secure.actblue.com Open in urlscan Pro
151.101.128.174 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.actionnetwork.org/ss/c/4PfL751D8g4IfLXFw3QfXV5Wo_6TP_ujTmJFoO05AE2z9I3KlofRvG7PtPUh-EgHqae-tw4grJLot5w63HArfiyZDiE...
Effective URL:
https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amou...
Submission: On February 19 via api (February 19th 2024, 6:03:57 pm UTC) from BE — Scanned from DE

Summary HTTP 71 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 24 IPs in 3 countries across 19 domains to perform 71 HTTP transactions. The main IP is 151.101.128.174, located in United States and belongs to FASTLY, US. The main domain is secure.actblue.com. The Cisco Umbrella rank of the primary domain is 62453.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2023 Q2 on June 24th 2023. Valid for: a year.

This is the only time secure.actblue.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:10:... 2606:4700:10::6816:76b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	151.101.128.174 151.101.128.174	54113 (FASTLY) (FASTLY)
2	151.101.0.174 151.101.0.174	54113 (FASTLY) (FASTLY)
1	52.217.86.140 52.217.86.140	16509 (AMAZON-02) (AMAZON-02)
4	2600:1901:0:7... 2600:1901:0:7a0b::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::54	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
10	151.101.193.21 151.101.193.21	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:400c:c09::5c	15169 (GOOGLE) (GOOGLE)
5	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
3	151.101.1.35 151.101.1.35	54113 (FASTLY) (FASTLY)
5	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	18.244.18.8 18.244.18.8	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
14	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	34.96.67.224 34.96.67.224	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.102.232.42 34.102.232.42	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
71	24

1 2606:4700:10::6816:76b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

click.actionnetwork.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.128.174 (United States)

ASN54113 (FASTLY, US)

secure.actblue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.0.174 (United States)

ASN54113 (FASTLY, US)

proxy-service.actblue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.86.140 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

actblue-indigo-uploads.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1901:0:7a0b:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

sessions.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::54 (Brussels, Belgium)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.193.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c09::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.1.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.244.18.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-8.fra56.r.cloudfront.net

zgen2d20.micpn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.67.224 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 224.67.96.34.bc.googleusercontent.com

cdn.sift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.232.42 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 42.232.102.34.bc.googleusercontent.com

hexagon-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	google.com 1 redirects accounts.google.com — Cisco Umbrella Rank: 30 www.google.com — Cisco Umbrella Rank: 2 pay.google.com — Cisco Umbrella Rank: 2908 play.google.com — Cisco Umbrella Rank: 44	505 KB
13	paypal.com www.paypal.com — Cisco Umbrella Rank: 2925 t.paypal.com — Cisco Umbrella Rank: 3365	283 KB
9	actblue.com secure.actblue.com — Cisco Umbrella Rank: 62453 proxy-service.actblue.com — Cisco Umbrella Rank: 116756	542 KB
5	gstatic.com www.gstatic.com	103 KB
5	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2536	38 KB
4	bugsnag.com sessions.bugsnag.com — Cisco Umbrella Rank: 987	166 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 191	69 KB
2	google.de www.google.de — Cisco Umbrella Rank: 5654	563 B
2	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 43	3 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 52	170 KB
1	hexagon-analytics.com hexagon-analytics.com — Cisco Umbrella Rank: 5824	297 B
1	sift.com cdn.sift.com — Cisco Umbrella Rank: 15102	21 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	185 B
1	micpn.com zgen2d20.micpn.com	15 KB
1	adsrvr.org insight.adsrvr.org — Cisco Umbrella Rank: 671	149 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2000	255 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 141	2 KB
1	amazonaws.com actblue-indigo-uploads.s3.amazonaws.com — Cisco Umbrella Rank: 255284	548 KB
1	actionnetwork.org 1 redirects click.actionnetwork.org — Cisco Umbrella Rank: 70385	500 B
71	19

	Domain	Requested by
14	play.google.com	www.gstatic.com
10	www.paypal.com	secure.actblue.com www.paypal.com www.paypalobjects.com
7	secure.actblue.com	secure.actblue.com
5	www.gstatic.com	secure.actblue.com pay.google.com www.gstatic.com
5	www.paypalobjects.com	secure.actblue.com www.paypal.com www.paypalobjects.com
4	pay.google.com	secure.actblue.com pay.google.com www.gstatic.com
4	sessions.bugsnag.com	secure.actblue.com
3	t.paypal.com	secure.actblue.com
2	connect.facebook.net	secure.actblue.com connect.facebook.net
2	www.google.de	secure.actblue.com
2	www.google.com	1 redirects secure.actblue.com
2	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
2	www.googletagmanager.com	secure.actblue.com www.googletagmanager.com
2	proxy-service.actblue.com	secure.actblue.com
1	hexagon-analytics.com
1	cdn.sift.com	secure.actblue.com
1	www.facebook.com	secure.actblue.com
1	zgen2d20.micpn.com	secure.actblue.com
1	insight.adsrvr.org	secure.actblue.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	accounts.google.com	secure.actblue.com
1	actblue-indigo-uploads.s3.amazonaws.com	secure.actblue.com
1	click.actionnetwork.org	1 redirects
71	24

This site contains links to these domains. Also see Links.

Domain
joebiden.com

Subject Issuer	Validity	Valid
secure.actblue.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-06-24` - `2024-07-25`	a year	crt.sh
proxy-service.actblue.com R3	`2024-01-14` - `2024-04-13`	3 months	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-03`	9 months	crt.sh
*.bugsnag.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-19` - `2024-04-12`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
www.google.de GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2024-02-08` - `2025-02-08`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2023-09-21` - `2024-10-21`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.micpn.com Amazon RSA 2048 M03	`2023-12-19` - `2025-01-16`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-11-29` - `2024-02-27`	3 months	crt.sh
*.sift.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-05` - `2025-01-19`	a year	crt.sh
*.hexagon-analytics.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-27` - `2024-11-03`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25,50,100,250,500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036
Frame ID: 99BCEC213F5E0239C46FC0D79CF979A0
Requests: 31 HTTP requests in this frame

Frame: https://secure.actblue.com/pages/em-bfp-rep-february-2024/tracking_code?t=landing&refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25,50,100,250,500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036&auth_token=null
Frame ID: 02A1E478DCE3D8B6F85467443125353C
Requests: 6 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=44&style.menuPlacement=below&allowBillingPayments=true&applePaySupport=false&buttonSessionID=uid_86f04ceeae_mtg6mdm6nti&buttonSize=large&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&clientMetadataID=uid_6d7def97e6_mtg6mdm6nti&commit=false&components.0=buttons&currency=USD&debug=false&disableFunding.0=credit&disableFunding.1=card&disableSetCookie=true&enableFunding.0=venmo&experiment.enableVenmo=false&flow=purchase&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&intent=capture&locale.lang=en&locale.country=US&platform=desktop&renderedButtons.0=paypal&renderedButtons.1=sepa&sessionID=uid_6d7def97e6_mtg6mdm6nti&sdkCorrelationID=060a26a52668b&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UmZW5hYmxlLWZ1bmRpbmc9dmVubW8iLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9mbWdpY3pibHBhZ211bHhpc2F1Z2VianVpb21iamsifX0&sdkVersion=5.0.423&storageID=uid_1a4be94de8_mtg6mdm6nti&supportedNativeBrowser=false&supportsPopups=true&vault=false
Frame ID: B7A256299F73E5D52F114394654D0A3E
Requests: 6 HTTP requests in this frame

Frame: https://www.paypalobjects.com/js-sdk-logos/2.2.7/paypal-blue.svg
Frame ID: 1EE36087CCCC09A6C30A1CA892E1BF04
Requests: 2 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fsecure.actblue.com&mid=
Frame ID: D2D74737A49DC6C6F024F8F2281A3E27
Requests: 14 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: 62B84C4FB32F2161E5E47455421F990C
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Joe Biden — Donate via ActBlue

Page URL History Show full URLs

https://click.actionnetwork.org/ss/c/4PfL751D8g4IfLXFw3QfXV5Wo_6TP_ujTmJFoO05AE2z9I3KlofRvG7PtPUh-EgHqae-tw4... HTTP 302
https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rt... Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 75%
Detected patterns

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Sift (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.sift(?:science)?\.com/s\.js

Page Statistics

71
Requests

99 %
HTTPS

54 %
IPv6

19
Domains

24
Subdomains

24
IPs

3
Countries

2297 kB
Transfer

6272 kB
Size

18
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://joebiden.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://joebiden.com/terms-of-service
Title: Terms of Service

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.actionnetwork.org/ss/c/4PfL751D8g4IfLXFw3QfXV5Wo_6TP_ujTmJFoO05AE2z9I3KlofRvG7PtPUh-EgHqae-tw4grJLot5w63HArfiyZDiEKOFaM76SR94cHxUCVsX7BtPVLRGdjkr2NDUSoFE3qkHjnbTmrgvmCYcXZee1wuKlfunkfIG7HgmmHbAekbJVzoStQv7V4EHfuqQ1swzIK6QGm34mvgKqxJWbHr-CJ843rEeO6M4LejF5N0ziteN_4QtmmhBAHAAVwMq47ExLqzqZORpG8JOnWrE8mLy1KBwTvz00uaexdLrrwAg5DWEz2FnCAXFYjcHLkxl3XlfKEloB2f-o91HbZyPm6S5KKi65mKBcYeWpojWaf0Q9_iOBfysJqNetlAOJN0scZjwXib45vJ8W6dRkHTePeNGmgRJ_d_6usZhrj5ZtvXL8UfmVF9TtU7xcKlSOumS1RPrlBL_CH1_p-QkovqYAVbs8mkn7KzSZIJTEa_wyZh887Gw4MD9qftdD1_pa84rJo8qdp3UE8J_hPx6fkfsCfmZbDyctwAVjZsF7C7S-e0UeUVrEbmkLcmtwC2O-XCfl35XbZIJcoMldK3ZiuQdArruyvADRxpZHgHkrBPdB5RyUH1gbdx6498ttvL5RVnl90/43w/VRSWqjckRniSkSJBYxRPtg/h4/haK1lsvFH6bpcgY-3bzI0Y1tD-eGm6gztnnNVLbqM0Q HTTP 302
https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25,50,100,250,500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11154426359/?random=522007053&cv=11&fst=1708365831729&bg=ffffff&guid=ON&async=1&gtm=45be42e0v9115732004za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fem-bfp-rep-february-2024%3Frefcode%3Djb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg%26amount%3D250%26amounts%3D25%2C50%2C100%2C250%2C500%26utm_medium%3Demail%26utm_source%3Dan%26utm_campaign%3Djb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg%26express_lane%3Dtrue%26link_id%3D5%26can_id%3D2ec61d278f01fc3eb7534ead106ced0a%26email_referrer%3Demail_2205036%26email_subject%3Dthis-might-sound-strange-but-donald-trump-is-telling-the-truth%26refcodeEmailReferrer%3Demail_2205036&label=OInWCOy815kYEPeT7MYp&hn=www.googleadservices.com&frm=0&tiba=ActBlue&gtm_ee=1&npa=0&pscdl=noapi&auid=817598308.1708365832&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&ocp_id=B5jTZZ_CLqj0mLAPhdyB2Ac&sscte=1&crd=COy7sQI&pscrd=Ek5DaEVJZ0pYTXJnWVFpOXVEMU9ucjFvV2lBUklsQUFmT29LeXA2NU15dzV0ZzFlRDdqUnJqQlByUzFVWkZLZWpuQk9NWW1Ya3FrazNORHcaV0NoQUlnSlhNcmdZUW9PaWN1TC1uLU9CMkVpMEFjS3pqM2s5d3Fsd1FwdTdTUU15NEdFRnFTNVNJZ2dGWlM3bkRwUmVlbHFaMzYzRzdUTjllZjI0X0wxOCITCN_hsdT-t4QDFSg6BgAdBW4AezICCAMyAggEMgIIBzICCAgyAggJMgIICjICCAI HTTP 302
https://www.google.com/pagead/1p-conversion/11154426359/?random=522007053&cv=11&fst=1708365831729&bg=ffffff&guid=ON&async=1&gtm=45be42e0v9115732004za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fem-bfp-rep-february-2024%3Frefcode%3Djb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg%26amount%3D250%26amounts%3D25%2C50%2C100%2C250%2C500%26utm_medium%3Demail%26utm_source%3Dan%26utm_campaign%3Djb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg%26express_lane%3Dtrue%26link_id%3D5%26can_id%3D2ec61d278f01fc3eb7534ead106ced0a%26email_referrer%3Demail_2205036%26email_subject%3Dthis-might-sound-strange-but-donald-trump-is-telling-the-truth%26refcodeEmailReferrer%3Demail_2205036&label=OInWCOy815kYEPeT7MYp&hn=www.googleadservices.com&frm=0&tiba=ActBlue&gtm_ee=1&npa=0&pscdl=noapi&auid=817598308.1708365832&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=COy7sQI&pscrd=Ek5DaEVJZ0pYTXJnWVFpOXVEMU9ucjFvV2lBUklsQUFmT29LeXA2NU15dzV0ZzFlRDdqUnJqQlByUzFVWkZLZWpuQk9NWW1Ya3FrazNORHcaV0NoQUlnSlhNcmdZUW9PaWN1TC1uLU9CMkVpMEFjS3pqM2s5d3Fsd1FwdTdTUU15NEdFRnFTNVNJZ2dGWlM3bkRwUmVlbHFaMzYzRzdUTjllZjI0X0wxOCITCN_hsdT-t4QDFSg6BgAdBW4AezICCAMyAggEMgIIBzICCAgyAggJMgIICjICCAI&is_vtc=1&ocp_id=B5jTZZ_CLqj0mLAPhdyB2Ac&cid=CAQSGwAvHhf_3aVMg4e0QP-nJqK4qW-UlBw-1qjncA&random=898395077 HTTP 302
https://www.google.de/pagead/1p-conversion/11154426359/?random=522007053&cv=11&fst=1708365831729&bg=ffffff&guid=ON&async=1&gtm=45be42e0v9115732004za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fem-bfp-rep-february-2024%3Frefcode%3Djb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg%26amount%3D250%26amounts%3D25%2C50%2C100%2C250%2C500%26utm_medium%3Demail%26utm_source%3Dan%26utm_campaign%3Djb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg%26express_lane%3Dtrue%26link_id%3D5%26can_id%3D2ec61d278f01fc3eb7534ead106ced0a%26email_referrer%3Demail_2205036%26email_subject%3Dthis-might-sound-strange-but-donald-trump-is-telling-the-truth%26refcodeEmailReferrer%3Demail_2205036&label=OInWCOy815kYEPeT7MYp&hn=www.googleadservices.com&frm=0&tiba=ActBlue&gtm_ee=1&npa=0&pscdl=noapi&auid=817598308.1708365832&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=COy7sQI&pscrd=Ek5DaEVJZ0pYTXJnWVFpOXVEMU9ucjFvV2lBUklsQUFmT29LeXA2NU15dzV0ZzFlRDdqUnJqQlByUzFVWkZLZWpuQk9NWW1Ya3FrazNORHcaV0NoQUlnSlhNcmdZUW9PaWN1TC1uLU9CMkVpMEFjS3pqM2s5d3Fsd1FwdTdTUU15NEdFRnFTNVNJZ2dGWlM3bkRwUmVlbHFaMzYzRzdUTjllZjI0X0wxOCITCN_hsdT-t4QDFSg6BgAdBW4AezICCAMyAggEMgIIBzICCAgyAggJMgIICjICCAI&is_vtc=1&ocp_id=B5jTZZ_CLqj0mLAPhdyB2Ac&cid=CAQSGwAvHhf_3aVMg4e0QP-nJqK4qW-UlBw-1qjncA&random=898395077&ipr=y

71 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request em-bfp-rep-february-2024 Show response
secure.actblue.com/donate/
Redirect Chain

https://click.actionnetwork.org/ss/c/4PfL751D8g4IfLXFw3QfXV5Wo_6TP_ujTmJFoO05AE2z9I3KlofRvG7PtPUh-EgHqae-tw4grJLot5w63HArfiyZDiEKOFaM76SR94cHxUCVsX7BtPVLRGdjkr2NDUSoFE3qkHjnbTmrgvmCYcXZee1wuKlfunkf...
https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25,50,100,250,500&utm_medium=email&utm_source=an&utm_campai...

53 KB
13 KB

45ms
20ms

Document
text/html

151.101.128.174
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25,50,100,250,500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.128.174 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

13081a347b633fadb2e59072bf5b080e46bc9afc61520321d22d30b556c5ee29

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; report-uri /system/csp_reports
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 30046
cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-length: 12787
content-security-policy: frame-ancestors 'none'; report-uri /system/csp_reports
content-type: text/html; charset=utf-8
date: Mon, 19 Feb 2024 18:03:51 GMT
etag: W/"d4b9-fVm/IcQhTAVLno+OhSaCVzTTQ2w"
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1708335784&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=zK0Ddo0pE0npinbi%2BqxtHa%2F00zf3CHbdwdUJw6uv0LY%3D"}]}
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1708335784&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=zK0Ddo0pE0npinbi%2BqxtHa%2F00zf3CHbdwdUJw6uv0LY%3D
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 vegur, 1.1 varnish, 1.1 varnish, 1.1 varnish
x-form-app: kittens! [Server: node: us]
x-frame-options: sameorigin
x-robots-tag: noindex, nofollow
x-start: 2024-02-19 18:03:51.354
x-timer: S1708335784.242417,VS0,VE332

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85806dca4a934da8-FRA
content-type: text/html; charset=utf-8
date: Mon, 19 Feb 2024 18:03:51 GMT
location: https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25,50,100,250,500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036
server: cloudflare
strict-transport-security: max-age=10
x-robots-tag: noindex, nofollow

GET
H2 200 c00193ed042746b43a57.css
secure.actblue.com/cf/assets/app-css/ 20 KB
5 KB 24ms
24ms Stylesheet
text/css 151.101.128.174
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.actblue.com/cf/assets/app-css/c00193ed042746b43a57.css?form_app=us

Requested by

Host: secure.actblue.com
URL: https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25,50,100,250,500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.128.174 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e7a17d448ce2deae2459d1ed87980c2f0f1cae0e5fb329f93d6fa953a9081c61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25,50,100,250,500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 18:03:51 GMT
via: 1.1 vegur, 1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding: gzip
strict-transport-security: max-age=31536000
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 257268
x-start: 2024-02-19 18:03:51.511
content-length: 4667
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1708108563&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=F9vRWjjoZVC6xplclGFFHad9k%2Bu9Nng5kFXCUHSkZUY%3D
last-modified: Thu, 15 Feb 2024 21:42:55 GMT
x-timer: S1708108563.383794,VS0,VE113
etag: W/"4ede-18daeb8fb18"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1708108563&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=F9vRWjjoZVC6xplclGFFHad9k%2Bu9Nng5kFXCUHSkZUY%3D"}]}
content-type: text/css; charset=UTF-8
cache-control: max-age=31557600, must-revalidate
accept-ranges: bytes

GET
H2 200 actblue.js Show response
secure.actblue.com/cf/assets/ 29 KB
10 KB 24ms
24ms Script
application/javascript 151.101.128.174
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.actblue.com/cf/assets/actblue.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.128.174 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3daa447ce725debe3b8cd56b75b1cd99584f7770f4aa4d202bf07e3688b6b202

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25,50,100,250,500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 18:03:51 GMT
via: 1.1 vegur, 1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding: gzip
strict-transport-security: max-age=31536000
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 257270
x-start: 2024-02-19 18:03:51.512
content-length: 9344
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1708108561&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=Bjg0XAih5UuaVgmL8pgh9GZl56zDQ1z0kzQk2niYNAU%3D
last-modified: Thu, 15 Feb 2024 21:41:26 GMT
x-timer: S1708108562.599356,VS0,VE114
etag: W/"73ca-18daeb79f70"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1708108561&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=Bjg0XAih5UuaVgmL8pgh9GZl56zDQ1z0kzQk2niYNAU%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=600, must-revalidate
accept-ranges: bytes

GET
H2 200 c00193ed042746b43a57.js Show response
secure.actblue.com/cf/assets/app/ 2 MB
493 KB 24ms
23ms Script
application/javascript 151.101.128.174
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.actblue.com/cf/assets/app/c00193ed042746b43a57.js?form_app=us

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.128.174 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ade06b2b7d9abb461d5099cdc0f372808f535d3fa1fe648b32dca3567e3a4989

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25,50,100,250,500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 18:03:51 GMT
via: 1.1 vegur, 1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding: gzip
strict-transport-security: max-age=31536000
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 257268
x-start: 2024-02-19 18:03:51.511
content-length: 504479
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1708108563&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=uVF%2BxE18vLWG3SKAMNhT4zCyk7ew2d3qoK2tYz5%2B6MI%3D
last-modified: Thu, 15 Feb 2024 21:42:55 GMT
x-timer: S1708108563.395881,VS0,VE86
etag: W/"19bdb6-18daeb8fb18"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1708108563&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=uVF%2BxE18vLWG3SKAMNhT4zCyk7ew2d3qoK2tYz5%2B6MI%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31557600, must-revalidate
accept-ranges: bytes

GET
H2 200 lib.min.js Show response
proxy-service.actblue.com/ 54 KB
19 KB 84ms
21ms Script
text/javascript 151.101.0.174
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://proxy-service.actblue.com/lib.min.js
Requested by: Host: secure.actblue.com
URL: https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25,50,100,250,500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.0.174 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7c690a6ebb2eef51e8ccc66161b02197c22f388f1fc23c89e0f5c7b70e1eac50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 18:03:51 GMT
content-encoding: gzip
via: 1.1 varnish
age: 368
x-guploader-uploadid: ABPtcPqCROPZnfWQmldYzJmHbLPmyITrRTDlv39inKUXrMXLA9xr5Xm-kO28E6lc2uqdGevmYYyXMbWK9Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 18490
last-modified: Tue, 06 Feb 2024 00:09:36 GMT
etag: "eb0675a8749ea5d76345796217db928f"
vary: Accept-Encoding
x-goog-generation: 1707178176338436
x-goog-hash: crc32c=fWmQwA==, md5=6wZ1qHSepddjRXliF9uSjw==
access-control-allow-origin: *
content-type: text/javascript
cache-control: public,max-age=600
x-goog-stored-content-length: 18490
accept-ranges: bytes
expires: Tue, 06 Feb 2024 00:20:22 GMT

GET
H/1.1 200
OK 5f5c951a-1b84-4e9b-a726-df92b91a3867-20240116BVFTrumpActBlueBranding.jpg
actblue-indigo-uploads.s3.amazonaws.com/uploads/list-editor/df34ff81-3ecd-4dcc-9b5f-b9f9ae417faa-brandings/276231/document_body/background_image_url/ 547 KB
548 KB 349ms
141ms Image
image/jpeg 52.217.86.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://actblue-indigo-uploads.s3.amazonaws.com/uploads/list-editor/df34ff81-3ecd-4dcc-9b5f-b9f9ae417faa-brandings/276231/document_body/background_image_url/5f5c951a-1b84-4e9b-a726-df92b91a3867-20240116BVFTrumpActBlueBranding.jpg
Requested by: Host: secure.actblue.com
URL: https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25,50,100,250,500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.86.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 74b0e0aa3d80a558b6275431c99fce9238b80ebbd1af8aafd1dbba4890d412ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Mon, 19 Feb 2024 18:03:52 GMT
Last-Modified: Sun, 21 Jan 2024 20:12:27 GMT
Server: AmazonS3
x-amz-request-id: 7P27W7XN5511S42M
ETag: "7dba4e8be29efbefb3e4b2b12382d968"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 560617
x-amz-id-2: 2NaqIQCuJ8v7k3QKCnpOCaTi++Wv/kVQlAl4Vx9qZ9yPSlo/KVLyfGC72DcRDG1DxBdEMbCjOAg=

OPTIONS
H2 200 /
sessions.bugsnag.com/ Frame 0
0 191ms
152ms Preflight 2600:1901:0:7a0b::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method: POST
Origin: https://secure.actblue.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 19 Feb 2024 18:03:51 GMT
via: 1.1 google

POST
H2 202 / Show response
sessions.bugsnag.com/ 21 B
131 B 150ms
150ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/c00193ed042746b43a57.js?form_app=us
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1
Referer: https://secure.actblue.com/
Bugsnag-Sent-At: 2024-02-19T18:03:51.576Z
accept-language: de-DE,de;q=0.9
Bugsnag-Api-Key: 04c1a9de88bb73e22614162ba813a0b9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Mon, 19 Feb 2024 18:03:51 GMT
via: 1.1 google
bugsnag-session-uuid: 5e9b340f-ea17-46a4-8681-426f7080128c
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
content-type: application/json

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 214 KB
77 KB 44ms
24ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11154426359

Requested by

Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/c00193ed042746b43a57.js?form_app=us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6b80f8c7ff45634f43c1407a75349f5524b00ca4a22313b1f3f626dcbd609ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 18:03:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78165
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 19 Feb 2024 18:03:51 GMT

GET
H2 200 auth_token Show response
secure.actblue.com/api/cf/ 102 B
619 B 272ms
272ms Fetch
application/json 151.101.128.174
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.actblue.com/api/cf/auth_token

Requested by

Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/c00193ed042746b43a57.js?form_app=us

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.128.174 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1684fe29db5da4299c09d68c28a99585bff5282441e2109b62fc7bf9b5da84f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25,50,100,250,500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 18:03:51 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=31536000
status: 200 OK
x-start: 2024-02-19 18:03:51.700
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-timer: S1708365832.720347,VS0,VE122
etag: W/"1684fe29db5da4299c09d68c28a99585"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept, Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, no-store
accept-ranges: bytes

GET
H2 200 tracking_code Show response
secure.actblue.com/pages/em-bfp-rep-february-2024/ Frame 02A1 2 KB
1 KB 444ms
444ms Document
text/html 151.101.128.174
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.actblue.com/pages/em-bfp-rep-february-2024/tracking_code?t=landing&refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25,50,100,250,500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036&auth_token=null

Requested by

Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/c00193ed042746b43a57.js?form_app=us

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.128.174 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ab752339ce1284d73fffb260230bfe522c7255f5ff2ec045f77bfc1955a8a38f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	0

Request headers

Referer: https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25,50,100,250,500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
cache-control: no-store
content-encoding: gzip
content-length: 972
content-type: text/html; charset=utf-8
date: Mon, 19 Feb 2024 18:03:52 GMT
etag: W/"ab752339ce1284d73fffb260230bfe52"
referrer-policy: strict-origin-when-cross-origin
status: 200 OK
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: ALLOWALL
x-permitted-cross-domain-policies: none
x-robots-tag: noindex, nofollow
x-start: 2024-02-19 18:03:51.711
x-timer: S1708365832.736797,VS0,VE362
x-xss-protection: 0

GET
H2 200 client Show response
accounts.google.com/gsi/ 208 KB
80 KB 80ms
39ms Script
application/javascript 2a00:1450:400c:c0c::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/c00193ed042746b43a57.js?form_app=us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::54 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4239bbf75dceef4ae5c4cf203d0cbdf5f79dbee2c01fe939a7e5e7a0f2685fa8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-R-R1J7WVEYkw5JnlQfREXg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 18:03:51 GMT
content-security-policy: script-src 'report-sample' 'nonce-R-R1J7WVEYkw5JnlQfREXg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Mon, 19 Feb 2024 18:03:51 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11154426359/ 4 KB
2 KB 64ms
44ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11154426359/?random=1708365831723&cv=11&fst=1708365831723&bg=ffffff&guid=ON&async=1&gtm=45be42e0v9115732004za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fem-bfp-rep-february-2024%3Frefcode%3Djb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg%26amount%3D250%26amounts%3D25%2C50%2C100%2C250%2C500%26utm_medium%3Demail%26utm_source%3Dan%26utm_campaign%3Djb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg%26express_lane%3Dtrue%26link_id%3D5%26can_id%3D2ec61d278f01fc3eb7534ead106ced0a%26email_referrer%3Demail_2205036%26email_subject%3Dthis-might-sound-strange-but-donald-trump-is-telling-the-truth%26refcodeEmailReferrer%3Demail_2205036&hn=www.googleadservices.com&frm=0&tiba=ActBlue&npa=0&pscdl=noapi&auid=817598308.1708365832&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11154426359

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

72737eea0c8de212316c623e267af65ab0b0bed9449d975eff48a429ccc3d232

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Feb 2024 18:03:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1537
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 280 KB
93 KB 21ms
21ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-YNXV4B4VH3&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11154426359

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8a2754e762bf2d64119baa6aac02d89ddb9a6efea390bc72096a9b21669c9d45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 18:03:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94999
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 19 Feb 2024 18:03:51 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/11154426359/ 3 KB
2 KB 52ms
25ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/11154426359/?random=1708365831729&cv=11&fst=1708365831729&bg=ffffff&guid=ON&async=1&gtm=45be42e0v9115732004za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fem-bfp-rep-february-2024%3Frefcode%3Djb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg%26amount%3D250%26amounts%3D25%2C50%2C100%2C250%2C500%26utm_medium%3Demail%26utm_source%3Dan%26utm_campaign%3Djb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg%26express_lane%3Dtrue%26link_id%3D5%26can_id%3D2ec61d278f01fc3eb7534ead106ced0a%26email_referrer%3Demail_2205036%26email_subject%3Dthis-might-sound-strange-but-donald-trump-is-telling-the-truth%26refcodeEmailReferrer%3Demail_2205036&label=OInWCOy815kYEPeT7MYp&hn=www.googleadservices.com&frm=0&tiba=ActBlue&gtm_ee=1&npa=0&pscdl=noapi&auid=817598308.1708365832&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11154426359

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

2d7a2a28fa87f8291c2508013eee93375bb7211fc70042965c994a46905acb19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Feb 2024 18:03:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1886
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
255 B 33ms
13ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-YNXV4B4VH3&gtm=45je42e0v9172740229za200&_p=1708365831650&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=960957641.1708365832&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&dl=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fem-bfp-rep-february-2024&sid=1708365831&sct=1&seg=0&dt=ActBlue&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1041
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YNXV4B4VH3&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Feb 2024 18:03:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.actblue.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/11154426359/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11154426359/?random=522007053&cv=11&fst=1708365831729&bg=ffffff&guid=ON&async=1&gtm=45be42e0v9115732004za200&gcd=13l3l3l3l1&dma_cps=...
https://www.google.com/pagead/1p-conversion/11154426359/?random=522007053&cv=11&fst=1708365831729&bg=ffffff&guid=ON&async=1&gtm=45be42e0v9115732004za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600...
https://www.google.de/pagead/1p-conversion/11154426359/?random=522007053&cv=11&fst=1708365831729&bg=ffffff&guid=ON&async=1&gtm=45be42e0v9115732004za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&...

42 B
108 B

20ms
20ms

Image
image/gif

2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/11154426359/?random=522007053&cv=11&fst=1708365831729&bg=ffffff&guid=ON&async=1&gtm=45be42e0v9115732004za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fem-bfp-rep-february-2024%3Frefcode%3Djb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg%26amount%3D250%26amounts%3D25%2C50%2C100%2C250%2C500%26utm_medium%3Demail%26utm_source%3Dan%26utm_campaign%3Djb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg%26express_lane%3Dtrue%26link_id%3D5%26can_id%3D2ec61d278f01fc3eb7534ead106ced0a%26email_referrer%3Demail_2205036%26email_subject%3Dthis-might-sound-strange-but-donald-trump-is-telling-the-truth%26refcodeEmailReferrer%3Demail_2205036&label=OInWCOy815kYEPeT7MYp&hn=www.googleadservices.com&frm=0&tiba=ActBlue&gtm_ee=1&npa=0&pscdl=noapi&auid=817598308.1708365832&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=COy7sQI&pscrd=Ek5DaEVJZ0pYTXJnWVFpOXVEMU9ucjFvV2lBUklsQUFmT29LeXA2NU15dzV0ZzFlRDdqUnJqQlByUzFVWkZLZWpuQk9NWW1Ya3FrazNORHcaV0NoQUlnSlhNcmdZUW9PaWN1TC1uLU9CMkVpMEFjS3pqM2s5d3Fsd1FwdTdTUU15NEdFRnFTNVNJZ2dGWlM3bkRwUmVlbHFaMzYzRzdUTjllZjI0X0wxOCITCN_hsdT-t4QDFSg6BgAdBW4AezICCAMyAggEMgIIBzICCAgyAggJMgIICjICCAI&is_vtc=1&ocp_id=B5jTZZ_CLqj0mLAPhdyB2Ac&cid=CAQSGwAvHhf_3aVMg4e0QP-nJqK4qW-UlBw-1qjncA&random=898395077&ipr=y

Requested by

Protocol

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Feb 2024 18:03:51 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 19 Feb 2024 18:03:51 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/11154426359/?random=522007053&cv=11&fst=1708365831729&bg=ffffff&guid=ON&async=1&gtm=45be42e0v9115732004za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fem-bfp-rep-february-2024%3Frefcode%3Djb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg%26amount%3D250%26amounts%3D25%2C50%2C100%2C250%2C500%26utm_medium%3Demail%26utm_source%3Dan%26utm_campaign%3Djb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg%26express_lane%3Dtrue%26link_id%3D5%26can_id%3D2ec61d278f01fc3eb7534ead106ced0a%26email_referrer%3Demail_2205036%26email_subject%3Dthis-might-sound-strange-but-donald-trump-is-telling-the-truth%26refcodeEmailReferrer%3Demail_2205036&label=OInWCOy815kYEPeT7MYp&hn=www.googleadservices.com&frm=0&tiba=ActBlue&gtm_ee=1&npa=0&pscdl=noapi&auid=817598308.1708365832&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=COy7sQI&pscrd=Ek5DaEVJZ0pYTXJnWVFpOXVEMU9ucjFvV2lBUklsQUFmT29LeXA2NU15dzV0ZzFlRDdqUnJqQlByUzFVWkZLZWpuQk9NWW1Ya3FrazNORHcaV0NoQUlnSlhNcmdZUW9PaWN1TC1uLU9CMkVpMEFjS3pqM2s5d3Fsd1FwdTdTUU15NEdFRnFTNVNJZ2dGWlM3bkRwUmVlbHFaMzYzRzdUTjllZjI0X0wxOCITCN_hsdT-t4QDFSg6BgAdBW4AezICCAMyAggEMgIIBzICCAgyAggJMgIICjICCAI&is_vtc=1&ocp_id=B5jTZZ_CLqj0mLAPhdyB2Ac&cid=CAQSGwAvHhf_3aVMg4e0QP-nJqK4qW-UlBw-1qjncA&random=898395077&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/11154426359/ 42 B
455 B 44ms
23ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11154426359/?random=1708365831723&cv=11&fst=1708365600000&bg=ffffff&guid=ON&async=1&gtm=45be42e0v9115732004za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fem-bfp-rep-february-2024%3Frefcode%3Djb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg%26amount%3D250%26amounts%3D25%2C50%2C100%2C250%2C500%26utm_medium%3Demail%26utm_source%3Dan%26utm_campaign%3Djb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg%26express_lane%3Dtrue%26link_id%3D5%26can_id%3D2ec61d278f01fc3eb7534ead106ced0a%26email_referrer%3Demail_2205036%26email_subject%3Dthis-might-sound-strange-but-donald-trump-is-telling-the-truth%26refcodeEmailReferrer%3Demail_2205036&frm=0&tiba=ActBlue&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_XM3wkOcQ0s3iQ02f6h0PoJtG-SEKhA&random=1092172803&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Feb 2024 18:03:51 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/11154426359/ 42 B
455 B 43ms
22ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/11154426359/?random=1708365831723&cv=11&fst=1708365600000&bg=ffffff&guid=ON&async=1&gtm=45be42e0v9115732004za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fem-bfp-rep-february-2024%3Frefcode%3Djb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg%26amount%3D250%26amounts%3D25%2C50%2C100%2C250%2C500%26utm_medium%3Demail%26utm_source%3Dan%26utm_campaign%3Djb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg%26express_lane%3Dtrue%26link_id%3D5%26can_id%3D2ec61d278f01fc3eb7534ead106ced0a%26email_referrer%3Demail_2205036%26email_subject%3Dthis-might-sound-strange-but-donald-trump-is-telling-the-truth%26refcodeEmailReferrer%3Demail_2205036&frm=0&tiba=ActBlue&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_XM3wkOcQ0s3iQ02f6h0PoJtG-SEKhA&random=1092172803&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Feb 2024 18:03:51 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H3 200 /
sessions.bugsnag.com/ Frame 0
0 149ms
149ms Preflight 2600:1901:0:7a0b::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method: POST
Origin: https://secure.actblue.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 19 Feb 2024 18:03:52 GMT
via: 1.1 google

POST
H3 202 / Show response
sessions.bugsnag.com/ 21 B
35 B 150ms
150ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/c00193ed042746b43a57.js?form_app=us
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1
Referer: https://secure.actblue.com/
Bugsnag-Sent-At: 2024-02-19T18:03:51.937Z
accept-language: de-DE,de;q=0.9
Bugsnag-Api-Key: 04c1a9de88bb73e22614162ba813a0b9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Mon, 19 Feb 2024 18:03:52 GMT
via: 1.1 google
bugsnag-session-uuid: 064115a5-6bf6-447d-aeb2-61232b3741fb
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
content-type: application/json

GET
H2 200 js Show response
www.paypal.com/sdk/ 296 KB
81 KB 50ms
26ms Script
application/javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&locale=en_US&disable-funding=credit,card&intent=capture&commit=false&enable-funding=venmo

Requested by

Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/c00193ed042746b43a57.js?form_app=us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2e3380474214974e632234f1b8ba2df0109f2bbdde0085de13a36eb74297d476

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-t1AuQ6LqJukwSKNoO2dxnEaZ6lAvMb+0N/I03wdl/H4rxP32' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-t1AuQ6LqJukwSKNoO2dxnEaZ6lAvMb+0N/I03wdl/H4rxP32' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-t1AuQ6LqJukwSKNoO2dxnEaZ6lAvMb+0N/I03wdl/H4rxP32' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-t1AuQ6LqJukwSKNoO2dxnEaZ6lAvMb+0N/I03wdl/H4rxP32' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
disable-set-cookie: true
via: 1.1 varnish, 1.1 varnish
date: Mon, 19 Feb 2024 18:03:51 GMT
age: 10467
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT, MISS
p3p: true
paypal-debug-id: f959904888064
server-timing: "traceparent;desc="00-0000000000000000000f959904888064-08068ec79777c9fc-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 80564
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230102-FRA, cache-fra-eddf8230102-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f959904888064-02e76fe7655d2872-01
x-timer: S1708365832.991487,VS0,VE7
etag: W/"13ab4-WO4znZCMXsIFYPzO4zKT+AeQSs0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ 117 KB
36 KB 99ms
61ms Script
application/javascript 2a00:1450:400c:c09::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/c00193ed042746b43a57.js?form_app=us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a8915aea1dbb6b2ef9752558fd5d49345859c75806cb19bdae6bbdca814e667

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cqmYkUSSUEL2uJaH1tTxpw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 18:03:52 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-cqmYkUSSUEL2uJaH1tTxpw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/gp/p/_/InstantbuyFrontendHttp/web-reports?context=eJzjKtHikmJw05BiWF4qxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-Z4k48ZxJ885zp3b8XTO--vGTi-fqSSQKINYB4h48Hi5jPdFa-ddNZVYBYd_101lAgdkqfwRoExD71M1hjgFiIm6Njw7l1bAIXvtzjBQD3szQR"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 19 Feb 2024 18:03:52 GMT

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 14 KB
5 KB 30ms
30ms Script
application/x-javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=secure.actblue.com&t=xo&v=5.0.423&source=payments_sdk&client_id=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&disableSetCookie=true&vault=false

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&locale=en_US&disable-funding=credit,card&intent=capture&commit=false&enable-funding=venmo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

60b3d6f335fb548675ac6a3e7f19be96a99187d4e8ba2cdd3e5e4ac766f8013b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-l0pH+ZXGBgkyWi8/PwtfCB+vqA7wW+4vzGjYc1Cfy+pRaRKR' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-l0pH+ZXGBgkyWi8/PwtfCB+vqA7wW+4vzGjYc1Cfy+pRaRKR' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 19 Feb 2024 18:03:52 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 71859
x-cache: HIT, MISS
paypal-debug-id: f234487bf160f
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 4772
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230102-FRA, cache-fra-eddf8230102-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f234487bf160f-2003ad303080827b-01
x-timer: S1708365832.031241,VS0,VE7
etag: W/"3666-v8ssgI5/mmkx82/RSVGdqOy//yE"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=3600
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 buttons Show response
www.paypal.com/smart/ Frame B7A2 431 KB
112 KB 397ms
397ms Document
text/html 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=44&style.menuPlacement=below&allowBillingPayments=true&applePaySupport=false&buttonSessionID=uid_86f04ceeae_mtg6mdm6nti&buttonSize=large&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&clientMetadataID=uid_6d7def97e6_mtg6mdm6nti&commit=false&components.0=buttons&currency=USD&debug=false&disableFunding.0=credit&disableFunding.1=card&disableSetCookie=true&enableFunding.0=venmo&experiment.enableVenmo=false&flow=purchase&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&intent=capture&locale.lang=en&locale.country=US&platform=desktop&renderedButtons.0=paypal&renderedButtons.1=sepa&sessionID=uid_6d7def97e6_mtg6mdm6nti&sdkCorrelationID=060a26a52668b&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UmZW5hYmxlLWZ1bmRpbmc9dmVubW8iLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9mbWdpY3pibHBhZ211bHhpc2F1Z2VianVpb21iamsifX0&sdkVersion=5.0.423&storageID=uid_1a4be94de8_mtg6mdm6nti&supportedNativeBrowser=false&supportsPopups=true&vault=false

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2ddf662546c4e5b6b9bad2f438ab471b9d2c4c37277cc95bc7491fbd0bde357b

Security Headers

Name	Value
Content-Security-Policy	form-action 'self' https://.paypal.com https://.cardinalcommerce.com; default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com: https://.paypalobjects.com https://.googleapis.com https://.firebaseio.com wss://.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://.qualtrics.com; frame-src 'self' https://.paypal.com:* https://.paypalobjects.com https://.cardinalcommerce.com https://.firebaseapp.com https://.qualtrics.com; script-src 'self' https://.paypal.com: https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://.paypal.com:* https://.paypalobjects.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.actblue.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-disposition: inline
content-encoding: gzip
content-security-policy: form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
date: Mon, 19 Feb 2024 18:03:52 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"6bd6e-T33rzBaYm67e9D87JdMPn4pkadY"
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
p3p: true
paypal-debug-id: f328386b3a33c
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: "traceparent;desc="00-0000000000000000000f328386b3a33c-b778729cda810e4d-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f328386b3a33c-2d9bfe0f9275a4a4-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-csrf-jwt: __blank__
x-served-by: cache-fra-eddf8230102-FRA, cache-fra-eddf8230102-FRA
x-timer: S1708365832.051588,VS0,VE389
x-xss-protection: 1; mode=block

GET
H2 200 paypal-blue.svg
www.paypalobjects.com/js-sdk-logos/2.2.7/ Frame 1EE3 3 KB
2 KB 70ms
14ms Image
image/svg+xml 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/js-sdk-logos/2.2.7/paypal-blue.svg

Requested by

Host: secure.actblue.com
URL: https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25%2C50%2C100%2C250%2C500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/4894) /

Resource Hash

25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 18:03:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 1867a673a7a0f
dc: ccg11-origin-www-1.paypal.com
content-length: 1217
last-modified: Tue, 04 Apr 2023 21:46:19 GMT
server: ECAcc (ama/4894)
traceparent: 00-00000000000000000001867a673a7a0f-f3dfb61d7baab926-01
etag: W/"642c9aab-cc2"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Mon, 19 Feb 2024 19:03:52 GMT

GET
H2 200 sepa-default.svg
www.paypalobjects.com/js-sdk-logos/2.2.7/ Frame 1EE3 9 KB
3 KB 70ms
15ms Image
image/svg+xml 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/js-sdk-logos/2.2.7/sepa-default.svg

Requested by

Host: secure.actblue.com
URL: https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25%2C50%2C100%2C250%2C500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/4899) /

Resource Hash

e0d38886fe77a4f965380f314f56745ee497d565a4918afb98fc0f8823de25b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 18:03:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: ccadaf6ad818a
dc: ccg11-origin-www-1.paypal.com
content-length: 3268
last-modified: Tue, 04 Apr 2023 21:46:19 GMT
server: ECAcc (ama/4899)
traceparent: 00-0000000000000000000ccadaf6ad818a-2ed6971948ed8d3f-01
etag: W/"642c9aab-2204"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Mon, 19 Feb 2024 19:03:52 GMT

GET
H2 200 muse.js Show response
www.paypalobjects.com/muse/ 55 KB
16 KB 64ms
15ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/muse.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=secure.actblue.com&t=xo&v=5.0.423&source=payments_sdk&client_id=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&disableSetCookie=true&vault=false

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48DA) /

Resource Hash

20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 18:03:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 27aba563b081a
dc: ccg11-origin-www-1.paypal.com
content-length: 16488
last-modified: Fri, 01 Sep 2023 21:10:59 GMT
server: ECAcc (ama/48DA)
traceparent: 00-000000000000000000027aba563b081a-41135e53c5e6494b-01
etag: "64f25363-daa8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Mon, 19 Feb 2024 19:03:52 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
520 B 180ms
156ms Image
image/gif 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3ANGJ83G9Z8QXZ8-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3ANGJ83G9Z8QXZ8-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=fe4dca86-323c-4442-b2a6-6bd13ac56ad7&fltp=analytics&mrid=NGJ83G9Z8QXZ8&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Joe%20Biden%20%E2%80%94%20Donate%20via%20ActBlue&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1708365832056&g=-60&completeurl=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fem-bfp-rep-february-2024%3Frefcode%3Djb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg%26amount%3D250%26amounts%3D25%252C50%252C100%252C250%252C500%26utm_medium%3Demail%26utm_source%3Dan%26utm_campaign%3Djb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg%26express_lane%3Dtrue%26link_id%3D5%26can_id%3D2ec61d278f01fc3eb7534ead106ced0a%26email_referrer%3Demail_2205036%26email_subject%3Dthis-might-sound-strange-but-donald-trump-is-telling-the-truth%26refcodeEmailReferrer%3Demail_2205036&disableSetCookie=true

Requested by

Host: secure.actblue.com
URL: https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25%2C50%2C100%2C250%2C500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-cache-hits: 0
date: Mon, 19 Feb 2024 18:03:52 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 4754c415e2c47
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-eddf8230048-FRA
pragma: no-cache
correlation-id: 4754c415e2c47
traceparent: 00-00000000000000000004754c415e2c47-5b862c53bd13c109-01
x-timer: S1708365832.082261,VS0,VE149
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 19 Feb 2024 18:03:52 GMT

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame D2D7 19 KB
8 KB 212ms
211ms Document
text/html 2a00:1450:400c:c09::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fsecure.actblue.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cbb4b2cab36dd58b759f1d98b53f88d20bf29845f2f5e41c1a505d940c40204

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-03dwucDtl16U9x6LSzrQ8w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.actblue.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-03dwucDtl16U9x6LSzrQ8w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Mon, 19 Feb 2024 18:03:52 GMT
expires: Mon, 19 Feb 2024 18:03:52 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
reporting-endpoints: default="/gp/p/_/InstantbuyFrontendBuyflowPayframeUi/web-reports?context=eJzjKtHikmJw05BiWF4qxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-Z4k48ZxJ885zp3b8XTO--vGTi-fqSSQKINYB4h48Hi5jPdFa-ddNZVYBYd_101lAgdkqfwRoExD71M1hjgFiIh6Njw7l1bAI7rm9tYAQAK2A0KA"
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 200 dark_gpay.svg
www.gstatic.com/instantbuy/svg/ 2 KB
1 KB 35ms
12ms Image
image/svg+xml 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/instantbuy/svg/dark_gpay.svg

Requested by

Host: secure.actblue.com
URL: https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25%2C50%2C100%2C250%2C500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f383d270511912b2da11555947cb3e6012e6375cb5f0d90493c25f6048169073

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/instantbuy-eng
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/instantbuy-eng
content-encoding: br
x-content-type-options: nosniff
date: Wed, 14 Feb 2024 05:12:07 GMT
age: 478305
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 871
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="instantbuy-eng"
vary: Accept-Encoding
report-to: {"group":"instantbuy-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/instantbuy-eng"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Feb 2025 05:12:07 GMT

GET
H2 200 index.html Show response
www.paypalobjects.com/muse/analytics/ Frame 62B8 55 KB
17 KB 15ms
15ms Document
text/html 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/analytics/index.html

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48B6) /

Resource Hash

7247ab83a30fbd92bf8425aca87dbb9f3f44c1b7facc6f7fd80df157ea6b5e03

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.actblue.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: gzip
content-length: 16892
content-type: text/html
date: Mon, 19 Feb 2024 18:03:52 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "64f25363-dacc"
expires: Mon, 19 Feb 2024 19:03:52 GMT
last-modified: Fri, 01 Sep 2023 21:10:59 GMT
paypal-debug-id: b1da93c8e70ea
server: ECAcc (ama/48B6)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000b1da93c8e70ea-2769d3508a5a61f7-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff

GET
H2 200 /
insight.adsrvr.org/track/pxl/ Frame 02A1 70 B
149 B 106ms
33ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=ncocrig&ct=0:26uxqpk&fmt=3
Requested by: Host: secure.actblue.com
URL: https://secure.actblue.com/pages/em-bfp-rep-february-2024/tracking_code?t=landing&refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25,50,100,250,500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036&auth_token=null
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 18:03:52 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 1.js Show response
zgen2d20.micpn.com/p/js/ Frame 02A1 43 KB
15 KB 41ms
10ms Script
text/javascript 18.244.18.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://zgen2d20.micpn.com/p/js/1.js
Requested by: Host: secure.actblue.com
URL: https://secure.actblue.com/pages/em-bfp-rep-february-2024/tracking_code?t=landing&refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25,50,100,250,500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036&auth_token=null
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-8.fra56.r.cloudfront.net
Software: /
Resource Hash: d4b90daff9bfbb55f91e4f9dea1eff68bee56c60dee2db8520f1f8bb5966a3c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Feb 2024 18:02:40 GMT
content-encoding: gzip
via: 1.1 de5feec87348dd5cbd158a449ae18d38.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P11
age: 72
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
p3p: policyref="https://movableink.com/w3c/p3p.xml", CP="DEVa PSAa PSDa IVAa IVDa OUR IND DSP NON COR NAV UNI"
cache-control: no-cache max-age=0
timing-allow-origin: https://secure.actblue.com
x-amz-cf-id: YbaNFO4DHXPVnh4Pae5F1ZjRJ30Sk9Ho_LfjeBke7eBrBWvdd3pbIg==
x-uuid: 48c2d832-f3c1-4d95-b9be-5d5330b41487
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 02A1 214 KB
58 KB 22ms
9ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: secure.actblue.com
URL: https://secure.actblue.com/pages/em-bfp-rep-february-2024/tracking_code?t=landing&refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25,50,100,250,500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036&auth_token=null

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), fullscreen=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 19 Feb 2024 18:03:52 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57257
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: C2Yx34fszRg5EpcWkanyMfaeCmlkKAg1kk+1rFwysSLS1js1PmFcCsa3f+nbRWd9QVK4Iuo8I1kHzw4z/M/t5g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 noop.js Show response
www.paypalobjects.com/muse/ Frame 62B8 18 B
212 B 179ms
179ms Fetch
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/noop.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (daa/7CCC) /

Resource Hash

0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypalobjects.com/muse/analytics/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 18:03:52 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
paypal-debug-id: b9db193f1a3b6
dc: ccg11-origin-www-1.paypal.com
content-length: 18
last-modified: Sat, 13 Feb 2021 00:26:56 GMT
server: ECAcc (daa/7CCC)
traceparent: 00-0000000000000000000b9db193f1a3b6-583766a138f609fd-01
etag: "60271cd0-12"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Mon, 19 Feb 2024 18:03:51 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
168 B 165ms
165ms Image
image/gif 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3ANGJ83G9Z8QXZ8-1&page=muse%3Aoffer%3A%3A%3ANGJ83G9Z8QXZ8-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=fe4dca86-323c-4442-b2a6-6bd13ac56ad7&es=visitorInfoFlowStarted&mrid=NGJ83G9Z8QXZ8&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Joe%20Biden%20%E2%80%94%20Donate%20via%20ActBlue&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1708365832152&g=-60&completeurl=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fem-bfp-rep-february-2024%3Frefcode%3Djb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg%26amount%3D250%26amounts%3D25%252C50%252C100%252C250%252C500%26utm_medium%3Demail%26utm_source%3Dan%26utm_campaign%3Djb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg%26express_lane%3Dtrue%26link_id%3D5%26can_id%3D2ec61d278f01fc3eb7534ead106ced0a%26email_referrer%3Demail_2205036%26email_subject%3Dthis-might-sound-strange-but-donald-trump-is-telling-the-truth%26refcodeEmailReferrer%3Demail_2205036&disableSetCookie=true

Requested by

Host: secure.actblue.com
URL: https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25%2C50%2C100%2C250%2C500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-cache-hits: 0
date: Mon, 19 Feb 2024 18:03:52 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 96e3b544531d4
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-eddf8230048-FRA
pragma: no-cache
correlation-id: 96e3b544531d4
traceparent: 00-000000000000000000096e3b544531d4-1266ced7bef43222-01
x-timer: S1708365832.154828,VS0,VE158
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 19 Feb 2024 18:03:52 GMT

GET
H2 200 1663341264181988 Show response
connect.facebook.net/signals/config/ Frame 02A1 53 KB
11 KB 73ms
70ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1663341264181988?v=2.9.147&r=stable&domain=secure.actblue.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e8a17b9c954224920f75c8f25a59e2821b1e15ffa0f678b742dc5f7a3428cb7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), fullscreen=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 19 Feb 2024 18:03:52 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: 3PPP5Ue9GAGbcg/oFgxUSB0hCSA9Pwn0ryTwks/zLlvIUtOysQqLuz0tnPSGQCA7juB2V1sHjlN6/NGOb9MC8Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 02A1 0
185 B 22ms
8ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1663341264181988&ev=PageView&dl=https%3A%2F%2Fsecure.actblue.com%2Fpages%2Fem-bfp-rep-february-2024%2Ftracking_code%3Ft%3Dlanding%26refcode%3Djb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg%26amount%3D250%26amounts%3D25%2C50%2C100%2C250%2C500%26utm_medium%3Demail%26utm_source%3Dan%26utm_campaign%3Djb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg%26express_lane%3Dtrue%26link_id%3D5%26can_id%3D2ec61d278f01fc3eb7534ead106ced0a%26email_referrer%3Demail_2205036%26email_subject%3Dthis-might-sound-strange-but-donald-trump-is-telling-the-truth%26refcodeEmailReferrer%3Demail_2205036%26auth_token%3Dnull&rl=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fem-bfp-rep-february-2024%3Frefcode%3Djb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg%26amount%3D250%26amounts%3D25%2C50%2C100%2C250%2C500%26utm_medium%3Demail%26utm_source%3Dan%26utm_campaign%3Djb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg%26express_lane%3Dtrue%26link_id%3D5%26can_id%3D2ec61d278f01fc3eb7534ead106ced0a%26email_referrer%3Demail_2205036%26email_subject%3Dthis-might-sound-strange-but-donald-trump-is-telling-the-truth%26refcodeEmailReferrer%3Demail_2205036&if=true&ts=1708365832256&sw=1600&sh=1200&v=2.9.147&r=stable&ec=0&o=4126&fbp=fb.1.1708365832256.1957399398&cdl=API_unavailable&it=1708365832176&coo=false&exp=e1&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 19 Feb 2024 18:03:52 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.p7aZ1b-ki3E.es5.O/am=wCAN/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame D2D7 157 KB
56 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.p7aZ1b-ki3E.es5.O/am=wCAN/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfriLSSKKVP2pgH40Mxb3i0V3BPZmfg/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fsecure.actblue.com&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ba25e3b25d77e28903b431c589f20ea5a41cf83251a40862247a7b01b4680a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 03:30:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 311573
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56840
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 08:05:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Feb 2025 03:30:59 GMT

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame D2D7 2 KB
2 KB 120ms
120ms Other
text/html 2a00:1450:400c:c09::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: secure.actblue.com
URL: https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25,50,100,250,500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c09::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 19 Feb 2024 18:03:52 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H3 200 m=Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.p7aZ1b-ki3E.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.MBICSy... Frame D2D7 75 KB
27 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.p7aZ1b-ki3E.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.MBICSy3tTJ4.L.B1.O/am=wCAN/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrhP0P9S7TeMd2UJcqW0S4QyfEMT3A/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.p7aZ1b-ki3E.es5.O/am=wCAN/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfriLSSKKVP2pgH40Mxb3i0V3BPZmfg/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d85b4e93245e49003b3ec3076c49380f50ff20cbf81d6ee948ba3ef81ce4002

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 17:37:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 433595
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27796
x-xss-protection: 0
last-modified: Tue, 30 Jan 2024 14:10:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Feb 2025 17:37:17 GMT

POST
H2 200 graphql Show response
www.paypal.com/targeting/ Frame 62B8 444 B
2 KB 359ms
359ms Fetch
application/json 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql?disableSetCookie=true

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8269816bf71c9b296591287b170e7f8010bc2f43e103eeb98e42a26c12b6fc98

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; img-src 'self' https:; script-src 'nonce-8pc5VpdDtTwEFgQDl/CsJe6TsQ1sb1hzJC3+DMrsyBg0T9qF' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; object-src 'none'; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypalobjects.com/
disable-set-cookie: true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-8pc5VpdDtTwEFgQDl/CsJe6TsQ1sb1hzJC3+DMrsyBg0T9qF' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Mon, 19 Feb 2024 18:03:52 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
paypal-debug-id: f933327eb6a48
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230102-FRA, cache-fra-eddf8230102-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f933327eb6a48-fd29d88839d28cec-01
x-timer: S1708365833.537578,VS0,VE352
etag: W/"1bc-vdaPtTqQRIWumD9j4s4JgUyVRD0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 0, 0

OPTIONS
H2 204 graphql
www.paypal.com/targeting/ Frame 0
0 196ms
183ms Preflight 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql?disableSetCookie=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,disable-set-cookie
Access-Control-Request-Method: POST
Origin: https://www.paypalobjects.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,disable-set-cookie
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Mon, 19 Feb 2024 18:03:52 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f3283865fb808
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f3283865fb808-01485314f3862ecc-01
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-served-by: cache-fra-eddf8230055-FRA, cache-fra-eddf8230055-FRA
x-timer: S1708365832.354559,VS0,VE175

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame D2D7 1 MB
377 KB 67ms
67ms XHR
text/html 2a00:1450:400c:c09::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c09::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ef77f9438e034fb51e73cd81c20f7734ca0b68b328e9b99df37aec44c4a0f593

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-l57_C1Sg3xfWs2tdkuOR1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 18:03:52 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-l57_C1Sg3xfWs2tdkuOR1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/gp/p/_/InstantbuyFrontendBuyflowPayUi/web-reports?context=eJzjKtHikmJw05BiWF4qxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-Z4k48ZxJ885zp3b8XTO--vGTi-fqSSQKINYB4h48Hi5jPdFa-ddNZVYBYd_101lAgdkqfwRoExD71M1hjgFiIh6Njw7l1bAIzWo7uYAQAKhQz_Q"
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 19 Feb 2024 18:03:52 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.p7aZ1b-ki3E.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.MBICSy... Frame D2D7 10 KB
4 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.p7aZ1b-ki3E.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.MBICSy3tTJ4.L.B1.O/am=wCAN/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrhP0P9S7TeMd2UJcqW0S4QyfEMT3A/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1aaf60a81d664d1aeeeffcc14a9a5f3d058cccd37a689c66d2c5a480cba6a243

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 17:34:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 347338
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4134
x-xss-protection: 0
last-modified: Tue, 30 Jan 2024 14:10:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Feb 2025 17:34:54 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.p7aZ1b-ki3E.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.MBICSy... Frame D2D7 37 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.p7aZ1b-ki3E.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.MBICSy3tTJ4.L.B1.O/am=wCAN/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrhP0P9S7TeMd2UJcqW0S4QyfEMT3A/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

428573ea8d471499c805dc4fc7642dbfe3a40db95c425099583fe10ee39b1bbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 17:37:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 433595
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14367
x-xss-protection: 0
last-modified: Tue, 30 Jan 2024 14:10:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Feb 2025 17:37:17 GMT

POST
H3 200 log Show response
play.google.com/ Frame D2D7 131 B
155 B 49ms
35ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 19 Feb 2024 18:03:52 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 19 Feb 2024 18:03:52 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 34ms
13ms Preflight
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 19 Feb 2024 18:03:52 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 33ms
13ms Preflight
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 19 Feb 2024 18:03:52 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame D2D7 131 B
155 B 47ms
34ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 19 Feb 2024 18:03:52 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 19 Feb 2024 18:03:52 GMT

POST
H3 200 log Show response
play.google.com/ Frame D2D7 131 B
155 B 48ms
36ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 19 Feb 2024 18:03:52 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 19 Feb 2024 18:03:52 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 34ms
14ms Preflight
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 19 Feb 2024 18:03:52 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame D2D7 131 B
155 B 44ms
32ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 19 Feb 2024 18:03:52 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 19 Feb 2024 18:03:52 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 34ms
15ms Preflight
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 19 Feb 2024 18:03:52 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 33ms
14ms Preflight
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 19 Feb 2024 18:03:52 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame D2D7 131 B
155 B 46ms
33ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 19 Feb 2024 18:03:52 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 19 Feb 2024 18:03:52 GMT

POST
H3 200 log Show response
play.google.com/ Frame D2D7 131 B
155 B 47ms
35ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 19 Feb 2024 18:03:52 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 19 Feb 2024 18:03:52 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 33ms
14ms Preflight
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 19 Feb 2024 18:03:52 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame D2D7 131 B
155 B 46ms
34ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 19 Feb 2024 18:03:52 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 19 Feb 2024 18:03:52 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 33ms
15ms Preflight
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 19 Feb 2024 18:03:52 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 js Show response
www.paypal.com/sdk/ Frame B7A2 296 KB
80 KB 20ms
19ms Script
application/javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=44&style.menuPlacement=below&allowBillingPayments=true&applePaySupport=false&buttonSessionID=uid_86f04ceeae_mtg6mdm6nti&buttonSize=large&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&clientMetadataID=uid_6d7def97e6_mtg6mdm6nti&commit=false&components.0=buttons&currency=USD&debug=false&disableFunding.0=credit&disableFunding.1=card&disableSetCookie=true&enableFunding.0=venmo&experiment.enableVenmo=false&flow=purchase&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&intent=capture&locale.lang=en&locale.country=US&platform=desktop&renderedButtons.0=paypal&renderedButtons.1=sepa&sessionID=uid_6d7def97e6_mtg6mdm6nti&sdkCorrelationID=060a26a52668b&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UmZW5hYmxlLWZ1bmRpbmc9dmVubW8iLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9mbWdpY3pibHBhZ211bHhpc2F1Z2VianVpb21iamsifX0&sdkVersion=5.0.423&storageID=uid_1a4be94de8_mtg6mdm6nti&supportedNativeBrowser=false&supportsPopups=true&vault=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2e3380474214974e632234f1b8ba2df0109f2bbdde0085de13a36eb74297d476

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-t1AuQ6LqJukwSKNoO2dxnEaZ6lAvMb+0N/I03wdl/H4rxP32' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-t1AuQ6LqJukwSKNoO2dxnEaZ6lAvMb+0N/I03wdl/H4rxP32' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=44&style.menuPlacement=below&allowBillingPayments=true&applePaySupport=false&buttonSessionID=uid_86f04ceeae_mtg6mdm6nti&buttonSize=large&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&clientMetadataID=uid_6d7def97e6_mtg6mdm6nti&commit=false&components.0=buttons&currency=USD&debug=false&disableFunding.0=credit&disableFunding.1=card&disableSetCookie=true&enableFunding.0=venmo&experiment.enableVenmo=false&flow=purchase&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&intent=capture&locale.lang=en&locale.country=US&platform=desktop&renderedButtons.0=paypal&renderedButtons.1=sepa&sessionID=uid_6d7def97e6_mtg6mdm6nti&sdkCorrelationID=060a26a52668b&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UmZW5hYmxlLWZ1bmRpbmc9dmVubW8iLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9mbWdpY3pibHBhZ211bHhpc2F1Z2VianVpb21iamsifX0&sdkVersion=5.0.423&storageID=uid_1a4be94de8_mtg6mdm6nti&supportedNativeBrowser=false&supportsPopups=true&vault=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-t1AuQ6LqJukwSKNoO2dxnEaZ6lAvMb+0N/I03wdl/H4rxP32' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-t1AuQ6LqJukwSKNoO2dxnEaZ6lAvMb+0N/I03wdl/H4rxP32' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
disable-set-cookie: true
via: 1.1 varnish, 1.1 varnish
date: Mon, 19 Feb 2024 18:03:52 GMT
age: 10467
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT, MISS
p3p: true
paypal-debug-id: f959904888064
server-timing: "traceparent;desc="00-0000000000000000000f959904888064-08068ec79777c9fc-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 80564
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230102-FRA, cache-fra-eddf8230102-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f959904888064-02e76fe7655d2872-01
x-timer: S1708365832.454533,VS0,VE12
etag: W/"13ab4-WO4znZCMXsIFYPzO4zKT+AeQSs0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 2, 0

GET
DATA 200
OK truncated
/ Frame B7A2 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame B7A2 9 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0d38886fe77a4f965380f314f56745ee497d565a4918afb98fc0f8823de25b6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 trackables
secure.actblue.com/ 0
0 457ms
457ms Fetch
text/html 151.101.128.174
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.actblue.com/trackables

Requested by

Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/c00193ed042746b43a57.js?form_app=us

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.128.174 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25%2C50%2C100%2C250%2C500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Mon, 19 Feb 2024 18:03:53 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=31536000
status: 200 OK
x-start: 2024-02-19 18:03:52.649
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-timer: S1708365833.677672,VS0,VE349
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html
cache-control: private, no-store
accept-ranges: bytes

GET
H2 200 s.js Show response
cdn.sift.com/ 62 KB
21 KB 61ms
8ms Script
application/javascript 34.96.67.224
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.sift.com/s.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.67.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

224.67.96.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

eeedc1abe03200da1b9ad6c8d55cfc0c7a5f8c47e492d5826f64f3e719eacb76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 15:54:16 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1908576
x-guploader-uploadid: ABPtcPrHUF8Zi7uLGX9Dxv0nPQ9H60N_fG5zl_2dz3XGph5cI2oDfkUro9LQtnq0IO9KP-yk-us
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20500
last-modified: Tue, 28 Feb 2023 22:39:30 GMT
server: UploadServer
etag: "476f50cbc514dd2a147e8856d7d6a2eb"
x-goog-generation: 1677623970358201
x-goog-hash: crc32c=v7KhDA==, md5=R29Qy8UU3SoUfohW19ai6w==
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: no-transform
x-goog-stored-content-length: 20500
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 27 Jan 2025 15:54:16 GMT

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ Frame B7A2 1 KB
1 KB 234ms
233ms XHR
application/json 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ef28a517f8f37d10c275ab3ee8ab2a648735e5bb9a16a65c6401d9c0522a4265

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.paypal.com/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=44&style.menuPlacement=below&allowBillingPayments=true&applePaySupport=false&buttonSessionID=uid_86f04ceeae_mtg6mdm6nti&buttonSize=large&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&clientMetadataID=uid_6d7def97e6_mtg6mdm6nti&commit=false&components.0=buttons&currency=USD&debug=false&disableFunding.0=credit&disableFunding.1=card&disableSetCookie=true&enableFunding.0=venmo&experiment.enableVenmo=false&flow=purchase&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&intent=capture&locale.lang=en&locale.country=US&platform=desktop&renderedButtons.0=paypal&renderedButtons.1=sepa&sessionID=uid_6d7def97e6_mtg6mdm6nti&sdkCorrelationID=060a26a52668b&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UmZW5hYmxlLWZ1bmRpbmc9dmVubW8iLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9mbWdpY3pibHBhZ211bHhpc2F1Z2VianVpb21iamsifX0&sdkVersion=5.0.423&storageID=uid_1a4be94de8_mtg6mdm6nti&supportedNativeBrowser=false&supportsPopups=true&vault=false
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
content-type: application/json

Response headers

date: Mon, 19 Feb 2024 18:03:52 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS, MISS
paypal-debug-id: f933327961fa8
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-fra-eddf8230102-FRA, cache-fra-eddf8230102-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f933327961fa8-14b5613ef38fef49-01
x-timer: S1708365833.669883,VS0,VE225
etag: W/"400-DPAf1sxWRsom4Pb4ZG+8zZEJsCA"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
x-cache-hits: 0, 0

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1014 B
888 B 199ms
199ms XHR
application/json 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Requested by

Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/c00193ed042746b43a57.js?form_app=us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

30684e0985ad3e9b972182afb32ae5334febeec8e3d2c3a70953c47d92160b96

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://secure.actblue.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
content-type: application/json

Response headers

date: Mon, 19 Feb 2024 18:03:53 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS, MISS
paypal-debug-id: f9333275be180
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-fra-eddf8230055-FRA, cache-fra-eddf8230055-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f9333275be180-a822382e69f60dbe-01
x-timer: S1708365833.848933,VS0,VE192
etag: W/"3f6-z7E2i1NQHLmh0ZGuZKEOs1Vi5Rw"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://secure.actblue.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
x-cache-hits: 0, 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 178ms
177ms Preflight 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://secure.actblue.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://secure.actblue.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-length: 0
date: Mon, 19 Feb 2024 18:03:52 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f933327013ea5
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f933327013ea5-19c027306cff8170-01
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-served-by: cache-fra-eddf8230055-FRA, cache-fra-eddf8230055-FRA
x-timer: S1708365833.670833,VS0,VE170

POST
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame B7A2 1 KB
837 B 226ms
226ms Ping
application/json 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3ceaf0b7ffa55e9d2040f70177a7bcab7d0e8d58da8f95e158d6d970c1136286

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=44&style.menuPlacement=below&allowBillingPayments=true&applePaySupport=false&buttonSessionID=uid_86f04ceeae_mtg6mdm6nti&buttonSize=large&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&clientMetadataID=uid_6d7def97e6_mtg6mdm6nti&commit=false&components.0=buttons&currency=USD&debug=false&disableFunding.0=credit&disableFunding.1=card&disableSetCookie=true&enableFunding.0=venmo&experiment.enableVenmo=false&flow=purchase&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&intent=capture&locale.lang=en&locale.country=US&platform=desktop&renderedButtons.0=paypal&renderedButtons.1=sepa&sessionID=uid_6d7def97e6_mtg6mdm6nti&sdkCorrelationID=060a26a52668b&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UmZW5hYmxlLWZ1bmRpbmc9dmVubW8iLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9mbWdpY3pibHBhZ211bHhpc2F1Z2VianVpb21iamsifX0&sdkVersion=5.0.423&storageID=uid_1a4be94de8_mtg6mdm6nti&supportedNativeBrowser=false&supportsPopups=true&vault=false
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 19 Feb 2024 18:03:52 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS, MISS
paypal-debug-id: f933327e3e906
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-fra-eddf8230102-FRA, cache-fra-eddf8230102-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f933327e3e906-357cc3f412b809e6-01
x-timer: S1708365833.689214,VS0,VE208
etag: W/"402-/kDgxtpfdwjeFaExE2gE3lplNo4"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
x-cache-hits: 0, 0

GET
H2 200 772645.gif
hexagon-analytics.com/images/ 43 B
297 B 138ms
103ms Image
image/gif 34.102.232.42
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hexagon-analytics.com/images/772645.gif?bk=19482a20cc&tm=110&r=613470953&v=106&cs=UTF-8&h=secure.actblue.com&l=en-US&S=fe05108006990832914f91bbdca369ad&uu=6f0a553224aff6a072a00a48ada936c&t=Joe%20Biden%20%E2%80%94%20Donate%20via%20ActBlue&u=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fem-bfp-rep-february-2024%3Frefcode%3Djb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-ur&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F121.0.6167.184%20Safari%2F537.36&nm=4&mh=fe407dda3b01b3e3c72476fe7bf9f870&np=3&ph=596d9e73a4a75c4ceee60ad7b54864b3&sh=1200&sw=1600&cd=24&p=Win32&to=-60&d=60&ce=true&tp=0&ol=true&pr=Gecko&ps=20030107&vd=Google%20Inc.&vs=&hc=4&je=false&ss=true&ls=true&in=true&db=false&tl=false&tr=false&ts=false&tb=false&ab=false&cf=12cbadb82d688a3efa72109e23f43cfa&z=z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.232.42 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

42.232.102.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Feb 2024 18:03:52 GMT
via: 1.1 google
x-content-type-options: nosniff
server: nginx
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
188 B 191ms
191ms Image
image/gif 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3ANGJ83G9Z8QXZ8-1&page=muse%3Aoffer%3A%3A%3ANGJ83G9Z8QXZ8-1%3A%3AvisitorInfo%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=fe4dca86-323c-4442-b2a6-6bd13ac56ad7&es=visitorInfo&cust=identified&mrid=NGJ83G9Z8QXZ8&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Joe%20Biden%20%E2%80%94%20Donate%20via%20ActBlue&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&unsc=99&identifier_used=DFP&e=im&t=1708365832897&g=-60&completeurl=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fem-bfp-rep-february-2024%3Frefcode%3Djb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg%26amount%3D250%26amounts%3D25%252C50%252C100%252C250%252C500%26utm_medium%3Demail%26utm_source%3Dan%26utm_campaign%3Djb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg%26express_lane%3Dtrue%26link_id%3D5%26can_id%3D2ec61d278f01fc3eb7534ead106ced0a%26email_referrer%3Demail_2205036%26email_subject%3Dthis-might-sound-strange-but-donald-trump-is-telling-the-truth%26refcodeEmailReferrer%3Demail_2205036&disableSetCookie=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-cache-hits: 0
date: Mon, 19 Feb 2024 18:03:53 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 1e6dc90c0ff59
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-eddf8230048-FRA
pragma: no-cache
correlation-id: 1e6dc90c0ff59
traceparent: 00-00000000000000000001e6dc90c0ff59-9cd8414497a0d77e-01
x-timer: S1708365833.900776,VS0,VE181
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 19 Feb 2024 18:03:52 GMT

POST
H2 200 / Show response
proxy-service.actblue.com/track/ 25 B
353 B 168ms
168ms XHR
application/json 151.101.0.174
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://proxy-service.actblue.com/track/?verbose=1&ip=1&_=1708365836713

Requested by

Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/c00193ed042746b43a57.js?form_app=us

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.174 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://secure.actblue.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=604800; includeSubDomains
via: 1.1 google, 1.1 varnish
date: Mon, 19 Feb 2024 18:03:56 GMT
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://secure.actblue.com
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 33
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
content-length: 25

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
secure.actblue.com/cf/assets/app-css	1969-12-31 23:59:59	Name: skip_prefill_check Value: true
secure.actblue.com/cf/assets/app	1969-12-31 23:59:59	Name: skip_prefill_check Value: true
secure.actblue.com/cf/assets	1969-12-31 23:59:59	Name: skip_prefill_check Value: true
secure.actblue.com/donate	1969-12-31 23:59:59	Name: skip_prefill_check Value: true
.actblue.com/	1970-01-21 03:18:21	Name: mp_1498bce7991dd9e45621a9bf2dbfa01b_mixpanel Value: %7B%22distinct_id%22%3A%20%22%24device%3A18dc289de213cd-08a4e8689337ce-6e3e5652-1d4c00-18dc289de213cd%22%2C%22%24device_id%22%3A%20%2218dc289de213cd-08a4e8689337ce-6e3e5652-1d4c00-18dc289de213cd%22%2C%22__mps%22%3A%20%7B%7D%2C%22__mpso%22%3A%20%7B%22initial_utm_source%22%3A%20%22an%22%2C%22initial_utm_medium%22%3A%20%22email%22%2C%22initial_utm_campaign%22%3A%20%22jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg%22%2C%22initial_utm_content%22%3A%20null%2C%22initial_utm_term%22%3A%20null%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D%2C%22__mpus%22%3A%20%7B%7D%2C%22__mpa%22%3A%20%7B%7D%2C%22__mpu%22%3A%20%7B%7D%2C%22__mpr%22%3A%20%5B%5D%2C%22__mpap%22%3A%20%5B%5D%2C%22utm_source%22%3A%20%22an%22%2C%22utm_medium%22%3A%20%22email%22%2C%22utm_campaign%22%3A%20%22jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.actblue.com/	1970-01-20 20:42:21	Name: _gcl_au Value: 1.1.817598308.1708365832
.actblue.com/	1970-01-21 04:08:45	Name: _ga Value: GA1.1.960957641.1708365832
.doubleclick.net/	1970-01-20 18:32:46	Name: test_cookie Value: CheckForPermission
.secure.actblue.com/	1970-01-20 18:32:49	Name: _session_id Value: 39f977db843f8df5aa3a09e9fd04f8c0
.actblue.com/	1970-01-20 20:42:21	Name: _fbp Value: fb.1.1708365832256.1957399398
.google.com/	1970-01-20 22:56:17	Name: NID Value: 511=ahNxmA57HbQZS9lE-n98qKq2Mk_7XJH4Mhn_yIFU5WwbDdgdzUSoZN4Gt2fiyQVcIYscnzklDvPZQy283IdVsMDqhLt7RJHz4OnM7DbhhahGnqKiZMpIxm7fVk8o8mRVo42AoGqybzx_gOcDetQdzaYpg4rwZlgxlWwxBRQ685I
.paypal.com/	1970-01-20 18:37:05	Name: tsrce Value: smartcomponentnodeweb
.paypal.com/	1970-01-20 18:32:47	Name: l7_az Value: dcg15.slc
.paypal.com/	1970-01-21 04:08:45	Name: ts Value: vreXpYrS%3D1803060232%26vteXpYrS%3D1708367632%26vr%3Dc289dfce18d0aa38584f5abaf808796f%26vt%3Dc289dfce18d0aa38584f5abaf808796e%26vtyp%3Dnew
.paypal.com/	1970-01-21 04:08:45	Name: ts_c Value: vr%3Dc289dfce18d0aa38584f5abaf808796f%26vt%3Dc289dfce18d0aa38584f5abaf808796e
.actblue.com/	1970-01-21 04:08:45	Name: __ssid Value: 6f0a553224aff6a072a00a48ada936c
.actblue.com/	1970-01-21 04:08:45	Name: _ga_YNXV4B4VH3 Value: GS1.1.1708365831.1.1.1708365832.0.0.0
secure.actblue.com/	1970-01-20 18:32:46	Name: _dd_s Value: logs=1&id=6c1307a1-0b27-415b-a52e-32c84ad61c42&created=1708365831629&expire=1708366731629

48 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25,50,100,250,500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25,50,100,250,500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25%2C50%2C100%2C250%2C500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	warning	URL: https://secure.actblue.com/pages/em-bfp-rep-february-2024/tracking_code?t=landing&refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25,50,100,250,500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036&auth_token=null(Line 6) Message: document.domain mutation is ignored because the surrounding agent cluster is origin-keyed.
other	warning	URL: https://connect.facebook.net/signals/config/1663341264181988?v=2.9.147&r=stable&domain=secure.actblue.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 95) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25%2C50%2C100%2C250%2C500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25%2C50%2C100%2C250%2C500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25%2C50%2C100%2C250%2C500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25%2C50%2C100%2C250%2C500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25%2C50%2C100%2C250%2C500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25%2C50%2C100%2C250%2C500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25%2C50%2C100%2C250%2C500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25%2C50%2C100%2C250%2C500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25%2C50%2C100%2C250%2C500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25%2C50%2C100%2C250%2C500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25%2C50%2C100%2C250%2C500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25%2C50%2C100%2C250%2C500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25%2C50%2C100%2C250%2C500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25%2C50%2C100%2C250%2C500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25%2C50%2C100%2C250%2C500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25%2C50%2C100%2C250%2C500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25%2C50%2C100%2C250%2C500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25%2C50%2C100%2C250%2C500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25%2C50%2C100%2C250%2C500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25%2C50%2C100%2C250%2C500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25%2C50%2C100%2C250%2C500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25%2C50%2C100%2C250%2C500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25%2C50%2C100%2C250%2C500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25%2C50%2C100%2C250%2C500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25%2C50%2C100%2C250%2C500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25%2C50%2C100%2C250%2C500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25%2C50%2C100%2C250%2C500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25%2C50%2C100%2C250%2C500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25%2C50%2C100%2C250%2C500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25%2C50%2C100%2C250%2C500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25%2C50%2C100%2C250%2C500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25%2C50%2C100%2C250%2C500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25%2C50%2C100%2C250%2C500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25%2C50%2C100%2C250%2C500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25%2C50%2C100%2C250%2C500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25%2C50%2C100%2C250%2C500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25%2C50%2C100%2C250%2C500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25%2C50%2C100%2C250%2C500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25%2C50%2C100%2C250%2C500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25%2C50%2C100%2C250%2C500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://secure.actblue.com/donate/em-bfp-rep-february-2024?refcode=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&amount=250&amounts=25%2C50%2C100%2C250%2C500&utm_medium=email&utm_source=an&utm_campaign=jb_em_fr_20240215_b4_bfp_actives1_rtb_tra_fl_na-urg&express_lane=true&link_id=5&can_id=2ec61d278f01fc3eb7534ead106ced0a&email_referrer=email_2205036&email_subject=this-might-sound-strange-but-donald-trump-is-telling-the-truth&refcodeEmailReferrer=email_2205036 Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'none'; report-uri /system/csp_reports
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
actblue-indigo-uploads.s3.amazonaws.com
cdn.sift.com
click.actionnetwork.org
connect.facebook.net
googleads.g.doubleclick.net
hexagon-analytics.com
insight.adsrvr.org
pay.google.com
play.google.com
proxy-service.actblue.com
region1.google-analytics.com
secure.actblue.com
sessions.bugsnag.com
t.paypal.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
zgen2d20.micpn.com
142.250.185.194
151.101.0.174
151.101.1.35
151.101.128.174
151.101.193.21
18.244.18.8
192.229.221.25
2001:4860:4802:34::36
2600:1901:0:7a0b::
2606:4700:10::6816:76b
2a00:1450:4001:806::200e
2a00:1450:4001:80b::2008
2a00:1450:4001:812::2004
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2003
2a00:1450:4001:831::2002
2a00:1450:400c:c09::5c
2a00:1450:400c:c0c::54
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
34.102.232.42
34.96.67.224
35.71.131.137
52.217.86.140
0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09
13081a347b633fadb2e59072bf5b080e46bc9afc61520321d22d30b556c5ee29
1684fe29db5da4299c09d68c28a99585bff5282441e2109b62fc7bf9b5da84f6
1aaf60a81d664d1aeeeffcc14a9a5f3d058cccd37a689c66d2c5a480cba6a243
20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b
2d7a2a28fa87f8291c2508013eee93375bb7211fc70042965c994a46905acb19
2ddf662546c4e5b6b9bad2f438ab471b9d2c4c37277cc95bc7491fbd0bde357b
2e3380474214974e632234f1b8ba2df0109f2bbdde0085de13a36eb74297d476
30684e0985ad3e9b972182afb32ae5334febeec8e3d2c3a70953c47d92160b96
3ba25e3b25d77e28903b431c589f20ea5a41cf83251a40862247a7b01b4680a1
3ceaf0b7ffa55e9d2040f70177a7bcab7d0e8d58da8f95e158d6d970c1136286
3daa447ce725debe3b8cd56b75b1cd99584f7770f4aa4d202bf07e3688b6b202
4239bbf75dceef4ae5c4cf203d0cbdf5f79dbee2c01fe939a7e5e7a0f2685fa8
428573ea8d471499c805dc4fc7642dbfe3a40db95c425099583fe10ee39b1bbb
4cbb4b2cab36dd58b759f1d98b53f88d20bf29845f2f5e41c1a505d940c40204
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
60b3d6f335fb548675ac6a3e7f19be96a99187d4e8ba2cdd3e5e4ac766f8013b
6b80f8c7ff45634f43c1407a75349f5524b00ca4a22313b1f3f626dcbd609ce4
6d85b4e93245e49003b3ec3076c49380f50ff20cbf81d6ee948ba3ef81ce4002
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
7247ab83a30fbd92bf8425aca87dbb9f3f44c1b7facc6f7fd80df157ea6b5e03
72737eea0c8de212316c623e267af65ab0b0bed9449d975eff48a429ccc3d232
74b0e0aa3d80a558b6275431c99fce9238b80ebbd1af8aafd1dbba4890d412ff
7c690a6ebb2eef51e8ccc66161b02197c22f388f1fc23c89e0f5c7b70e1eac50
7e8a17b9c954224920f75c8f25a59e2821b1e15ffa0f678b742dc5f7a3428cb7
8269816bf71c9b296591287b170e7f8010bc2f43e103eeb98e42a26c12b6fc98
8a2754e762bf2d64119baa6aac02d89ddb9a6efea390bc72096a9b21669c9d45
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9a8915aea1dbb6b2ef9752558fd5d49345859c75806cb19bdae6bbdca814e667
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
ab752339ce1284d73fffb260230bfe522c7255f5ff2ec045f77bfc1955a8a38f
ade06b2b7d9abb461d5099cdc0f372808f535d3fa1fe648b32dca3567e3a4989
d4b90daff9bfbb55f91e4f9dea1eff68bee56c60dee2db8520f1f8bb5966a3c3
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
e0d38886fe77a4f965380f314f56745ee497d565a4918afb98fc0f8823de25b6
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7a17d448ce2deae2459d1ed87980c2f0f1cae0e5fb329f93d6fa953a9081c61
eeedc1abe03200da1b9ad6c8d55cfc0c7a5f8c47e492d5826f64f3e719eacb76
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef28a517f8f37d10c275ab3ee8ab2a648735e5bb9a16a65c6401d9c0522a4265
ef77f9438e034fb51e73cd81c20f7734ca0b68b328e9b99df37aec44c4a0f593
f383d270511912b2da11555947cb3e6012e6375cb5f0d90493c25f6048169073

secure.actblue.com Open in urlscan Pro 151.101.128.174 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

71 Requests

99 %HTTPS

54 %IPv6

19 Domains

24 Subdomains

24 IPs

3 Countries

2297 kBTransfer

6272 kBSize

18 Cookies

2 Outgoing links

Page URL History

Redirected requests

71 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

secure.actblue.com Open in urlscan Pro
151.101.128.174 Public Scan

Screenshot
Live screenshot

Full Image

71
Requests

99 %
HTTPS

54 %
IPv6

19
Domains

24
Subdomains

24
IPs

3
Countries

2297 kB
Transfer

6272 kB
Size

18
Cookies

71 HTTP transactions
2 data transactions