urlscan.io logo urlscan.io
SecurityTrails logo

secure.actblue.com Open in urlscan Pro
151.101.192.174  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://url1005.email.actionnetwork.org/ss/c/-w-PBYphAHFNr8N38uSu-9PwIbLn1iBAsdOheXhhO44rZqalLgyKZ0snwx7oJsSfEavzUmI7FI0JCBxf7__j1f3oNMp...
Effective URL: https://secure.actblue.com/donate/jfcp-em-ddc-call?amount=5&link_id=2&can_id=b916225ab18c8f57528f09b0fd3aff7c&source=email-...
Submission: On February 03 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 3 countries across 14 domains to perform 63 HTTP transactions. The main IP is 151.101.192.174, located in United States and belongs to FASTLY, US. The main domain is secure.actblue.com. The Cisco Umbrella rank of the primary domain is 63007.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2022 Q3 on September 20th 2022. Valid for: a year.
This is the only time secure.actblue.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2606:4700::6812:13bc (United States)

ASN13335 (CLOUDFLARENET, US)
url1005.email.actionnetwork.org
2    3.215.131.20 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-131-20.compute-1.amazonaws.com
janepac.com
9    151.101.192.174 (United States)

ASN54113 (FASTLY, US)
secure.actblue.com
1    52.217.78.116 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
actblue-indigo-uploads.s3.amazonaws.com
1    2600:1901:0:498c:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
cdn.mxpnl.com
4    2600:1901:0:7a0b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
sessions.bugsnag.com
1    108.138.6.236 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-6-236.fra56.r.cloudfront.net
www.datadoghq-browser-agent.com
1    2a00:1450:400d:807::2008 (Ireland)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    2a00:1450:4025:401::9a (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
19    192.229.221.25 (United States)

ASN15133 (EDGECAST, US)
www.paypal.com
www.paypalobjects.com
t.paypal.com
c.paypal.com
4    2a00:1450:4013:c00::5c (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
pay.google.com
5    2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)
www.gstatic.com
15    2a00:1450:400d:80d::200e (Ireland)

ASN15169 (GOOGLE, US)
play.google.com
2    64.4.245.84 (United States)

ASN17012 (PAYPAL, US)
b.stats.paypal.com
dub.stats.paypal.com
1    2606:2800:233:ce53:4396:b914:64c2:638e (United States)

ASN15133 (EDGECAST, US)
c6.paypal.com
1    107.178.240.159 (None, )

ASN- ()
api-js.mixpanel.com
Apex Domain
Subdomains		 Transfer
20 paypal.com
www.paypal.com — Cisco Umbrella Rank: 2392
t.paypal.com — Cisco Umbrella Rank: 3176
c.paypal.com — Cisco Umbrella Rank: 5826
b.stats.paypal.com — Cisco Umbrella Rank: 5130
dub.stats.paypal.com — Cisco Umbrella Rank: 23307
c6.paypal.com — Cisco Umbrella Rank: 6726
345 KB
19 google.com
pay.google.com — Cisco Umbrella Rank: 2844
play.google.com — Cisco Umbrella Rank: 16
400 KB
9 actblue.com
secure.actblue.com — Cisco Umbrella Rank: 63007
681 KB
5 gstatic.com
www.gstatic.com
104 KB
4 bugsnag.com
sessions.bugsnag.com — Cisco Umbrella Rank: 754
175 B
2 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2284
33 KB
2 janepac.com
janepac.com
1 KB
1 mixpanel.com
api-js.mixpanel.com
371 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
337 B
1 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 346
345 B
1 datadoghq-browser-agent.com
www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 1787
12 KB
1 mxpnl.com
cdn.mxpnl.com — Cisco Umbrella Rank: 2931
18 KB
1 amazonaws.com
actblue-indigo-uploads.s3.amazonaws.com — Cisco Umbrella Rank: 157869
34 KB
1 actionnetwork.org
url1005.email.actionnetwork.org — Cisco Umbrella Rank: 628865
558 B
63 14
Domain Requested by
15 play.google.com www.gstatic.com
10 www.paypal.com secure.actblue.com
www.paypal.com
www.datadoghq-browser-agent.com
www.paypalobjects.com
9 secure.actblue.com secure.actblue.com
5 c.paypal.com www.paypal.com
c.paypal.com
5 www.gstatic.com pay.google.com
www.gstatic.com
4 pay.google.com secure.actblue.com
pay.google.com
www.gstatic.com
4 sessions.bugsnag.com secure.actblue.com
www.datadoghq-browser-agent.com
2 t.paypal.com
2 www.paypalobjects.com www.paypal.com
www.paypalobjects.com
2 janepac.com 2 redirects
1 api-js.mixpanel.com www.datadoghq-browser-agent.com
1 c6.paypal.com
1 dub.stats.paypal.com www.paypal.com
1 b.stats.paypal.com 1 redirects
1 stats.g.doubleclick.net secure.actblue.com
1 ssl.google-analytics.com 1 redirects
1 www.datadoghq-browser-agent.com secure.actblue.com
1 cdn.mxpnl.com secure.actblue.com
1 actblue-indigo-uploads.s3.amazonaws.com secure.actblue.com
1 url1005.email.actionnetwork.org 1 redirects
63 20

This site contains no links.

Subject Issuer Validity Valid
secure.actblue.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-09-20 -
2023-10-22		 a year crt.sh
*.s3.amazonaws.com
Amazon		 2022-09-21 -
2023-08-26		 a year crt.sh
*.mxpnl.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2022-07-11 -
2023-07-28		 a year crt.sh
*.bugsnag.com
Sectigo RSA Domain Validation Secure Server CA		 2022-04-26 -
2023-04-26		 a year crt.sh
*.datadoghq-browser-agent.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-14 -
2024-01-16		 a year crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2022-11-09 -
2023-12-10		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.mixpanel.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-28 -
2023-04-28		 a year crt.sh

This page contains 7 frames:

Primary Page: https://secure.actblue.com/donate/jfcp-em-ddc-call?amount=5&link_id=2&can_id=b916225ab18c8f57528f09b0fd3aff7c&source=email-call-on-president-biden-to-declare-a-climate-emergency-today&email_referrer=email_1802348___subject_2307034&email_subject=a-surprise-from-me
Frame ID: 415AAA5C9444CE6E864C13B649EDA976
Requests: 24 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=44&style.menuPlacement=below&sdkVersion=5.0.350&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UmZW5hYmxlLWZ1bmRpbmc9dmVubW8iLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9mbWdpY3pibHBhZ211bHhpc2F1Z2VianVpb21iamsifX0&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&sdkCorrelationID=0b365392b0507&storageID=uid_3bb1fa3d13_mtm6ntq6nta&sessionID=uid_00fdb55e82_mtm6ntq6nta&buttonSessionID=uid_911067b0e5_mtm6ntq6nta&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1heGltYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&enableFunding.0=venmo&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&renderedButtons.1=sepa&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Frame ID: FF927325B801AB676766BF08DD171547
Requests: 7 HTTP requests in this frame

Frame: data://truncated
Frame ID: D42300A44D24AD9FBD090498374A968A
Requests: 2 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fsecure.actblue.com&mid=
Frame ID: ECC2E15787518B32B0B3305F29378446
Requests: 15 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: 702BA2EE28ADCFC3FA57C2A4DDEAA919
Requests: 2 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: 869553EC16977BB772E39DA850B1C41A
Requests: 5 HTTP requests in this frame

Frame: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_00fdb55e82_mtm6ntq6nta&s=SMART_PAYMENT_BUTTONS
Frame ID: 5E7C98B84E33FF1C799F48CA82620E3F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Jane Fonda Climate PAC — Donate via ActBlue

Page URL History Show full URLs

  1. https://url1005.email.actionnetwork.org/ss/c/-w-PBYphAHFNr8N38uSu-9PwIbLn1iBAsdOheXhhO44rZqalLgyKZ0snwx7oJsSfEavzUmI... HTTP 302
    http://janepac.com/call-5?link_id=2&can_id=b916225ab18c8f57528f09b0fd3aff7c&source=email-call-o... HTTP 301
    https://janepac.com/call-5?link_id=2&can_id=b916225ab18c8f57528f09b0fd3aff7c&source=email-call-o... HTTP 301
    https://secure.actblue.com/donate/jfcp-em-ddc-call?amount=5&link_id=2&can_id=b916225ab18c8f57528f09b0fd... Page URL

Detected technologies

Overall confidence: 75%
Detected patterns
Overall confidence: 100%
Detected patterns
  • pay\.google\.com/([a-z/]+)/pay\.js
Overall confidence: 100%
Detected patterns
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns

Page Statistics

63
Requests

97 %
HTTPS

56 %
IPv6

14
Domains

20
Subdomains

14
IPs

3
Countries

1627 kB
Transfer

4925 kB
Size

26
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://url1005.email.actionnetwork.org/ss/c/-w-PBYphAHFNr8N38uSu-9PwIbLn1iBAsdOheXhhO44rZqalLgyKZ0snwx7oJsSfEavzUmI7FI0JCBxf7__j1f3oNMpxxV3iFOkSZw7dDIfEjdEZW02rNBzwvXPbUYz4ZjRGexOhKeoB433--kkcpGv1Hhw740115M9H7mRtrUndZjQTxhHhP-As5cMJV_-ml8NZAlargsm-jH31dXPFfI7CsrZxfvpB51b5ff-m4OgTEUViN3jYaUXevYzJiTaUoJa6379ZdxQUinXvjcpoKJHRK_Z6ZUQy4u1-2YMab_bEUtjUy3EgwiMx2VklJP8K/3te/T2yV-WBYQvmJBguGDdtw0g/h1/LPiHdbgWrzttYXdCyUElbpQb6CxGlbB16jO1dB2axms HTTP 302
    http://janepac.com/call-5?link_id=2&can_id=b916225ab18c8f57528f09b0fd3aff7c&source=email-call-on-president-biden-to-declare-a-climate-emergency-today&email_referrer=email_1802348___subject_2307034&email_subject=a-surprise-from-me HTTP 301
    https://janepac.com/call-5?link_id=2&can_id=b916225ab18c8f57528f09b0fd3aff7c&source=email-call-on-president-biden-to-declare-a-climate-emergency-today&email_referrer=email_1802348___subject_2307034&email_subject=a-surprise-from-me HTTP 301
    https://secure.actblue.com/donate/jfcp-em-ddc-call?amount=5&link_id=2&can_id=b916225ab18c8f57528f09b0fd3aff7c&source=email-call-on-president-biden-to-declare-a-climate-emergency-today&email_referrer=email_1802348___subject_2307034&email_subject=a-surprise-from-me Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.6.1&utms=1&utmn=545422322&utmhn=secure.actblue.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=ActBlue&utmhid=475404365&utmr=-&utmp=%2Fdonate%2Fjfcp-em-ddc-call%3Famount%3D5%26link_id%3D2%26can_id%3Db916225ab18c8f57528f09b0fd3aff7c%26source%3Demail-call-on-president-biden-to-declare-a-climate-emergency-today%26email_referrer%3Demail_1802348___subject_2307034%26email_subject%3Da-surprise-from-me&utmht=1675432489913&utmac=UA-159696-1&utmcc=__utma%3D88171332.648782347.1675432490.1675432490.1675432490.1%3B%2B__utmz%3D88171332.1675432490.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1167559151&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-159696-1&cid=648782347.1675432490&jid=1167559151&_v=5.6.1&z=545422322
Request Chain 58
  • https://b.stats.paypal.com/v2/counter.cgi?p=uid_00fdb55e82_mtm6ntq6nta&s=SMART_PAYMENT_BUTTONS HTTP 302
  • https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_00fdb55e82_mtm6ntq6nta&s=SMART_PAYMENT_BUTTONS

63 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request jfcp-em-ddc-call
secure.actblue.com/donate/
Redirect Chain
  • https://url1005.email.actionnetwork.org/ss/c/-w-PBYphAHFNr8N38uSu-9PwIbLn1iBAsdOheXhhO44rZqalLgyKZ0snwx7oJsSfEavzUmI7FI0JCBxf7__j1f3oNMpxxV3iFOkSZw7dDIfEjdEZW02rNBzwvXPbUYz4ZjRGexOhKeoB433--kkcpGv1...
  • http://janepac.com/call-5?link_id=2&can_id=b916225ab18c8f57528f09b0fd3aff7c&source=email-call-on-president-biden-to-declare-a-climate-emergency-today&email_referrer=email_1802348___subject_2307034&...
  • https://janepac.com/call-5?link_id=2&can_id=b916225ab18c8f57528f09b0fd3aff7c&source=email-call-on-president-biden-to-declare-a-climate-emergency-today&email_referrer=email_1802348___subject_2307034...
  • https://secure.actblue.com/donate/jfcp-em-ddc-call?amount=5&link_id=2&can_id=b916225ab18c8f57528f09b0fd3aff7c&source=email-call-on-president-biden-to-declare-a-climate-emergency-today&email_referre...
49 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.actblue.com/donate/jfcp-em-ddc-call?amount=5&link_id=2&can_id=b916225ab18c8f57528f09b0fd3aff7c&source=email-call-on-president-biden-to-declare-a-climate-emergency-today&email_referrer=email_1802348___subject_2307034&email_subject=a-surprise-from-me
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.192.174 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a66ab04e5118a798058c9a0ab5d3ebc8f4267a1c1db96effe30ae1d660c89789
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri /system/csp_reports
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3216
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-length
11979
content-security-policy
frame-ancestors 'none'; report-uri /system/csp_reports
content-type
text/html; charset=utf-8
date
Fri, 03 Feb 2023 13:54:49 GMT
etag
W/"c4e5-XMxMIixMkBn4ERMM4T03ML26XJc"
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 vegur, 1.1 varnish, 1.1 varnish
x-form-app
kittens! [Server: node: us]
x-frame-options
sameorigin
x-robots-tag
noindex, nofollow
x-start
2023-02-03 13:54:49.497
x-xss-protection
1; mode=block

Redirect headers

Cache-Control
max-age=3600
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Fri, 03 Feb 2023 13:54:48 GMT
Expires
Fri, 03 Feb 2023 14:54:49 GMT
Keep-Alive
timeout=5, max=100
Location
https://secure.actblue.com/donate/jfcp-em-ddc-call?amount=5&link_id=2&can_id=b916225ab18c8f57528f09b0fd3aff7c&source=email-call-on-president-biden-to-declare-a-climate-emergency-today&email_referrer=email_1802348___subject_2307034&email_subject=a-surprise-from-me
Server
Apache
Transfer-Encoding
chunked
Vary
Accept-Encoding,Cookie
X-Powered-By
PHP/7.4.33 PleskLin
X-Redirect-By
redirection
bc22898fc695d2b4d066.css
secure.actblue.com/cf/assets/app-css/ 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.actblue.com/cf/assets/app-css/bc22898fc695d2b4d066.css?form_app=us
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/donate/jfcp-em-ddc-call?amount=5&link_id=2&can_id=b916225ab18c8f57528f09b0fd3aff7c&source=email-call-on-president-biden-to-declare-a-climate-emergency-today&email_referrer=email_1802348___subject_2307034&email_subject=a-surprise-from-me
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.192.174 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8efe2e22c633836bbea081b7731d7698d4109c7de9266800b1631df1a15d9afe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/donate/jfcp-em-ddc-call?amount=5&link_id=2&can_id=b916225ab18c8f57528f09b0fd3aff7c&source=email-call-on-president-biden-to-declare-a-climate-emergency-today&email_referrer=email_1802348___subject_2307034&email_subject=a-surprise-from-me
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:54:49 GMT
via
1.1 vegur, 1.1 varnish, 1.1 varnish
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 02 Feb 2023 21:26:00 GMT
age
52371
etag
W/"53bd-1861405a640"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
x-start
2023-02-03 13:54:49.629
cache-control
max-age=31557600, must-revalidate
accept-ranges
bytes
content-length
4983
x-xss-protection
1; mode=block
actblue.js
secure.actblue.com/cf/assets/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.actblue.com/cf/assets/actblue.js
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/donate/jfcp-em-ddc-call?amount=5&link_id=2&can_id=b916225ab18c8f57528f09b0fd3aff7c&source=email-call-on-president-biden-to-declare-a-climate-emergency-today&email_referrer=email_1802348___subject_2307034&email_subject=a-surprise-from-me
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.192.174 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b30136e41af0cb6a31fe3e5ea66e0b57ce11a46b57ef58d6cc31c8c9a1a8d279
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/donate/jfcp-em-ddc-call?amount=5&link_id=2&can_id=b916225ab18c8f57528f09b0fd3aff7c&source=email-call-on-president-biden-to-declare-a-climate-emergency-today&email_referrer=email_1802348___subject_2307034&email_subject=a-surprise-from-me
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:54:49 GMT
via
1.1 vegur, 1.1 varnish, 1.1 varnish
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 02 Feb 2023 21:24:20 GMT
age
52375
etag
W/"73ca-18614041fa0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-start
2023-02-03 13:54:49.629
cache-control
max-age=600, must-revalidate
accept-ranges
bytes
content-length
9342
x-xss-protection
1; mode=block
b1afc761-515c-4981-adf0-08eefa627af6-JFCPActBlueHeader.png
actblue-indigo-uploads.s3.amazonaws.com/uploads/list-editor/0c042ad7-98a7-4fd4-9d4e-7a9deb96f005-brandings/transient/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://actblue-indigo-uploads.s3.amazonaws.com/uploads/list-editor/0c042ad7-98a7-4fd4-9d4e-7a9deb96f005-brandings/transient/b1afc761-515c-4981-adf0-08eefa627af6-JFCPActBlueHeader.png
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/donate/jfcp-em-ddc-call?amount=5&link_id=2&can_id=b916225ab18c8f57528f09b0fd3aff7c&source=email-call-on-president-biden-to-declare-a-climate-emergency-today&email_referrer=email_1802348___subject_2307034&email_subject=a-surprise-from-me
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.78.116 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
037e2efbeabb766ecdc52dd948fe8e3791b0ad329d60766fcaa9e699227cf9f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 03 Feb 2023 13:54:50 GMT
Last-Modified
Thu, 03 Mar 2022 21:00:33 GMT
Server
AmazonS3
x-amz-request-id
APFSH9Z4T7562WP2
ETag
"9648ad9eeccd5d3d38954fc4700d9158"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
34390
x-amz-id-2
uZgBqpDPp/lUIDHlDl5hsbCc50Aw9GtMVbPwXmlQ7SRmuXUWgiwSWTJ7N24ToE04oSv1lGVcW6I=
e166d07f-a2d3-4e9c-9fed-9af6786a1f0f-JANE-352ca26b.jpeg
secure.actblue.com/x/object/actblue-cyanotypes/replaced_images/list/821598/ 		114 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.actblue.com/x/object/actblue-cyanotypes/replaced_images/list/821598/e166d07f-a2d3-4e9c-9fed-9af6786a1f0f-JANE-352ca26b.jpeg
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/donate/jfcp-em-ddc-call?amount=5&link_id=2&can_id=b916225ab18c8f57528f09b0fd3aff7c&source=email-call-on-president-biden-to-declare-a-climate-emergency-today&email_referrer=email_1802348___subject_2307034&email_subject=a-surprise-from-me
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.192.174 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c2c6334723564ea2bdf502802ff37aa112d7465498a5b1eead74493e5ae366a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/donate/jfcp-em-ddc-call?amount=5&link_id=2&can_id=b916225ab18c8f57528f09b0fd3aff7c&source=email-call-on-president-biden-to-declare-a-climate-emergency-today&email_referrer=email_1802348___subject_2307034&email_subject=a-surprise-from-me
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
bMK9J9Lzez2Am.H7Ymq9y_UzTpifJnb2
date
Fri, 03 Feb 2023 13:54:50 GMT
via
1.1 varnish
strict-transport-security
max-age=31536000
x-amz-request-id
APFMWFKAZKSES88J
age
0
x-start
2023-02-03 13:54:49.678
x-amz-replication-status
COMPLETED
content-disposition
attachment; filename="e166d07f-a2d3-4e9c-9fed-9af6786a1f0f-JANE.jpeg"
content-length
116939
x-amz-id-2
sUL/XU6KSLhT8OBs76EQ0mmKcF+TBGQG4kh+LJ+yvNncpXJq7HkJqgIMiZaiodDXCwlYwrKLv+0=
x-xss-protection
1; mode=block
last-modified
Tue, 14 Jun 2022 19:03:14 GMT
etag
"f910a2dcdc700581d95068e164f682fe"
content-type
image/jpeg
cache-control
max-age=2678405
accept-ranges
bytes
bc22898fc695d2b4d066.js
secure.actblue.com/cf/assets/app/ 		2 MB
474 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.actblue.com/cf/assets/app/bc22898fc695d2b4d066.js?form_app=us
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/donate/jfcp-em-ddc-call?amount=5&link_id=2&can_id=b916225ab18c8f57528f09b0fd3aff7c&source=email-call-on-president-biden-to-declare-a-climate-emergency-today&email_referrer=email_1802348___subject_2307034&email_subject=a-surprise-from-me
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.192.174 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a7d987432aed9a8a796d675dc7bc0f28054b9b0b825c8422859cf94e77d70a61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/donate/jfcp-em-ddc-call?amount=5&link_id=2&can_id=b916225ab18c8f57528f09b0fd3aff7c&source=email-call-on-president-biden-to-declare-a-climate-emergency-today&email_referrer=email_1802348___subject_2307034&email_subject=a-surprise-from-me
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:54:49 GMT
via
1.1 vegur, 1.1 varnish, 1.1 varnish
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 02 Feb 2023 21:26:00 GMT
age
52371
etag
W/"194417-1861405a640"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-start
2023-02-03 13:54:49.670
cache-control
max-age=31557600, must-revalidate
accept-ranges
bytes
content-length
484836
x-xss-protection
1; mode=block
mixpanel-2-latest.min.js
cdn.mxpnl.com/libs/ 		50 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/donate/jfcp-em-ddc-call?amount=5&link_id=2&can_id=b916225ab18c8f57528f09b0fd3aff7c&source=email-call-on-president-biden-to-declare-a-climate-emergency-today&email_referrer=email_1802348___subject_2307034&email_subject=a-surprise-from-me
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:498c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
da7a511c69cdf1e0f950a29019d09854b8919bc154bb95fe5d5ec580ed2f0997

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:48:45 GMT
content-encoding
gzip
age
364
x-guploader-uploadid
ADPycdu5XIY0wCHrAJ4FhPTkX6YEnLKCcib2HwqvcvQs9C5boAUqunh3swI6cOhi-ajwp5Ezf8uROWWfJQAUEFoaRlJP7A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17435
last-modified
Thu, 17 Feb 2022 20:21:50 GMT
server
UploadServer
etag
"caa762087e9d75cecc34b5d6626cb7b9"
vary
X-Goog-Allowed-Resources,Accept-Encoding
x-goog-hash
crc32c=PPVzJA==, md5=yqdiCH6ddc7MNLXWYmy3uQ==
x-goog-generation
1645129310876382
access-control-allow-origin
*
content-type
text/javascript
cache-control
public,max-age=600
x-goog-stored-content-length
17435
accept-ranges
bytes
expires
Fri, 03 Feb 2023 13:58:45 GMT
jfcp-em-ddc-call
secure.actblue.com/donate/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.actblue.com/donate/jfcp-em-ddc-call?amount=5&link_id=2&can_id=b916225ab18c8f57528f09b0fd3aff7c&source=email-call-on-president-biden-to-declare-a-climate-emergency-today&email_referrer=email_1802348___subject_2307034&email_subject=a-surprise-from-me
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/donate/jfcp-em-ddc-call?amount=5&link_id=2&can_id=b916225ab18c8f57528f09b0fd3aff7c&source=email-call-on-president-biden-to-declare-a-climate-emergency-today&email_referrer=email_1802348___subject_2307034&email_subject=a-surprise-from-me
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.192.174 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri /system/csp_reports
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/donate/jfcp-em-ddc-call?amount=5&link_id=2&can_id=b916225ab18c8f57528f09b0fd3aff7c&source=email-call-on-president-biden-to-declare-a-climate-emergency-today&email_referrer=email_1802348___subject_2307034&email_subject=a-surprise-from-me
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'none'; report-uri /system/csp_reports
via
1.1 vegur, 1.1 varnish, 1.1 varnish
content-encoding
gzip
date
Fri, 03 Feb 2023 13:54:49 GMT
strict-transport-security
max-age=31536000
age
3216
x-start
2023-02-03 13:54:49.680
content-length
11979
x-xss-protection
1; mode=block
etag
W/"c4e5-XMxMIixMkBn4ERMM4T03ML26XJc"
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, must-revalidate, max-age=0
accept-ranges
bytes
x-robots-tag
noindex, nofollow
x-form-app
kittens! [Server: node: us]
/
sessions.bugsnag.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method
POST
Origin
https://secure.actblue.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers
Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods
POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Fri, 03 Feb 2023 13:54:49 GMT
via
1.1 google
/
sessions.bugsnag.com/ 		21 B
140 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/bc22898fc695d2b4d066.js?form_app=us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version
1
Referer
https://secure.actblue.com/
Bugsnag-Sent-At
2023-02-03T13:54:49.756Z
accept-language
de-DE,de;q=0.9
Bugsnag-Api-Key
04c1a9de88bb73e22614162ba813a0b9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Fri, 03 Feb 2023 13:54:50 GMT
via
1.1 google
bugsnag-session-uuid
c825211d-1400-48a2-8fb3-a595fda8cc83
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
content-type
application/json
datadog-logs.js
www.datadoghq-browser-agent.com/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.datadoghq-browser-agent.com/datadog-logs.js
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/bc22898fc695d2b4d066.js?form_app=us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.6.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-6-236.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
912bc848d461e328a48863196601323b69ed445926c856f23a426efe674e67eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:54:49 GMT
content-encoding
br
via
1.1 bf5c0a6262f04cc4b9a69ef8d737ea96.cloudfront.net (CloudFront)
last-modified
Tue, 27 Jul 2021 15:01:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
59
etag
W/"9eb57181f3149e3310d96317ef9188ac"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=14400, s-maxage=60
timing-allow-origin
*
x-amz-cf-id
FxnQZBQPtWyDpWwQSDYjf7jXiWEP7UX_RqIsGWX86vAFWJXuSiflaA==
auth_token
secure.actblue.com/api/cf/ 		102 B
521 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://secure.actblue.com/api/cf/auth_token
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/bc22898fc695d2b4d066.js?form_app=us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.192.174 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
946954f8aa4925f494d4ae3fb479823854a0d90530ee6b84ff1352506b4001b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/donate/jfcp-em-ddc-call?amount=5&link_id=2&can_id=b916225ab18c8f57528f09b0fd3aff7c&source=email-call-on-president-biden-to-declare-a-climate-emergency-today&email_referrer=email_1802348___subject_2307034&email_subject=a-surprise-from-me
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:54:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 varnish
x-permitted-cross-domain-policies
none
status
200 OK
x-start
2023-02-03 13:54:49.850
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
etag
W/"946954f8aa4925f494d4ae3fb4798238"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept, Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
private, no-store
accept-ranges
bytes
ga.js
secure.actblue.com/cf/static/ 		40 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.actblue.com/cf/static/ga.js
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/donate/jfcp-em-ddc-call?amount=5&link_id=2&can_id=b916225ab18c8f57528f09b0fd3aff7c&source=email-call-on-president-biden-to-declare-a-climate-emergency-today&email_referrer=email_1802348___subject_2307034&email_subject=a-surprise-from-me
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.192.174 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
653e7cf0591c3856565188ac0fe9b6baa746f318b2cd4f205ac4e08a76edf338
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/donate/jfcp-em-ddc-call?amount=5&link_id=2&can_id=b916225ab18c8f57528f09b0fd3aff7c&source=email-call-on-president-biden-to-declare-a-climate-emergency-today&email_referrer=email_1802348___subject_2307034&email_subject=a-surprise-from-me
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:54:49 GMT
via
1.1 vegur, 1.1 varnish, 1.1 varnish
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 02 Feb 2023 21:21:31 GMT
age
52376
etag
W/"9fe9-18614018b78"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-start
2023-02-03 13:54:49.892
cache-control
max-age=31557600, must-revalidate
accept-ranges
bytes
content-length
16100
x-xss-protection
1; mode=block
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.6.1&utms=1&utmn=545422322&utmhn=secure.actblue.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Ac...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-159696-1&cid=648782347.1675432490&jid=1167559151&_v=5.6.1&z=545422322
35 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-159696-1&cid=648782347.1675432490&jid=1167559151&_v=5.6.1&z=545422322
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/donate/jfcp-em-ddc-call?amount=5&link_id=2&can_id=b916225ab18c8f57528f09b0fd3aff7c&source=email-call-on-president-biden-to-declare-a-climate-emergency-today&email_referrer=email_1802348___subject_2307034&email_subject=a-surprise-from-me
Protocol
H2
Server
2a00:1450:4025:401::9a Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 03 Feb 2023 13:54:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 03 Feb 2023 13:54:49 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/html; charset=UTF-8
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-159696-1&cid=648782347.1675432490&jid=1167559151&_v=5.6.1&z=545422322
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
367
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
sessions.bugsnag.com/ 		21 B
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version
1
Referer
https://secure.actblue.com/
Bugsnag-Sent-At
2023-02-03T13:54:50.340Z
accept-language
de-DE,de;q=0.9
Bugsnag-Api-Key
04c1a9de88bb73e22614162ba813a0b9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Fri, 03 Feb 2023 13:54:50 GMT
via
1.1 google
bugsnag-session-uuid
777ea249-3c20-458a-855e-b52448152653
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
content-type
application/json
/
sessions.bugsnag.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method
POST
Origin
https://secure.actblue.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers
Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods
POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Fri, 03 Feb 2023 13:54:50 GMT
via
1.1 google
js
www.paypal.com/sdk/ 		313 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?client-id=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&locale=en_US&disable-funding=credit,card&intent=capture&commit=false&enable-funding=venmo
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/bc22898fc695d2b4d066.js?form_app=us
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48A7) /
Resource Hash
7106e29004d84e11bde8ccadaf48b30cefa8dd4aa889579717a2c52a564b9584
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-n9Vk0arI4ALDTjVrY5bkHEDfo4AFsOsU7C4Ect+mrIyj8bfz' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-n9Vk0arI4ALDTjVrY5bkHEDfo4AFsOsU7C4Ect+mrIyj8bfz' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-n9Vk0arI4ALDTjVrY5bkHEDfo4AFsOsU7C4Ect+mrIyj8bfz' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-n9Vk0arI4ALDTjVrY5bkHEDfo4AFsOsU7C4Ect+mrIyj8bfz' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 03 Feb 2023 13:54:50 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
4025
x-cache
HIT
p3p
true
paypal-debug-id
0652b7071241a
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
dc
ccg11-origin-www-1.paypal.com
content-length
94613
x-xss-protection
1; mode=block
last-modified
Fri, 03 Feb 2023 09:39:48 GMT
server
ECAcc (ama/48A7)
traceparent
00-00000000000000000000652b7071241a-8adcfdd153148c94-01
etag
W/"17195-6CiI7oB4r8+xIARcr7MfgGVA9q4"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600, s-maxage=10800
accept-ranges
bytes
timing-allow-origin
*
trackables
secure.actblue.com/ 		0
100 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://secure.actblue.com/trackables
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/bc22898fc695d2b4d066.js?form_app=us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.192.174 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.actblue.com/donate/jfcp-em-ddc-call?amount=5&link_id=2&can_id=b916225ab18c8f57528f09b0fd3aff7c&source=email-call-on-president-biden-to-declare-a-climate-emergency-today&email_referrer=email_1802348___subject_2307034&email_subject=a-surprise-from-me
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Fri, 03 Feb 2023 13:54:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 varnish
x-permitted-cross-domain-policies
none
status
200 OK
x-start
2023-02-03 13:54:50.383
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/html
cache-control
private, no-store
accept-ranges
bytes
pay.js
pay.google.com/gp/p/js/ 		105 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/js/pay.js
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/bc22898fc695d2b4d066.js?form_app=us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4013:c00::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c1385c3ece3eecfc73d4617747dc496f947a31addb5ae8ca64d854abb69ecfad
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-aLrOzloiiiz3WJziqwm45g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:54:50 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-aLrOzloiiiz3WJziqwm45g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Fri, 03 Feb 2023 13:54:50 GMT
pptm.js
www.paypal.com/tagmanager/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=secure.actblue.com&t=xo&v=5.0.350&source=payments_sdk&client_id=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&vault=false
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&locale=en_US&disable-funding=credit,card&intent=capture&commit=false&enable-funding=venmo
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/489B) /
Resource Hash
07fef4d664110aefe1a27d73b460b546357181b18551043861f9381cec023a80
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-uMemk9MdDnHQVjea7j4edjLJd+qkiasrLiDgbYqPmBSzCM5Z' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-uMemk9MdDnHQVjea7j4edjLJd+qkiasrLiDgbYqPmBSzCM5Z' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 03 Feb 2023 13:54:50 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
76191
x-cache
HIT
paypal-debug-id
089287640089a
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
dc
ccg11-origin-www-1.paypal.com
content-length
4741
x-xss-protection
1; mode=block
last-modified
Thu, 02 Feb 2023 16:45:00 GMT
server
ECAcc (ama/489B)
traceparent
00-0000000000000000000089287640089a-039f2a77acacdf1d-01
etag
W/"3534-+5xUImIZgd5ZLUppcACmnaaDcKo"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript; charset=utf-8
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600
accept-ranges
bytes
timing-allow-origin
*
buttons
www.paypal.com/smart/ Frame FF92 		392 KB
102 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=44&style.menuPlacement=below&sdkVersion=5.0.350&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UmZW5hYmxlLWZ1bmRpbmc9dmVubW8iLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9mbWdpY3pibHBhZ211bHhpc2F1Z2VianVpb21iamsifX0&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&sdkCorrelationID=0b365392b0507&storageID=uid_3bb1fa3d13_mtm6ntq6nta&sessionID=uid_00fdb55e82_mtm6ntq6nta&buttonSessionID=uid_911067b0e5_mtm6ntq6nta&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1heGltYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&enableFunding.0=venmo&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&renderedButtons.1=sepa&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&locale=en_US&disable-funding=credit,card&intent=capture&commit=false&enable-funding=venmo
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35C3) /
Resource Hash
5fc8bdb35afb737f47b0bcd2c5a56fa0b3c52c774974bb18233a83e9f7311b10
Security Headers
Name Value
Content-Security-Policy form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.actblue.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-disposition
inline
content-encoding
gzip
content-security-policy
form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html; charset=utf-8
date
Fri, 03 Feb 2023 13:54:50 GMT
dc
ccg11-origin-www-1.paypal.com
etag
W/"61f5a-cJP3JO4tL2Rg0zwOmiMnw7iTf3s"
p3p
true
paypal-debug-id
082bb61323440
server
ECAcc (lhd/35C3)
server-timing
traceparent;desc="00-0000000000000000000082bb61323440-d623c50ccc9bffc4-01" content-encoding;desc="", x-cdn;desc="edgecast"
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
*
traceparent
00-0000000000000000000082bb61323440-e8896f765fdba426-01
vary
Accept-Encoding
x-content-type-options
nosniff
x-csrf-jwt
__blank__
x-xss-protection
1; mode=block
truncated
/ Frame D423 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame D423 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e0d38886fe77a4f965380f314f56745ee497d565a4918afb98fc0f8823de25b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
muse.js
www.paypalobjects.com/muse/ 		55 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/muse.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=secure.actblue.com&t=xo&v=5.0.350&source=payments_sdk&client_id=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&vault=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48DA) /
Resource Hash
64b32d14f993564fe182a5690410f7d4aa2ace59934eac09d7dcf03a68ec7566
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:54:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
51eb07085e521
dc
ccg11-origin-www-1.paypal.com
content-length
16464
last-modified
Tue, 03 May 2022 17:28:29 GMT
server
ECAcc (ama/48DA)
traceparent
00-000000000000000000051eb07085e521-ea1ac4889b1e7be3-01
etag
"6271663d-da91"
vary
Accept-Encoding
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Fri, 03 Feb 2023 14:54:50 GMT
ts
t.paypal.com/ 		42 B
590 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3ANGJ83G9Z8QXZ8-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3ANGJ83G9Z8QXZ8-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=fe4dca86-323c-4442-b2a6-6bd13ac56ad7&fltp=analytics&mrid=NGJ83G9Z8QXZ8&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Jane%20Fonda%20Climate%20PAC%20%E2%80%94%20Donate%20via%20ActBlue&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1675432490577&g=0&completeurl=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fjfcp-em-ddc-call%3Famount%3D5%26link_id%3D2%26can_id%3Db916225ab18c8f57528f09b0fd3aff7c%26source%3Demail-call-on-president-biden-to-declare-a-climate-emergency-today%26email_referrer%3Demail_1802348___subject_2307034%26email_subject%3Da-surprise-from-me
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/3589) /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 13:54:50 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
ECAcc (lhd/3589)
traceparent
00-000000000000000000073c80d4b72af4-d47e89a1e5a5b5c1-01
content-type
image/gif
paypal-debug-id
73c80d4b72af4
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin
*
content-length
42
expires
Fri, 03 Feb 2023 13:54:50 GMT
payframe
pay.google.com/gp/p/ui/ Frame ECC2 		18 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fsecure.actblue.com&mid=
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4013:c00::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
75bb15de13078f4103ed73b726bdfde363c22c8e91a0c8d242b4e5d9fd6ff833
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7peKjPOCMYqoxKWaVgJqJg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.actblue.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-7peKjPOCMYqoxKWaVgJqJg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-site
date
Fri, 03 Feb 2023 13:54:50 GMT
expires
Fri, 03 Feb 2023 13:54:50 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
dark_gpay.svg
www.gstatic.com/instantbuy/svg/refreshedgraphicaldesign/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/instantbuy/svg/refreshedgraphicaldesign/dark_gpay.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52748bf2a93074e68df196b31d1d8d51bc6b376c33435208425b0e92fb671003
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 21:42:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
144769
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1316
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 22:28:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/svg+xml
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 01 Feb 2024 21:42:01 GMT
index.html
www.paypalobjects.com/muse/analytics/ Frame 702B 		54 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/analytics/index.html
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48B6) /
Resource Hash
8ae3400104c7b0db11e9fe317236e68a26afba6580192041e87038ceff4db638
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.actblue.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
s-maxage=31536000, public,max-age=3600
content-encoding
gzip
content-length
16791
content-type
text/html
date
Fri, 03 Feb 2023 13:54:50 GMT
dc
ccg11-origin-www-1.paypal.com
etag
"6271663d-d994"
expires
Fri, 03 Feb 2023 14:54:50 GMT
last-modified
Tue, 03 May 2022 17:28:29 GMT
paypal-debug-id
8e0248bc4a8aa
server
ECAcc (ama/48B6)
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
traceparent
00-00000000000000000008e0248bc4a8aa-531c54825dba0621-01
vary
Accept-Encoding
x-cache
HIT
x-content-type-options
nosniff
logger
www.paypal.com/xoplatform/logger/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35C7) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://secure.actblue.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://secure.actblue.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Fri, 03 Feb 2023 13:54:50 GMT
dc
ccg11-origin-www-1.paypal.com
paypal-debug-id
0b9b176003b50
server
ECAcc (lhd/35C7)
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
*
traceparent
00-00000000000000000000b9b176003b50-3e6099d6d831572a-01
x-content-type-options
nosniff
logger
www.paypal.com/xoplatform/logger/api/ 		1013 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/3718) /
Resource Hash
d7824ee7dccbe79daef9ae2cd0766d6a9b3eb35c2a27f2b60c71c63944d1e3bf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://secure.actblue.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
content-type
application/json

Response headers

date
Fri, 03 Feb 2023 13:54:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
paypal-debug-id
0ab20659a0846
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
dc
ccg11-origin-www-1.paypal.com
content-length
605
server
ECAcc (lhd/3718)
traceparent
00-00000000000000000000ab20659a0846-59501457fc8daead-01
etag
W/"3f5-Lu0sjH27XZEIbI6eQ6/N+U7cWko"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://secure.actblue.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
ts
t.paypal.com/ 		42 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3ANGJ83G9Z8QXZ8-1&page=muse%3Aoffer%3A%3A%3ANGJ83G9Z8QXZ8-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=fe4dca86-323c-4442-b2a6-6bd13ac56ad7&es=visitorInfoFlowStarted&mrid=NGJ83G9Z8QXZ8&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Jane%20Fonda%20Climate%20PAC%20%E2%80%94%20Donate%20via%20ActBlue&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1675432490646&g=0&completeurl=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fjfcp-em-ddc-call%3Famount%3D5%26link_id%3D2%26can_id%3Db916225ab18c8f57528f09b0fd3aff7c%26source%3Demail-call-on-president-biden-to-declare-a-climate-emergency-today%26email_referrer%3Demail_1802348___subject_2307034%26email_subject%3Da-surprise-from-me
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/3593) /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 13:54:50 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
ECAcc (lhd/3593)
traceparent
00-00000000000000000009bb529537e183-baf91b34c7c0f3f9-01
content-type
image/gif
paypal-debug-id
9bb529537e183
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin
*
content-length
42
expires
Fri, 03 Feb 2023 13:54:50 GMT
graphql
www.paypal.com/targeting/ Frame 702B 		435 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/targeting/graphql
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/3710) /
Resource Hash
cf350023f780070c3d367d1c58224461e7d514484053b8421a39f8c0ff5819b0
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-uf+omu+OZq+JGKsdM8geKE4bj8Ag+cOcHpsbScqDkWNuSKkb' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypalobjects.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-uf+omu+OZq+JGKsdM8geKE4bj8Ag+cOcHpsbScqDkWNuSKkb' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
content-encoding
gzip
date
Fri, 03 Feb 2023 13:54:51 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
paypal-debug-id
052a005434704
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
dc
ccg11-origin-www-1.paypal.com
content-length
291
x-xss-protection
1; mode=block
server
ECAcc (lhd/3710)
traceparent
00-0000000000000000000052a005434704-f02ae5927f7df40e-01
etag
W/"1b3-iFYa5L6MYSGVLpiAVQumTj5KTVE"
vary
Origin,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypalobjects.com
access-control-expose-headers
Paypal-Debug-Id
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
graphql
www.paypal.com/targeting/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/targeting/graphql
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/3709) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.paypalobjects.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.paypalobjects.com
access-control-expose-headers
Paypal-Debug-Id
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Fri, 03 Feb 2023 13:54:50 GMT
dc
ccg11-origin-www-1.paypal.com
paypal-debug-id
03a39381041b8
server
ECAcc (lhd/3709)
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
*
traceparent
00-000000000000000000003a39381041b8-931f9cca69b07438-01
vary
Origin, Access-Control-Request-Headers
cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame ECC2 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/donate/jfcp-em-ddc-call?amount=5&link_id=2&can_id=b916225ab18c8f57528f09b0fd3aff7c&source=email-call-on-president-biden-to-declare-a-climate-emergency-today&email_referrer=email_1802348___subject_2307034&email_subject=a-surprise-from-me
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4013:c00::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fsecure.actblue.com&mid=
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Fri, 03 Feb 2023 13:54:50 GMT
referrer-policy
no-referrer
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1608
content-type
text/html; charset=UTF-8
m=_b,_tp,_r
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.I5QqlDZyvdc.es5.O/am=zAAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfr... Frame ECC2 		154 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.I5QqlDZyvdc.es5.O/am=zAAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrg_7_XGdT-k3ACaBxTxlHGjiNFhfQ/m=_b,_tp,_r
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fsecure.actblue.com&mid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85a8c905863bab936874425d66536a4c802f0ccccb1a1741282d9121bbb9ac65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 17:15:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74343
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55694
x-xss-protection
0
last-modified
Thu, 02 Feb 2023 02:24:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 02 Feb 2024 17:15:47 GMT
m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.I5QqlDZyvdc.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.yEz... Frame ECC2 		69 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.I5QqlDZyvdc.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.yEzDZejnVYc.L.B1.O/am=zAAg/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrjoHv7SYKer16IfR5dVpFenGLtZvQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;JsbNhc:Xd8iUd;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.I5QqlDZyvdc.es5.O/am=zAAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrg_7_XGdT-k3ACaBxTxlHGjiNFhfQ/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3e92963b5e17fcdadca8bce068c8b7df56b03a01820bd16799305a099b3ad91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 17:15:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74343
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26064
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 20:29:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 02 Feb 2024 17:15:47 GMT
pay
pay.google.com/gp/p/ui/ Frame ECC2 		1 MB
356 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/pay
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.I5QqlDZyvdc.es5.O/am=zAAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrg_7_XGdT-k3ACaBxTxlHGjiNFhfQ/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4013:c00::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
07b3654c613c324b81b074357807bc29d74a28243aed396b19066b6f4b8c9c6e
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-rnqIpz5xOS7J5cU_b_XMeg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:54:50 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-rnqIpz5xOS7J5cU_b_XMeg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
x-ua-compatible
IE=edge
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
unsafe-none
server
ESF
x-frame-options
DENY
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
cache-control
private, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Fri, 03 Feb 2023 13:54:50 GMT
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.I5QqlDZyvdc.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.yEz... Frame ECC2 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.I5QqlDZyvdc.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.yEzDZejnVYc.L.B1.O/am=zAAg/d=1/exm=Das5Le,IZT63,PrPYRd,ZyYHPb,_b,_r,_tp,hc6Ubd,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrjoHv7SYKer16IfR5dVpFenGLtZvQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;JsbNhc:Xd8iUd;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.I5QqlDZyvdc.es5.O/am=zAAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrg_7_XGdT-k3ACaBxTxlHGjiNFhfQ/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69a109c6fe9666457c6f66603d23acf46fde924bddf6b87d7ede5cb109b76f8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 17:15:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74343
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9222
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 20:29:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 02 Feb 2024 17:15:47 GMT
m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.I5QqlDZyvdc.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.yEz... Frame ECC2 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.I5QqlDZyvdc.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.yEzDZejnVYc.L.B1.O/am=zAAg/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,hc6Ubd,hhhU8,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrjoHv7SYKer16IfR5dVpFenGLtZvQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;JsbNhc:Xd8iUd;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.I5QqlDZyvdc.es5.O/am=zAAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrg_7_XGdT-k3ACaBxTxlHGjiNFhfQ/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9776055d89d84a05b4cb2216204dfe97e7e4bcf37e431ad183f62f957fd562cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 17:15:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74343
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13342
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 20:29:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 02 Feb 2024 17:15:47 GMT
log
play.google.com/ Frame ECC2 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.I5QqlDZyvdc.es5.O/am=zAAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrg_7_XGdT-k3ACaBxTxlHGjiNFhfQ/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 03 Feb 2023 13:54:51 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 03 Feb 2023 13:54:51 GMT
log
play.google.com/ Frame ECC2 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.I5QqlDZyvdc.es5.O/am=zAAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrg_7_XGdT-k3ACaBxTxlHGjiNFhfQ/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 03 Feb 2023 13:54:51 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 03 Feb 2023 13:54:51 GMT
log
play.google.com/ Frame ECC2 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.I5QqlDZyvdc.es5.O/am=zAAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrg_7_XGdT-k3ACaBxTxlHGjiNFhfQ/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 03 Feb 2023 13:54:51 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 03 Feb 2023 13:54:51 GMT
log
play.google.com/ Frame ECC2 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.I5QqlDZyvdc.es5.O/am=zAAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrg_7_XGdT-k3ACaBxTxlHGjiNFhfQ/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 03 Feb 2023 13:54:51 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 03 Feb 2023 13:54:51 GMT
log
play.google.com/ Frame ECC2 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.I5QqlDZyvdc.es5.O/am=zAAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrg_7_XGdT-k3ACaBxTxlHGjiNFhfQ/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 03 Feb 2023 13:54:51 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 03 Feb 2023 13:54:51 GMT
log
play.google.com/ Frame ECC2 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.I5QqlDZyvdc.es5.O/am=zAAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrg_7_XGdT-k3ACaBxTxlHGjiNFhfQ/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 03 Feb 2023 13:54:51 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 03 Feb 2023 13:54:51 GMT
log
play.google.com/ Frame ECC2 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.I5QqlDZyvdc.es5.O/am=zAAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrg_7_XGdT-k3ACaBxTxlHGjiNFhfQ/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 03 Feb 2023 13:54:51 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 03 Feb 2023 13:54:51 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 03 Feb 2023 13:54:51 GMT
expires
Fri, 03 Feb 2023 13:54:51 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 03 Feb 2023 13:54:51 GMT
expires
Fri, 03 Feb 2023 13:54:51 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 03 Feb 2023 13:54:51 GMT
expires
Fri, 03 Feb 2023 13:54:51 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 03 Feb 2023 13:54:51 GMT
expires
Fri, 03 Feb 2023 13:54:51 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 03 Feb 2023 13:54:51 GMT
expires
Fri, 03 Feb 2023 13:54:51 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 03 Feb 2023 13:54:51 GMT
expires
Fri, 03 Feb 2023 13:54:51 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 03 Feb 2023 13:54:51 GMT
expires
Fri, 03 Feb 2023 13:54:51 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame ECC2 		131 B
579 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.I5QqlDZyvdc.es5.O/am=zAAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrg_7_XGdT-k3ACaBxTxlHGjiNFhfQ/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 03 Feb 2023 13:54:51 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 03 Feb 2023 13:54:51 GMT
js
www.paypal.com/sdk/ Frame FF92 		313 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?client-id=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&locale=en_US&disable-funding=credit,card&intent=capture&commit=false&enable-funding=venmo
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=44&style.menuPlacement=below&sdkVersion=5.0.350&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UmZW5hYmxlLWZ1bmRpbmc9dmVubW8iLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9mbWdpY3pibHBhZ211bHhpc2F1Z2VianVpb21iamsifX0&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&sdkCorrelationID=0b365392b0507&storageID=uid_3bb1fa3d13_mtm6ntq6nta&sessionID=uid_00fdb55e82_mtm6ntq6nta&buttonSessionID=uid_911067b0e5_mtm6ntq6nta&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1heGltYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&enableFunding.0=venmo&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&renderedButtons.1=sepa&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48A7) /
Resource Hash
7106e29004d84e11bde8ccadaf48b30cefa8dd4aa889579717a2c52a564b9584
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-n9Vk0arI4ALDTjVrY5bkHEDfo4AFsOsU7C4Ect+mrIyj8bfz' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-n9Vk0arI4ALDTjVrY5bkHEDfo4AFsOsU7C4Ect+mrIyj8bfz' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paypal.com/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=44&style.menuPlacement=below&sdkVersion=5.0.350&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UmZW5hYmxlLWZ1bmRpbmc9dmVubW8iLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9mbWdpY3pibHBhZ211bHhpc2F1Z2VianVpb21iamsifX0&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&sdkCorrelationID=0b365392b0507&storageID=uid_3bb1fa3d13_mtm6ntq6nta&sessionID=uid_00fdb55e82_mtm6ntq6nta&buttonSessionID=uid_911067b0e5_mtm6ntq6nta&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1heGltYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&enableFunding.0=venmo&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&renderedButtons.1=sepa&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-n9Vk0arI4ALDTjVrY5bkHEDfo4AFsOsU7C4Ect+mrIyj8bfz' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-n9Vk0arI4ALDTjVrY5bkHEDfo4AFsOsU7C4Ect+mrIyj8bfz' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 03 Feb 2023 13:54:51 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
4026
x-cache
HIT
p3p
true
paypal-debug-id
0652b7071241a
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
dc
ccg11-origin-www-1.paypal.com
content-length
94613
x-xss-protection
1; mode=block
last-modified
Fri, 03 Feb 2023 09:39:48 GMT
server
ECAcc (ama/48A7)
traceparent
00-00000000000000000000652b7071241a-8adcfdd153148c94-01
etag
W/"17195-6CiI7oB4r8+xIARcr7MfgGVA9q4"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600, s-maxage=10800
accept-ranges
bytes
timing-allow-origin
*
truncated
/ Frame FF92 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame FF92 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e0d38886fe77a4f965380f314f56745ee497d565a4918afb98fc0f8823de25b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
fb.js
c.paypal.com/da/r/ Frame FF92 		59 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/da/r/fb.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=44&style.menuPlacement=below&sdkVersion=5.0.350&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UmZW5hYmxlLWZ1bmRpbmc9dmVubW8iLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9mbWdpY3pibHBhZ211bHhpc2F1Z2VianVpb21iamsifX0&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&sdkCorrelationID=0b365392b0507&storageID=uid_3bb1fa3d13_mtm6ntq6nta&sessionID=uid_00fdb55e82_mtm6ntq6nta&buttonSessionID=uid_911067b0e5_mtm6ntq6nta&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1heGltYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&enableFunding.0=venmo&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&renderedButtons.1=sepa&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48D9) /
Resource Hash
dcc49c76e2faccba32a3f6c2c419e8f6724a46f2ccd16c822be0bae10268294b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:54:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
231850
x-cache
HIT
paypal-debug-id
5ccaca681b1b6
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
dc
ccg11-origin-www-1.paypal.com
content-length
20545
last-modified
Tue, 31 Jan 2023 20:30:46 GMT
server
ECAcc (ama/48D9)
traceparent
00-00000000000000000005ccaca681b1b6-6c63273e71d80fa9-01
etag
"63d97a76-ecbf"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
false
vary
Accept-Encoding
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 04 Feb 2023 13:54:51 GMT
i
c.paypal.com/v1/r/d/ Frame 8695 		160 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35E2) /
Resource Hash
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA, Sec-CH-UA-Full
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
141
content-security-policy-report-only
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html;charset=UTF-8
correlation-id
c78f3dc067a1a
date
Fri, 03 Feb 2023 13:54:51 GMT
origin-trial
A+THamRrv1ypMR6JeaJx7Wmo8rytLELMAeCL0XGhTihfUtp+dVqcCNYiWxOzySlH2Xk7lzRrFY3mxv6viKT1qggAAACKeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9
paypal-debug-id
c78f3dc067a1a
server
ECAcc (lhd/35E2)
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
*
traceparent
00-0000000000000000000c78f3dc067a1a-ed0413d31edaf264-01
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block
counter2.cgi
dub.stats.paypal.com/v2/ Frame 5E7C
Redirect Chain
  • https://b.stats.paypal.com/v2/counter.cgi?p=uid_00fdb55e82_mtm6ntq6nta&s=SMART_PAYMENT_BUTTONS
  • https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_00fdb55e82_mtm6ntq6nta&s=SMART_PAYMENT_BUTTONS
42 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_00fdb55e82_mtm6ntq6nta&s=SMART_PAYMENT_BUTTONS
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=44&style.menuPlacement=below&sdkVersion=5.0.350&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UmZW5hYmxlLWZ1bmRpbmc9dmVubW8iLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9mbWdpY3pibHBhZ211bHhpc2F1Z2VianVpb21iamsifX0&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&sdkCorrelationID=0b365392b0507&storageID=uid_3bb1fa3d13_mtm6ntq6nta&sessionID=uid_00fdb55e82_mtm6ntq6nta&buttonSessionID=uid_911067b0e5_mtm6ntq6nta&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1heGltYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&enableFunding.0=venmo&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&renderedButtons.1=sepa&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Protocol
HTTP/1.1
Server
64.4.245.84 , United States, ASN17012 (PAYPAL, US),
Reverse DNS
Software
PayPal-B.Stats/1.0 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 03 Feb 2023 13:54:52 GMT
Server
PayPal-B.Stats/1.0
Connection
close
Content-Length
42
Content-Type
image/jpeg

Redirect headers

Location
https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_00fdb55e82_mtm6ntq6nta&s=SMART_PAYMENT_BUTTONS
Date
Fri, 03 Feb 2023 13:54:51 GMT
Server
PayPal-B.Stats/1.0
Connection
close
Content-Length
0
Content-Type
application/octet-stream
logger
www.paypal.com/xoplatform/logger/api/ Frame FF92 		1007 B
2 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=44&style.menuPlacement=below&sdkVersion=5.0.350&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UmZW5hYmxlLWZ1bmRpbmc9dmVubW8iLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9mbWdpY3pibHBhZ211bHhpc2F1Z2VianVpb21iamsifX0&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&sdkCorrelationID=0b365392b0507&storageID=uid_3bb1fa3d13_mtm6ntq6nta&sessionID=uid_00fdb55e82_mtm6ntq6nta&buttonSessionID=uid_911067b0e5_mtm6ntq6nta&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1heGltYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&enableFunding.0=venmo&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&renderedButtons.1=sepa&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/370B) /
Resource Hash
2f1048220dde8322367774b4de1541f349143c720254f84df8a5cb60be077cf0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=44&style.menuPlacement=below&sdkVersion=5.0.350&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UmZW5hYmxlLWZ1bmRpbmc9dmVubW8iLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9mbWdpY3pibHBhZ211bHhpc2F1Z2VianVpb21iamsifX0&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&sdkCorrelationID=0b365392b0507&storageID=uid_3bb1fa3d13_mtm6ntq6nta&sessionID=uid_00fdb55e82_mtm6ntq6nta&buttonSessionID=uid_911067b0e5_mtm6ntq6nta&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1heGltYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&enableFunding.0=venmo&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&renderedButtons.1=sepa&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 03 Feb 2023 13:54:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
paypal-debug-id
067458944bb57
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
dc
ccg11-origin-www-1.paypal.com
content-length
604
server
ECAcc (lhd/370B)
traceparent
00-0000000000000000000067458944bb57-6e41132026d08b3f-01
etag
W/"3ef-X8dhAs77KAF3em9bBuXyPplSRoo"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypal.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
fb.js
c.paypal.com/da/r/ Frame 8695 		59 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/da/r/fb.js
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48D9) /
Resource Hash
dcc49c76e2faccba32a3f6c2c419e8f6724a46f2ccd16c822be0bae10268294b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:54:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
231851
x-cache
HIT
paypal-debug-id
5ccaca681b1b6
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
dc
ccg11-origin-www-1.paypal.com
content-length
20545
last-modified
Tue, 31 Jan 2023 20:30:46 GMT
server
ECAcc (ama/48D9)
traceparent
00-00000000000000000005ccaca681b1b6-6c63273e71d80fa9-01
etag
"63d97a76-ecbf"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
false
vary
Accept-Encoding
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 04 Feb 2023 13:54:52 GMT
p1
c.paypal.com/v1/r/d/b/ Frame 8695 		125 B
761 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/b/p1
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35F4) /
Resource Hash
54935bcfd1f1a1f290d788c3c19b6e103410d64ab36587d559ebb6eac446547b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 03 Feb 2023 13:54:51 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
correlation-id
7c0dcb897737c
server
ECAcc (lhd/35F4)
traceparent
00-00000000000000000007c0dcb897737c-dd89b4999bd24c8d-01
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id
7c0dcb897737c
content-type
application/json
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin
*
content-length
125
e
c.paypal.com/v1/r/d/b/ Frame 8695 		0
132 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/b/e
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35E6) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 03 Feb 2023 13:54:51 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
correlation-id
8a34572d55ffc
server
ECAcc (lhd/35E6)
traceparent
00-00000000000000000008a34572d55ffc-9991ec1db1599343-01
paypal-debug-id
8a34572d55ffc
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin
*
p3
c6.paypal.com/v1/r/d/b/ Frame 8695 		0
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c6.paypal.com/v1/r/d/b/p3?f=uid_00fdb55e82_mtm6ntq6nta&s=SMART_PAYMENT_BUTTONS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:ce53:4396:b914:64c2:638e , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35FB) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:54:52 GMT
content-encoding
gzip
correlation-id
21987aaba1796
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
ECAcc (lhd/35FB)
traceparent
00-000000000000000000021987aaba1796-a6665c92affb5254-01
vary
Accept-Encoding
paypal-debug-id
21987aaba1796
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin
*
content-length
20
logger
www.paypal.com/xoplatform/logger/api/ Frame FF92 		1002 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&locale=en_US&disable-funding=credit,card&intent=capture&commit=false&enable-funding=venmo
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35A3) /
Resource Hash
659352a5cbcf55d8ed9a77e5456bd821b76a053fbd05378c29ba136c5ab0e1f1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://www.paypal.com/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=44&style.menuPlacement=below&sdkVersion=5.0.350&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UmZW5hYmxlLWZ1bmRpbmc9dmVubW8iLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9mbWdpY3pibHBhZ211bHhpc2F1Z2VianVpb21iamsifX0&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&sdkCorrelationID=0b365392b0507&storageID=uid_3bb1fa3d13_mtm6ntq6nta&sessionID=uid_00fdb55e82_mtm6ntq6nta&buttonSessionID=uid_911067b0e5_mtm6ntq6nta&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1heGltYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&enableFunding.0=venmo&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&renderedButtons.1=sepa&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
content-type
application/json

Response headers

date
Fri, 03 Feb 2023 13:54:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
paypal-debug-id
032b2b909a82a
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
dc
ccg11-origin-www-1.paypal.com
content-length
595
server
ECAcc (lhd/35A3)
traceparent
00-0000000000000000000032b2b909a82a-c1afd0b56626a9d8-01
etag
W/"3ea-eCtBiAEWYfXTtWKsp+5+Sjb2/K8"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypal.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
/
api-js.mixpanel.com/track/ 		25 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-js.mixpanel.com/track/?verbose=1&ip=1&_=1675432494897
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.240.159 -, , ASN (),
Reverse DNS
Software
envoy /
Resource Hash
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains

Request headers

Referer
https://secure.actblue.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=604800; includeSubDomains
date
Fri, 03 Feb 2023 13:54:54 GMT
via
1.1 google
server
envoy
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://secure.actblue.com
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
9
access-control-allow-headers
X-Requested-With
content-length
25
alt-svc
clear

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| oncontentvisibilityautostatechange object| CF_CONFIG object| indigoListResponse object| preloadedState object| mixpanel object| actBlueConfig function| setImmediate function| clearImmediate object| actblue function| abConfigure object| webpackJsonp object| __core-js_shared__ object| core object| tracker function| PERSIST object| SafeDDLogs object| SafeMixpanel object| Bugsnag string| MODE object| _gaq object| DD_LOGS object| _gat object| gaGlobal string| _user_id string| _session_id object| _sift object| __post_robot_11_0_0___uid_fmgiczblpagmulxisaugebjuiombjk object| paypal object| __zoid_10_1_0___uid_fmgiczblpagmulxisaugebjuiombjk object| paypalDDL string| PaypalOffersObject function| ppq object| denylistedDomainsHashedValueListForGpayButtonWithCardInfo object| whitelistedDomainsHashedValueListForGpayButtonWithCardInfo object| denylistedMerchentIdsHashedValueListForGpayButtonWithCardInfo object| google object| __post_robot_10_0_44__ object| PAYPAL

26 Cookies

Domain/Path Name / Value
secure.actblue.com/cf/assets/app-css Name: skip_prefill_check
Value: true
secure.actblue.com/cf/assets/app Name: skip_prefill_check
Value: true
secure.actblue.com/cf/assets Name: skip_prefill_check
Value: true
secure.actblue.com/cf/static Name: skip_prefill_check
Value: true
secure.actblue.com/donate Name: skip_prefill_check
Value: true
.actionnetwork.org/ Name: __cf_bm
Value: E5OQfIP6i4GwQNH0qQ_J7NFlSF4hthTsyHyL7vRIAHU-1675432488-0-AeAeJsPvVCNWUPQMaWwYzu7RHYQuIuAIOo/nsuwczucUTNJMkj18O3J0w3xhHDLnLYVbEECkjTDb5vFEWiVoZjE=
.actblue.com/ Name: mp_1498bce7991dd9e45621a9bf2dbfa01b_mixpanel
Value: %7B%22distinct_id%22%3A%20%22186178ef3aa5d0-091beec938409c-60325d57-1d4c00-186178ef3abeb0%22%2C%22%24device_id%22%3A%20%22186178ef3aa5d0-091beec938409c-60325d57-1d4c00-186178ef3abeb0%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
secure.actblue.com/ Name: _dd_s
Value: logs=1&id=4d3f03c2-537f-4435-9919-0da74a2f9da7&created=1675432489906&expire=1675433389906
.actblue.com/ Name: __utma
Value: 88171332.648782347.1675432490.1675432490.1675432490.1
.actblue.com/ Name: __utmc
Value: 88171332
.actblue.com/ Name: __utmz
Value: 88171332.1675432490.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.actblue.com/ Name: __utmt
Value: 1
.actblue.com/ Name: __utmb
Value: 88171332.1.10.1675432490
.secure.actblue.com/ Name: _session_id
Value: def96f99b958604d94ae50d18151e28d
.google.com/ Name: NID
Value: 511=bbiqZbSpinIGTTBIoLzwYyCNUk0Nu_leyQyddce-QgsA0L8RM0VFjFyS9cnZ4RWFvqobfJifx8FHY1TG3Kqgaer-o0Gm5mPp2JrDOP0Z7VzQW4GY1M9DO7cS5mbZuNwPK3Vt76fq55cZqFrfVlO_-NsAv5PnKYHz_G_NdGQbBq4
.paypal.com/ Name: l7_az
Value: dcg13.slc
.paypal.com/ Name: LANG
Value: de_DE%3BDE
.paypal.com/ Name: enforce_policy
Value: gdpr_v2.1
www.paypal.com/ Name: nsid
Value: s%3A_0UVK4IYAVK09bSo_uL-Ekc5_AABZ_Qj.hH6A832ciMq5%2FETI2LnVqfSy27u2fgApm3ppUYw%2FQBI
.paypal.com/ Name: ts_c
Value: vr%3D178ef7981860a7805de5ad0ffe847a7f%26vt%3D178ef7981860a7805de5ad0ffe847a7e
.paypalobjects.com/ Name: paypal-offers--cust
Value: null:null:null
.paypal.com/ Name: tsrce
Value: loggernodeweb
.c.paypal.com/ Name: sc_f
Value: RZEKN-MUOrpYfvNp1vZDfzZ7o99FWQ1YY0i9QRk5qMMK_C8FAvXcSINEVE_r7JbSkCwO-VHXB9TKjfW9sHWTOS8d2sbZfC0QUTL_Q0
.paypal.com/ Name: KHcl0EuY7AKSMgfvHl7J5E7hPtK
Value: AVDvL_JXIGBPVuvp_OsKUAy61Ap6-gH1nt6gV6nQBoZs6PblrU64TB9iQ-FM_QE2l2_lf1IExpSoSNFs
.paypal.com/ Name: x-pp-s
Value: eyJ0IjoiMTY3NTQzMjQ5MjIxMSIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/ Name: ts
Value: vreXpYrS%3D1770126892%26vteXpYrS%3D1675434292%26vr%3D178ef7981860a7805de5ad0ffe847a7f%26vt%3D178ef7981860a7805de5ad0ffe847a7e%26vtyp%3Dnew

2 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'none'; report-uri /system/csp_reports
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

actblue-indigo-uploads.s3.amazonaws.com
api-js.mixpanel.com
b.stats.paypal.com
c.paypal.com
c6.paypal.com
cdn.mxpnl.com
dub.stats.paypal.com
janepac.com
pay.google.com
play.google.com
secure.actblue.com
sessions.bugsnag.com
ssl.google-analytics.com
stats.g.doubleclick.net
t.paypal.com
url1005.email.actionnetwork.org
www.datadoghq-browser-agent.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
107.178.240.159
108.138.6.236
151.101.192.174
192.229.221.25
2600:1901:0:498c::
2600:1901:0:7a0b::
2606:2800:233:ce53:4396:b914:64c2:638e
2606:4700::6812:13bc
2a00:1450:400d:807::2008
2a00:1450:400d:80a::2003
2a00:1450:400d:80d::200e
2a00:1450:4013:c00::5c
2a00:1450:4025:401::9a
3.215.131.20
52.217.78.116
64.4.245.84
037e2efbeabb766ecdc52dd948fe8e3791b0ad329d60766fcaa9e699227cf9f6
07b3654c613c324b81b074357807bc29d74a28243aed396b19066b6f4b8c9c6e
07fef4d664110aefe1a27d73b460b546357181b18551043861f9381cec023a80
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b
2f1048220dde8322367774b4de1541f349143c720254f84df8a5cb60be077cf0
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
52748bf2a93074e68df196b31d1d8d51bc6b376c33435208425b0e92fb671003
54935bcfd1f1a1f290d788c3c19b6e103410d64ab36587d559ebb6eac446547b
5fc8bdb35afb737f47b0bcd2c5a56fa0b3c52c774974bb18233a83e9f7311b10
64b32d14f993564fe182a5690410f7d4aa2ace59934eac09d7dcf03a68ec7566
653e7cf0591c3856565188ac0fe9b6baa746f318b2cd4f205ac4e08a76edf338
659352a5cbcf55d8ed9a77e5456bd821b76a053fbd05378c29ba136c5ab0e1f1
69a109c6fe9666457c6f66603d23acf46fde924bddf6b87d7ede5cb109b76f8c
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
7106e29004d84e11bde8ccadaf48b30cefa8dd4aa889579717a2c52a564b9584
75bb15de13078f4103ed73b726bdfde363c22c8e91a0c8d242b4e5d9fd6ff833
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85a8c905863bab936874425d66536a4c802f0ccccb1a1741282d9121bbb9ac65
8ae3400104c7b0db11e9fe317236e68a26afba6580192041e87038ceff4db638
8efe2e22c633836bbea081b7731d7698d4109c7de9266800b1631df1a15d9afe
912bc848d461e328a48863196601323b69ed445926c856f23a426efe674e67eb
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
946954f8aa4925f494d4ae3fb479823854a0d90530ee6b84ff1352506b4001b3
9776055d89d84a05b4cb2216204dfe97e7e4bcf37e431ad183f62f957fd562cd
a66ab04e5118a798058c9a0ab5d3ebc8f4267a1c1db96effe30ae1d660c89789
a7d987432aed9a8a796d675dc7bc0f28054b9b0b825c8422859cf94e77d70a61
b30136e41af0cb6a31fe3e5ea66e0b57ce11a46b57ef58d6cc31c8c9a1a8d279
c1385c3ece3eecfc73d4617747dc496f947a31addb5ae8ca64d854abb69ecfad
c2c6334723564ea2bdf502802ff37aa112d7465498a5b1eead74493e5ae366a7
cf350023f780070c3d367d1c58224461e7d514484053b8421a39f8c0ff5819b0
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d7824ee7dccbe79daef9ae2cd0766d6a9b3eb35c2a27f2b60c71c63944d1e3bf
da7a511c69cdf1e0f950a29019d09854b8919bc154bb95fe5d5ec580ed2f0997
dcc49c76e2faccba32a3f6c2c419e8f6724a46f2ccd16c822be0bae10268294b
e0d38886fe77a4f965380f314f56745ee497d565a4918afb98fc0f8823de25b6
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e92963b5e17fcdadca8bce068c8b7df56b03a01820bd16799305a099b3ad91