server
cloudflare
vary
Accept-Encoding
x-goog-hash
crc32c=Am4BZA==, md5=Q8aHkcoG+Z+7ejBlmZzhgQ==
x-goog-generation
1698171645807520
content-type
text/html
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
no-cache
x-goog-stored-content-length
73678
cf-ray
82897960a9983dbd-SIN
expires
Mon, 18 Nov 2024 15:26:55 GMT
product11s.jpg
2rrprowebsite.z23.web.core.windows.net/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2rrprowebsite.z23.web.core.windows.net/images/product11s.jpg
Requested by
Host: 2rrprowebsite.z23.web.core.windows.net
URL: https://2rrprowebsite.z23.web.core.windows.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.86.129 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a7b5f3a4d6ce5ca1e6fd53857de91c77cbe72c29b2c1645498ab66b43a8dbca8

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://2rrprowebsite.z23.web.core.windows.net/
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

Date
Sun, 19 Nov 2023 15:26:52 GMT
Last-Modified
Sat, 24 Jun 2023 02:28:26 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
xj9VqPJFdfpULXmFXmp3iQ==
ETag
"0x8DB745AB0C66CEE"
Content-Type
image/jpeg
x-ms-request-id
ac436b94-801e-001b-1cfc-1add51000000
x-ms-version
2018-03-28
Accept-Ranges
bytes
Content-Length
5270
product11.png
2rrprowebsite.z23.web.core.windows.net/images/ 		875 KB
875 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2rrprowebsite.z23.web.core.windows.net/images/product11.png
Requested by
Host: 2rrprowebsite.z23.web.core.windows.net
URL: https://2rrprowebsite.z23.web.core.windows.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.86.129 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4ae2b5e7727bf6c855e92376a716649bfc8208d34274de619d1c71da4e3ae14b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://2rrprowebsite.z23.web.core.windows.net/
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

Date
Sun, 19 Nov 2023 15:26:52 GMT
Last-Modified
Sat, 24 Jun 2023 02:28:29 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
Pp4sM0LCBnzocM6rTkjg1Q==
ETag
"0x8DB745AB2A19EA4"
Content-Type
image/png
x-ms-request-id
ac436bd4-801e-001b-45fc-1add51000000
x-ms-version
2018-03-28
Accept-Ranges
bytes
Content-Length
895491
product2.png
2rrprowebsite.z23.web.core.windows.net/images/ 		287 KB
287 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2rrprowebsite.z23.web.core.windows.net/images/product2.png
Requested by
Host: 2rrprowebsite.z23.web.core.windows.net
URL: https://2rrprowebsite.z23.web.core.windows.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.86.129 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
2bc06e84b7d8632bf68fdfa2f05b36e8879ddd3596d09d86db871c3789d35831

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://2rrprowebsite.z23.web.core.windows.net/
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

Date
Sun, 19 Nov 2023 15:26:53 GMT
Last-Modified
Sat, 24 Jun 2023 02:28:23 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
4UbuMFoRIkwas1LXiFzQYA==
ETag
"0x8DB745AAF1774F6"
Content-Type
image/png
x-ms-request-id
5ac370a7-801e-0069-5dfc-1ada1e000000
x-ms-version
2018-03-28
Accept-Ranges
bytes
Content-Length
293647
product3rep.png
2rrprowebsite.z23.web.core.windows.net/images/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2rrprowebsite.z23.web.core.windows.net/images/product3rep.png
Requested by
Host: 2rrprowebsite.z23.web.core.windows.net
URL: https://2rrprowebsite.z23.web.core.windows.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.86.129 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5f470045ca28fed602fac19a2f2dc325c6451705c9c96bd45f8ea03f6b9ded73

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://2rrprowebsite.z23.web.core.windows.net/
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

Date
Sun, 19 Nov 2023 15:26:53 GMT
Last-Modified
Tue, 24 Oct 2023 16:41:09 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
S5rlNlw6IqoNOjk4EuMMCg==
ETag
"0x8DBD4B006A28DB3"
Content-Type
image/png
x-ms-request-id
6fc3143b-601e-0061-38fc-1ac011000000
x-ms-version
2018-03-28
Accept-Ranges
bytes
Content-Length
1502909
product4.png
2rrprowebsite.z23.web.core.windows.net/images/ 		302 KB
303 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2rrprowebsite.z23.web.core.windows.net/images/product4.png
Requested by
Host: 2rrprowebsite.z23.web.core.windows.net
URL: https://2rrprowebsite.z23.web.core.windows.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.86.129 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b9972cf884a14410091a93781530c4e9e2465c9862dcb638974a5ab97c74acde

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://2rrprowebsite.z23.web.core.windows.net/
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

Date
Sun, 19 Nov 2023 15:26:53 GMT
Last-Modified
Sat, 24 Jun 2023 02:28:22 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
tgN4Wb/0QKBESq45c/JjnQ==
ETag
"0x8DB745AAE3720AB"
Content-Type
image/png
x-ms-request-id
fa1f1485-f01e-0063-5cfc-1a7ea9000000
x-ms-version
2018-03-28
Accept-Ranges
bytes
Content-Length
309496
product5.jpg
2rrprowebsite.z23.web.core.windows.net/images/ 		153 KB
153 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2rrprowebsite.z23.web.core.windows.net/images/product5.jpg
Requested by
Host: 2rrprowebsite.z23.web.core.windows.net
URL: https://2rrprowebsite.z23.web.core.windows.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.86.129 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
cc33235303cf3ecbafb9913c99a02d512e98fd48c3a7a51adbe5295001b25352

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://2rrprowebsite.z23.web.core.windows.net/
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

Date
Sun, 19 Nov 2023 15:26:53 GMT
Last-Modified
Sat, 24 Jun 2023 02:28:23 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
2UhqctsXlEHYhCiMqeGtBQ==
ETag
"0x8DB745AAEC98766"
Content-Type
image/jpeg
x-ms-request-id
fa1f159b-f01e-0063-18fc-1a7ea9000000
x-ms-version
2018-03-28
Accept-Ranges
bytes
Content-Length
156358
product6.png
2rrprowebsite.z23.web.core.windows.net/images/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2rrprowebsite.z23.web.core.windows.net/images/product6.png
Requested by
Host: 2rrprowebsite.z23.web.core.windows.net
URL: https://2rrprowebsite.z23.web.core.windows.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.86.129 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
33e9d7f221aee1c54b3ed0ce545b7ff6a990989cd7026070b6e524326fa4396e

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://2rrprowebsite.z23.web.core.windows.net/
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

Date
Sun, 19 Nov 2023 15:26:53 GMT
Last-Modified
Sat, 24 Jun 2023 02:28:33 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
zso+Dn6fo9TIk3PxW1Xxwg==
ETag
"0x8DB745AB4E7696C"
Content-Type
image/png
x-ms-request-id
6fc315ad-601e-0061-28fc-1ac011000000
x-ms-version
2018-03-28
Accept-Ranges
bytes
Content-Length
1415467
product9.png
2rrprowebsite.z23.web.core.windows.net/images/ 		660 KB
660 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2rrprowebsite.z23.web.core.windows.net/images/product9.png
Requested by
Host: 2rrprowebsite.z23.web.core.windows.net
URL: https://2rrprowebsite.z23.web.core.windows.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.86.129 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5bb5bdf192a92b9ddef0c3a63921b8fb3f7bc7cdbc79f84ff9ccd95126cc8382

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://2rrprowebsite.z23.web.core.windows.net/
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

Date
Sun, 19 Nov 2023 15:26:53 GMT
Last-Modified
Sat, 24 Jun 2023 02:28:27 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
lAZxA2QeCeSr075UchJFSQ==
ETag
"0x8DB745AB15A5A18"
Content-Type
image/png
x-ms-request-id
fa1f15e6-f01e-0063-57fc-1a7ea9000000
x-ms-version
2018-03-28
Accept-Ranges
bytes
Content-Length
675733
product8.png
2rrprowebsite.z23.web.core.windows.net/images/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2rrprowebsite.z23.web.core.windows.net/images/product8.png
Requested by
Host: 2rrprowebsite.z23.web.core.windows.net
URL: https://2rrprowebsite.z23.web.core.windows.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.86.129 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d26e399961e3f83efddbc08f5cc585ed33bd9b60e47342f0e966976dd24a9bed

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://2rrprowebsite.z23.web.core.windows.net/
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

Date
Sun, 19 Nov 2023 15:26:53 GMT
Last-Modified
Sat, 24 Jun 2023 02:28:32 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
E1Q1CyQdynDiVpoFZd5CYw==
ETag
"0x8DB745AB44E9B0D"
Content-Type
image/png
x-ms-request-id
f8c4b71b-101e-0026-1ffc-1aab4a000000
x-ms-version
2018-03-28
Accept-Ranges
bytes
Content-Length
1434963
product12b.png
2rrprowebsite.z23.web.core.windows.net/images/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2rrprowebsite.z23.web.core.windows.net/images/product12b.png
Requested by
Host: 2rrprowebsite.z23.web.core.windows.net
URL: https://2rrprowebsite.z23.web.core.windows.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.86.129 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5d0e5587beda65b18252dd843e8b907e0646fe0b35f36fe2a5b2f6ca8bda66b5

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://2rrprowebsite.z23.web.core.windows.net/
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

Date
Sun, 19 Nov 2023 15:26:53 GMT
Last-Modified
Sat, 24 Jun 2023 02:28:33 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
g6iU+bW41NN/psLxVC5qFg==
ETag
"0x8DB745AB4CBCF20"
Content-Type
image/png
x-ms-request-id
95f41068-101e-0009-7ffc-1aa681000000
x-ms-version
2018-03-28
Accept-Ranges
bytes
Content-Length
1466184
specterr.mp4
2rrprowebsite.z23.web.core.windows.net/images/videos/ 		144 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://2rrprowebsite.z23.web.core.windows.net/images/videos/specterr.mp4
Requested by
Host: 2rrprowebsite.z23.web.core.windows.net
URL: https://2rrprowebsite.z23.web.core.windows.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.86.129 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Referer
https://2rrprowebsite.z23.web.core.windows.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
zh-SG,zh;q=0.9
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)
Range
bytes=0-

Response headers

Date
Sun, 19 Nov 2023 15:26:54 GMT
Last-Modified
Sat, 24 Jun 2023 02:29:04 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
ETag
"0x8DB745AC74EF015"
Content-Type
video/mp4
Content-Range
bytes 0-2802452/2802453
x-ms-request-id
5ac3741c-801e-0069-33fc-1ada1e000000
x-ms-version
2018-03-28
Accept-Ranges
bytes
Content-Length
2802453
filmora.mp4
2rrprowebsite.z23.web.core.windows.net/images/videos/ 		701 KB
701 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://2rrprowebsite.z23.web.core.windows.net/images/videos/filmora.mp4
Requested by
Host: 2rrprowebsite.z23.web.core.windows.net
URL: https://2rrprowebsite.z23.web.core.windows.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.86.129 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e868ef6a88b34e61341b2c3aa04b2557b83d38bad8ddca0c14c9c7e285f22812

Request headers

Referer
https://2rrprowebsite.z23.web.core.windows.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
zh-SG,zh;q=0.9
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)
Range
bytes=0-

Response headers

Date
Sun, 19 Nov 2023 15:26:54 GMT
Last-Modified
Sat, 24 Jun 2023 02:28:53 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
ETag
"0x8DB745AC1165E1B"
Content-Type
video/mp4
Content-Range
bytes 0-717498/717499
x-ms-request-id
6fc31885-601e-0061-0cfc-1ac011000000
x-ms-version
2018-03-28
Accept-Ranges
bytes
Content-Length
717499
manychat.mp4
2rrprowebsite.z23.web.core.windows.net/images/videos/ 		5 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://2rrprowebsite.z23.web.core.windows.net/images/videos/manychat.mp4
Requested by
Host: 2rrprowebsite.z23.web.core.windows.net
URL: https://2rrprowebsite.z23.web.core.windows.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.86.129 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Referer
https://2rrprowebsite.z23.web.core.windows.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
zh-SG,zh;q=0.9
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)
Range
bytes=0-

Response headers

Date
Sun, 19 Nov 2023 15:26:54 GMT
Last-Modified
Sat, 24 Jun 2023 02:29:48 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
ETag
"0x8DB745AE1CD94BC"
Content-Type
video/mp4
Content-Range
bytes 0-10285185/10285186
x-ms-request-id
fa1f18d7-f01e-0063-41fc-1a7ea9000000
x-ms-version
2018-03-28
Accept-Ranges
bytes
Content-Length
10285186
ts
t.paypal.com/ 		42 B
506 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Top-Rated%20Products&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1700407613639&g=-480&completeurl=https%3A%2F%2F2rrprowebsite.z23.web.core.windows.net%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D&disableSetCookie=true
Requested by
Host: 2rrprowebsite.z23.web.core.windows.net
URL: https://2rrprowebsite.z23.web.core.windows.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://2rrprowebsite.z23.web.core.windows.net/
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

x-cache-hits
0
date
Sun, 19 Nov 2023 15:26:53 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
e2c14254b097d
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-qpg1260-QPG
pragma
no-cache
correlation-id
e2c14254b097d
traceparent
00-0000000000000000000e2c14254b097d-06b5afad9cb3fa56-01
x-timer
S1700407614.713818,VS0,VE191
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 Nov 2023 15:26:53 GMT
js
www.paypal.com/sdk/ Frame 15B6 		291 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?client-id=AU7mz2Kxwzcbq1eVK7HeLbZGvZ07QM58NR9EFDq-oFx4Yp7lvH7xSdupOoDFKfIf8KJ2ZUZHOwUbwBLj&vault=true&intent=subscription
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?style.label=subscribe&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.410&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVU3bXoyS3h3emNicTFlVks3SGVMYlpHdlowN1FNNThOUjlFRkRxLW9GeDRZcDdsdkg3eFNkdXBPb0RGS2ZJZjhLSjJaVVpIT3dVYndCTGomdmF1bHQ9dHJ1ZSZpbnRlbnQ9c3Vic2NyaXB0aW9uIiwiYXR0cnMiOnsiZGF0YS1zZGstaW50ZWdyYXRpb24tc291cmNlIjoiYnV0dG9uLWZhY3RvcnkiLCJkYXRhLXVpZCI6InVpZF9tamhuYmR2dGpxc2VnaHppZXVvZWFidGh6anJsYmcifX0&clientID=AU7mz2Kxwzcbq1eVK7HeLbZGvZ07QM58NR9EFDq-oFx4Yp7lvH7xSdupOoDFKfIf8KJ2ZUZHOwUbwBLj&sdkCorrelationID=f1776152e5992&storageID=uid_ef49bd7886_mtu6mjy6ntm&sessionID=uid_b4a274cf99_mtu6mjy6ntm&buttonSessionID=uid_478c2999cd_mtu6mjy6ntm&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&flow=subscription_setup&currency=USD&intent=subscription&commit=true&vault=true&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true&experimentation.experience=107634&experimentation.treatment=137602
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b99ca2b3ae4f0061a14e016d6dc3dcd3371889d20bfc4b1393da6a6428e693a1
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-QNV8XEonr0NHL/jXOhmlE48DxBzf14amaWzET3NvGh6+4nnf' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-QNV8XEonr0NHL/jXOhmlE48DxBzf14amaWzET3NvGh6+4nnf' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.paypal.com/smart/buttons?style.label=subscribe&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.410&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVU3bXoyS3h3emNicTFlVks3SGVMYlpHdlowN1FNNThOUjlFRkRxLW9GeDRZcDdsdkg3eFNkdXBPb0RGS2ZJZjhLSjJaVVpIT3dVYndCTGomdmF1bHQ9dHJ1ZSZpbnRlbnQ9c3Vic2NyaXB0aW9uIiwiYXR0cnMiOnsiZGF0YS1zZGstaW50ZWdyYXRpb24tc291cmNlIjoiYnV0dG9uLWZhY3RvcnkiLCJkYXRhLXVpZCI6InVpZF9tamhuYmR2dGpxc2VnaHppZXVvZWFidGh6anJsYmcifX0&clientID=AU7mz2Kxwzcbq1eVK7HeLbZGvZ07QM58NR9EFDq-oFx4Yp7lvH7xSdupOoDFKfIf8KJ2ZUZHOwUbwBLj&sdkCorrelationID=f1776152e5992&storageID=uid_ef49bd7886_mtu6mjy6ntm&sessionID=uid_b4a274cf99_mtu6mjy6ntm&buttonSessionID=uid_478c2999cd_mtu6mjy6ntm&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&flow=subscription_setup&currency=USD&intent=subscription&commit=true&vault=true&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true&experimentation.experience=107634&experimentation.treatment=137602
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-QNV8XEonr0NHL/jXOhmlE48DxBzf14amaWzET3NvGh6+4nnf' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-QNV8XEonr0NHL/jXOhmlE48DxBzf14amaWzET3NvGh6+4nnf' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
disable-set-cookie
true
via
1.1 varnish, 1.1 varnish
date
Sun, 19 Nov 2023 15:26:54 GMT
age
14
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT, MISS
p3p
true
paypal-debug-id
f655019015f6c
server-timing
"traceparent;desc="00-0000000000000000000f655019015f6c-dfeb24b16feb8eaf-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
79340
x-xss-protection
1; mode=block
x-served-by
cache-qpg1246-QPG, cache-qpg1246-QPG
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f655019015f6c-be9f735390a2a90e-01
x-timer
S1700407614.342384,VS0,VE15
etag
W/"135ec-+8RALnACxuUT8FiFEfRoHp/GOUM"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600, s-maxage=10800
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
2, 0
truncated
/ Frame 15B6 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 15B6 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1c4c2e6fd8a12889bc2ab350338566579ae079850e59701c8bf55ba52abd4d6b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

Content-Type
image/svg+xml
show_ads_impl.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/ 		457 KB
457 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/show_ads_impl.js?bust=31079699
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2510448780224396
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::9c Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f89bcb0f6632c6619173ea14d38f30a5341a8f99b7c830800e7a24a37b410ba4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://2rrprowebsite.z23.web.core.windows.net/
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

date
Sun, 19 Nov 2023 15:26:54 GMT
x-content-type-options
nosniff
server
cafe
etag
11565801731075942358
vary
Accept-Encoding
content-type
text/javascript; charset=GB2312
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private, max-age=1209600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
468134
x-xss-protection
0
expires
Sun, 19 Nov 2023 15:26:54 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame 55FC 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2510448780224396
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::9b Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2rrprowebsite.z23.web.core.windows.net/
Upgrade-Insecure-Requests
1
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)
accept-language
zh-SG,zh;q=0.9

Response headers

age
65897
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4502
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 21:08:38 GMT
etag
251720774729838433
expires
Sat, 02 Dec 2023 21:08:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
vidine.evyy.net/xur/0/ 		46 B
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vidine.evyy.net/xur/0/
Requested by
Host: utt.impactcdn.com
URL: https://utt.impactcdn.com/P-A3663231-0da5-4594-95e6-38958384d3b31.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.99.245 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
245.99.96.34.bc.googleusercontent.com
Software
/
Resource Hash
41ea5861b0d01c0279ffd9fec8db5b8b763b2260cd10d2517df2a667a8b9f122

Request headers

Referer
https://2rrprowebsite.z23.web.core.windows.net/
accept-language
zh-SG,zh;q=0.9
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 15:26:54 GMT
via
1.1 google
p3p
policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
access-control-allow-origin
https://2rrprowebsite.z23.web.core.windows.net
content-type
application/json; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 19 Nov 2023 15:26:54 GMT
specterr.mp4
2rrprowebsite.z23.web.core.windows.net/images/videos/ 		17 KB
17 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://2rrprowebsite.z23.web.core.windows.net/images/videos/specterr.mp4
Requested by
Host: 2rrprowebsite.z23.web.core.windows.net
URL: https://2rrprowebsite.z23.web.core.windows.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.86.129 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
16e9e5e7168be6a56c9de27c97d99671e229e58f2368e606bc9a6e67a37bc2c0

Request headers

Referer
https://2rrprowebsite.z23.web.core.windows.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
zh-SG,zh;q=0.9
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)
Range
bytes=2785280-

Response headers

Date
Sun, 19 Nov 2023 15:26:54 GMT
Last-Modified
Sat, 24 Jun 2023 02:29:04 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
ETag
"0x8DB745AC74EF015"
Content-Type
video/mp4
Content-Range
bytes 2785280-2802452/2802453
x-ms-request-id
ac43731b-801e-001b-6cfc-1add51000000
x-ms-version
2018-03-28
Accept-Ranges
bytes
Content-Length
17173
logger
www.paypal.com/xoplatform/logger/api/ Frame 15B6 		1022 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AU7mz2Kxwzcbq1eVK7HeLbZGvZ07QM58NR9EFDq-oFx4Yp7lvH7xSdupOoDFKfIf8KJ2ZUZHOwUbwBLj&vault=true&intent=subscription
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0656471e290af55c0275acdc6bcda19d9c36be1e67d1ced7e4a231fed95385d5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://www.paypal.com/smart/buttons?style.label=subscribe&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.410&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVU3bXoyS3h3emNicTFlVks3SGVMYlpHdlowN1FNNThOUjlFRkRxLW9GeDRZcDdsdkg3eFNkdXBPb0RGS2ZJZjhLSjJaVVpIT3dVYndCTGomdmF1bHQ9dHJ1ZSZpbnRlbnQ9c3Vic2NyaXB0aW9uIiwiYXR0cnMiOnsiZGF0YS1zZGstaW50ZWdyYXRpb24tc291cmNlIjoiYnV0dG9uLWZhY3RvcnkiLCJkYXRhLXVpZCI6InVpZF9tamhuYmR2dGpxc2VnaHppZXVvZWFidGh6anJsYmcifX0&clientID=AU7mz2Kxwzcbq1eVK7HeLbZGvZ07QM58NR9EFDq-oFx4Yp7lvH7xSdupOoDFKfIf8KJ2ZUZHOwUbwBLj&sdkCorrelationID=f1776152e5992&storageID=uid_ef49bd7886_mtu6mjy6ntm&sessionID=uid_b4a274cf99_mtu6mjy6ntm&buttonSessionID=uid_478c2999cd_mtu6mjy6ntm&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&flow=subscription_setup&currency=USD&intent=subscription&commit=true&vault=true&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true&experimentation.experience=107634&experimentation.treatment=137602
accept-language
zh-SG,zh;q=0.9
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)
content-type
application/json

Response headers

date
Sun, 19 Nov 2023 15:26:55 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cache
MISS, MISS
paypal-debug-id
f90921524449a
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-qpg1246-QPG, cache-qpg1246-QPG
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f90921524449a-459a159dad420516-01
x-timer
S1700407615.270429,VS0,VE242
etag
W/"3fe-uZ6NI2lgRlp5/tjBcEYfmbmBCx4"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypal.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
none
x-cache-hits
0, 0
logger
www.paypal.com/xoplatform/logger/api/ Frame 15B6 		1018 B
921 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?style.label=subscribe&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.410&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVU3bXoyS3h3emNicTFlVks3SGVMYlpHdlowN1FNNThOUjlFRkRxLW9GeDRZcDdsdkg3eFNkdXBPb0RGS2ZJZjhLSjJaVVpIT3dVYndCTGomdmF1bHQ9dHJ1ZSZpbnRlbnQ9c3Vic2NyaXB0aW9uIiwiYXR0cnMiOnsiZGF0YS1zZGstaW50ZWdyYXRpb24tc291cmNlIjoiYnV0dG9uLWZhY3RvcnkiLCJkYXRhLXVpZCI6InVpZF9tamhuYmR2dGpxc2VnaHppZXVvZWFidGh6anJsYmcifX0&clientID=AU7mz2Kxwzcbq1eVK7HeLbZGvZ07QM58NR9EFDq-oFx4Yp7lvH7xSdupOoDFKfIf8KJ2ZUZHOwUbwBLj&sdkCorrelationID=f1776152e5992&storageID=uid_ef49bd7886_mtu6mjy6ntm&sessionID=uid_b4a274cf99_mtu6mjy6ntm&buttonSessionID=uid_478c2999cd_mtu6mjy6ntm&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&flow=subscription_setup&currency=USD&intent=subscription&commit=true&vault=true&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true&experimentation.experience=107634&experimentation.treatment=137602
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
66301a330c61cf002dfba1d6034a5b75593bbd926967509135c5b2199a114cef
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/smart/buttons?style.label=subscribe&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.410&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVU3bXoyS3h3emNicTFlVks3SGVMYlpHdlowN1FNNThOUjlFRkRxLW9GeDRZcDdsdkg3eFNkdXBPb0RGS2ZJZjhLSjJaVVpIT3dVYndCTGomdmF1bHQ9dHJ1ZSZpbnRlbnQ9c3Vic2NyaXB0aW9uIiwiYXR0cnMiOnsiZGF0YS1zZGstaW50ZWdyYXRpb24tc291cmNlIjoiYnV0dG9uLWZhY3RvcnkiLCJkYXRhLXVpZCI6InVpZF9tamhuYmR2dGpxc2VnaHppZXVvZWFidGh6anJsYmcifX0&clientID=AU7mz2Kxwzcbq1eVK7HeLbZGvZ07QM58NR9EFDq-oFx4Yp7lvH7xSdupOoDFKfIf8KJ2ZUZHOwUbwBLj&sdkCorrelationID=f1776152e5992&storageID=uid_ef49bd7886_mtu6mjy6ntm&sessionID=uid_b4a274cf99_mtu6mjy6ntm&buttonSessionID=uid_478c2999cd_mtu6mjy6ntm&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&flow=subscription_setup&currency=USD&intent=subscription&commit=true&vault=true&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true&experimentation.experience=107634&experimentation.treatment=137602
accept-language
zh-SG,zh;q=0.9
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)
Content-Type
application/json

Response headers

date
Sun, 19 Nov 2023 15:26:55 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cache
MISS, MISS
paypal-debug-id
f90921567cf5c
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-qpg1246-QPG, cache-qpg1246-QPG
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f90921567cf5c-4c7601a9b43998e1-01
x-timer
S1700407615.278691,VS0,VE304
etag
W/"3fa-ZUWrbc8FagSAoAcokWhwgV4gvAc"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypal.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
none
x-cache-hits
0, 0
ads
googleads.g.doubleclick.net/pagead/ Frame ECFE 		603 B
306 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2510448780224396&output=html&adk=1812271804&adf=3025194257&lmt=1699734230&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2F2rrprowebsite.z23.web.core.windows.net%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~5~6&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700407614857&bpp=3&bdt=2100&idt=404&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=914635580716&frm=20&pv=2&ga_vid=1702100330.1700407615&ga_sid=1700407615&ga_hid=2018758181&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44798934%2C31078301%2C31079699%2C44807749%2C44807764%2C44808148%2C44808285%2C44809057&oid=2&pvsid=3029916903850716&tmod=699065417&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=432
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/show_ads_impl.js?bust=31079699
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::9b Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2rrprowebsite.z23.web.core.windows.net/
Upgrade-Insecure-Requests
1
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
gzip
content-length
82
content-type
text/html; charset=GB2312
cross-origin-resource-policy
cross-origin
date
Sun, 19 Nov 2023 15:26:55 GMT
expires
Sun, 19 Nov 2023 15:26:55 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
specterr.mp4
2rrprowebsite.z23.web.core.windows.net/images/videos/ 		3 MB
3 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://2rrprowebsite.z23.web.core.windows.net/images/videos/specterr.mp4
Requested by
Host: 2rrprowebsite.z23.web.core.windows.net
URL: https://2rrprowebsite.z23.web.core.windows.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.86.129 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ae59ba463823f134f3b68f38366a19e659344ecac5b78f5377bdb677d9e290c5

Request headers

Referer
https://2rrprowebsite.z23.web.core.windows.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
zh-SG,zh;q=0.9
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)
Range
bytes=131072-

Response headers

Date
Sun, 19 Nov 2023 15:26:54 GMT
Last-Modified
Sat, 24 Jun 2023 02:29:04 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
ETag
"0x8DB745AC74EF015"
Content-Type
video/mp4
Content-Range
bytes 131072-2802452/2802453
x-ms-request-id
ac4373ef-801e-001b-32fc-1add51000000
x-ms-version
2018-03-28
Accept-Ranges
bytes
Content-Length
2671381
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/show_ads_impl.js?bust=31079699
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c0f::9c Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d83578139d813bf0b91b1dbe2877535513555a8012146c1a7b14d4cec27b801
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://2rrprowebsite.z23.web.core.windows.net/
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

date
Sun, 19 Nov 2023 15:26:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=GB2312
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12305
x-xss-protection
0
paypal-button-0738fe89_1698169777.html
vcdn.powr.io/v/paypalButton/html/ Frame F492 		72 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vcdn.powr.io/v/paypalButton/html/paypal-button-0738fe89_1698169777.html
Requested by
Host: www.powr.io
URL: https://www.powr.io/powr.js?platform=html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f011e187be009e1d549d736eb763454c3739aa491f6313ef2f58def6df819ede

Request headers

Referer
https://2rrprowebsite.z23.web.core.windows.net/
Upgrade-Insecure-Requests
1
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)
accept-language
zh-SG,zh;q=0.9

Response headers

access-control-allow-origin
*
access-control-expose-headers
Content-Type
alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
MISS
cf-ray
82897974be606046-SIN
content-encoding
br
content-type
text/html
date
Sun, 19 Nov 2023 15:26:58 GMT
expires
Mon, 18 Nov 2024 15:26:58 GMT
last-modified
Tue, 24 Oct 2023 18:20:45 GMT
server
cloudflare
vary
Accept-Encoding
x-goog-generation
1698171645807520
x-goog-hash
crc32c=Am4BZA== md5=Q8aHkcoG+Z+7ejBlmZzhgQ==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
73678
x-guploader-uploadid
ABPtcPqMchG7pmHk9atJa_V1n1czexxRk4CR7tDoUqmKcEEnqDIsOtOiAm_GStQNhLuoVrfwHNn45WbvhQ
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/show_ads_impl.js?bust=31079699
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c04::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://2rrprowebsite.z23.web.core.windows.net/
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

date
Sun, 19 Nov 2023 15:26:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 19 Nov 2023 15:26:56 GMT
logger
www.paypal.com/xoplatform/logger/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://2rrprowebsite.z23.web.core.windows.net
Sec-Fetch-Mode
cors
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://2rrprowebsite.z23.web.core.windows.net
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-length
0
date
Sun, 19 Nov 2023 15:26:56 GMT
dc
ccg11-origin-www-1.paypal.com
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f64407647d7a2
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f64407647d7a2-7bcd5b766cbb5b3c-01
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-content-type-options
nosniff
x-served-by
cache-qpg1238-QPG, cache-qpg1238-QPG
x-timer
S1700407617.784180,VS0,VE215
logger
www.paypal.com/xoplatform/logger/api/ 		1014 B
895 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AU7mz2Kxwzcbq1eVK7HeLbZGvZ07QM58NR9EFDq-oFx4Yp7lvH7xSdupOoDFKfIf8KJ2ZUZHOwUbwBLj&vault=true&intent=subscription
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7fb470d0e5fcff206a1ec8babef8940d36a129d0129f3a8d4cae69ea55736b95
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://2rrprowebsite.z23.web.core.windows.net/
accept-language
zh-SG,zh;q=0.9
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)
content-type
application/json

Response headers

date
Sun, 19 Nov 2023 15:26:57 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cache
MISS, MISS
paypal-debug-id
f644076febb32
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-qpg1238-QPG, cache-qpg1238-QPG
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f644076febb32-3f3d5389afa4128a-01
x-timer
S1700407617.013462,VS0,VE221
etag
W/"3f6-rRMaXyG9KUwN5+S2q/6eke6L82E"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://2rrprowebsite.z23.web.core.windows.net
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
none
x-cache-hits
0, 0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C5C9 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c04::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2rrprowebsite.z23.web.core.windows.net/
Upgrade-Insecure-Requests
1
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
241365
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 16 Nov 2023 20:24:11 GMT
expires
Fri, 15 Nov 2024 20:24:11 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame CF5D 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1a::69 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
11071aba9d0fcafb6f889458caf6925a09c97bdc9c5cf1290567405aa441e591
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-whMlgdyXCLHWm4erfyfUBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://2rrprowebsite.z23.web.core.windows.net/
Upgrade-Insecure-Requests
1
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'nonce-whMlgdyXCLHWm4erfyfUBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 19 Nov 2023 15:26:56 GMT
expires
Sun, 19 Nov 2023 15:26:56 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame CF5D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=3029916903850716&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::9c Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.google.com/
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame C5C9 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::9c Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

date
Thu, 16 Nov 2023 18:42:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
247452
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 15 Nov 2024 18:42:44 GMT
generate_204
tpc.googlesyndication.com/ Frame C5C9 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?mzOFFA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

date
Sun, 19 Nov 2023 15:26:57 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=3029916903850716&bg=!Hh2lHVLNAAZxrfrxUa07ADQBe5WfOJPdeD1PcRQscx37Dfw8CjR9bUIDsTDF8008OqP4s2VTHV-5prWlN_Z_JS88Z9-3AgAAAJxSAAAABGgBBwoApGvP7jLGU9DKnerNM_dsPIVP7OIh2xbAT2c6TtYFoprZm0i_R4BC-N46G_bYqczIbIwJfFJBBPrVZZyP9Gmwtbb0Qd94ncvpHKZtBqFUAhnCwMCFFDWT5oQ6D-so972U6OkDM6y0Nh9y0xHVN7051Z7DSnEmycO1n50Y5OQ67Kui7iCir_frp2GNYoohlsT3jksOSFYpFrJqoqjGvO7a3gtARXzbmQLBr7yAcAkgX5rGzsFJNreQRdiys6X0_oOLl132eAP6Pq6bNSNM69k9Ett9ZlmUs20qWZqLciv31xtLrbks316Z8dMAGkHfDaIcl932p8_yKidHNp32xvB_robnzmhuCJsVi0J3WdAlGFETBALG6f6kDPKmpnO4S0dGrFVOEhG_sfhZJVzmaxoTr6LFBurtMT7DREhALeOJL-UVJChCq_oB3EXQmX3JVysesyNdaXmJ9fSV_Cz_--ozf9bZ0oop81Vb2gBUK8hNjOF7lA1TIXGdOvU6Jb4m8kgT44uw0L-izHRmhac3OS2zsj9x-_EtUZ-ekEKcpFuIlj-lMikvGrr7vJ7F3I4y_Vjc6kMxQilLCq3HUBTc9fNYQb0uwqKiyAhDpF4A9kByrmkt-EgZNTkD7YZT6mgi_gT9Auhq-XJDo1QRuG4lVNXAW5N7q6d5XshOVCvSeH9LzkoJNV6Q0dc4vNWONe6IB9TtFrT3dVjJFSYqVX42BKZgEw3ZwQrHZ8MkxeG7kdBeGYOi8007MYo4tpPqN45YzG-R68OsokTqrVealY8pFDMClqucoOG6MeNInIpUSHWAtCBYB9vJOf5rEpouA42vC85jjQdhVBLg2aRFvcGnEHZnXyEpw-7k5_Da9ZC4-OehPyvpSTtlGSUA38IkAOqnMm6hhbjEunk0cDs8exId9XMpHXDQ0-htvM4TBJm6qwd5zE3pn1MfOVkEAnHJmYvBTaJznBPaA4bINMAGTgn2Zrpga40REOltjn5kL6BupooH3VhjgDHTF6HID8PXwFFuW-Tvnni05uupHhn0QBuNZLenKIPCcCFOsjpdA-Uajkrkc0MjuJ968-os2_n6jXbykcj7sbqeuaSYoWkSdWhlvo4eijeNcArFWRHYOCfv3cRtzn1iIf19nQlbiStU4eigxkLNCEA2nBhef1Zv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::9c Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://2rrprowebsite.z23.web.core.windows.net/
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.0.0/css/ Frame F492 		95 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.0.0/css/bootstrap.min.css
Requested by
Host: vcdn.powr.io
URL: https://vcdn.powr.io/v/paypalButton/html/paypal-button-0738fe89_1698169777.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cbda21998b65e08a7e936114cabd7f7783d0f590dd6efdd58c7faa8b6e7b9aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://vcdn.powr.io/
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

date
Sun, 19 Nov 2023 15:26:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
999
age
843646
cdn-cachedat
09/27/2022 20:11:41
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:55 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
W/"4eadbf7d1721bb2729e398595bc7f0bc"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
26ad8fa79dff30c540d8e0a1b02affdd
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
8289797ec9f6a072-SIN
cdn-requestpullsuccess
True
all-SKMA4YPA.js
public.powrcdn.com/latest/assets/packs/esbuild/fontawesome/ Frame F492 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://public.powrcdn.com/latest/assets/packs/esbuild/fontawesome/all-SKMA4YPA.js
Requested by
Host: vcdn.powr.io
URL: https://vcdn.powr.io/v/paypalButton/html/paypal-button-0738fe89_1698169777.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:2528 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
041b7044b29a121c0cfa23f378beb43bd066e8bb0ad38f71eb6cf446221e79f5

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://vcdn.powr.io/
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

date
Sun, 19 Nov 2023 15:26:58 GMT
x-amz-version-id
EYUc45bE.P6y3Rc3yT3gFM8lsHTCSskJ
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
G3E2TR040XSVZ7YZ
age
1550
cf-polished
origSize=1419
alt-svc
h3=":443"; ma=86400
x-amz-id-2
jpXCKXQBXiPgY1MPLS5u3kG6z2XhDfDyYOTQtu9lgvNctiZUlxSYXhH2GGw5Gl/VhGBWGsnocGc=
cf-bgj
minify
last-modified
Fri, 10 Nov 2023 17:00:46 GMT
server
cloudflare
etag
W/"ba910abd3e66629d490a0a2ec3cb8b6f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9B8rQ6L%2FrC3tNp2AiDvVp42nB4%2Fijp7wltwn1m6%2BbWjbC7Qg0Oi55FI5XoJPnOzJxf7KvLSp5IvQZccLcKQWFxrL0o9Kg%2FtHlcVWwyxOs4dA8mP3eqSnPdmZr3UYy%2FBFjk3SYZwZeUvF8R56qEOB550%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
8289797eed3a473f-SIN
views-145de447d5e5ffe0336f-b7784c8.css
public.powrcdn.com/latest/assets/packs/style_packs/ Frame F492 		384 KB
39 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://public.powrcdn.com/latest/assets/packs/style_packs/views-145de447d5e5ffe0336f-b7784c8.css
Requested by
Host: vcdn.powr.io
URL: https://vcdn.powr.io/v/paypalButton/html/paypal-button-0738fe89_1698169777.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:2528 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff2ab0589be50f9328d6b86b9e656d83184ed0540442f0b8d650acd037a3f244

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://vcdn.powr.io/
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

date
Sun, 19 Nov 2023 15:26:58 GMT
x-amz-version-id
FdCAYdBZGJOPM25IPpcVzVHABxodBc6S
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
VZ6PK20YD405YTVX
age
42
cf-polished
origSize=470967
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
x-amz-id-2
rxINuWgoxudkpmbwu59phJvau3C7+IHnGqUMbRJB2X6smXnhA/fND+hWYJkxaw4CIm1mPv6uRfM=
cf-bgj
minify
last-modified
Tue, 24 Oct 2023 11:18:15 GMT
server
cloudflare
etag
W/"ec6c5dd3e71a480b602c3e246cc9fec5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=al1Sr4hmbf0qzMzjV%2FDEvOas9qzjy7kJTJOwYVzeaO3u7bOfYBqU8vIpYkWmZwPIujatJLVLl56cL21%2FTSLRQUVSxKatKvjIdRQNH2%2BZQWztQ3F74bPaCfgAdADNSfXytBp7pYVUDQMyzHpPMIqD290%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
8289797eed32473f-SIN
paypalButton-3f990e5376a8c28f988f-b7784c8.css
public.powrcdn.com/latest/assets/packs/apps/views/ Frame F492 		2 MB
203 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://public.powrcdn.com/latest/assets/packs/apps/views/paypalButton-3f990e5376a8c28f988f-b7784c8.css
Requested by
Host: vcdn.powr.io
URL: https://vcdn.powr.io/v/paypalButton/html/paypal-button-0738fe89_1698169777.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:2528 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79a17da6d451e2ca6c0383cb0944d3290c0a03057c7a03bdc6cc2929c91463b0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://vcdn.powr.io/
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

date
Sun, 19 Nov 2023 15:26:58 GMT
x-amz-version-id
b0HVKFBknGqhqaYHIVA3XbmK3OuhCLUQ
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
1K8SW2H6W1YMDXG4
age
42
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
x-amz-id-2
eYub01/Fwj6cwWqCr9Ahuw76HhNgF3gD3uyz1gGoVT2wqCBaszffyN1wnIHjiPRZeph33cOb1yM=
last-modified
Tue, 24 Oct 2023 11:17:44 GMT
server
cloudflare
etag
W/"a69cd25091f5691b59d0516a94e6e30c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qRR%2FUKfDlNIH0Ym7iqAArD0KVq%2BbUhBMXbpZaP1xryLd2c1%2FeSgUyABDRTBShkIOpj72KHY4Fs%2FGkUeTQlzXYH5p97XZwVYlbKOB4jGw7ZrhEosCU1rjBks4xCUkWTEn%2F9wBGAhajlSIP%2BBtMsF%2BHJI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
8289797eed34473f-SIN
apps-view-8a19d629f0498e89834d-b7784c8.js
public.powrcdn.com/latest/assets/packs/ Frame F492 		713 KB
175 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://public.powrcdn.com/latest/assets/packs/apps-view-8a19d629f0498e89834d-b7784c8.js
Requested by
Host: vcdn.powr.io
URL: https://vcdn.powr.io/v/paypalButton/html/paypal-button-0738fe89_1698169777.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:2528 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92f2c6a864c492536dc83050d88fcdd5a3ce9ff71da1ac63cf18509cea8f4a63

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://vcdn.powr.io/
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

date
Sun, 19 Nov 2023 15:26:58 GMT
x-amz-version-id
h6LVeY.OzKBVzk4LbjkUrt9XSpVNQaG.
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
A7G6V6R1P192R1QK
age
42
cf-polished
origSize=1175963
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
x-amz-id-2
qGKeH0lUgdyduH9PH2Ah3uR6QdiY0mBXEyYDRis/ckZpP8VeZvt7wFBFxwkrdaHTXPhnz/D9BMQ=
cf-bgj
minify
last-modified
Tue, 24 Oct 2023 11:17:46 GMT
server
cloudflare
etag
W/"49e901d248a0531422895fd6841f2993"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AG3SkSFj7eY7LdvpmaqdI7%2FZ4eJsPPxql44G%2B3EQJzcbdgrYoUSPlTaL1SNDAqUb%2FIJH8iM5zbbtU5m8EVtDve98YHrsQUMDQ4ONQxAypZRwtvBehdas4djpVtm1L9bm%2BXcNiUfUePGmm8gKUO3xsq8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
8289797eed39473f-SIN
paypalButton-6dce9926495789c180ed-b7784c8.js
public.powrcdn.com/latest/assets/packs/apps/ Frame F492 		1 MB
312 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://public.powrcdn.com/latest/assets/packs/apps/paypalButton-6dce9926495789c180ed-b7784c8.js
Requested by
Host: vcdn.powr.io
URL: https://vcdn.powr.io/v/paypalButton/html/paypal-button-0738fe89_1698169777.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:2528 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b475a092387a1d619ae4683e838b10e2c0d159edb515b80a012227db29b8e52

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://vcdn.powr.io/
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

date
Sun, 19 Nov 2023 15:26:58 GMT
x-amz-version-id
Pb4U0utIgnHymH6D05yyHMfzvgfSQjyf
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
PTV119X9CY7DKPZY
age
42
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
x-amz-id-2
fIgYDM6KkF13qSARLJPoRGfEpwFWwKQLqlm6Tp5xz8raC9Vhd6Wr8we/LS5PUng6pAJjhg91TV8=
last-modified
Tue, 24 Oct 2023 11:17:46 GMT
server
cloudflare
etag
W/"683ba02fbabf98af81eba00e25f603d8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9m3dafHoJgIjRr5jdhhzHdW1Mr%2Fimn%2Bw9eHjEXx578K8Aaf1RS%2F2NSjEtAQgSY76cpbsOVicswjUzdNTwqSso5ZWU2JPy3N5WWRkUXKo%2BsR2p3rDmRHkSwrH7kaxQQ2NY8IfKS8knBzUUSlp2cyTkS4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
8289797eed35473f-SIN
nr-1184.min.js
js-agent.newrelic.com/ Frame F492 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1184.min.js
Requested by
Host: vcdn.powr.io
URL: https://vcdn.powr.io/v/paypalButton/html/paypal-button-0738fe89_1698169777.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
780861f2ab29c0144055244696561fb0306c8cb3cb7f548f9105c763b0e91f77
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://vcdn.powr.io/
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

x-amz-version-id
_yL_7a4iyL23DB6p7E7WGW3D3VIXWc43
content-encoding
br
via
1.1 varnish
date
Sun, 19 Nov 2023 15:26:58 GMT
strict-transport-security
max-age=300
x-amz-request-id
7N5TFR3EFWMTYH5J
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
11141
x-amz-id-2
C3whweQvObks7pJNnA6HPghEE4qouJO5NwLxP5vr5l4jipLcdGAcux/UljlTsKHVJcW3L9PfFg8=
x-served-by
cache-qpg1271-QPG
last-modified
Wed, 18 Oct 2023 20:59:25 GMT
server
AmazonS3
x-timer
S1700407619.627444,VS0,VE0
etag
"3d7f312be60d08a2568e311e4762f3af"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
29203
css
fonts.googleapis.com/ Frame F492 		196 B
323 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito
Requested by
Host: public.powrcdn.com
URL: https://public.powrcdn.com/latest/assets/packs/apps-view-8a19d629f0498e89834d-b7784c8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::5f Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9732d7fe366b4ae7fe55a56b73399bc5fc35a9c0737b20b47082d5344c304428
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://vcdn.powr.io/
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

date
Sun, 19 Nov 2023 15:26:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Sun, 19 Nov 2023 15:26:58 GMT
gordita-regular-webfont-woff.woff
public.powrcdn.com/fonts/gordita/ Frame F492 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://public.powrcdn.com/fonts/gordita/gordita-regular-webfont-woff.woff
Requested by
Host: public.powrcdn.com
URL: https://public.powrcdn.com/latest/assets/packs/style_packs/views-145de447d5e5ffe0336f-b7784c8.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:2528 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
508fdd4d62fc465b925ba3440a558d0fda43af9867767272400a0d97d1553cc5

Request headers

Referer
https://public.powrcdn.com/latest/assets/packs/style_packs/views-145de447d5e5ffe0336f-b7784c8.css
Origin
https://vcdn.powr.io
accept-language
zh-SG,zh;q=0.9
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

date
Sun, 19 Nov 2023 15:26:58 GMT
x-amz-version-id
hx7AXNg7K1e1RTazyN_0DpBGtio5OElw
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
Y9GFXNF4V3V0FG09
age
4358
alt-svc
h3=":443"; ma=86400
x-amz-id-2
2suS9eXTkcYzSuy7vzZnO0KqBc0KEz8nzALKcsahjrFF2Mn2wBpPU6MJrtJW7bgjT5H2IbGvspE=
last-modified
Mon, 31 May 2021 12:44:51 GMT
server
cloudflare
etag
W/"951cf61fb8b08593af1d6466359e32fe"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/font-woff
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5vX7EMXA7iVwPBr2Bxt8TIOrbCcx8kmj6wXyEHeh26bc0F%2F17OHc4QWHyeNjK5YMBWvc0ZQ%2F4KFtF9T3ckSy5U95ghgFOtPkhDDff909VHTLnMQNwWMKeuCAl4xvTb1FLSt297pBC7d6jRu9O0%2FZCZA%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400
cf-ray
82897980aa6b3fc9-SIN
priority
u=0,i=?0
74-514408ee10b21da0b99c-b7784c8.js
public.powrcdn.com/latest/assets/packs/ Frame F492 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://public.powrcdn.com/latest/assets/packs/74-514408ee10b21da0b99c-b7784c8.js
Requested by
Host: public.powrcdn.com
URL: https://public.powrcdn.com/latest/assets/packs/apps-view-8a19d629f0498e89834d-b7784c8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:2528 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74168275adb6a98796a63b6a69fc4c0efb4b45a8d23be7c7954da06687db7042

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://vcdn.powr.io/
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

date
Sun, 19 Nov 2023 15:26:58 GMT
x-amz-version-id
tPUEH5l8qH7voJTgX.ZHpMI5GTZh7i_0
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
NF2ZV9H81N04575K
age
41
cf-polished
origSize=11740
alt-svc
h3=":443"; ma=86400
x-amz-id-2
dUSehlAqLwMtc8wFBebHcuVum9OlgUi61neEjYI3ZcU0pAaledr0BHjrzZN6BnbOreWH7S7O4lg=
cf-bgj
minify
last-modified
Tue, 24 Oct 2023 11:17:45 GMT
server
cloudflare
etag
W/"3c9f91036b25b61d765e6fb3e27b7765"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5MSUPWpDnuI7ue400Ums1jJGx6rishdzkTGVcLD%2Bg0oTKE%2FSS13Lj8ot3rZIFTJ4GEqvwMCWhZBaNd4zzloVE1tuYwIo8XZ4aaDRIl5tp6zWiWv%2BuEDekwFVz5g5%2BOX9PmTUwkYLyDSUjC3Qocm0M4c%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
828979809f30473f-SIN
75-0277b5ee04421bb4fb12-b7784c8.js
public.powrcdn.com/latest/assets/packs/ Frame F492 		121 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://public.powrcdn.com/latest/assets/packs/75-0277b5ee04421bb4fb12-b7784c8.js
Requested by
Host: public.powrcdn.com
URL: https://public.powrcdn.com/latest/assets/packs/apps-view-8a19d629f0498e89834d-b7784c8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:2528 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5d847d97665dac8a0143ba8c445a51d898678943f96fb4a2c6ad18c59ee94b7

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://vcdn.powr.io/
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

date
Sun, 19 Nov 2023 15:26:58 GMT
x-amz-version-id
V980XNUfeSXM4lxpIQv6.bVy6EX0BBzh
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
NF2XMW5V0CMBTS23
age
41
cf-polished
origSize=125532
alt-svc
h3=":443"; ma=86400
x-amz-id-2
rqqSKDwVxFHRNhAlEz1A7riS5k39G8EYPdnL9fN3vcnX58XIhu3aYNR5JYjvPhBdEPP1LP9npEM=
cf-bgj
minify
last-modified
Tue, 24 Oct 2023 11:17:45 GMT
server
cloudflare
etag
W/"f58da8ff639b8b57a58d62b68eba462c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ya4zeJVEgW2XmZgF0ZdkMp7pkHdCDIyTZNNQR0IRp%2Bs6RQqRgZG%2FFAi2AhQIxbqRzV21AI%2F863LWQARafJxnaske84V%2FRprHi%2BTXjMtZF11H%2BjRtlm0BPvlAaiw9sv%2FRlz34BNwhZBF44OhxASiVQE0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
828979809f33473f-SIN
102-654b99ed4dc5fb512b20-b7784c8.js
public.powrcdn.com/latest/assets/packs/ Frame F492 		123 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://public.powrcdn.com/latest/assets/packs/102-654b99ed4dc5fb512b20-b7784c8.js
Requested by
Host: public.powrcdn.com
URL: https://public.powrcdn.com/latest/assets/packs/apps-view-8a19d629f0498e89834d-b7784c8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:2528 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddd53b56779f1bdc6b3f2e56c12bf02c8ba2dd098f6d03c060133ebb4a790ed5

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://vcdn.powr.io/
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

date
Sun, 19 Nov 2023 15:26:58 GMT
x-amz-version-id
MoyB5GYS4gavI.xhQwcdRw.M._j7ZT9B
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
HG4BTF73XB4FW15B
age
41
cf-polished
origSize=192509
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
x-amz-id-2
lWaOdj1xXJqr1m9eACyu47mKsNAYCSWE4+cbGHVYlxP6+/vrvyajkvgNIFEfObvOetuRTPRT/HU=
cf-bgj
minify
last-modified
Tue, 24 Oct 2023 11:17:45 GMT
server
cloudflare
etag
W/"967c346428b92d4159d12ae9409b3a71"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yhq8trF7fuwhrIpIsR%2FDlYJyp%2FY6koX5TJaOF2DvvrOiJEU0Ar3f%2Fl22srU72r7iGwSYsd1SNqgD5k%2FIV7sTZB%2B2ASsVdhpKoIQjpe%2BFw1GebJ20DdoY0XsyX89DKWZ%2BApC6f9XXdDPV2d0IL%2BWMQOk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
828979809f36473f-SIN
20-d7c3cec41dcca1052c20-b7784c8.css
public.powrcdn.com/latest/assets/packs/ Frame F492 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://public.powrcdn.com/latest/assets/packs/20-d7c3cec41dcca1052c20-b7784c8.css
Requested by
Host: public.powrcdn.com
URL: https://public.powrcdn.com/latest/assets/packs/apps-view-8a19d629f0498e89834d-b7784c8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:2528 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04a7b92b6272ae94f8f1bbe8fdd481ab5fff492c0fba4c733cb2209fe7df21ed

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://vcdn.powr.io/
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

date
Sun, 19 Nov 2023 15:26:58 GMT
x-amz-version-id
aBKiUUt7rTJSex4ARZtLMHx7VaegJJN5
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
NF2V6NZFY2A5T0BE
age
41
cf-polished
origSize=5010
alt-svc
h3=":443"; ma=86400
x-amz-id-2
JwSg/vzRIfB7w5JgbvFbnVuL3uqNCf/m6dkLTJcxDxhg61QZrs6kredTo4EsXNqSMSdv6oSP84c=
cf-bgj
minify
last-modified
Tue, 24 Oct 2023 11:17:45 GMT
server
cloudflare
etag
W/"14fa8ab63138607c796aa769bc8df6ea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I1vzecLgziwgX7LIXtlxDEh4YlBUohjTat4nh9wIrZ4%2BIF1rQBJGXw4T2wQmN7rb3zQYSj9tGvOt%2FNwh2RDbTH1lhrTE%2BGN%2FUSN8wTANJ9MVc3Y6t1PXWX0zJxOL%2BRzPTI0Z5h6HT4yzGp8qdqtZ8eM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
828979809f39473f-SIN
20-afd09e11641dea3c477c-b7784c8.js
public.powrcdn.com/latest/assets/packs/ Frame F492 		444 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://public.powrcdn.com/latest/assets/packs/20-afd09e11641dea3c477c-b7784c8.js
Requested by
Host: public.powrcdn.com
URL: https://public.powrcdn.com/latest/assets/packs/apps-view-8a19d629f0498e89834d-b7784c8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:2528 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbb76f9781a87e354e51e890881d74f2f9f6a233d0b3bbc3ceda0324f7ff9797

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://vcdn.powr.io/
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

date
Sun, 19 Nov 2023 15:26:58 GMT
x-amz-version-id
BcnSSrkxiMEvNWduE61mcMDRwLF7uXtq
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
HG4FYQ8X9P29NJRV
age
41
cf-polished
origSize=532390
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
x-amz-id-2
INUxc5snjl7elRfg+WUPPiQnQdBDtm6ZwVHyit8yHoxABjOCkWSnF36TiSHSlJ7nMxDq5Z10tVg=
cf-bgj
minify
last-modified
Tue, 24 Oct 2023 11:17:45 GMT
server
cloudflare
etag
W/"7d510357cee454ec859d917a31f2f450"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r6uLsxL6xbssGQQykBFTvnHYWYhey2l0nZEaKjzsakzBkwBJwo0UCIHJSk1a1Xpj9jaItIJH84J9Ev019bW9MmeR%2BszLr58lBfM9hEYpD%2F6llzreStpQNVa9uhy5W2kQOvYb6IOSsEh66nuZAXZ9dSQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
828979809f3a473f-SIN
103-7b945470a5a9caaf5e12-b7784c8.js
public.powrcdn.com/latest/assets/packs/ Frame F492 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://public.powrcdn.com/latest/assets/packs/103-7b945470a5a9caaf5e12-b7784c8.js
Requested by
Host: public.powrcdn.com
URL: https://public.powrcdn.com/latest/assets/packs/apps-view-8a19d629f0498e89834d-b7784c8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:2528 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2101028e0f3fdefc8d25bceda216ca76d140e2be04af056c82ebff7313b263d7

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://vcdn.powr.io/
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

date
Sun, 19 Nov 2023 15:26:58 GMT
x-amz-version-id
xlhYYVE9ilclv6f7e6ZVGJb7o4avzcru
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
897MBS58901G15J4
age
41
alt-svc
h3=":443"; ma=86400
x-amz-id-2
tngDQBaJwxoO1clzD/jgdk6p9uAKZ47Q8F8f3r4DS8clKyyrVgUIOG6RxgIznMsEjpfawkRS2T4=
last-modified
Tue, 24 Oct 2023 11:17:45 GMT
server
cloudflare
etag
W/"edf889db4f155d35b9b56ebbf1bb16c4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WTRQ2%2FR9CBMlVE5vWTq%2Bt8chPonaacB8V1Sm%2BVr67qyQhr%2FS2QyorwFcCiWY6lw%2BWzl1nfq%2FXZsxCvab%2BFd4f%2B7g6aB%2BNf2U4kjxvBmvrMQI9zMnlbgeUx6NWcJThrx5%2B4j1ljGHcEux5IP16owd%2Fz4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
828979809f3b473f-SIN
84-ab2852495a4016538f22-b7784c8.js
public.powrcdn.com/latest/assets/packs/ Frame F492 		106 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://public.powrcdn.com/latest/assets/packs/84-ab2852495a4016538f22-b7784c8.js
Requested by
Host: public.powrcdn.com
URL: https://public.powrcdn.com/latest/assets/packs/apps-view-8a19d629f0498e89834d-b7784c8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:2528 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9b979c8cd78a51aba5391cb06f5c594b62d0a8141d4274704b64479dbede766

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://vcdn.powr.io/
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

date
Sun, 19 Nov 2023 15:26:58 GMT
x-amz-version-id
LyfWmcRWrhMQRgS9ZXVs.nX3t_exaJQV
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
HG45J229TF0N219T
age
41
cf-polished
origSize=131387
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
x-amz-id-2
ylpTIiyjI3/Oj1eIY2pmLwoI7G/MKCZPFhhC427RgWy7QgeK0JuH/fLVz93Ln6p3gQUFNte332U=
cf-bgj
minify
last-modified
Tue, 24 Oct 2023 11:17:45 GMT
server
cloudflare
etag
W/"fbb78c3593c774b0dfdbc4fe09c9c664"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zu2MX6oKodIyduA%2FZ1KZ%2F4ttymUmSnFA0TxIL0cblOXDQmmuQDVrQ4GZuECZPZPQoYpsl4Qw%2B7Z8IcHJuGS5eEHy1rvh66BovbAptuRibA8pqGFBzogpO3wM5jqDJM8B%2FUo2ixpNjgcuvIZ3h5FxGsU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
828979809f3c473f-SIN
visa.svg
www.powrcdn.com/app_specific/paypal/dark_icons/ Frame F492 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.powrcdn.com/app_specific/paypal/dark_icons/visa.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:2528 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8a15975d64446e7421acb1dbb95ef0ef15b23f8e654859a39468eb2d2af5509

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://vcdn.powr.io/
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

date
Sun, 19 Nov 2023 15:26:58 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
286BK6BE91TT3HZD
age
409176
alt-svc
h3=":443"; ma=86400
x-amz-id-2
oCVKg/QdvNZQZ3HXTpc9z/1RWKDS1zyWzWSOLjFPCfgEJZtvZn55h4gaRCkUwvLZcmA557/7NeU=
last-modified
Mon, 23 Mar 2020 23:40:11 GMT
server
cloudflare
etag
W/"2b2b3f903286a6e8d4cff33bb2024d32"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TOcGwg895%2F%2FDYFRxGb6h8h9QOE1IUxVoS2u%2FNyL%2F5JxA%2BiSE70AF151A46HXwY3LKZhxFFC7a1E%2FdqBF9AahbUGlgCE3PYj%2FhqibaeziXtYjz0VC4VFMkDK%2Bx%2FMhhGdaFSEIE0mm%2Fn9n9j9wycg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=86400
cf-ray
82897980af4d473f-SIN
mastercard.svg
www.powrcdn.com/app_specific/paypal/dark_icons/ Frame F492 		12 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.powrcdn.com/app_specific/paypal/dark_icons/mastercard.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:2528 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88301395acbecf93ff231b8301bffaf6f006cad6066f9102e89f9983012c038f

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://vcdn.powr.io/
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

date
Sun, 19 Nov 2023 15:26:58 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
BBH3YFQ7CGKTY7D8
age
929228
alt-svc
h3=":443"; ma=86400
x-amz-id-2
1kECYBib9zUpSDgwUQWP8I1KW7K8KvCcO23eGO5JDyTzTFxShzJwEydD8BZiM6i9LWo4QnHhNIc=
last-modified
Mon, 23 Mar 2020 23:40:11 GMT
server
cloudflare
etag
W/"dd39b060327d89a8c28e6e1d4168ec54"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sEGtWWsqehIlaOvCTEQhmg45HAuZp0xBooC72JvG%2BgVVgFC9TFQpzz4eAy0HYKOFuWTMaAd6v5sk3x1r1HifFpwHS9%2FIjc5MIYt39XWSjKkr%2BcLj8jiVpMsFNmXmFN%2FHSOGXa5goTlPFd1l9q%2BQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=86400
cf-ray
82897980af45473f-SIN
amex.svg
www.powrcdn.com/app_specific/paypal/dark_icons/ Frame F492 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.powrcdn.com/app_specific/paypal/dark_icons/amex.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:2528 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5268cc4c625b470c18fccf06b7d3c2e3fc1f0e0aac5a376ebab4cc363c380a1c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://vcdn.powr.io/
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

date
Sun, 19 Nov 2023 15:26:58 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
ADTNHM3VSN3ZS9P8
age
403738
alt-svc
h3=":443"; ma=86400
x-amz-id-2
IY9zk+r/PaLBJYJtyc2hvq8tXZ6fsiAMTZ9NGHZgTvPiZvXT4CPOVTLa0EZ7YwZAZbohWc1IKts=
last-modified
Mon, 23 Mar 2020 23:40:11 GMT
server
cloudflare
etag
W/"32656472b46f8bb0202dd1975ef0d88c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=knjheEF6g27CjNq6VYB9aUj%2FhvhmQsuxSMiXjAorIpRf%2FT9qS21FnHBwRVWfwUvkXWLLBW99czOgcUEH3Gg%2F9VRGLWhHv1R0ZOr5HTrIjjSNuGJwCDzViCN0LMvSffVRq9eNrEaEmt36fSq7258%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=86400
cf-ray
82897980af49473f-SIN
discover.svg
www.powrcdn.com/app_specific/paypal/dark_icons/ Frame F492 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.powrcdn.com/app_specific/paypal/dark_icons/discover.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:2528 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33e754de943c75d82badf391353001cbef31bda341349a4d7b8a8e4f70ee5f31

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://vcdn.powr.io/
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

date
Sun, 19 Nov 2023 15:26:58 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
P6234H9J60GMFYF1
age
841444
alt-svc
h3=":443"; ma=86400
x-amz-id-2
jfZ6oobPp2rHHHbFQ1ofEf4VmYSOq+lRZmws0Se2rm159/J+hP2tfr0Ciaco4PqBBV5BDRfDgzM=
last-modified
Mon, 23 Mar 2020 23:40:11 GMT
server
cloudflare
etag
W/"9d92502ce413b2b841aa056aea9495b0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OL4qGVEOB%2BGxr%2BgTSXO6%2Bej3kN9SPcZKmsAi5HLaiOfL8BZF5Uo4Y3%2Btjyh%2Fmk7OkkpRRGJOR24QAlpO2xCDMuWSeBInCRpLHI46SPkAHtnHCEIwi%2B2s2WfUiZYi8tjxDgVqCajI%2BgvCGRyQ2eY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=86400
cf-ray
82897980af4a473f-SIN
paypal.svg
www.powrcdn.com/app_specific/paypal/dark_icons/ Frame F492 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.powrcdn.com/app_specific/paypal/dark_icons/paypal.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:2528 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5f70d5a479e183f8786137e1779e38add6cc7affa287ea46909c98480a8dea8

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://vcdn.powr.io/
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

date
Sun, 19 Nov 2023 15:26:58 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
WSARH9KZX9H3BVZ4
age
126429
alt-svc
h3=":443"; ma=86400
x-amz-id-2
PttY9rnBzipglXXa99p/SBHbh22A1FuzUWVYrw4soSSF8njyFIJeUqxmMSJ9oupfZHoqtm2PQpM=
last-modified
Mon, 23 Mar 2020 23:40:11 GMT
server
cloudflare
etag
W/"93a8fa8dcff568cd9471220af8f2ad55"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uy2nJcsyM40atNaSvisQngd5dNys%2F7WF7S1k3dG3%2FQv7jt8%2FphjGuLK5CGCG97V%2FR5b0JORprMxassJDPfA9kgDGda0OlFy3E5GLHGHmNNO4UJj7Pe4hfP4TTnS01SbcUCwDztJBs7OhPlGXbTk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=86400
cf-ray
82897980af4b473f-SIN
XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3ig.ttf
fonts.gstatic.com/s/nunito/v26/ Frame F492 		38 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v26/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3ig.ttf
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c11::5e Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f92aaabeff0802218336c6fd52653eef328dbf3ea7bfd72b9ea4acb2c8c4fef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://vcdn.powr.io
accept-language
zh-SG,zh;q=0.9
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

date
Thu, 16 Nov 2023 18:30:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
248166
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20936
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:41:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Nov 2024 18:30:52 GMT
4474f5c124
bam.nr-data.net/1/ Frame F492 		56 B
487 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/4474f5c124?a=77339425&sa=1&v=1184.ab39b52&t=Unnamed%20Transaction&rst=1978&ck=1&ref=https://vcdn.powr.io/v/paypalButton/html/paypal-button-0738fe89_1698169777.html&be=1796&fe=1863&dc=1862&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1700407616739,%22n%22:0,%22f%22:2,%22dn%22:2,%22dne%22:2,%22c%22:3,%22s%22:3,%22ce%22:18,%22rq%22:18,%22rp%22:1617,%22rpe%22:1620,%22dl%22:1619,%22di%22:1862,%22ds%22:1862,%22de%22:1863,%22dc%22:1863,%22l%22:1863,%22le%22:1864%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1184.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9bdeba67a5e0f64db65210a03aa5c808e21ec02a5cff47bce7611b6ade9ee9e0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://vcdn.powr.io/
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

date
Sun, 19 Nov 2023 15:26:58 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Content-Length
56
x-served-by
cache-qpg1282-QPG
styles_v2.css
public.powrcdn.com/latest/assets/packs/esbuild/fontawesome/styles/ Frame F492 		661 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://public.powrcdn.com/latest/assets/packs/esbuild/fontawesome/styles/styles_v2.css
Requested by
Host: public.powrcdn.com
URL: https://public.powrcdn.com/latest/assets/packs/esbuild/fontawesome/all-SKMA4YPA.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:2528 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f27ee581935d276a528ce6d4f317bf109df41046d4e9119e57931efbd8719283

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://vcdn.powr.io/
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

date
Sun, 19 Nov 2023 15:26:59 GMT
x-amz-version-id
d5fOlbqEv.TRW71ByHTZN55n7Z2ZFFwt
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
DFSFRZ1YS9ED2SHE
age
5403
cf-polished
origSize=672
alt-svc
h3=":443"; ma=86400
x-amz-id-2
DFmrWDHtKqt2mVmuyRUp6sPNe4u4vtlvoiFxl16XoYJKPLQzM77BuzVZhd6wZcN3kIv3IpI6RO4=
cf-bgj
minify
last-modified
Tue, 07 Nov 2023 13:50:41 GMT
server
cloudflare
etag
W/"e47fd9534831582f20dfced82bdc274d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ANQIWj5MvOBASaspV9mv57hTdYLbIyzq52mhNJAV3ji1AcIpTh3RMGAxXlay%2BrVo0JGPC6irtaISGMhQJBf1T8AzAGdDVr2CKCigFt0jCGQsXukUA0gqHXjI%2FUoQ4lVogZk8m1CUTUqb5xLPsTZvoCQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
828979842d8d3e1a-SIN
priority
u=0,i=?0
index_v2.css
public.powrcdn.com/latest/assets/packs/esbuild/fontawesome/styles/fas/fa-credit-card/ Frame F492 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://public.powrcdn.com/latest/assets/packs/esbuild/fontawesome/styles/fas/fa-credit-card/index_v2.css
Requested by
Host: public.powrcdn.com
URL: https://public.powrcdn.com/latest/assets/packs/esbuild/fontawesome/all-SKMA4YPA.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:2528 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc3ce816b5f139fa29bd9d18894a7a2e1b4f7845c5beb83830e28b38ece7eac4

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://vcdn.powr.io/
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

date
Sun, 19 Nov 2023 15:26:59 GMT
x-amz-version-id
zI96n6unTSxAGLHIYq1RMfxddGIBAXmw
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
VWBW9BJD6N2FRD3F
alt-svc
h3=":443"; ma=86400
x-amz-id-2
0bRK2bHfTpsEcju28A7xWD5KM15taPf//ZZCIJCG1KkC7SEJ3PYoJyhxCG4LjNUCIX0QMPQzQzc=
last-modified
Fri, 17 Nov 2023 11:34:18 GMT
server
cloudflare
etag
W/"961f25fd63622d586c5d9cf989fe78ff"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UbCMXHZ%2B5HDJW2%2FTfzU3YWZo43rB9hwC3Zveb%2Fpwmaflg0qyje29fstDnbQHn%2BFeFMS6nP%2BhSzJXr9za%2BZn6vAu3%2BFKxcOnPbagqPbBrCR59800qqJ0saWdFsqIOOxYX9Bozx1DVZtl9kPsxN58I%2BFE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
828979842d8e3e1a-SIN
priority
u=0,i=?0
truncated
/ Frame F492 		952 B
952 B 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6d7c432b17992e461c4fdfc34f5f360e015e4f19d97f559fdd00a81991d42768

Request headers

Referer
Origin
https://vcdn.powr.io
accept-language
zh-SG,zh;q=0.9
User-Agent
DuckDuckBot/1.0; (+http://duckduckgo.com/duckduckbot.html)

Response headers

Content-Type
font/woff2

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| documentPictureInPicture function| $ function| jQuery string| ire_o function| impactStat object| __post_robot_11_0_0___uid_mjhnbdvtjqseghzieuoeabthzjrlbg object| paypal object| __zoid_10_3_3___uid_mjhnbdvtjqseghzieuoeabthzjrlbg object| POWR_RECEIVERS function| loadPowr function| displayProducts function| displayPagination function| renderProducts function| displayFilteredProducts function| Popper object| bootstrap object| paypalDDL object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter object| IRF object| impactMPEventInstance function| ImpactMPEvent string| google_user_agent_client_hint function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests

7 Cookies

Domain/Path Name / Value
.paypal.com/ Name: tsrce
Value: smartcomponentnodeweb
.windows.net/ Name: IR_gbd
Value: windows.net
.windows.net/ Name: IR_MPS
Value: 1700407614881%7C1700407614881
.evyy.net/ Name: brwsr
Value: 1225bc8f-86f0-11ee-ada3-170c23da4e8a
.windows.net/ Name: IR_MPI
Value: 1225bc8f-86f0-11ee-ada3-170c23da4e8a%7C1700494014881
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.nr-data.net/ Name: JSESSIONID
Value: 94750f0414d94b4c

3 Console Messages

Source Level URL
Text
network error URL: https://fonts.googleapis.com/css2?family=Open+Sans|Montserrat|Roboto|Raleway&display=swap
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://affili.fromjapan.co.jp/images/en/234-2.gif
Message:
Failed to load resource: the server responded with a status of 403 ()
security error URL: https://2rrprowebsite.z23.web.core.windows.net/
Message:
Failed to find a valid digest in the 'integrity' attribute for resource 'https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css' with computed SHA-384 integrity '1BmE4kWBq78iYhFldvKuhfTAU6auU8tT94WrHftjDbrCEXSU1oBoqyl2QvZ6jIW3'. The resource has been blocked.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2rrprowebsite.z23.web.core.windows.net
affili.fromjapan.co.jp
ajax.googleapis.com
bam.nr-data.net
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js-agent.newrelic.com
js.stripe.com
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
public.powrcdn.com
static.getclicky.com
t.paypal.com
tpc.googlesyndication.com
utt.impactcdn.com
vcdn.powr.io
vidine.evyy.net
www.google.com
www.paypal.com
www.paypalobjects.com
www.powr.io
www.powrcdn.com
www.triumphscalper.com
13.227.254.117
132.148.165.11
151.101.1.35
151.101.193.21
151.101.2.137
162.247.243.29
192.229.232.89
20.150.86.129
2404:6800:4003:c01::5f
2404:6800:4003:c01::9b
2404:6800:4003:c04::84
2404:6800:4003:c0f::9c
2404:6800:4003:c11::5e
2404:6800:4003:c1a::69
2606:4700:10::6816:32f5
2606:4700:10::ac43:592
2606:4700:3036::6815:2528
2606:4700::6811:190e
2606:4700::6811:616c
2606:4700::6812:bcf
2a04:4e42:200::485
2a04:4e42:200::649
34.96.99.245
35.186.249.72
52.69.13.227
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
041b7044b29a121c0cfa23f378beb43bd066e8bb0ad38f71eb6cf446221e79f5
04a7b92b6272ae94f8f1bbe8fdd481ab5fff492c0fba4c733cb2209fe7df21ed
0656471e290af55c0275acdc6bcda19d9c36be1e67d1ced7e4a231fed95385d5
0acb1c2da1a11c9d63ced743279e356d74c93e67afafbfa4706fdccfee10b32f
0b475a092387a1d619ae4683e838b10e2c0d159edb515b80a012227db29b8e52
0f92aaabeff0802218336c6fd52653eef328dbf3ea7bfd72b9ea4acb2c8c4fef
11071aba9d0fcafb6f889458caf6925a09c97bdc9c5cf1290567405aa441e591
16e9e5e7168be6a56c9de27c97d99671e229e58f2368e606bc9a6e67a37bc2c0
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1929097b4e5f55569016a99e8d0a61f7fd603cc4b928e740bfcc1b30f7fc91f5
1c4c2e6fd8a12889bc2ab350338566579ae079850e59701c8bf55ba52abd4d6b
1cbda21998b65e08a7e936114cabd7f7783d0f590dd6efdd58c7faa8b6e7b9aa
1d83578139d813bf0b91b1dbe2877535513555a8012146c1a7b14d4cec27b801
2101028e0f3fdefc8d25bceda216ca76d140e2be04af056c82ebff7313b263d7
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b
2bc06e84b7d8632bf68fdfa2f05b36e8879ddd3596d09d86db871c3789d35831
33e754de943c75d82badf391353001cbef31bda341349a4d7b8a8e4f70ee5f31
33e9d7f221aee1c54b3ed0ce545b7ff6a990989cd7026070b6e524326fa4396e
3b5d77bc1d10555d3bc2d7e3d1f6ac950dc09f87bfe0a4ac19b246bd90518de5
40a28ebd7ee4a6b14aa1bd762626ee3fe1d50c410854b277149aa84f2118be14
41ea5861b0d01c0279ffd9fec8db5b8b763b2260cd10d2517df2a667a8b9f122
4ae2b5e7727bf6c855e92376a716649bfc8208d34274de619d1c71da4e3ae14b
508fdd4d62fc465b925ba3440a558d0fda43af9867767272400a0d97d1553cc5
5268cc4c625b470c18fccf06b7d3c2e3fc1f0e0aac5a376ebab4cc363c380a1c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
5bb5bdf192a92b9ddef0c3a63921b8fb3f7bc7cdbc79f84ff9ccd95126cc8382
5c3894973434f0452b432248d7588575b8b29de807f7b5852b45621c85e09e28
5d0e5587beda65b18252dd843e8b907e0646fe0b35f36fe2a5b2f6ca8bda66b5
5f470045ca28fed602fac19a2f2dc325c6451705c9c96bd45f8ea03f6b9ded73
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
66301a330c61cf002dfba1d6034a5b75593bbd926967509135c5b2199a114cef
6d7c432b17992e461c4fdfc34f5f360e015e4f19d97f559fdd00a81991d42768
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
7360d44d5be6482f2d113b7ca8aacbee5ca353f3d22303932197095044619ba3
74168275adb6a98796a63b6a69fc4c0efb4b45a8d23be7c7954da06687db7042
780861f2ab29c0144055244696561fb0306c8cb3cb7f548f9105c763b0e91f77
79a17da6d451e2ca6c0383cb0944d3290c0a03057c7a03bdc6cc2929c91463b0
79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582
7b43cb1814ca80746730f4207edcd1175bb5e95baf32398cfa5c891cb06713d7
7fb470d0e5fcff206a1ec8babef8940d36a129d0129f3a8d4cae69ea55736b95
865c1c32639768561183be05e49483dbe59a31050e0e5f7c380ee781967380c5
88301395acbecf93ff231b8301bffaf6f006cad6066f9102e89f9983012c038f
92f2c6a864c492536dc83050d88fcdd5a3ce9ff71da1ac63cf18509cea8f4a63
9732d7fe366b4ae7fe55a56b73399bc5fc35a9c0737b20b47082d5344c304428
9bdeba67a5e0f64db65210a03aa5c808e21ec02a5cff47bce7611b6ade9ee9e0
a5f70d5a479e183f8786137e1779e38add6cc7affa287ea46909c98480a8dea8
a7b5f3a4d6ce5ca1e6fd53857de91c77cbe72c29b2c1645498ab66b43a8dbca8
ac99adf8da871bf7110923d048182f0634125a2b48aeec12007f4e911ba2360a
ad1920a2c900798fba5b6918b634d1f3438228d6607bdd770cef4e43d5223cbe
ae59ba463823f134f3b68f38366a19e659344ecac5b78f5377bdb677d9e290c5
b9972cf884a14410091a93781530c4e9e2465c9862dcb638974a5ab97c74acde
b99ca2b3ae4f0061a14e016d6dc3dcd3371889d20bfc4b1393da6a6428e693a1
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
cbb76f9781a87e354e51e890881d74f2f9f6a233d0b3bbc3ceda0324f7ff9797
cc33235303cf3ecbafb9913c99a02d512e98fd48c3a7a51adbe5295001b25352
d26e399961e3f83efddbc08f5cc585ed33bd9b60e47342f0e966976dd24a9bed
d9b979c8cd78a51aba5391cb06f5c594b62d0a8141d4274704b64479dbede766
dc3ce816b5f139fa29bd9d18894a7a2e1b4f7845c5beb83830e28b38ece7eac4
ddd53b56779f1bdc6b3f2e56c12bf02c8ba2dd098f6d03c060133ebb4a790ed5
e0b90a181805f520c8646517192982825bddfa8b7cbd472209a9a4cdd7a6d27c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5d847d97665dac8a0143ba8c445a51d898678943f96fb4a2c6ad18c59ee94b7
e868ef6a88b34e61341b2c3aa04b2557b83d38bad8ddca0c14c9c7e285f22812
e8a15975d64446e7421acb1dbb95ef0ef15b23f8e654859a39468eb2d2af5509
f011e187be009e1d549d736eb763454c3739aa491f6313ef2f58def6df819ede
f27ee581935d276a528ce6d4f317bf109df41046d4e9119e57931efbd8719283
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f89bcb0f6632c6619173ea14d38f30a5341a8f99b7c830800e7a24a37b410ba4
faee10cba58c168a94d6fe87d83f86ddec7de039be3a4b63cf2796c4f4ce54cf
fbc46745c1937be28ac139d003565769b7b2e336ac28c38ad67d877c7f8deb7e
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff2ab0589be50f9328d6b86b9e656d83184ed0540442f0b8d650acd037a3f244