secure.actblue.com Open in urlscan Pro
151.101.112.174 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://u1584542.ct.sendgrid.net/ss/c/4PfL751D8g4IfLXFw3QfXV5Wo_6TP_ujTmJFoO05AE20kpvqeSgDIY_OHxV7yJor3Qy08I0cEsuqreBgNQQMWw257Ak...
Effective URL:
https://secure.actblue.com/donate/bfp-elect-dems-april-2021?refcode=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&amoun...
Submission Tags: phishing malicious Search All
Submission: On April 19 via api (April 19th 2021, 5:18:55 am UTC) from US

Summary HTTP 91 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 32 IPs in 5 countries across 25 domains to perform 91 HTTP transactions. The main IP is 151.101.112.174, located in Frankfurt am Main, Germany and belongs to FASTLY, US. The main domain is secure.actblue.com.
TLS certificate: Issued by Sectigo RSA Extended Validation Secur... on October 22nd 2019. Valid for: 2 years.

This is the only time secure.actblue.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.123.16 167.89.123.16	11377 (SENDGRID) (SENDGRID)
8	151.101.112.174 151.101.112.174	54113 (FASTLY) (FASTLY)
2	52.216.29.4 52.216.29.4	16509 (AMAZON-02) (AMAZON-02)
1	2600:1901:0:b... 2600:1901:0:bc29::	15169 (GOOGLE) (GOOGLE)
4	2600:1901:0:7... 2600:1901:0:7a0b::	15169 (GOOGLE) (GOOGLE)
1	13.224.94.226 13.224.94.226	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700:10:... 2606:4700:10::6816:108d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.253.179.128 34.253.179.128	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
1	13.224.100.80 13.224.100.80	16509 (AMAZON-02) (AMAZON-02)
1 1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
3	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
2	44.229.187.242 44.229.187.242	16509 (AMAZON-02) (AMAZON-02)
1 2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0d::9a	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
5	107.178.240.159 107.178.240.159	15169 (GOOGLE) (GOOGLE)
10	151.101.1.21 151.101.1.21	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:400c:c07::5c	15169 (GOOGLE) (GOOGLE)
4	104.111.228.123 104.111.228.123	16625 (AKAMAI-AS) (AKAMAI-AS)
3	151.101.1.35 151.101.1.35	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	34.96.67.224 34.96.67.224	15169 (GOOGLE) (GOOGLE)
1	34.102.232.42 34.102.232.42	15169 (GOOGLE) (GOOGLE)
91	32

1 167.89.123.16 (Chicago, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789123x16.outbound-mail.sendgrid.net

u1584542.ct.sendgrid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.112.174 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

secure.actblue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.216.29.4 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

actblue-indigo-uploads.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:bc29:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

cdn.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1901:0:7a0b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

sessions.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.94.226 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-94-226.zrh50.r.cloudfront.net

www.datadoghq-browser-agent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:108d (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

api.retargetly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.253.179.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-179-128.eu-west-1.compute.amazonaws.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.100.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-100-80.zrh50.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.229.187.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-229-187-242.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0d::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 107.178.240.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.240.178.107.bc.googleusercontent.com

api-js.mixpanel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.1.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c07::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.111.228.123 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-228-123.deploy.static.akamaitechnologies.com

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.1.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.67.224 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 224.67.96.34.bc.googleusercontent.com

cdn.sift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.232.42 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 42.232.102.34.bc.googleusercontent.com

hexagon-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	google.com 1 redirects www.google.com pay.google.com play.google.com	383 KB
13	paypal.com www.paypal.com t.paypal.com	290 KB
8	actblue.com secure.actblue.com	500 KB
5	gstatic.com www.gstatic.com	99 KB
5	mixpanel.com api-js.mixpanel.com	630 B
5	doubleclick.net 1 redirects pubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	2 KB
4	paypalobjects.com www.paypalobjects.com	134 KB
4	google-analytics.com 1 redirects ssl.google-analytics.com www.google-analytics.com	38 KB
4	bugsnag.com sessions.bugsnag.com	220 B
3	facebook.com www.facebook.com	710 B
3	google.de www.google.de	235 B
3	googleadservices.com www.googleadservices.com	29 KB
3	googletagmanager.com www.googletagmanager.com	103 KB
2	segment.io api.segment.io	285 B
2	yimg.com s.yimg.com	6 KB
2	facebook.net connect.facebook.net	97 KB
2	retargetly.com 1 redirects api.retargetly.com	733 B
2	amazonaws.com actblue-indigo-uploads.s3.amazonaws.com	548 KB
1	hexagon-analytics.com hexagon-analytics.com	240 B
1	sift.com cdn.sift.com	20 KB
1	segment.com cdn.segment.com	64 KB
1	adsrvr.org insight.adsrvr.org	261 B
1	datadoghq-browser-agent.com www.datadoghq-browser-agent.com	12 KB
1	mxpnl.com cdn.mxpnl.com	25 KB
1	sendgrid.net 1 redirects u1584542.ct.sendgrid.net	701 B
91	25

	Domain	Requested by
13	play.google.com	www.gstatic.com
10	www.paypal.com	secure.actblue.com www.paypal.com www.paypalobjects.com www.datadoghq-browser-agent.com
8	secure.actblue.com	secure.actblue.com
5	www.gstatic.com	pay.google.com www.gstatic.com
5	api-js.mixpanel.com	www.datadoghq-browser-agent.com
4	www.paypalobjects.com	www.paypal.com www.paypalobjects.com
4	sessions.bugsnag.com	secure.actblue.com www.datadoghq-browser-agent.com
3	t.paypal.com	secure.actblue.com
3	pay.google.com	secure.actblue.com pay.google.com www.gstatic.com
3	www.facebook.com	secure.actblue.com
3	www.google.de	secure.actblue.com
3	www.google.com	1 redirects secure.actblue.com
3	www.google-analytics.com	www.googletagmanager.com www.datadoghq-browser-agent.com www.gstatic.com
3	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
3	www.googletagmanager.com	secure.actblue.com www.googletagmanager.com
2	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
2	api.segment.io	cdn.segment.com
2	stats.g.doubleclick.net	secure.actblue.com www.datadoghq-browser-agent.com
2	s.yimg.com	secure.actblue.com s.yimg.com
2	connect.facebook.net	secure.actblue.com connect.facebook.net
2	api.retargetly.com	1 redirects secure.actblue.com
2	actblue-indigo-uploads.s3.amazonaws.com	secure.actblue.com
1	hexagon-analytics.com
1	cdn.sift.com	secure.actblue.com
1	ssl.google-analytics.com	1 redirects
1	cdn.segment.com	secure.actblue.com
1	insight.adsrvr.org	secure.actblue.com
1	pubads.g.doubleclick.net	secure.actblue.com
1	www.datadoghq-browser-agent.com	secure.actblue.com
1	cdn.mxpnl.com	secure.actblue.com
1	u1584542.ct.sendgrid.net	1 redirects
91	31

This site contains links to these domains. Also see Links.

Domain
democrats.org

Subject Issuer	Validity	Valid
secure.actblue.com Sectigo RSA Extended Validation Secure Server CA	`2019-10-22` - `2021-10-21`	2 years	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-01-11` - `2022-02-11`	a year	crt.sh
*.mxpnl.com RapidSSL RSA CA 2018	`2019-07-29` - `2021-07-28`	2 years	crt.sh
*.bugsnag.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-18` - `2021-05-18`	a year	crt.sh
*.datadoghq-browser-agent.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-17` - `2022-03-17`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.retargetly.com Sectigo RSA Domain Validation Secure Server CA	`2020-12-22` - `2021-12-22`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-24` - `2021-05-12`	2 months	crt.sh
*.segment.com DigiCert SHA2 Secure Server CA	`2020-06-12` - `2021-07-27`	a year	crt.sh
www.googleadservices.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.mixpanel.com GeoTrust RSA CA 2018	`2020-04-20` - `2022-04-21`	2 years	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2021-01-12` - `2022-02-12`	a year	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2020-11-17` - `2021-11-21`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.sift.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-19`	a year	crt.sh
*.hexagon-analytics.com DigiCert SHA2 Secure Server CA	`2019-08-01` - `2021-11-03`	2 years	crt.sh

This page contains 6 frames:

Primary Page: https://secure.actblue.com/donate/bfp-elect-dems-april-2021?refcode=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&amount=1&amounts=1,1,1,1&utm_medium=email&utm_source=an&utm_campaign=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&link_id=16&refcodeEmailReferrer=email_1144221&can_id=b429f0dd987a04c99ffa53903d55e104&email_referrer=email_1144221&email_subject=capture-firstname3-firstname-sanitize-endcapture-team-joe-newsletter-for-if-firstname3-firstname-sanitize-else-you-endif-inside-nil
Frame ID: 3590E232C323DAC80A01D4A990F51A52
Requests: 42 HTTP requests in this frame

Frame: https://secure.actblue.com/pages/bfp-elect-dems-april-2021/tracking_code?t=landing&refcode=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&amount=1&amounts=1,1,1,1&utm_medium=email&utm_source=an&utm_campaign=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&link_id=16&refcodeEmailReferrer=email_1144221&can_id=b429f0dd987a04c99ffa53903d55e104&email_referrer=email_1144221&email_subject=capture-firstname3-firstname-sanitize-endcapture-team-joe-newsletter-for-if-firstname3-firstname-sanitize-else-you-endif-inside-nil
Frame ID: 499C3AFF7719AB9E8A36D1548F02DC8F
Requests: 16 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=44&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UiLCJhdHRycyI6eyJkYXRhLXVpZCI6IjdmYTBjMWYwZTZfbWR1Nm10ZzZtemMifX0&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&sdkCorrelationID=6cdf008c22079&storageID=813b1f9192_mdu6mtg6mzc&sessionID=7ddcae5001_mdu6mtg6mzc&buttonSessionID=72478e1002_mdu6mtg6mzc&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsiZmxleCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlfX19LCJjYXJkIjp7ImVsaWdpYmxlIjpmYWxzZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19fSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6dHJ1ZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX19&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&disableFunding.0=credit&disableFunding.1=card&supportsPopups=true
Frame ID: D561196EE277AB011F38317851CC4F85
Requests: 6 HTTP requests in this frame

Frame: data://truncated
Frame ID: 3E7DC77B1C4119778FF64DF8794C0931
Requests: 2 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fsecure.actblue.com&mid=
Frame ID: 52A2D8CD6F34EE509957C5952F5CE348
Requests: 15 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html?frameId=bd32beaf-bcbb-4b52-858e-20ec8ab9d79d&propertyId=NGJ83G9Z8QXZ8-1&flow=visitor-info&variant=analytics&mrid=NGJ83G9Z8QXZ8&isMobileEnabled=true&isDesktopEnabled=true&shouldCheckCountry=true&mobileVariant=analytics&mobileFlow=visitor-info
Frame ID: A313AF38C4636D44CBB1BEC5268716E0
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://u1584542.ct.sendgrid.net/ss/c/4PfL751D8g4IfLXFw3QfXV5Wo_6TP_ujTmJFoO05AE20kpvqeSgDIY_OHxV7yJor3Qy08I0... HTTP 302
https://secure.actblue.com/donate/bfp-elect-dems-april-2021?refcode=JB_EM_FR_2021.04.16_B1_newsletter_X... Page URL

Detected technologies

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i

Page Statistics

91
Requests

100 %
HTTPS

55 %
IPv6

25
Domains

31
Subdomains

32
IPs

5
Countries

2353 kB
Transfer

6593 kB
Size

20
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://democrats.org/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://u1584542.ct.sendgrid.net/ss/c/4PfL751D8g4IfLXFw3QfXV5Wo_6TP_ujTmJFoO05AE20kpvqeSgDIY_OHxV7yJor3Qy08I0cEsuqreBgNQQMWw257AklywpJnBmW6rYb67nPYzYxz0EMvvrL2oWsRNShus7a3-Lox62kVeyxVNkeI7L3TVdvRpWA7ihmWsb-_T8HiOo5EDcxwvjSUQJ6CiFJvUrHtvxm_iRM2jb478ZSX6sJMQKuZ2S7Vp4wS5tpteIrMPkLrXlqCTlk1qihEo97NmMyKElKco2EpGpgoYQQQIN4jHwQwo0bo9v_lqkRf6Al0m18dxm4Vaso8ZnqQKa2u6pFjdYHRyNqkVIkONhZ9fCM-m1BSfyv-UYHeTWGDGxLzy6dzEYjFRN_d-JsYNyM9vVlwFPIlp8J74BYlWHC7pdI3zVMupoP-Oszybteb4H25wHYczxsz34FZHRol1PvGHazZ5XKtIrSzrfcYJi0YQsfj6u9l8qMuqKrW7hE06MeYsFSaWaoGU1Kfy0WUSl2r9Tie646d-DNr0Bl_j2ebGuc6GiUOUv8_Hniu1bFmoLpZyvl11qdYcU9I40jZHe1HNeQJUjKLyapxCi2VnXJhi-Vl9chOHLAVqXITYjK2UBKCKVdzVmdKXqCfGz4UmeexsiemXlOzxjZUcew74Hxou0WB1uP2Rw6e9D9bwFLID0/3b4/kHEsVnmjTAe7Weg4vugYmQ/h15/3ZTiJjR7Qm8dYSQtxQAUK3-Nn6SyNuon2tjY38-zHVk HTTP 302
https://secure.actblue.com/donate/bfp-elect-dems-april-2021?refcode=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&amount=1&amounts=1,1,1,1&utm_medium=email&utm_source=an&utm_campaign=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&link_id=16&refcodeEmailReferrer=email_1144221&can_id=b429f0dd987a04c99ffa53903d55e104&email_referrer=email_1144221&email_subject=capture-firstname3-firstname-sanitize-endcapture-team-joe-newsletter-for-if-firstname3-firstname-sanitize-else-you-endif-inside-nil Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://api.retargetly.com/track?t=ziyEjm HTTP 302
https://api.retargetly.com/track?t=ziyEjm&_rlid=1958611f-8e9f-4bd8-a3e4-4210b7d633ad

Request Chain 19

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.6.1&utms=1&utmn=1715923477&utmhn=secure.actblue.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=ActBlue&utmhid=1161707928&utmr=-&utmp=%2Fdonate%2Fbfp-elect-dems-april-2021%3Frefcode%3DJB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac%26amount%3D1%26amounts%3D1%2C1%2C1%2C1%26utm_medium%3Demail%26utm_source%3Dan%26utm_campaign%3DJB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac%26link_id%3D16%26refcodeEmailReferrer%3Demail_1144221%26can_id%3Db429f0dd987a04c99ffa53903d55e104%26email_referrer%3Demail_1144221%26email_subject%3Dcapture-firstname3-firstname-sanitize-endcapture-team-joe-newsletter-for-if-firstname3-firstname-sanitize-else-you-endif-inside-nil&utmht=1618809516819&utmac=UA-159696-1&utmcc=__utma%3D88171332.308468020.1618809517.1618809517.1618809517.1%3B%2B__utmz%3D88171332.1618809517.1.1.utmcsr%3Dan%7Cutmccn%3DJB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac%7Cutmcmd%3Demail%3B&utmjid=701763835&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-159696-1&cid=308468020.1618809517&jid=701763835&_v=5.6.1&z=1715923477

Request Chain 34

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/745767271/?random=1792393710&cv=9&fst=1618809516965&num=1&label=sBrwCPCVnJsBEOeCzuMC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa472&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fbfp-elect-dems-april-2021%3Frefcode%3DJB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac%26amount%3D1%26amounts%3D1%2C1%2C1%2C1%26utm_medium%3Demail%26utm_source%3Dan%26utm_campaign%3DJB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac%26link_id%3D16%26refcodeEmailReferrer%3Demail_1144221%26can_id%3Db429f0dd987a04c99ffa53903d55e104%26email_referrer%3Demail_1144221%26email_subject%3Dcapture-firstname3-firstname-sanitize-endcapture-team-joe-newsletter-for-if-firstname3-firstname-sanitize-else-you-endif-inside-nil&tiba=ActBlue&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=rBJ9YN3WPNTc3wOhoKrADg&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/745767271/?random=1792393710&cv=9&fst=1618809516965&num=1&label=sBrwCPCVnJsBEOeCzuMC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa472&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fbfp-elect-dems-april-2021%3Frefcode%3DJB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac%26amount%3D1%26amounts%3D1%2C1%2C1%2C1%26utm_medium%3Demail%26utm_source%3Dan%26utm_campaign%3DJB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac%26link_id%3D16%26refcodeEmailReferrer%3Demail_1144221%26can_id%3Db429f0dd987a04c99ffa53903d55e104%26email_referrer%3Demail_1144221%26email_subject%3Dcapture-firstname3-firstname-sanitize-endcapture-team-joe-newsletter-for-if-firstname3-firstname-sanitize-else-you-endif-inside-nil&tiba=ActBlue&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=rBJ9YN3WPNTc3wOhoKrADg&cid=CAQSKQCNIrLMrOo2VmnVBn8fTrv-BTaOq8XniIGZ02ieVv2kif_fjiuVemus&random=3154440716&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/745767271/?random=1792393710&cv=9&fst=1618809516965&num=1&label=sBrwCPCVnJsBEOeCzuMC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa472&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fbfp-elect-dems-april-2021%3Frefcode%3DJB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac%26amount%3D1%26amounts%3D1%2C1%2C1%2C1%26utm_medium%3Demail%26utm_source%3Dan%26utm_campaign%3DJB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac%26link_id%3D16%26refcodeEmailReferrer%3Demail_1144221%26can_id%3Db429f0dd987a04c99ffa53903d55e104%26email_referrer%3Demail_1144221%26email_subject%3Dcapture-firstname3-firstname-sanitize-endcapture-team-joe-newsletter-for-if-firstname3-firstname-sanitize-else-you-endif-inside-nil&tiba=ActBlue&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=rBJ9YN3WPNTc3wOhoKrADg&cid=CAQSKQCNIrLMrOo2VmnVBn8fTrv-BTaOq8XniIGZ02ieVv2kif_fjiuVemus&random=3154440716&resp=GooglemKTybQhCsO&ipr=y

91 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request bfp-elect-dems-april-2021 Show response
secure.actblue.com/donate/
Redirect Chain

https://u1584542.ct.sendgrid.net/ss/c/4PfL751D8g4IfLXFw3QfXV5Wo_6TP_ujTmJFoO05AE20kpvqeSgDIY_OHxV7yJor3Qy08I0cEsuqreBgNQQMWw257AklywpJnBmW6rYb67nPYzYxz0EMvvrL2oWsRNShus7a3-Lox62kVeyxVNkeI7L3TVdvRpW...
https://secure.actblue.com/donate/bfp-elect-dems-april-2021?refcode=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&amount=1&amounts=1,1,1,1&utm_medium=email&utm_source=an&utm_campaign=JB_EM_FR_2...

65 KB
18 KB

23ms
7ms

Document
text/html

151.101.112.174
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.actblue.com/donate/bfp-elect-dems-april-2021?refcode=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&amount=1&amounts=1,1,1,1&utm_medium=email&utm_source=an&utm_campaign=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&link_id=16&refcodeEmailReferrer=email_1144221&can_id=b429f0dd987a04c99ffa53903d55e104&email_referrer=email_1144221&email_subject=capture-firstname3-firstname-sanitize-endcapture-team-joe-newsletter-for-if-firstname3-firstname-sanitize-else-you-endif-inside-nil

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.174 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ee1151a80ce88380f67bc021bda43eb63ab2fe6a9a0322466a88182638b7fdd5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; report-uri /system/csp_reports
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: secure.actblue.com
:scheme: https
:path: /donate/bfp-elect-dems-april-2021?refcode=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&amount=1&amounts=1,1,1,1&utm_medium=email&utm_source=an&utm_campaign=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&link_id=16&refcodeEmailReferrer=email_1144221&can_id=b429f0dd987a04c99ffa53903d55e104&email_referrer=email_1144221&email_subject=capture-firstname3-firstname-sanitize-endcapture-team-joe-newsletter-for-if-firstname3-firstname-sanitize-else-you-endif-inside-nil
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: no-store, no-cache, must-revalidate, max-age=0
content-security-policy: frame-ancestors 'none'; report-uri /system/csp_reports
content-type: text/html; charset=utf-8
etag: W/"104a4-cyz6mFiwoFLM0bl65V6MfyE2wiw"
x-form-app: kittens! [Server: node: us]
x-frame-options: sameorigin
via: 1.1 vegur, 1.1 varnish, 1.1 varnish
content-encoding: gzip
accept-ranges: bytes
date: Mon, 19 Apr 2021 05:18:36 GMT
age: 39887
vary: Accept-Encoding
set-cookie: skip_prefill_check=true; Secure
x-robots-tag: noindex, nofollow
x-start: 2021-04-19 05:18:36.399
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
content-length: 17763

Redirect headers

Server: nginx
Date: Mon, 19 Apr 2021 05:18:36 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 560
Connection: keep-alive
Location: https://secure.actblue.com/donate/bfp-elect-dems-april-2021?refcode=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&amount=1&amounts=1,1,1,1&utm_medium=email&utm_source=an&utm_campaign=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&link_id=16&refcodeEmailReferrer=email_1144221&can_id=b429f0dd987a04c99ffa53903d55e104&email_referrer=email_1144221&email_subject=capture-firstname3-firstname-sanitize-endcapture-team-joe-newsletter-for-if-firstname3-firstname-sanitize-else-you-endif-inside-nil
X-Robots-Tag: noindex, nofollow

GET
H2 200 64fe3d055381b1cbfb90.css
secure.actblue.com/cf/assets/app-css/ 21 KB
5 KB 8ms
8ms Stylesheet
text/css 151.101.112.174
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.actblue.com/cf/assets/app-css/64fe3d055381b1cbfb90.css?form_app=us

Requested by

Host: secure.actblue.com
URL: https://secure.actblue.com/donate/bfp-elect-dems-april-2021?refcode=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&amount=1&amounts=1,1,1,1&utm_medium=email&utm_source=an&utm_campaign=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&link_id=16&refcodeEmailReferrer=email_1144221&can_id=b429f0dd987a04c99ffa53903d55e104&email_referrer=email_1144221&email_subject=capture-firstname3-firstname-sanitize-endcapture-team-joe-newsletter-for-if-firstname3-firstname-sanitize-else-you-endif-inside-nil

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.174 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c0a876e22dd207a67ea508bf2a41c88b3f98dbc7ebc1fd335ccf427bf39aa4ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

:path: /cf/assets/app-css/64fe3d055381b1cbfb90.css?form_app=us
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: secure.actblue.com
referer: https://secure.actblue.com/donate/bfp-elect-dems-april-2021?refcode=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&amount=1&amounts=1,1,1,1&utm_medium=email&utm_source=an&utm_campaign=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&link_id=16&refcodeEmailReferrer=email_1144221&can_id=b429f0dd987a04c99ffa53903d55e104&email_referrer=email_1144221&email_subject=capture-firstname3-firstname-sanitize-endcapture-team-joe-newsletter-for-if-firstname3-firstname-sanitize-else-you-endif-inside-nil
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://secure.actblue.com/donate/bfp-elect-dems-april-2021?refcode=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&amount=1&amounts=1,1,1,1&utm_medium=email&utm_source=an&utm_campaign=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&link_id=16&refcodeEmailReferrer=email_1144221&can_id=b429f0dd987a04c99ffa53903d55e104&email_referrer=email_1144221&email_subject=capture-firstname3-firstname-sanitize-endcapture-team-joe-newsletter-for-if-firstname3-firstname-sanitize-else-you-endif-inside-nil
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 05:18:36 GMT
via: 1.1 vegur, 1.1 varnish, 1.1 varnish
last-modified: Wed, 14 Apr 2021 15:04:23 GMT
age: 39980
etag: W/"5539-178d0e970d8"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
x-start: 2021-04-19 05:18:36.413
set-cookie: skip_prefill_check=true; Secure
cache-control: max-age=31557600, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
content-length: 5073
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK 68a52e68-bd01-44c5-9643-4b2910a3d0c3-dcccdd7d-11f0-4984-87ed-618cb55a88ab-DLogo.svg
actblue-indigo-uploads.s3.amazonaws.com/uploads/list-editor/957dfbed-11be-4cd5-84a0-2e4446c27cdd-brandings/123727/header/image_url/ 2 KB
3 KB 413ms
117ms Image
image/svg+xml 52.216.29.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://actblue-indigo-uploads.s3.amazonaws.com/uploads/list-editor/957dfbed-11be-4cd5-84a0-2e4446c27cdd-brandings/123727/header/image_url/68a52e68-bd01-44c5-9643-4b2910a3d0c3-dcccdd7d-11f0-4984-87ed-618cb55a88ab-DLogo.svg
Requested by: Host: secure.actblue.com
URL: https://secure.actblue.com/donate/bfp-elect-dems-april-2021?refcode=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&amount=1&amounts=1,1,1,1&utm_medium=email&utm_source=an&utm_campaign=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&link_id=16&refcodeEmailReferrer=email_1144221&can_id=b429f0dd987a04c99ffa53903d55e104&email_referrer=email_1144221&email_subject=capture-firstname3-firstname-sanitize-endcapture-team-joe-newsletter-for-if-firstname3-firstname-sanitize-else-you-endif-inside-nil
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.29.4 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: f74733d14bd575a6188a205c1f773505971dc5a8f50e23a32de2b59f3d44cbf4

Request headers

Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Apr 2021 05:18:37 GMT
Last-Modified: Fri, 05 Mar 2021 17:53:16 GMT
Server: AmazonS3
x-amz-request-id: 7APN45TVZ6JMF09Z
ETag: "3e607063585222bee4adb7b7b84c1aa3"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 2308
x-amz-id-2: S8F48aIOw4j36901yWFoSa5AELWXGnQbSTtDKQiG4HtMAqVtwJk0LjLjiqErMYREgkck449lKRs=

GET
H2 200 64fe3d055381b1cbfb90.js Show response
secure.actblue.com/cf/assets/app/ 2 MB
453 KB 10ms
9ms Script
application/javascript 151.101.112.174
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.actblue.com/cf/assets/app/64fe3d055381b1cbfb90.js?form_app=us

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.174 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

524d682d2bb3d475f5ba3224b104eee7eb4be54bd4b3f6d74d7197077e84d619

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

:path: /cf/assets/app/64fe3d055381b1cbfb90.js?form_app=us
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: secure.actblue.com
referer: https://secure.actblue.com/donate/bfp-elect-dems-april-2021?refcode=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&amount=1&amounts=1,1,1,1&utm_medium=email&utm_source=an&utm_campaign=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&link_id=16&refcodeEmailReferrer=email_1144221&can_id=b429f0dd987a04c99ffa53903d55e104&email_referrer=email_1144221&email_subject=capture-firstname3-firstname-sanitize-endcapture-team-joe-newsletter-for-if-firstname3-firstname-sanitize-else-you-endif-inside-nil
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://secure.actblue.com/donate/bfp-elect-dems-april-2021?refcode=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&amount=1&amounts=1,1,1,1&utm_medium=email&utm_source=an&utm_campaign=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&link_id=16&refcodeEmailReferrer=email_1144221&can_id=b429f0dd987a04c99ffa53903d55e104&email_referrer=email_1144221&email_subject=capture-firstname3-firstname-sanitize-endcapture-team-joe-newsletter-for-if-firstname3-firstname-sanitize-else-you-endif-inside-nil
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 05:18:36 GMT
via: 1.1 vegur, 1.1 varnish, 1.1 varnish
last-modified: Wed, 14 Apr 2021 15:04:23 GMT
age: 39980
etag: W/"195ad3-178d0e970d8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-start: 2021-04-19 05:18:36.423
set-cookie: skip_prefill_check=true; Secure
cache-control: max-age=31557600, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
content-length: 463736
x-xss-protection: 1; mode=block

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn.mxpnl.com/libs/ 75 KB
25 KB 6ms
6ms Script
text/javascript 2600:1901:0:bc29::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: secure.actblue.com
URL: https://secure.actblue.com/donate/bfp-elect-dems-april-2021?refcode=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&amount=1&amounts=1,1,1,1&utm_medium=email&utm_source=an&utm_campaign=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&link_id=16&refcodeEmailReferrer=email_1144221&can_id=b429f0dd987a04c99ffa53903d55e104&email_referrer=email_1144221&email_subject=capture-firstname3-firstname-sanitize-endcapture-team-joe-newsletter-for-if-firstname3-firstname-sanitize-else-you-endif-inside-nil
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:bc29:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 07bf87548212f24057ba352fed5ec567dab724b44a7fc88ddc393cbc7706d033

Request headers

Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 05:17:16 GMT
content-encoding: gzip
age: 80
x-guploader-uploadid: ABg5-UzOMnZFXNyWz_bz29rU-1kc61HqdNuBc0YfiOL8zmd3LKvHmAq1oJaINx0nRThkKcgLlPAAxoi4aXR4RnIlC9YP5Pm8cw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 25572
last-modified: Thu, 28 Jan 2021 18:21:54 GMT
server: UploadServer
etag: "765779983eed1c9fc2821b4507eea08b"
vary: Accept-Encoding
x-goog-hash: crc32c=kP//+g==, md5=dld5mD7tHJ/CghtFB+6giw==
x-goog-generation: 1611858114590219
access-control-allow-origin: *
cache-control: public,max-age=600
x-goog-stored-content-length: 25572
accept-ranges: bytes
content-type: text/javascript
expires: Mon, 19 Apr 2021 05:27:16 GMT

GET
H/1.1 200
OK 8279006a-6cc7-44c6-932c-36f33505bcd6-background1.png
actblue-indigo-uploads.s3.amazonaws.com/uploads/list-editor/0e953996-997e-4a96-822b-1e6cee392a86-brandings/123727/document_body/background_image_url/ 545 KB
545 KB 446ms
138ms Image
image/png 52.216.29.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://actblue-indigo-uploads.s3.amazonaws.com/uploads/list-editor/0e953996-997e-4a96-822b-1e6cee392a86-brandings/123727/document_body/background_image_url/8279006a-6cc7-44c6-932c-36f33505bcd6-background1.png
Requested by: Host: secure.actblue.com
URL: https://secure.actblue.com/donate/bfp-elect-dems-april-2021?refcode=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&amount=1&amounts=1,1,1,1&utm_medium=email&utm_source=an&utm_campaign=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&link_id=16&refcodeEmailReferrer=email_1144221&can_id=b429f0dd987a04c99ffa53903d55e104&email_referrer=email_1144221&email_subject=capture-firstname3-firstname-sanitize-endcapture-team-joe-newsletter-for-if-firstname3-firstname-sanitize-else-you-endif-inside-nil
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.29.4 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d20f67e754753b9de3e1e3c7f113a78631eef21189dd122a96268335c986753d

Request headers

Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Apr 2021 05:18:37 GMT
Last-Modified: Wed, 07 Apr 2021 18:28:24 GMT
Server: AmazonS3
x-amz-request-id: 7APX3GJ7KRA45KAC
ETag: "b48b68f83e5b39ab3bc5f4b853939b4b"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 557807
x-amz-id-2: +c/tFaGxk66owcToNr6DdapvaGJKbxJoHdKIcpdL7SC1UKtxdT13FnSBL8YE6wNNK7hs5iaZ928=

OPTIONS
H2 200 /
sessions.bugsnag.com/ Frame 0
0 145ms
145ms Preflight 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Origin: https://secure.actblue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
date: Mon, 19 Apr 2021 05:18:36 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

POST
H2 202 / Show response
sessions.bugsnag.com/ 21 B
110 B 143ms
143ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/64fe3d055381b1cbfb90.js?form_app=us
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1
Referer: https://secure.actblue.com/
Bugsnag-Sent-At: 2021-04-19T05:18:36.615Z
Bugsnag-Api-Key: 04c1a9de88bb73e22614162ba813a0b9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Mon, 19 Apr 2021 05:18:36 GMT
via: 1.1 google
bugsnag-session-uuid: db71a56a-41f8-4787-b25d-2b834cce156f
alt-svc: clear
content-length: 21
content-type: application/json

GET
H2 200 datadog-logs.js Show response
www.datadoghq-browser-agent.com/ 32 KB
12 KB 41ms
14ms Script
application/javascript 13.224.94.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.datadoghq-browser-agent.com/datadog-logs.js
Requested by: Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/64fe3d055381b1cbfb90.js?form_app=us
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.94.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-94-226.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a9b1a50d9886cff0084a38e9a2a3105c5f9c1f724b942f7f8c843864ae0f170a

Request headers

Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 05:18:11 GMT
content-encoding: gzip
last-modified: Tue, 13 Apr 2021 13:38:27 GMT
server: AmazonS3
age: 67
etag: W/"09a67c7152e28b72e34f5ae580ae964b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1437ff2cfbc1ea8c7a36e6b0ce6e935a.cloudfront.net (CloudFront)
cache-control: max-age=900, s-maxage=60
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: MlHxHrafgNlCIpzTiU2DSeENLW-fIiTqEIhEH_BA0NCa6atQZ1r06A==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 84 KB
33 KB 14ms
14ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-745767271

Requested by

Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/64fe3d055381b1cbfb90.js?form_app=us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4eb28ff7b08d921855654921cc0e0204b64e893279c9d92d167907cf4e90b861

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 05:18:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34047
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 19 Apr 2021 05:18:36 GMT

GET
H2 200 auth_token Show response
secure.actblue.com/api/cf/ 104 B
424 B 444ms
443ms Fetch
application/json 151.101.112.174
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.actblue.com/api/cf/auth_token

Requested by

Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/64fe3d055381b1cbfb90.js?form_app=us

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.174 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4535b6efac28a885da9702d142b1cda88aa1ea491e46de5ef34c7abf61aabbf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /api/cf/auth_token
pragma: no-cache
cookie: mp_1498bce7991dd9e45621a9bf2dbfa01b_mixpanel=%7B%22distinct_id%22%3A%20%22178e890f1ea5d1-01e91257efdf57-5771e33-1d4c00-178e890f1eb6b9%22%2C%22%24device_id%22%3A%20%22178e890f1ea5d1-01e91257efdf57-5771e33-1d4c00-178e890f1eb6b9%22%2C%22utm_source%22%3A%20%22an%22%2C%22utm_medium%22%3A%20%22email%22%2C%22utm_campaign%22%3A%20%22JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: secure.actblue.com
referer: https://secure.actblue.com/donate/bfp-elect-dems-april-2021?refcode=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&amount=1&amounts=1,1,1,1&utm_medium=email&utm_source=an&utm_campaign=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&link_id=16&refcodeEmailReferrer=email_1144221&can_id=b429f0dd987a04c99ffa53903d55e104&email_referrer=email_1144221&email_subject=capture-firstname3-firstname-sanitize-endcapture-team-joe-newsletter-for-if-firstname3-firstname-sanitize-else-you-endif-inside-nil
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://secure.actblue.com/donate/bfp-elect-dems-april-2021?refcode=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&amount=1&amounts=1,1,1,1&utm_medium=email&utm_source=an&utm_campaign=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&link_id=16&refcodeEmailReferrer=email_1144221&can_id=b429f0dd987a04c99ffa53903d55e104&email_referrer=email_1144221&email_subject=capture-firstname3-firstname-sanitize-endcapture-team-joe-newsletter-for-if-firstname3-firstname-sanitize-else-you-endif-inside-nil
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 05:18:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
status: 200 OK
strict-transport-security: max-age=31536000
content-length: 129
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
x-start: 2021-04-19 05:18:36.711
x-frame-options: SAMEORIGIN
etag: W/"4535b6efac28a885da9702d142b1cda8"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
via: 1.1 varnish
cache-control: no-cache, no-store
set-cookie: _session_id=fbc97693e2661c24cc80c7f2b48c58f8; domain=secure.actblue.com; path=/; expires=Mon, 19 Apr 2021 06:18:37 GMT; secure; HttpOnly
accept-ranges: bytes

GET
H2 200 tracking_code Show response
secure.actblue.com/pages/bfp-elect-dems-april-2021/ Frame 499C 6 KB
3 KB 8ms
8ms Document
text/html 151.101.112.174
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.actblue.com/pages/bfp-elect-dems-april-2021/tracking_code?t=landing&refcode=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&amount=1&amounts=1,1,1,1&utm_medium=email&utm_source=an&utm_campaign=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&link_id=16&refcodeEmailReferrer=email_1144221&can_id=b429f0dd987a04c99ffa53903d55e104&email_referrer=email_1144221&email_subject=capture-firstname3-firstname-sanitize-endcapture-team-joe-newsletter-for-if-firstname3-firstname-sanitize-else-you-endif-inside-nil

Requested by

Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/64fe3d055381b1cbfb90.js?form_app=us

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.174 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

87bc5af52e5379ffe674947e3c39e84d5a4fa98000f6cd7dd9e6449b97713fee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: secure.actblue.com
:scheme: https
:path: /pages/bfp-elect-dems-april-2021/tracking_code?t=landing&refcode=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&amount=1&amounts=1,1,1,1&utm_medium=email&utm_source=an&utm_campaign=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&link_id=16&refcodeEmailReferrer=email_1144221&can_id=b429f0dd987a04c99ffa53903d55e104&email_referrer=email_1144221&email_subject=capture-firstname3-firstname-sanitize-endcapture-team-joe-newsletter-for-if-firstname3-firstname-sanitize-else-you-endif-inside-nil
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://secure.actblue.com/donate/bfp-elect-dems-april-2021?refcode=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&amount=1&amounts=1,1,1,1&utm_medium=email&utm_source=an&utm_campaign=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&link_id=16&refcodeEmailReferrer=email_1144221&can_id=b429f0dd987a04c99ffa53903d55e104&email_referrer=email_1144221&email_subject=capture-firstname3-firstname-sanitize-endcapture-team-joe-newsletter-for-if-firstname3-firstname-sanitize-else-you-endif-inside-nil
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: mp_1498bce7991dd9e45621a9bf2dbfa01b_mixpanel=%7B%22distinct_id%22%3A%20%22178e890f1ea5d1-01e91257efdf57-5771e33-1d4c00-178e890f1eb6b9%22%2C%22%24device_id%22%3A%20%22178e890f1ea5d1-01e91257efdf57-5771e33-1d4c00-178e890f1eb6b9%22%2C%22utm_source%22%3A%20%22an%22%2C%22utm_medium%22%3A%20%22email%22%2C%22utm_campaign%22%3A%20%22JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://secure.actblue.com/donate/bfp-elect-dems-april-2021?refcode=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&amount=1&amounts=1,1,1,1&utm_medium=email&utm_source=an&utm_campaign=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&link_id=16&refcodeEmailReferrer=email_1144221&can_id=b429f0dd987a04c99ffa53903d55e104&email_referrer=email_1144221&email_subject=capture-firstname3-firstname-sanitize-endcapture-team-joe-newsletter-for-if-firstname3-firstname-sanitize-else-you-endif-inside-nil

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store
content-encoding: gzip
etag: W/"87bc5af52e5379ffe674947e3c39e84d"
referrer-policy: strict-origin-when-cross-origin
status: 200 OK
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: ALLOWALL
x-permitted-cross-domain-policies: none
x-robots-tag: noindex, nofollow
accept-ranges: bytes
date: Mon, 19 Apr 2021 05:18:36 GMT
via: 1.1 varnish
age: 176
vary: Accept-Encoding
x-start: 2021-04-19 05:18:36.761
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
content-length: 2670

GET
H2 200 ga.js Show response
secure.actblue.com/cf/static/ 40 KB
16 KB 8ms
8ms Script
application/javascript 151.101.112.174
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.actblue.com/cf/static/ga.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.174 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

653e7cf0591c3856565188ac0fe9b6baa746f318b2cd4f205ac4e08a76edf338

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

:path: /cf/static/ga.js
pragma: no-cache
cookie: mp_1498bce7991dd9e45621a9bf2dbfa01b_mixpanel=%7B%22distinct_id%22%3A%20%22178e890f1ea5d1-01e91257efdf57-5771e33-1d4c00-178e890f1eb6b9%22%2C%22%24device_id%22%3A%20%22178e890f1ea5d1-01e91257efdf57-5771e33-1d4c00-178e890f1eb6b9%22%2C%22utm_source%22%3A%20%22an%22%2C%22utm_medium%22%3A%20%22email%22%2C%22utm_campaign%22%3A%20%22JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: secure.actblue.com
referer: https://secure.actblue.com/donate/bfp-elect-dems-april-2021?refcode=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&amount=1&amounts=1,1,1,1&utm_medium=email&utm_source=an&utm_campaign=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&link_id=16&refcodeEmailReferrer=email_1144221&can_id=b429f0dd987a04c99ffa53903d55e104&email_referrer=email_1144221&email_subject=capture-firstname3-firstname-sanitize-endcapture-team-joe-newsletter-for-if-firstname3-firstname-sanitize-else-you-endif-inside-nil
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://secure.actblue.com/donate/bfp-elect-dems-april-2021?refcode=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&amount=1&amounts=1,1,1,1&utm_medium=email&utm_source=an&utm_campaign=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&link_id=16&refcodeEmailReferrer=email_1144221&can_id=b429f0dd987a04c99ffa53903d55e104&email_referrer=email_1144221&email_subject=capture-firstname3-firstname-sanitize-endcapture-team-joe-newsletter-for-if-firstname3-firstname-sanitize-else-you-endif-inside-nil
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 05:18:36 GMT
via: 1.1 vegur, 1.1 varnish, 1.1 varnish
last-modified: Wed, 14 Apr 2021 14:58:13 GMT
age: 39979
etag: W/"9fe9-178d0e3cb88"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-start: 2021-04-19 05:18:36.766
set-cookie: skip_prefill_check=true; Secure
cache-control: max-age=31557600, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
content-length: 16100
x-xss-protection: 1; mode=block

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ Frame 499C 84 KB
33 KB 25ms
22ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-745767271

Requested by

Host: secure.actblue.com
URL: https://secure.actblue.com/pages/bfp-elect-dems-april-2021/tracking_code?t=landing&refcode=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&amount=1&amounts=1,1,1,1&utm_medium=email&utm_source=an&utm_campaign=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&link_id=16&refcodeEmailReferrer=email_1144221&can_id=b429f0dd987a04c99ffa53903d55e104&email_referrer=email_1144221&email_subject=capture-firstname3-firstname-sanitize-endcapture-team-joe-newsletter-for-if-firstname3-firstname-sanitize-else-you-endif-inside-nil

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4eb28ff7b08d921855654921cc0e0204b64e893279c9d92d167907cf4e90b861

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 05:18:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34047
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 19 Apr 2021 05:18:36 GMT

GET
H2 200 activity;xsp=4659321;ord=1
pubads.g.doubleclick.net/ Frame 499C 42 B
639 B 52ms
29ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;xsp=4659321;ord=1?

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 05:18:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

track
api.retargetly.com/ Frame 499C
Redirect Chain

https://api.retargetly.com/track?t=ziyEjm
https://api.retargetly.com/track?t=ziyEjm&_rlid=1958611f-8e9f-4bd8-a3e4-4210b7d633ad

68 B
350 B

115ms
114ms

Image
image/png

2606:4700:10::6816:108d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.retargetly.com/track?t=ziyEjm&_rlid=1958611f-8e9f-4bd8-a3e4-4210b7d633ad
Requested by: Host: secure.actblue.com
URL: https://secure.actblue.com/pages/bfp-elect-dems-april-2021/tracking_code?t=landing&refcode=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&amount=1&amounts=1,1,1,1&utm_medium=email&utm_source=an&utm_campaign=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&link_id=16&refcodeEmailReferrer=email_1144221&can_id=b429f0dd987a04c99ffa53903d55e104&email_referrer=email_1144221&email_subject=capture-firstname3-firstname-sanitize-endcapture-team-joe-newsletter-for-if-firstname3-firstname-sanitize-else-you-endif-inside-nil
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:108d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 05:18:37 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6423ac58fd532c4a-FRA
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control: no-cache
content-type: image/png
cf-request-id: 098a2a0b9700002c4aabb14000000001
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 19 Apr 2021 05:18:36 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6423ac580c152c4a-FRA
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: /track?t=ziyEjm&_rlid=1958611f-8e9f-4bd8-a3e4-4210b7d633ad
cache-control: no-cache
content-type: application/javascript
cf-request-id: 098a2a0b0500002c4a66aa4000000001
expires: 0

GET
H2 200 /
insight.adsrvr.org/track/pxl/ Frame 499C 70 B
261 B 93ms
31ms Image
image/gif 34.253.179.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=68w2mvf&ct=0:9cxzzse&fmt=3
Requested by: Host: secure.actblue.com
URL: https://secure.actblue.com/pages/bfp-elect-dems-april-2021/tracking_code?t=landing&refcode=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&amount=1&amounts=1,1,1,1&utm_medium=email&utm_source=an&utm_campaign=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&link_id=16&refcodeEmailReferrer=email_1144221&can_id=b429f0dd987a04c99ffa53903d55e104&email_referrer=email_1144221&email_subject=capture-firstname3-firstname-sanitize-endcapture-team-joe-newsletter-for-if-firstname3-firstname-sanitize-else-you-endif-inside-nil
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.179.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-179-128.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 05:18:36 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 499C 92 KB
24 KB 18ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

98e6165f4ca935ed2cd034d3f71ed277bfa1b20b684fb180a7935d2c4b853bf4

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23963
x-fb-rlafr: 0
pragma: public
x-fb-debug: vxqr40/epxC7bIjW/xK9S67JhSFQUHcxeurZJvQk9cUjBeEcsgwf5VjjzfwE995IMV438KXd10p20hSbl96BBA==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Mon, 19 Apr 2021 05:18:36 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ Frame 499C 15 KB
6 KB 7ms
7ms Script
application/javascript 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

63896532a7015ab5b7288359c02124980a5075e9267f0ba3fbfc7c3f5038b478

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Mon, 19 Apr 2021 04:53:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1528
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 5581
x-amz-id-2: O6hLqgysOWk6FBTY8KOjj+BOU4jdHVxCLzroP6md6PqzYMvOe2OaWzcv0V9FSG3im35OIUhcZ0Q=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Sat, 30 Oct 2021 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Thu, 24 Sep 2020 23:08:16 GMT
server: ATS
etag: "49db10c8315384e8dad2e92a6841ed81-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: 7RX739SFQMAV2PCJ
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
x-amz-version-id: swANRqp_TdPZf97XDKuCKoVnrp7c.h.0
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/U5FPgSMjdtEyiVMYXBC3odSDBRVuWKg7/ Frame 499C 350 KB
64 KB 51ms
17ms Script
text/javascript 13.224.100.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/U5FPgSMjdtEyiVMYXBC3odSDBRVuWKg7/analytics.min.js
Requested by: Host: secure.actblue.com
URL: https://secure.actblue.com/pages/bfp-elect-dems-april-2021/tracking_code?t=landing&refcode=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&amount=1&amounts=1,1,1,1&utm_medium=email&utm_source=an&utm_campaign=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&link_id=16&refcodeEmailReferrer=email_1144221&can_id=b429f0dd987a04c99ffa53903d55e104&email_referrer=email_1144221&email_subject=capture-firstname3-firstname-sanitize-endcapture-team-joe-newsletter-for-if-firstname3-firstname-sanitize-else-you-endif-inside-nil
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.100.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-100-80.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d9a77c4bdbd45138bd8f33dffb44c67b91c10e909590f1591f782eb3ce2ce9c8

Request headers

Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: eTd7yfId5_S9hjqKLzokG5O0PQ4biGli
content-encoding: gzip
etag: "4792c8dc47cf7ed9c89bb0293630bb78"
age: 54
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 65283
access-control-allow-origin: *
last-modified: Fri, 16 Apr 2021 00:21:15 GMT
server: AmazonS3
date: Mon, 19 Apr 2021 05:17:43 GMT
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
via: 1.1 d7147e532e5cf73689fcb39fa760bcf3.cloudfront.net (CloudFront)
cache-control: public, max-age=120
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: -D6ShzQgZ2O4_3mtIDUMAR9mK5x2fzjNExc0tACWS6e15e4TJc26Cg==

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.6.1&utms=1&utmn=1715923477&utmhn=secure.actblue.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=A...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-159696-1&cid=308468020.1618809517&jid=701763835&_v=5.6.1&z=1715923477

35 B
100 B

15ms
15ms

Image
image/gif

2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-159696-1&cid=308468020.1618809517&jid=701763835&_v=5.6.1&z=1715923477

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 19 Apr 2021 05:18:36 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 19 Apr 2021 05:18:36 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-159696-1&cid=308468020.1618809517&jid=701763835&_v=5.6.1&z=1715923477
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 367
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 42ms
19ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-745767271

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

bc9d705ee6c02fde87c2069b74221c2172f27d659282a53756f9b3634fab4f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 05:18:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13879
x-xss-protection: 0
server: cafe
etag: 4168474919333271250
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 19 Apr 2021 05:18:36 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 93 KB
37 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-70251-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-745767271

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2161d7267cfac3c4b3f0efc272f9b97f9cf4ec7b2d27ff81c0be7f3dca2bcf2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 05:18:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37394
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 19 Apr 2021 05:18:36 GMT

GET
H2 200 10055824.json Show response
s.yimg.com/wi/config/ Frame 499C 2 B
70 B 7ms
7ms XHR
application/json 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10055824.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 05:17:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 87
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: A5PQGEYT9QV5RZ4K
x-amz-id-2: lnKp+SBysiEaN5ik+V6r+VE46kg+WHcbGtIYCMnyZM/0M0bgzx0agJ5JunWw1yuq8O+wLx3pgF0=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 22

GET
H3-29 200 368391443763157 Show response
connect.facebook.net/signals/config/ Frame 499C 255 KB
72 KB 205ms
205ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/368391443763157?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ae252cfcea9942690822c71e540e0abcab8c5f48f78d41ef2f3d68fb6e2fbf39

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: dcVm6erY6Gc1j791npz6O4uIuQgrctNSQY/qlQDGNheCdNBOQQiVB/NlNdjCD3rsvHofO9CTcMX8mtKWKWla7g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
date: Mon, 19 Apr 2021 05:18:37 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 499C 36 KB
14 KB 22ms
22ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-745767271

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

bc9d705ee6c02fde87c2069b74221c2172f27d659282a53756f9b3634fab4f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 05:18:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13879
x-xss-protection: 0
server: cafe
etag: 4168474919333271250
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 19 Apr 2021 05:18:36 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-70251-1&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 4934
date: Mon, 19 Apr 2021 03:56:22 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19463
expires: Mon, 19 Apr 2021 05:56:22 GMT

POST
H2 200 t Show response
api.segment.io/v1/ Frame 499C 21 B
143 B 535ms
180ms XHR
application/json 44.229.187.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.segment.io/v1/t
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/U5FPgSMjdtEyiVMYXBC3odSDBRVuWKg7/analytics.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.229.187.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-229-187-242.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://secure.actblue.com
date: Mon, 19 Apr 2021 05:18:37 GMT
content-length: 21
vary: Origin
content-type: application/json

POST
H2 200 p Show response
api.segment.io/v1/ Frame 499C 21 B
142 B 525ms
181ms XHR
application/json 44.229.187.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.segment.io/v1/p
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/U5FPgSMjdtEyiVMYXBC3odSDBRVuWKg7/analytics.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.229.187.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-229-187-242.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://secure.actblue.com
date: Mon, 19 Apr 2021 05:18:37 GMT
content-length: 21
vary: Origin
content-type: application/json

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/745767271/ 3 KB
2 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/745767271/?random=1618809516961&cv=9&fst=1618809516961&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa472&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fbfp-elect-dems-april-2021%3Frefcode%3DJB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac%26amount%3D1%26amounts%3D1%2C1%2C1%2C1%26utm_medium%3Demail%26utm_source%3Dan%26utm_campaign%3DJB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac%26link_id%3D16%26refcodeEmailReferrer%3Demail_1144221%26can_id%3Db429f0dd987a04c99ffa53903d55e104%26email_referrer%3Demail_1144221%26email_subject%3Dcapture-firstname3-firstname-sanitize-endcapture-team-joe-newsletter-for-if-firstname3-firstname-sanitize-else-you-endif-inside-nil&tiba=ActBlue&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e722d7b952e4f867e12ea50cb7b7854b5839dfc2e1ec16b84895591615a09234

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 05:18:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1280
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 / Show response
www.googleadservices.com/pagead/conversion/745767271/ 2 KB
1 KB 26ms
24ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/745767271/?random=1618809516965&cv=9&fst=1618809516965&num=1&label=sBrwCPCVnJsBEOeCzuMC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa472&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fbfp-elect-dems-april-2021%3Frefcode%3DJB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac%26amount%3D1%26amounts%3D1%2C1%2C1%2C1%26utm_medium%3Demail%26utm_source%3Dan%26utm_campaign%3DJB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac%26link_id%3D16%26refcodeEmailReferrer%3Demail_1144221%26can_id%3Db429f0dd987a04c99ffa53903d55e104%26email_referrer%3Demail_1144221%26email_subject%3Dcapture-firstname3-firstname-sanitize-endcapture-team-joe-newsletter-for-if-firstname3-firstname-sanitize-else-you-endif-inside-nil&tiba=ActBlue&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

1f5ac36f4ec547c3f1101104de89b563e6fa51c4e161bd50ae6872e37da237ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 05:18:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1386
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 28ms
13ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j89&a=1161707928&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fbfp-elect-dems-april-2021&ul=en-us&de=UTF-8&dt=ActBlue&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=88171332.308468020.1618809517.1618809517.1618809517.1&_utmz=88171332.1618809517.1.1.utmcsr%3Dan%7Cutmccn%3DJB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac%7Cutmcmd%3Demail&_utmht=1618809516994&_u=IQBCAUABAAAAAC~&jid=181473213&gjid=1893651381&cid=308468020.1618809517&tid=UA-70251-1&_gid=747413996.1618809517&_r=1&gtm=2ou472&z=1113304458

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 05:18:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.actblue.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/745767271/ 42 B
108 B 22ms
20ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/745767271/?random=1618809516961&cv=9&fst=1618808400000&num=1&bg=ffffff&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa472&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fbfp-elect-dems-april-2021%3Frefcode%3DJB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac%26amount%3D1%26amounts%3D1%2C1%2C1%2C1%26utm_medium%3Demail%26utm_source%3Dan%26utm_campaign%3DJB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac%26link_id%3D16%26refcodeEmailReferrer%3Demail_1144221%26can_id%3Db429f0dd987a04c99ffa53903d55e104%26email_referrer%3Demail_1144221%26email_subject%3Dcapture-firstname3-firstname-sanitize-endcapture-team-joe-newsletter-for-if-firstname3-firstname-sanitize-else-you-endif-inside-nil&tiba=ActBlue&async=1&fmt=3&is_vtc=1&random=702137398&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 05:18:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/745767271/ 42 B
108 B 21ms
20ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/745767271/?random=1618809516961&cv=9&fst=1618808400000&num=1&bg=ffffff&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa472&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fbfp-elect-dems-april-2021%3Frefcode%3DJB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac%26amount%3D1%26amounts%3D1%2C1%2C1%2C1%26utm_medium%3Demail%26utm_source%3Dan%26utm_campaign%3DJB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac%26link_id%3D16%26refcodeEmailReferrer%3Demail_1144221%26can_id%3Db429f0dd987a04c99ffa53903d55e104%26email_referrer%3Demail_1144221%26email_subject%3Dcapture-firstname3-firstname-sanitize-endcapture-team-joe-newsletter-for-if-firstname3-firstname-sanitize-else-you-endif-inside-nil&tiba=ActBlue&async=1&fmt=3&is_vtc=1&random=702137398&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 05:18:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 30ms
15ms XHR
text/plain 2a00:1450:400c:c0d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-70251-1&cid=308468020.1618809517&jid=181473213&gjid=1893651381&_gid=747413996.1618809517&_u=IQBCAUAAAAAAAC~&z=1744122939

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0d::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 19 Apr 2021 05:18:37 GMT
content-type: text/plain
access-control-allow-origin: https://secure.actblue.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

/
www.google.de/pagead/1p-conversion/745767271/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/745767271/?random=1792393710&cv=9&fst=1618809516965&num=1&label=sBrwCPCVnJsBEOeCzuMC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=250...
https://www.google.com/pagead/1p-conversion/745767271/?random=1792393710&cv=9&fst=1618809516965&num=1&label=sBrwCPCVnJsBEOeCzuMC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=...
https://www.google.de/pagead/1p-conversion/745767271/?random=1792393710&cv=9&fst=1618809516965&num=1&label=sBrwCPCVnJsBEOeCzuMC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1...

42 B
64 B

21ms
20ms

Image
image/gif

2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/745767271/?random=1792393710&cv=9&fst=1618809516965&num=1&label=sBrwCPCVnJsBEOeCzuMC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa472&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fbfp-elect-dems-april-2021%3Frefcode%3DJB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac%26amount%3D1%26amounts%3D1%2C1%2C1%2C1%26utm_medium%3Demail%26utm_source%3Dan%26utm_campaign%3DJB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac%26link_id%3D16%26refcodeEmailReferrer%3Demail_1144221%26can_id%3Db429f0dd987a04c99ffa53903d55e104%26email_referrer%3Demail_1144221%26email_subject%3Dcapture-firstname3-firstname-sanitize-endcapture-team-joe-newsletter-for-if-firstname3-firstname-sanitize-else-you-endif-inside-nil&tiba=ActBlue&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=rBJ9YN3WPNTc3wOhoKrADg&cid=CAQSKQCNIrLMrOo2VmnVBn8fTrv-BTaOq8XniIGZ02ieVv2kif_fjiuVemus&random=3154440716&resp=GooglemKTybQhCsO&ipr=y

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 05:18:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 19 Apr 2021 05:18:37 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/745767271/?random=1792393710&cv=9&fst=1618809516965&num=1&label=sBrwCPCVnJsBEOeCzuMC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa472&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fbfp-elect-dems-april-2021%3Frefcode%3DJB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac%26amount%3D1%26amounts%3D1%2C1%2C1%2C1%26utm_medium%3Demail%26utm_source%3Dan%26utm_campaign%3DJB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac%26link_id%3D16%26refcodeEmailReferrer%3Demail_1144221%26can_id%3Db429f0dd987a04c99ffa53903d55e104%26email_referrer%3Demail_1144221%26email_subject%3Dcapture-firstname3-firstname-sanitize-endcapture-team-joe-newsletter-for-if-firstname3-firstname-sanitize-else-you-endif-inside-nil&tiba=ActBlue&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=rBJ9YN3WPNTc3wOhoKrADg&cid=CAQSKQCNIrLMrOo2VmnVBn8fTrv-BTaOq8XniIGZ02ieVv2kif_fjiuVemus&random=3154440716&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 499C 44 B
409 B 20ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=368391443763157&ev=PageView&dl=https%3A%2F%2Fsecure.actblue.com%2Fpages%2Fbfp-elect-dems-april-2021%2Ftracking_code%3Ft%3Dlanding%26refcode%3DJB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac%26amount%3D1%26amounts%3D1%2C1%2C1%2C1%26utm_medium%3Demail%26utm_source%3Dan%26utm_campaign%3DJB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac%26link_id%3D16%26refcodeEmailReferrer%3Demail_1144221%26can_id%3Db429f0dd987a04c99ffa53903d55e104%26email_referrer%3Demail_1144221%26email_subject%3Dcapture-firstname3-firstname-sanitize-endcapture-team-joe-newsletter-for-if-firstname3-firstname-sanitize-else-you-endif-inside-nil&rl=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fbfp-elect-dems-april-2021%3Frefcode%3DJB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac%26amount%3D1%26amounts%3D1%2C1%2C1%2C1%26utm_medium%3Demail%26utm_source%3Dan%26utm_campaign%3DJB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac%26link_id%3D16%26refcodeEmailReferrer%3Demail_1144221%26can_id%3Db429f0dd987a04c99ffa53903d55e104%26email_referrer%3Demail_1144221%26email_subject%3Dcapture-firstname3-firstname-sanitize-endcapture-team-joe-newsletter-for-if-firstname3-firstname-sanitize-else-you-endif-inside-nil&if=true&ts=1618809517092&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&fbp=fb.1.1618809517090.330966266&it=1618809516848&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 05:18:37 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 19 Apr 2021 05:18:37 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 499C 44 B
213 B 20ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=368391443763157&ev=Lead&dl=https%3A%2F%2Fsecure.actblue.com%2Fpages%2Fbfp-elect-dems-april-2021%2Ftracking_code%3Ft%3Dlanding%26refcode%3DJB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac%26amount%3D1%26amounts%3D1%2C1%2C1%2C1%26utm_medium%3Demail%26utm_source%3Dan%26utm_campaign%3DJB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac%26link_id%3D16%26refcodeEmailReferrer%3Demail_1144221%26can_id%3Db429f0dd987a04c99ffa53903d55e104%26email_referrer%3Demail_1144221%26email_subject%3Dcapture-firstname3-firstname-sanitize-endcapture-team-joe-newsletter-for-if-firstname3-firstname-sanitize-else-you-endif-inside-nil&rl=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fbfp-elect-dems-april-2021%3Frefcode%3DJB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac%26amount%3D1%26amounts%3D1%2C1%2C1%2C1%26utm_medium%3Demail%26utm_source%3Dan%26utm_campaign%3DJB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac%26link_id%3D16%26refcodeEmailReferrer%3Demail_1144221%26can_id%3Db429f0dd987a04c99ffa53903d55e104%26email_referrer%3Demail_1144221%26email_subject%3Dcapture-firstname3-firstname-sanitize-endcapture-team-joe-newsletter-for-if-firstname3-firstname-sanitize-else-you-endif-inside-nil&if=true&ts=1618809517095&sw=1600&sh=1200&v=2.9.39&r=stable&ec=1&o=30&fbp=fb.1.1618809517090.330966266&it=1618809516848&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 05:18:37 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 19 Apr 2021 05:18:37 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 26ms
24ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-70251-1&cid=308468020.1618809517&jid=181473213&_u=IQBCAUAAAAAAAC~&z=457460103

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 05:18:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 25ms
23ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-70251-1&cid=308468020.1618809517&jid=181473213&_u=IQBCAUAAAAAAAC~&z=457460103

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 05:18:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 /
sessions.bugsnag.com/ Frame 0
0 142ms
142ms Preflight 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Origin: https://secure.actblue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
date: Mon, 19 Apr 2021 05:18:37 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

POST
H2 202 / Show response
sessions.bugsnag.com/ 21 B
110 B 143ms
143ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1
Referer: https://secure.actblue.com/
Bugsnag-Sent-At: 2021-04-19T05:18:37.204Z
Bugsnag-Api-Key: 04c1a9de88bb73e22614162ba813a0b9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Mon, 19 Apr 2021 05:18:37 GMT
via: 1.1 google
bugsnag-session-uuid: 0928c4fc-226c-4573-8c98-7b9069c1d303
alt-svc: clear
content-length: 21
content-type: application/json

POST
H2 200 / Show response
api-js.mixpanel.com/track/ 1 B
347 B 52ms
32ms XHR
application/json 107.178.240.159
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.mixpanel.com/track/?ip=1&_=1618809517285

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.178.240.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.240.178.107.bc.googleusercontent.com

Software

envoy /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=604800; includeSubDomains
via: 1.1 google
server: envoy
access-control-allow-headers: X-Requested-With
date: Mon, 19 Apr 2021 05:18:37 GMT
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://secure.actblue.com
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 17
alt-svc: clear
content-length: 1

GET
H2 200 payment_methods.svg
secure.actblue.com/cf/static/ 12 KB
4 KB 8ms
7ms Image
image/svg+xml 151.101.112.174
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.actblue.com/cf/static/payment_methods.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.174 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

99096f106b88e7ccc51d85cdb0004b3a46a0bbe089ed367ae69ef7c2f0be6d9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

:path: /cf/static/payment_methods.svg
pragma: no-cache
cookie: skip_prefill_check=true; mp_1498bce7991dd9e45621a9bf2dbfa01b_mixpanel=%7B%22distinct_id%22%3A%20%22178e890f1ea5d1-01e91257efdf57-5771e33-1d4c00-178e890f1eb6b9%22%2C%22%24device_id%22%3A%20%22178e890f1ea5d1-01e91257efdf57-5771e33-1d4c00-178e890f1eb6b9%22%2C%22utm_source%22%3A%20%22an%22%2C%22utm_medium%22%3A%20%22email%22%2C%22utm_campaign%22%3A%20%22JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; _dd_s=logs=1&id=97edcea8-c8e8-40a5-9b40-c5c7f9593937&created=1618809516798&expire=1618810416798; __utma=88171332.308468020.1618809517.1618809517.1618809517.1; __utmc=88171332; __utmz=88171332.1618809517.1.1.utmcsr=an|utmccn=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac|utmcmd=email; __utmt=1; __utmb=88171332.1.10.1618809517; ajs_anonymous_id=%2286f76c20-f3b6-43fe-a11f-79c246166338%22; _ga=GA1.2.308468020.1618809517; _gid=GA1.2.747413996.1618809517; _gat_gtag_UA_70251_1=1; _fbp=fb.1.1618809517090.330966266; _session_id=fbc97693e2661c24cc80c7f2b48c58f8; ab_token=56b390f9-122b-4d1e-80d7-946e57236f16
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: secure.actblue.com
referer: https://secure.actblue.com/donate/bfp-elect-dems-april-2021?refcode=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&amount=1&amounts=1,1,1,1&utm_medium=email&utm_source=an&utm_campaign=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&link_id=16&refcodeEmailReferrer=email_1144221&can_id=b429f0dd987a04c99ffa53903d55e104&email_referrer=email_1144221&email_subject=capture-firstname3-firstname-sanitize-endcapture-team-joe-newsletter-for-if-firstname3-firstname-sanitize-else-you-endif-inside-nil
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://secure.actblue.com/donate/bfp-elect-dems-april-2021?refcode=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&amount=1&amounts=1,1,1,1&utm_medium=email&utm_source=an&utm_campaign=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&link_id=16&refcodeEmailReferrer=email_1144221&can_id=b429f0dd987a04c99ffa53903d55e104&email_referrer=email_1144221&email_subject=capture-firstname3-firstname-sanitize-endcapture-team-joe-newsletter-for-if-firstname3-firstname-sanitize-else-you-endif-inside-nil
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 05:18:37 GMT
via: 1.1 vegur, 1.1 varnish, 1.1 varnish
last-modified: Wed, 14 Apr 2021 14:58:13 GMT
age: 39982
etag: W/"2f05-178d0e3cb88"
vary: Accept-Encoding
content-type: image/svg+xml
x-start: 2021-04-19 05:18:37.308
set-cookie: skip_prefill_check=true; Secure
cache-control: max-age=31557600, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
content-length: 4421
x-xss-protection: 1; mode=block

GET
H2 200 js Show response
www.paypal.com/sdk/ 287 KB
89 KB 27ms
11ms Script
application/javascript 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&locale=en_US&disable-funding=credit,card&intent=capture&commit=false

Requested by

Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/64fe3d055381b1cbfb90.js?form_app=us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e619c2e5786ff36eb5b18fbf2f2d86e37e5a441ac3aff263405f214f0d87fcd8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-R93v6UUGj/EfxdBQIAKAMMq39BKrJtKWmVrNydzAO3LRW3AQ' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-R93v6UUGj/EfxdBQIAKAMMq39BKrJtKWmVrNydzAO3LRW3AQ' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-R93v6UUGj/EfxdBQIAKAMMq39BKrJtKWmVrNydzAO3LRW3AQ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-R93v6UUGj/EfxdBQIAKAMMq39BKrJtKWmVrNydzAO3LRW3AQ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
age: 215
via: 1.1 varnish
x-cache: HIT
p3p: true
paypal-debug-id: dffb53907e1c5
dc: phx-origin-www-3.paypal.com
vary: Accept-Encoding
content-length: 89577
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4049-HHN
x-timer: S1618809517.368234,VS0,VE2
x-frame-options: SAMEORIGIN
date: Mon, 19 Apr 2021 05:18:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Mon, 19 Apr 2021 06:15:02 GMT
cache-control: public, max-age=3600, s-maxage=10800
etag: W/"15de9-grhzwc1F8GocZjZEbwDiLFL6r7I"
accept-ranges: bytes
x-cache-hits: 1

POST
H2 200 / Show response
api-js.mixpanel.com/track/ 1 B
72 B 32ms
32ms XHR
application/json 107.178.240.159
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.mixpanel.com/track/?ip=1&_=1618809517351

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.178.240.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.240.178.107.bc.googleusercontent.com

Software

envoy /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=604800; includeSubDomains
via: 1.1 google
server: envoy
access-control-allow-headers: X-Requested-With
date: Mon, 19 Apr 2021 05:18:37 GMT
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://secure.actblue.com
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 16
alt-svc: clear
content-length: 1

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ 88 KB
28 KB 73ms
70ms Script
application/javascript 2a00:1450:400c:c07::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/64fe3d055381b1cbfb90.js?form_app=us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a8b8e8ece373b4a6cbb6805e393a0a8b69622bf3f7037f99875f3b659b25542b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6tPHai6f7BCBbsUgbtTUJg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-6tPHai6f7BCBbsUgbtTUJg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 05:18:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private, max-age=600
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-6tPHai6f7BCBbsUgbtTUJg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-6tPHai6f7BCBbsUgbtTUJg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 19 Apr 2021 05:18:37 GMT

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 14 KB
5 KB 9ms
8ms Script
application/x-javascript 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=secure.actblue.com&t=xo&v=5.0.219&source=payments_sdk&client_id=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&vault=false

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&locale=en_US&disable-funding=credit,card&intent=capture&commit=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e18b903813d3e73a4c9dce7489326a7afb3f7ba9574de4dd0c32d153104e3917

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-4p7qMkVgmsJg5gBZ2ozR6VcMp6dcJaicT5PQvj7pWoI5/ewY' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-4p7qMkVgmsJg5gBZ2ozR6VcMp6dcJaicT5PQvj7pWoI5/ewY' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
age: 17347
x-cache: HIT
paypal-debug-id: 6c564c884850c
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 4826
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4049-HHN
x-timer: S1618809517.426702,VS0,VE2
x-frame-options: SAMEORIGIN
date: Mon, 19 Apr 2021 05:18:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/x-javascript; charset=utf-8
via: 1.1 varnish
cache-control: public, max-age=3600
etag: W/"361e-f5Jshfx2cXXFuQtTBjcM8GmvARE"
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 buttons Show response
www.paypal.com/smart/ Frame D561 240 KB
102 KB 238ms
238ms Document
text/html 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=44&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UiLCJhdHRycyI6eyJkYXRhLXVpZCI6IjdmYTBjMWYwZTZfbWR1Nm10ZzZtemMifX0&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&sdkCorrelationID=6cdf008c22079&storageID=813b1f9192_mdu6mtg6mzc&sessionID=7ddcae5001_mdu6mtg6mzc&buttonSessionID=72478e1002_mdu6mtg6mzc&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsiZmxleCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlfX19LCJjYXJkIjp7ImVsaWdpYmxlIjpmYWxzZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19fSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6dHJ1ZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX19&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&disableFunding.0=credit&disableFunding.1=card&supportsPopups=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5c2f70475547c40df31431ec0f4edb98d82fac9565c1d13bfe96a76f904dcb40

Security Headers

Name	Value
Content-Security-Policy	form-action 'self' https://.paypal.com https://.cardinalcommerce.com; default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com: https://.paypalobjects.com https://.googleapis.com https://.firebaseio.com wss://.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://.qualtrics.com; frame-src 'self' https://.paypal.com:* https://.paypalobjects.com https://.cardinalcommerce.com https://.firebaseapp.com https://.qualtrics.com; script-src 'self' https://.paypal.com: https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://.paypal.com:* https://.paypalobjects.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.paypal.com
:scheme: https
:path: /smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=44&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UiLCJhdHRycyI6eyJkYXRhLXVpZCI6IjdmYTBjMWYwZTZfbWR1Nm10ZzZtemMifX0&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&sdkCorrelationID=6cdf008c22079&storageID=813b1f9192_mdu6mtg6mzc&sessionID=7ddcae5001_mdu6mtg6mzc&buttonSessionID=72478e1002_mdu6mtg6mzc&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsiZmxleCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlfX19LCJjYXJkIjp7ImVsaWdpYmxlIjpmYWxzZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19fSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6dHJ1ZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX19&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&disableFunding.0=credit&disableFunding.1=card&supportsPopups=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://secure.actblue.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://secure.actblue.com/

Response headers

cache-control: max-age=0, no-cache, no-store, must-revalidate
content-disposition: inline
content-security-policy: form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
etag: W/"3be20-qhZycaDIs7vLDnr+SNLeuu1lw14"
p3p: true
paypal-debug-id: 3f9547fd27bdc
set-cookie: tsrce=smartcomponentnodeweb; Domain=.paypal.com; Path=/; Expires=Thu, 22 Apr 2021 05:18:37 GMT; HttpOnly; Secure; SameSite=None l7_az=dcg15.slc; Path=/; Domain=paypal.com; Expires=Mon, 19 Apr 2021 05:48:37 GMT; HttpOnly; Secure; SameSite=None ts=vreXpYrS%3D1713503917%26vteXpYrS%3D1618811317%26vr%3De890f6111780a7805ba1bef1f9f1443b%26vt%3De890f6111780a7805ba1bef1f9f1443a%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Thu, 18 Apr 2024 05:18:37 GMT; HttpOnly; Secure; SameSite=None ts_c=vr%3De890f6111780a7805ba1bef1f9f1443b%26vt%3De890f6111780a7805ba1bef1f9f1443a; Path=/; Domain=paypal.com; Expires=Thu, 18 Apr 2024 05:18:37 GMT; Secure; SameSite=None x-cdn=fastly:HHN; Domain=paypal.com; Path=/; Secure
x-content-type-options: nosniff
x-csrf-jwt: __blank__
x-xss-protection: 1; mode=block
dc: ccg11-origin-www-1.paypal.com
accept-ranges: none
date: Mon, 19 Apr 2021 05:18:37 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn4049-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1618809517.496362,VS0,VE230
vary: Accept-Encoding
content-encoding: br

GET
DATA 200
OK truncated
/ Frame 3E7D 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 3E7D 9 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0d38886fe77a4f965380f314f56745ee497d565a4918afb98fc0f8823de25b6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 muse.js Show response
www.paypalobjects.com/muse/ 66 KB
18 KB 23ms
7ms Script
application/javascript 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/muse.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=secure.actblue.com&t=xo&v=5.0.219&source=payments_sdk&client_id=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&vault=false

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

4a13970158327ddd25459421c79fa7af53822e4b4d9cd8efb1395a91122676c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 05:18:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 30 Mar 2021 17:54:56 GMT
etag: W/"606365f0-1081a"
surrogate-control: max-age=31536000
vary: Accept-Encoding
content-type: application/javascript
paypal-debug-id: b4c5116016d86
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=31536000
dc: phx-origin-www-1.paypal.com
content-length: 17886
expires: Mon, 19 Apr 2021 05:18:37 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
677 B 174ms
158ms Image
image/gif 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3ANGJ83G9Z8QXZ8-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3ANGJ83G9Z8QXZ8-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=fe4dca86-323c-4442-b2a6-6bd13ac56ad7&fltp=analytics&mrid=NGJ83G9Z8QXZ8&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Democratic%20National%20Committee%20(DNC)%20%E2%80%94%20Donate%20via%20ActBlue&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&rosetta_language=en-US&e=im&t=1618809517506&g=-120&completeurl=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fbfp-elect-dems-april-2021%3Frefcode%3DJB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac%26amount%3D1%26amounts%3D1%252C1%252C1%252C1%26utm_medium%3Demail%26utm_source%3Dan%26utm_campaign%3DJB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac%26link_id%3D16%26refcodeEmailReferrer%3Demail_1144221%26can_id%3Db429f0dd987a04c99ffa53903d55e104%26email_referrer%3Demail_1144221%26email_subject%3Dcapture-firstname3-firstname-sanitize-endcapture-team-joe-newsletter-for-if-firstname3-firstname-sanitize-else-you-endif-inside-nil
Requested by: Host: secure.actblue.com
URL: https://secure.actblue.com/donate/bfp-elect-dems-april-2021?refcode=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&amount=1&amounts=1%2C1%2C1%2C1&utm_medium=email&utm_source=an&utm_campaign=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&link_id=16&refcodeEmailReferrer=email_1144221&can_id=b429f0dd987a04c99ffa53903d55e104&email_referrer=email_1144221&email_subject=capture-firstname3-firstname-sanitize-endcapture-team-joe-newsletter-for-if-firstname3-firstname-sanitize-else-you-endif-inside-nil
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: akka-http/10.1.11 /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 05:18:37 GMT
via: 1.1 varnish
server: akka-http/10.1.11
x-timer: S1618809518.526798,VS0,VE151
x-cache: MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
http_x_pp_az_locator: slca.slc
expires: Mon, 19 Apr 2021 05:18:37 GMT
cache-control: no-cache, no-store, max-age=0, no-transform
x-cache-hits: 0
accept-ranges: bytes
content-type: image/gif
content-length: 42
x-served-by: cache-hhn4060-HHN

GET
H3-29 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 52A2 20 KB
8 KB 209ms
207ms Document
text/html 2a00:1450:400c:c07::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fsecure.actblue.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

da62c8243a9f996c4947b72585190791acae0394483f044e01d21327a7562957

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0euNBk9cF55BJ+Uv49KOrA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-0euNBk9cF55BJ+Uv49KOrA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pay.google.com
:scheme: https
:path: /gp/p/ui/payframe?origin=https%3A%2F%2Fsecure.actblue.com&mid=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://secure.actblue.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=213=QBhaYKkD8zrLF51V0mZghvG3ovqtXiRZLol8-M7m1kQRtvFI5Rc3Ph3PFdiCaFTqrgnstNwhO-KYjq0v3PV2HUx2ch-ziXcHKRuk1C5TjFjqm2QHysevUtA5T-XElg9_KSCuekbeAlR0ISJrAlcZfY8ZM9WcA-MFgpSJTzmA_gk
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://secure.actblue.com/

Response headers

content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
expires: Mon, 19 Apr 2021 05:18:37 GMT
date: Mon, 19 Apr 2021 05:18:37 GMT
cache-control: private, max-age=3600
strict-transport-security: max-age=31536000
cross-origin-resource-policy: same-site
content-security-policy: script-src 'report-sample' 'nonce-0euNBk9cF55BJ+Uv49KOrA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-0euNBk9cF55BJ+Uv49KOrA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 / Show response
api-js.mixpanel.com/track/ 1 B
70 B 24ms
24ms XHR
application/json 107.178.240.159
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.mixpanel.com/track/?ip=1&_=1618809517526

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.178.240.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.240.178.107.bc.googleusercontent.com

Software

envoy /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=604800; includeSubDomains
via: 1.1 google
server: envoy
access-control-allow-headers: X-Requested-With
date: Mon, 19 Apr 2021 05:18:37 GMT
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://secure.actblue.com
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 9
alt-svc: clear
content-length: 1

POST
H2 200 / Show response
api-js.mixpanel.com/track/ 1 B
70 B 21ms
21ms XHR
application/json 107.178.240.159
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.mixpanel.com/track/?ip=1&_=1618809517528

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.178.240.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.240.178.107.bc.googleusercontent.com

Software

envoy /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=604800; includeSubDomains
via: 1.1 google
server: envoy
access-control-allow-headers: X-Requested-With
date: Mon, 19 Apr 2021 05:18:37 GMT
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://secure.actblue.com
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 6
alt-svc: clear
content-length: 1

GET
H2 200 index.html Show response
www.paypalobjects.com/muse/analytics/ Frame A313 291 KB
91 KB 12ms
12ms Document
text/html 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/analytics/index.html?frameId=bd32beaf-bcbb-4b52-858e-20ec8ab9d79d&propertyId=NGJ83G9Z8QXZ8-1&flow=visitor-info&variant=analytics&mrid=NGJ83G9Z8QXZ8&isMobileEnabled=true&isDesktopEnabled=true&shouldCheckCountry=true&mobileVariant=analytics&mobileFlow=visitor-info

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

a67735aa5b579aa63a3e5ff7ce82e8d94c09d56849c15ef1849827097c3ff239

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: www.paypalobjects.com
:scheme: https
:path: /muse/analytics/index.html?frameId=bd32beaf-bcbb-4b52-858e-20ec8ab9d79d&propertyId=NGJ83G9Z8QXZ8-1&flow=visitor-info&variant=analytics&mrid=NGJ83G9Z8QXZ8&isMobileEnabled=true&isDesktopEnabled=true&shouldCheckCountry=true&mobileVariant=analytics&mobileFlow=visitor-info
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://secure.actblue.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://secure.actblue.com/

Response headers

content-encoding: gzip
content-type: text/html
etag: W/"606365ef-48b64"
last-modified: Tue, 30 Mar 2021 17:54:55 GMT
paypal-debug-id: b5f21d0b5157f
surrogate-control: max-age=31536000
dc: phx-origin-www-2.paypal.com
expires: Mon, 19 Apr 2021 05:18:37 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 19 Apr 2021 05:18:37 GMT
content-length: 92325
vary: Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31536000

GET
H2 200 noop.js Show response
www.paypalobjects.com/muse/ Frame A313 18 B
352 B 8ms
7ms Fetch
application/javascript 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/noop.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html?frameId=bd32beaf-bcbb-4b52-858e-20ec8ab9d79d&propertyId=NGJ83G9Z8QXZ8-1&flow=visitor-info&variant=analytics&mrid=NGJ83G9Z8QXZ8&isMobileEnabled=true&isDesktopEnabled=true&shouldCheckCountry=true&mobileVariant=analytics&mobileFlow=visitor-info

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypalobjects.com/muse/analytics/index.html?frameId=bd32beaf-bcbb-4b52-858e-20ec8ab9d79d&propertyId=NGJ83G9Z8QXZ8-1&flow=visitor-info&variant=analytics&mrid=NGJ83G9Z8QXZ8&isMobileEnabled=true&isDesktopEnabled=true&shouldCheckCountry=true&mobileVariant=analytics&mobileFlow=visitor-info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 05:18:37 GMT
x-content-type-options: nosniff
surrogate-control: max-age=31536000
paypal-debug-id: 1a82e8f517fa8
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 18
x-client-location: DE
pragma: no-cache
last-modified: Thu, 04 Feb 2021 18:25:25 GMT
etag: "601c3c15-12"
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Mon, 19 Apr 2021 05:18:37 GMT

GET
H2 200 f128337a782009724447.chunk.js Show response
www.paypalobjects.com/muse/analytics/chunk/ Frame A313 86 KB
25 KB 8ms
8ms Script
application/javascript 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/analytics/chunk/f128337a782009724447.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

abdf0f23863f1c13dfcdedf7262f78336c07dc5aa73f35d974d5d1da7decf601

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypalobjects.com/muse/analytics/index.html?frameId=bd32beaf-bcbb-4b52-858e-20ec8ab9d79d&propertyId=NGJ83G9Z8QXZ8-1&flow=visitor-info&variant=analytics&mrid=NGJ83G9Z8QXZ8&isMobileEnabled=true&isDesktopEnabled=true&shouldCheckCountry=true&mobileVariant=analytics&mobileFlow=visitor-info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 05:18:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 30 Mar 2021 17:54:55 GMT
etag: W/"606365ef-158c0"
surrogate-control: max-age=31536000
vary: Accept-Encoding
content-type: application/javascript
paypal-debug-id: 7451673d2338f
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=31536000
dc: ccg11-origin-www-1.paypal.com
content-length: 25677
expires: Mon, 19 Apr 2021 05:18:37 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
113 B 166ms
165ms Image
image/gif 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3ANGJ83G9Z8QXZ8-1&page=muse%3Aoffer%3A%3A%3ANGJ83G9Z8QXZ8-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=fe4dca86-323c-4442-b2a6-6bd13ac56ad7&es=visitorInfoFlowStarted&mrid=NGJ83G9Z8QXZ8&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Democratic%20National%20Committee%20(DNC)%20%E2%80%94%20Donate%20via%20ActBlue&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&rosetta_language=en-US&e=im&t=1618809517685&g=-120&completeurl=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fbfp-elect-dems-april-2021%3Frefcode%3DJB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac%26amount%3D1%26amounts%3D1%252C1%252C1%252C1%26utm_medium%3Demail%26utm_source%3Dan%26utm_campaign%3DJB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac%26link_id%3D16%26refcodeEmailReferrer%3Demail_1144221%26can_id%3Db429f0dd987a04c99ffa53903d55e104%26email_referrer%3Demail_1144221%26email_subject%3Dcapture-firstname3-firstname-sanitize-endcapture-team-joe-newsletter-for-if-firstname3-firstname-sanitize-else-you-endif-inside-nil
Requested by: Host: secure.actblue.com
URL: https://secure.actblue.com/donate/bfp-elect-dems-april-2021?refcode=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&amount=1&amounts=1%2C1%2C1%2C1&utm_medium=email&utm_source=an&utm_campaign=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&link_id=16&refcodeEmailReferrer=email_1144221&can_id=b429f0dd987a04c99ffa53903d55e104&email_referrer=email_1144221&email_subject=capture-firstname3-firstname-sanitize-endcapture-team-joe-newsletter-for-if-firstname3-firstname-sanitize-else-you-endif-inside-nil
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: akka-http/10.1.11 /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 05:18:37 GMT
via: 1.1 varnish
server: akka-http/10.1.11
x-timer: S1618809518.690103,VS0,VE155
x-cache: MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
http_x_pp_az_locator: slcb.slc
expires: Mon, 19 Apr 2021 05:18:37 GMT
cache-control: no-cache, no-store, max-age=0, no-transform
x-cache-hits: 0
accept-ranges: bytes
content-type: image/gif
content-length: 42
x-served-by: cache-hhn4060-HHN

OPTIONS
H2 204 graphql
www.paypal.com/targeting/ Frame 0
0 490ms
475ms Preflight 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql

Protocol

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id: 70c1a56c260e8
dc: ccg11-origin-www-1.paypal.com
accept-ranges: bytes
date: Mon, 19 Apr 2021 05:18:37 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn4048-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1618809518.709340,VS0,VE178

POST
H2 200 graphql Show response
www.paypal.com/targeting/ Frame A313 433 B
2 KB 314ms
306ms Fetch
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/chunk/f128337a782009724447.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d63fb40b7ed66eebc669db26606cc52ec3b4c5b7e7a914d9bd888de2ad811b1a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; img-src 'self' https:; script-src 'nonce-NksJ17DQodKJxXVceNVFtMCssSNGMUXZxJNF41bJMu8NWLBr' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; object-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypalobjects.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-NksJ17DQodKJxXVceNVFtMCssSNGMUXZxJNF41bJMu8NWLBr' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'
via: 1.1 varnish
vary: Accept-Encoding
x-cache: MISS
paypal-debug-id: ebdc1d00d56f
date: Mon, 19 Apr 2021 05:18:38 GMT
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4049-HHN
x-timer: S1618809518.193499,VS0,VE300
x-frame-options: SAMEORIGIN
etag: W/"1b1-+mHP/4iAu42ltIe26+aGq/S7PMw"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypalobjects.com
content-encoding: br
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Zt82Y2Xd8-w.es5.O/am=AkA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ct=zgms/rs=AM... Frame 52A2 139 KB
49 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Zt82Y2Xd8-w.es5.O/am=AkA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ct=zgms/rs=AMitfrg0wgBNMa6BuIHWDujSWwKp43L_OA/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fsecure.actblue.com&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

087b7c40e29fc67151684cd8873bf95bc3140645a02ea532883d6afc26837429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 16:31:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 16 Apr 2021 04:25:08 GMT
server: sffe
age: 218815
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50265
x-xss-protection: 0
expires: Sat, 16 Apr 2022 16:31:42 GMT

GET
H2 200 js Show response
www.paypal.com/sdk/ Frame D561 287 KB
88 KB 9ms
8ms Script
application/javascript 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&locale=en_US&disable-funding=credit,card&intent=capture&commit=false

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=44&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UiLCJhdHRycyI6eyJkYXRhLXVpZCI6IjdmYTBjMWYwZTZfbWR1Nm10ZzZtemMifX0&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&sdkCorrelationID=6cdf008c22079&storageID=813b1f9192_mdu6mtg6mzc&sessionID=7ddcae5001_mdu6mtg6mzc&buttonSessionID=72478e1002_mdu6mtg6mzc&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsiZmxleCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlfX19LCJjYXJkIjp7ImVsaWdpYmxlIjpmYWxzZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19fSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6dHJ1ZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX19&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&disableFunding.0=credit&disableFunding.1=card&supportsPopups=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e619c2e5786ff36eb5b18fbf2f2d86e37e5a441ac3aff263405f214f0d87fcd8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-R93v6UUGj/EfxdBQIAKAMMq39BKrJtKWmVrNydzAO3LRW3AQ' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-R93v6UUGj/EfxdBQIAKAMMq39BKrJtKWmVrNydzAO3LRW3AQ' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=44&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UiLCJhdHRycyI6eyJkYXRhLXVpZCI6IjdmYTBjMWYwZTZfbWR1Nm10ZzZtemMifX0&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&sdkCorrelationID=6cdf008c22079&storageID=813b1f9192_mdu6mtg6mzc&sessionID=7ddcae5001_mdu6mtg6mzc&buttonSessionID=72478e1002_mdu6mtg6mzc&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsiZmxleCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlfX19LCJjYXJkIjp7ImVsaWdpYmxlIjpmYWxzZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19fSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6dHJ1ZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX19&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&disableFunding.0=credit&disableFunding.1=card&supportsPopups=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-R93v6UUGj/EfxdBQIAKAMMq39BKrJtKWmVrNydzAO3LRW3AQ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-R93v6UUGj/EfxdBQIAKAMMq39BKrJtKWmVrNydzAO3LRW3AQ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
age: 215
via: 1.1 varnish
x-cache: HIT
p3p: true
paypal-debug-id: dffb53907e1c5
dc: phx-origin-www-3.paypal.com
vary: Accept-Encoding
content-length: 89577
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4049-HHN
x-timer: S1618809518.756588,VS0,VE1
x-frame-options: SAMEORIGIN
date: Mon, 19 Apr 2021 05:18:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Mon, 19 Apr 2021 06:15:02 GMT
cache-control: public, max-age=3600, s-maxage=10800
etag: W/"15de9-grhzwc1F8GocZjZEbwDiLFL6r7I"
accept-ranges: bytes
x-cache-hits: 2

GET
DATA 200
OK truncated
/ Frame D561 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D561 9 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0d38886fe77a4f965380f314f56745ee497d565a4918afb98fc0f8823de25b6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 m=byfTOb,lsjVmc,LEikZe Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Zt82Y2Xd8-w.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.4pb... Frame 52A2 36 KB
13 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Zt82Y2Xd8-w.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.4pbFXAv4R5s.L.B1.O/am=AkA/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ct=zgms/rs=AMitfrg0z72fELEHn_-C7-_NEBvgZXr_lw/m=byfTOb,lsjVmc,LEikZe

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Zt82Y2Xd8-w.es5.O/am=AkA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ct=zgms/rs=AMitfrg0wgBNMa6BuIHWDujSWwKp43L_OA/m=_b,_tp

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e88486dd7c778c33d85cd4ffe10740da6bbcc4e54464915fe1876abc08543066

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 04:17:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 15 Apr 2021 22:57:36 GMT
server: sffe
age: 90057
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13447
x-xss-protection: 0
expires: Mon, 18 Apr 2022 04:17:40 GMT

GET
H3-29 200 m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,NpD4ec,Y2UGcc,SF3gsd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Zt82Y2Xd8-w.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.4pb... Frame 52A2 72 KB
26 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Zt82Y2Xd8-w.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.4pbFXAv4R5s.L.B1.O/am=AkA/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,payframeview/ed=1/wt=2/ct=zgms/rs=AMitfrg0z72fELEHn_-C7-_NEBvgZXr_lw/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,NpD4ec,Y2UGcc,SF3gsd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Zt82Y2Xd8-w.es5.O/am=AkA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ct=zgms/rs=AMitfrg0wgBNMa6BuIHWDujSWwKp43L_OA/m=_b,_tp

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47dd329de638a25ee9735044dc70a1cc3f3c34a7e09dc1e414f2a2421cec8b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 17:34:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 15 Apr 2021 22:57:36 GMT
server: sffe
age: 215026
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26790
x-xss-protection: 0
expires: Sat, 16 Apr 2022 17:34:51 GMT

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ Frame 52A2 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Zt82Y2Xd8-w.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.4pbFXAv4R5s.L.B1.O/am=AkA/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,payframeview/ed=1/wt=2/ct=zgms/rs=AMitfrg0z72fELEHn_-C7-_NEBvgZXr_lw/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,NpD4ec,Y2UGcc,SF3gsd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 4935
date: Mon, 19 Apr 2021 03:56:22 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19463
expires: Mon, 19 Apr 2021 05:56:22 GMT

GET
H3-29 200 pay Show response
pay.google.com/gp/p/ui/ Frame 52A2 1 MB
346 KB 345ms
344ms XHR
text/html 2a00:1450:400c:c07::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Zt82Y2Xd8-w.es5.O/am=AkA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ct=zgms/rs=AMitfrg0wgBNMa6BuIHWDujSWwKp43L_OA/m=_b,_tp

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e5882dac211da462d489c82118f7ed910d962beac5b8aa68d1897e7c672f6431

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PsD9fq94v6esOpxEKrDCNA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-PsD9fq94v6esOpxEKrDCNA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: DENY
date: Mon, 19 Apr 2021 05:18:37 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
expires: Mon, 19 Apr 2021 05:18:37 GMT
cache-control: private, max-age=3600
cross-origin-resource-policy: same-site
content-security-policy: script-src 'report-sample' 'nonce-PsD9fq94v6esOpxEKrDCNA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-PsD9fq94v6esOpxEKrDCNA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 321ms
321ms Preflight
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Mon, 19 Apr 2021 05:18:37 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 19 Apr 2021 05:18:37 GMT
cache-control: private

POST
H3-29 200 log Show response
play.google.com/ Frame 52A2 131 B
154 B 58ms
40ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Zt82Y2Xd8-w.es5.O/am=AkA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ct=zgms/rs=AMitfrg0wgBNMa6BuIHWDujSWwKp43L_OA/m=_b,_tp

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 19 Apr 2021 05:18:38 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Mon, 19 Apr 2021 05:18:38 GMT

OPTIONS
H3-29 200 log
play.google.com/ Frame 0
0 46ms
45ms Preflight
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

H3-29

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Mon, 19 Apr 2021 05:18:38 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 19 Apr 2021 05:18:38 GMT
cache-control: private

POST
H3-29 200 log Show response
play.google.com/ Frame 52A2 131 B
154 B 40ms
40ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Zt82Y2Xd8-w.es5.O/am=AkA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ct=zgms/rs=AMitfrg0wgBNMa6BuIHWDujSWwKp43L_OA/m=_b,_tp

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 19 Apr 2021 05:18:38 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Mon, 19 Apr 2021 05:18:38 GMT

POST
H3-29 200 log Show response
play.google.com/ Frame 52A2 131 B
154 B 44ms
40ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Zt82Y2Xd8-w.es5.O/am=AkA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ct=zgms/rs=AMitfrg0wgBNMa6BuIHWDujSWwKp43L_OA/m=_b,_tp

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 19 Apr 2021 05:18:38 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Mon, 19 Apr 2021 05:18:38 GMT

OPTIONS
H3-29 200 log
play.google.com/ Frame 0
0 39ms
39ms Preflight
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

H3-29

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Mon, 19 Apr 2021 05:18:38 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 19 Apr 2021 05:18:38 GMT
cache-control: private

POST
H3-29 200 log Show response
play.google.com/ Frame 52A2 131 B
154 B 40ms
39ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Zt82Y2Xd8-w.es5.O/am=AkA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ct=zgms/rs=AMitfrg0wgBNMa6BuIHWDujSWwKp43L_OA/m=_b,_tp

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 19 Apr 2021 05:18:38 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Mon, 19 Apr 2021 05:18:38 GMT

OPTIONS
H3-29 200 log
play.google.com/ Frame 0
0 38ms
38ms Preflight
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

H3-29

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Mon, 19 Apr 2021 05:18:38 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 19 Apr 2021 05:18:38 GMT
cache-control: private

POST
H3-29 200 log Show response
play.google.com/ Frame 52A2 131 B
154 B 40ms
40ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Zt82Y2Xd8-w.es5.O/am=AkA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ct=zgms/rs=AMitfrg0wgBNMa6BuIHWDujSWwKp43L_OA/m=_b,_tp

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 19 Apr 2021 05:18:38 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Mon, 19 Apr 2021 05:18:38 GMT

OPTIONS
H3-29 200 log
play.google.com/ Frame 0
0 38ms
37ms Preflight
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

H3-29

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Mon, 19 Apr 2021 05:18:38 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 19 Apr 2021 05:18:38 GMT
cache-control: private

OPTIONS
H3-29 200 log
play.google.com/ Frame 0
0 38ms
38ms Preflight
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

H3-29

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Mon, 19 Apr 2021 05:18:38 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 19 Apr 2021 05:18:38 GMT
cache-control: private

POST
H3-29 200 log Show response
play.google.com/ Frame 52A2 131 B
154 B 39ms
39ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Zt82Y2Xd8-w.es5.O/am=AkA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ct=zgms/rs=AMitfrg0wgBNMa6BuIHWDujSWwKp43L_OA/m=_b,_tp

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 19 Apr 2021 05:18:38 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Mon, 19 Apr 2021 05:18:38 GMT

GET
H3-29 200 m=Wt6vjf,_latency,FCpbqb,WhJNk,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Zt82Y2Xd8-w.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.4pb... Frame 52A2 25 KB
10 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Zt82Y2Xd8-w.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.4pbFXAv4R5s.L.B1.O/am=AkA/d=1/exm=Das5Le,IZT63,LEikZe,NpD4ec,PrPYRd,Ru0Pgb,SF3gsd,Y2UGcc,ZyYHPb,_b,_tp,byfTOb,hc6Ubd,lsjVmc,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/ed=1/wt=2/ct=zgms/rs=AMitfrg0z72fELEHn_-C7-_NEBvgZXr_lw/m=Wt6vjf,_latency,FCpbqb,WhJNk,EFQ78c

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Zt82Y2Xd8-w.es5.O/am=AkA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ct=zgms/rs=AMitfrg0wgBNMa6BuIHWDujSWwKp43L_OA/m=_b,_tp

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f8a983dde33bfe03e715655036b7e60d0d787a6cd431aa94ae0191f87ac3f47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 17:34:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 15 Apr 2021 22:57:36 GMT
server: sffe
age: 215023
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10233
x-xss-protection: 0
expires: Sat, 16 Apr 2022 17:34:55 GMT

GET
H3-29 200 m=lwddkf Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Zt82Y2Xd8-w.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.4pb... Frame 52A2 260 B
191 B 12ms
6ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Zt82Y2Xd8-w.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.4pbFXAv4R5s.L.B1.O/am=AkA/d=1/exm=Das5Le,EFQ78c,FCpbqb,IZT63,LEikZe,NpD4ec,PrPYRd,Ru0Pgb,SF3gsd,WhJNk,Wt6vjf,Y2UGcc,ZyYHPb,_b,_latency,_tp,byfTOb,hc6Ubd,lsjVmc,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/ed=1/wt=2/ct=zgms/rs=AMitfrg0z72fELEHn_-C7-_NEBvgZXr_lw/m=lwddkf

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Zt82Y2Xd8-w.es5.O/am=AkA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ct=zgms/rs=AMitfrg0wgBNMa6BuIHWDujSWwKp43L_OA/m=_b,_tp

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26b6a29d18339a5cf68bc6d4e17b6a52c2f0de7cbe79ea9d74a4886e57995561

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 17:34:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 15 Apr 2021 22:57:36 GMT
server: sffe
age: 215023
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 168
x-xss-protection: 0
expires: Sat, 16 Apr 2022 17:34:55 GMT

POST
H2 200 trackables Show response
secure.actblue.com/ 0
356 B 468ms
467ms Fetch
text/html 151.101.112.174
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.actblue.com/trackables

Requested by

Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/64fe3d055381b1cbfb90.js?form_app=us

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.174 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://secure.actblue.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: mp_1498bce7991dd9e45621a9bf2dbfa01b_mixpanel=%7B%22distinct_id%22%3A%20%22178e890f1ea5d1-01e91257efdf57-5771e33-1d4c00-178e890f1eb6b9%22%2C%22%24device_id%22%3A%20%22178e890f1ea5d1-01e91257efdf57-5771e33-1d4c00-178e890f1eb6b9%22%2C%22utm_source%22%3A%20%22an%22%2C%22utm_medium%22%3A%20%22email%22%2C%22utm_campaign%22%3A%20%22JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; _dd_s=logs=1&id=97edcea8-c8e8-40a5-9b40-c5c7f9593937&created=1618809516798&expire=1618810416798; __utma=88171332.308468020.1618809517.1618809517.1618809517.1; __utmc=88171332; __utmz=88171332.1618809517.1.1.utmcsr=an|utmccn=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac|utmcmd=email; __utmt=1; __utmb=88171332.1.10.1618809517; ajs_anonymous_id=%2286f76c20-f3b6-43fe-a11f-79c246166338%22; _ga=GA1.2.308468020.1618809517; _gid=GA1.2.747413996.1618809517; _gat_gtag_UA_70251_1=1; _fbp=fb.1.1618809517090.330966266; _session_id=fbc97693e2661c24cc80c7f2b48c58f8; ab_token=56b390f9-122b-4d1e-80d7-946e57236f16
content-length: 132
:path: /trackables
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json; charset=utf-8
accept: */*
cache-control: no-cache
:authority: secure.actblue.com
referer: https://secure.actblue.com/donate/bfp-elect-dems-april-2021?refcode=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&amount=1&amounts=1%2C1%2C1%2C1&utm_medium=email&utm_source=an&utm_campaign=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&link_id=16&refcodeEmailReferrer=email_1144221&can_id=b429f0dd987a04c99ffa53903d55e104&email_referrer=email_1144221&email_subject=capture-firstname3-firstname-sanitize-endcapture-team-joe-newsletter-for-if-firstname3-firstname-sanitize-else-you-endif-inside-nil
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://secure.actblue.com/donate/bfp-elect-dems-april-2021?refcode=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&amount=1&amounts=1%2C1%2C1%2C1&utm_medium=email&utm_source=an&utm_campaign=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&link_id=16&refcodeEmailReferrer=email_1144221&can_id=b429f0dd987a04c99ffa53903d55e104&email_referrer=email_1144221&email_subject=capture-firstname3-firstname-sanitize-endcapture-team-joe-newsletter-for-if-firstname3-firstname-sanitize-else-you-endif-inside-nil
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Mon, 19 Apr 2021 05:18:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
status: 200 OK
strict-transport-security: max-age=31536000
content-length: 25
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
x-start: 2021-04-19 05:18:38.304
x-frame-options: SAMEORIGIN
x-download-options: noopen
vary: Accept-Encoding
content-type: text/html
via: 1.1 varnish
cache-control: no-cache, no-store
set-cookie: _session_id=fbc97693e2661c24cc80c7f2b48c58f8; domain=secure.actblue.com; path=/; expires=Mon, 19 Apr 2021 06:18:38 GMT; secure; HttpOnly
accept-ranges: bytes

GET
H2 200 s.js Show response
cdn.sift.com/ 61 KB
20 KB 34ms
7ms Script
application/javascript 34.96.67.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sift.com/s.js
Requested by: Host: secure.actblue.com
URL: https://secure.actblue.com/donate/bfp-elect-dems-april-2021?refcode=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&amount=1&amounts=1,1,1,1&utm_medium=email&utm_source=an&utm_campaign=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac&link_id=16&refcodeEmailReferrer=email_1144221&can_id=b429f0dd987a04c99ffa53903d55e104&email_referrer=email_1144221&email_subject=capture-firstname3-firstname-sanitize-endcapture-team-joe-newsletter-for-if-firstname3-firstname-sanitize-else-you-endif-inside-nil
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.67.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.67.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 7921df86278b7fa9be0cbd78d9990071763ec4e9e88aaff2c3d466723090b8ae

Request headers

Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 03:52:28 GMT
content-encoding: gzip
age: 5170
x-guploader-uploadid: ABg5-UziFkmrodoj2EdaptRy9s1mnA9qJyGY70BnJ4N8vZjxCixg6uew0RwBztVe39CDTdMwf5oPIRMrGtdbSC60AxxAzOAGNQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 20452
last-modified: Thu, 09 Apr 2020 21:59:13 GMT
server: UploadServer
etag: "07cb8203158abb26b3c18318350e7b36"
vary: Accept-Encoding
x-goog-hash: crc32c=fIrBTA==, md5=B8uCAxWKuyazwYMYNQ57Ng==
x-goog-generation: 1586469553682331
cache-control: public, max-age=86400
x-goog-stored-content-length: 20452
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 20 Apr 2021 03:52:28 GMT

POST
H3-29 200 log Show response
play.google.com/ Frame 52A2 131 B
154 B 44ms
44ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Zt82Y2Xd8-w.es5.O/am=AkA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ct=zgms/rs=AMitfrg0wgBNMa6BuIHWDujSWwKp43L_OA/m=_b,_tp

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 19 Apr 2021 05:18:38 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Mon, 19 Apr 2021 05:18:38 GMT

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ Frame D561 879 B
836 B 168ms
168ms XHR
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5236e8ea17718b2477266323d884810165624c16d59ea767aec597d89bf9b5b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.paypal.com/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=44&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UiLCJhdHRycyI6eyJkYXRhLXVpZCI6IjdmYTBjMWYwZTZfbWR1Nm10ZzZtemMifX0&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&sdkCorrelationID=6cdf008c22079&storageID=813b1f9192_mdu6mtg6mzc&sessionID=7ddcae5001_mdu6mtg6mzc&buttonSessionID=72478e1002_mdu6mtg6mzc&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsiZmxleCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlfX19LCJjYXJkIjp7ImVsaWdpYmxlIjpmYWxzZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19fSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6dHJ1ZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX19&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&disableFunding.0=credit&disableFunding.1=card&supportsPopups=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

date: Mon, 19 Apr 2021 05:18:38 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
paypal-debug-id: aac25caba8a5d
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn4049-HHN
x-timer: S1618809518.379353,VS0,VE160
etag: W/"36f-DAho0AWf+YfmJJDoeon2w4iQg10"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 176ms
176ms Preflight 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://secure.actblue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://secure.actblue.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id: fd2bb7b46a6da
x-content-type-options: nosniff
dc: ccg11-origin-www-1.paypal.com
accept-ranges: none
date: Mon, 19 Apr 2021 05:18:38 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn4048-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1618809518.379326,VS0,VE166
content-encoding: br
vary: accept-encoding

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 867 B
1 KB 160ms
160ms XHR
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ad9299cc8723c5de25d00333b586f7825c92c4eb7f4d0cc13b089a2d83502db3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

date: Mon, 19 Apr 2021 05:18:38 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
paypal-debug-id: 5b2b3213f248b
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn4048-HHN
x-timer: S1618809519.556581,VS0,VE153
etag: W/"363-YUFq5XNPkpAEOKJzXSoPpZrPHeg"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://secure.actblue.com
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

POST
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame D561 876 B
715 B 164ms
163ms Ping
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ae2dc91346d1ada6a55f98466cf91e1728926e8ed2bc65985998e05c87a8fc9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=44&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UiLCJhdHRycyI6eyJkYXRhLXVpZCI6IjdmYTBjMWYwZTZfbWR1Nm10ZzZtemMifX0&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&sdkCorrelationID=6cdf008c22079&storageID=813b1f9192_mdu6mtg6mzc&sessionID=7ddcae5001_mdu6mtg6mzc&buttonSessionID=72478e1002_mdu6mtg6mzc&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsiZmxleCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlfX19LCJjYXJkIjp7ImVsaWdpYmxlIjpmYWxzZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19fSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6dHJ1ZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX19&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&disableFunding.0=credit&disableFunding.1=card&supportsPopups=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 19 Apr 2021 05:18:38 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
paypal-debug-id: f9887514e136
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn4049-HHN
x-timer: S1618809518.385190,VS0,VE156
etag: W/"36c-PcES7wyt2klxTxS24KUlXDsYJ+o"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

GET
H2 200 981055.gif
hexagon-analytics.com/images/ 43 B
240 B 123ms
97ms Image
image/gif 34.102.232.42
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hexagon-analytics.com/images/981055.gif?bk=19482a20cc&tm=48&r=96894407&v=105&cs=UTF-8&h=secure.actblue.com&l=en-US&S=14364b5c4872e39a3a2b39c8e2a72568&uu=ff8d58535c44b8c0599eb4b25f812b4&t=Democratic%20National%20Committee%20(DNC)%20%E2%80%94%20Donate%20via%20ActBlue&u=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fbfp-elect-dems-april-2021%3Frefcode%3DJB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac%26amount%3D&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&nm=0&mh=d41d8cd98f00b204e9800998ecf8427e&np=0&ph=d41d8cd98f00b204e9800998ecf8427e&sh=1200&sw=1600&cd=24&p=Linux%20x86_64&to=-120&d=60&ce=true&tp=0&ol=true&pr=Gecko&ps=20030107&vd=Google%20Inc.&vs=&hc=16&je=false&ss=true&ls=false&in=true&db=false&tl=false&tr=false&ts=true&tb=false&ab=false&cf=d070d7f80ecae06d18d89fb70ca3f89e&z=z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.232.42 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

42.232.102.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 05:18:38 GMT
via: 1.1 google
x-content-type-options: nosniff
server: nginx
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: clear
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
451 B 172ms
172ms Image
image/gif 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3ANGJ83G9Z8QXZ8-1&page=muse%3Aoffer%3A%3A%3ANGJ83G9Z8QXZ8-1%3A%3AvisitorInfo%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=fe4dca86-323c-4442-b2a6-6bd13ac56ad7&es=visitorInfo&mrid=NGJ83G9Z8QXZ8&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Democratic%20National%20Committee%20(DNC)%20%E2%80%94%20Donate%20via%20ActBlue&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&rosetta_language=en-US&e=im&t=1618809518500&g=-120&completeurl=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fbfp-elect-dems-april-2021%3Frefcode%3DJB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac%26amount%3D1%26amounts%3D1%252C1%252C1%252C1%26utm_medium%3Demail%26utm_source%3Dan%26utm_campaign%3DJB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac%26link_id%3D16%26refcodeEmailReferrer%3Demail_1144221%26can_id%3Db429f0dd987a04c99ffa53903d55e104%26email_referrer%3Demail_1144221%26email_subject%3Dcapture-firstname3-firstname-sanitize-endcapture-team-joe-newsletter-for-if-firstname3-firstname-sanitize-else-you-endif-inside-nil
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: akka-http/10.1.11 /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 05:18:38 GMT
via: 1.1 varnish
server: akka-http/10.1.11
x-timer: S1618809519.505365,VS0,VE165
x-cache: MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
expires: Mon, 19 Apr 2021 05:18:38 GMT
cache-control: no-cache, no-store, max-age=0, no-transform
x-cache-hits: 0
accept-ranges: bytes
content-type: image/gif
content-length: 42
x-served-by: cache-hhn4060-HHN

GET
H3-29 200 /
www.facebook.com/tr/ Frame 499C 44 B
88 B 8ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=368391443763157&ev=Microdata&dl=https%3A%2F%2Fsecure.actblue.com%2Fpages%2Fbfp-elect-dems-april-2021%2Ftracking_code%3Ft%3Dlanding%26refcode%3DJB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac%26amount%3D1%26amounts%3D1%2C1%2C1%2C1%26utm_medium%3Demail%26utm_source%3Dan%26utm_campaign%3DJB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac%26link_id%3D16%26refcodeEmailReferrer%3Demail_1144221%26can_id%3Db429f0dd987a04c99ffa53903d55e104%26email_referrer%3Demail_1144221%26email_subject%3Dcapture-firstname3-firstname-sanitize-endcapture-team-joe-newsletter-for-if-firstname3-firstname-sanitize-else-you-endif-inside-nil&rl=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fbfp-elect-dems-april-2021%3Frefcode%3DJB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac%26amount%3D1%26amounts%3D1%2C1%2C1%2C1%26utm_medium%3Demail%26utm_source%3Dan%26utm_campaign%3DJB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac%26link_id%3D16%26refcodeEmailReferrer%3Demail_1144221%26can_id%3Db429f0dd987a04c99ffa53903d55e104%26email_referrer%3Demail_1144221%26email_subject%3Dcapture-firstname3-firstname-sanitize-endcapture-team-joe-newsletter-for-if-firstname3-firstname-sanitize-else-you-endif-inside-nil&if=true&ts=1618809518645&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.39&r=stable&ec=2&o=30&fbp=fb.1.1618809517090.330966266&it=1618809516848&coo=false&es=automatic&tm=3&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 05:18:38 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Mon, 19 Apr 2021 05:18:38 GMT

POST
H2 200 / Show response
api-js.mixpanel.com/track/ 1 B
71 B 27ms
27ms XHR
application/json 107.178.240.159
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.mixpanel.com/track/?ip=1&_=1618809518774

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.178.240.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.240.178.107.bc.googleusercontent.com

Software

envoy /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=604800; includeSubDomains
via: 1.1 google
server: envoy
access-control-allow-headers: X-Requested-With
date: Mon, 19 Apr 2021 05:18:38 GMT
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://secure.actblue.com
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 12
alt-svc: clear
content-length: 1

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-19 22:03:40	Name: NID Value: 213=QBhaYKkD8zrLF51V0mZghvG3ovqtXiRZLol8-M7m1kQRtvFI5Rc3Ph3PFdiCaFTqrgnstNwhO-KYjq0v3PV2HUx2ch-ziXcHKRuk1C5TjFjqm2QHysevUtA5T-XElg9_KSCuekbeAlR0ISJrAlcZfY8ZM9WcA-MFgpSJTzmA_gk
.paypal.com/	1970-01-20 19:58:23	Name: ts Value: vreXpYrS%3D1713503917%26vteXpYrS%3D1618811317%26vr%3De890f6281780a3006b575888ffffffff%26vt%3De890f6281780a3006b575888fffffffe
.paypal.com/	1970-01-19 17:44:28	Name: tsrce Value: smartcomponentnodeweb
.secure.actblue.com/	1970-01-19 17:40:13	Name: _session_id Value: fbc97693e2661c24cc80c7f2b48c58f8
.paypal.com/	1970-01-20 19:58:23	Name: ts_c Value: vr%3De890f6281780a3006b575888ffffffff%26vt%3De890f6281780a3006b575888fffffffe
.actblue.com/	1970-01-19 19:49:45	Name: _fbp Value: fb.1.1618809517090.330966266
.paypal.com/	1970-01-19 17:40:11	Name: l7_az Value: dcg15.slc
.actblue.com/	1970-01-19 17:40:09	Name: _gat_gtag_UA_70251_1 Value: 1
.actblue.com/	1970-01-20 11:11:21	Name: _ga Value: GA1.2.308468020.1618809517
.actblue.com/	1970-01-19 17:41:35	Name: _gid Value: GA1.2.747413996.1618809517
.actblue.com/	1970-01-19 17:40:11	Name: __utmb Value: 88171332.1.10.1618809517
.actblue.com/	1970-01-19 17:40:10	Name: __utmt Value: 1
.actblue.com/	1970-01-20 11:11:21	Name: __utma Value: 88171332.308468020.1618809517.1618809517.1618809517.1
.actblue.com/	1969-12-31 23:59:59	Name: __utmc Value: 88171332
secure.actblue.com/	1970-01-19 17:40:10	Name: _dd_s Value: logs=1&id=97edcea8-c8e8-40a5-9b40-c5c7f9593937&created=1618809516798&expire=1618810416798
.actblue.com/	1970-01-25 13:55:31	Name: ab_token Value: 56b390f9-122b-4d1e-80d7-946e57236f16
.actblue.com/	1970-01-20 02:25:45	Name: ajs_anonymous_id Value: %2286f76c20-f3b6-43fe-a11f-79c246166338%22
.actblue.com/	1970-01-19 22:02:57	Name: __utmz Value: 88171332.1618809517.1.1.utmcsr=an\|utmccn=JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac\|utmcmd=email
.actblue.com/	1970-01-20 02:25:45	Name: mp_1498bce7991dd9e45621a9bf2dbfa01b_mixpanel Value: %7B%22distinct_id%22%3A%20%22178e890f1ea5d1-01e91257efdf57-5771e33-1d4c00-178e890f1eb6b9%22%2C%22%24device_id%22%3A%20%22178e890f1ea5d1-01e91257efdf57-5771e33-1d4c00-178e890f1eb6b9%22%2C%22utm_source%22%3A%20%22an%22%2C%22utm_medium%22%3A%20%22email%22%2C%22utm_campaign%22%3A%20%22JB_EM_FR_2021.04.16_B1_newsletter_X__F1_S1_C1__ac%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
secure.actblue.com/donate	1969-12-31 23:59:59	Name: skip_prefill_check Value: true

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://secure.actblue.com/cf/assets/app/64fe3d055381b1cbfb90.js?form_app=us(Line 79) Message: [bugsnag] Loaded!

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'none'; report-uri /system/csp_reports
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

actblue-indigo-uploads.s3.amazonaws.com
api-js.mixpanel.com
api.retargetly.com
api.segment.io
cdn.mxpnl.com
cdn.segment.com
cdn.sift.com
connect.facebook.net
googleads.g.doubleclick.net
hexagon-analytics.com
insight.adsrvr.org
pay.google.com
play.google.com
pubads.g.doubleclick.net
s.yimg.com
secure.actblue.com
sessions.bugsnag.com
ssl.google-analytics.com
stats.g.doubleclick.net
t.paypal.com
u1584542.ct.sendgrid.net
www.datadoghq-browser-agent.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
104.111.228.123
107.178.240.159
13.224.100.80
13.224.94.226
142.250.185.130
151.101.1.21
151.101.1.35
151.101.112.174
167.89.123.16
216.58.212.162
2600:1901:0:7a0b::
2600:1901:0:bc29::
2606:4700:10::6816:108d
2a00:1288:80:800::7000
2a00:1450:4001:801::2008
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2008
2a00:1450:4001:811::2003
2a00:1450:4001:812::200e
2a00:1450:4001:827::2004
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2004
2a00:1450:400c:c07::5c
2a00:1450:400c:c0c::9b
2a00:1450:400c:c0d::9a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.102.232.42
34.253.179.128
34.96.67.224
44.229.187.242
52.216.29.4
0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154
07bf87548212f24057ba352fed5ec567dab724b44a7fc88ddc393cbc7706d033
087b7c40e29fc67151684cd8873bf95bc3140645a02ea532883d6afc26837429
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
1f5ac36f4ec547c3f1101104de89b563e6fa51c4e161bd50ae6872e37da237ea
2161d7267cfac3c4b3f0efc272f9b97f9cf4ec7b2d27ff81c0be7f3dca2bcf2a
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b
26b6a29d18339a5cf68bc6d4e17b6a52c2f0de7cbe79ea9d74a4886e57995561
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660
4535b6efac28a885da9702d142b1cda88aa1ea491e46de5ef34c7abf61aabbf3
47dd329de638a25ee9735044dc70a1cc3f3c34a7e09dc1e414f2a2421cec8b8a
4a13970158327ddd25459421c79fa7af53822e4b4d9cd8efb1395a91122676c8
4eb28ff7b08d921855654921cc0e0204b64e893279c9d92d167907cf4e90b861
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5236e8ea17718b2477266323d884810165624c16d59ea767aec597d89bf9b5b0
524d682d2bb3d475f5ba3224b104eee7eb4be54bd4b3f6d74d7197077e84d619
5c2f70475547c40df31431ec0f4edb98d82fac9565c1d13bfe96a76f904dcb40
63896532a7015ab5b7288359c02124980a5075e9267f0ba3fbfc7c3f5038b478
653e7cf0591c3856565188ac0fe9b6baa746f318b2cd4f205ac4e08a76edf338
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
7921df86278b7fa9be0cbd78d9990071763ec4e9e88aaff2c3d466723090b8ae
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87bc5af52e5379ffe674947e3c39e84d5a4fa98000f6cd7dd9e6449b97713fee
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f8a983dde33bfe03e715655036b7e60d0d787a6cd431aa94ae0191f87ac3f47
98e6165f4ca935ed2cd034d3f71ed277bfa1b20b684fb180a7935d2c4b853bf4
99096f106b88e7ccc51d85cdb0004b3a46a0bbe089ed367ae69ef7c2f0be6d9e
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a67735aa5b579aa63a3e5ff7ce82e8d94c09d56849c15ef1849827097c3ff239
a8b8e8ece373b4a6cbb6805e393a0a8b69622bf3f7037f99875f3b659b25542b
a9b1a50d9886cff0084a38e9a2a3105c5f9c1f724b942f7f8c843864ae0f170a
abdf0f23863f1c13dfcdedf7262f78336c07dc5aa73f35d974d5d1da7decf601
ad9299cc8723c5de25d00333b586f7825c92c4eb7f4d0cc13b089a2d83502db3
ae252cfcea9942690822c71e540e0abcab8c5f48f78d41ef2f3d68fb6e2fbf39
ae2dc91346d1ada6a55f98466cf91e1728926e8ed2bc65985998e05c87a8fc9e
bc9d705ee6c02fde87c2069b74221c2172f27d659282a53756f9b3634fab4f27
c0a876e22dd207a67ea508bf2a41c88b3f98dbc7ebc1fd335ccf427bf39aa4ec
d20f67e754753b9de3e1e3c7f113a78631eef21189dd122a96268335c986753d
d63fb40b7ed66eebc669db26606cc52ec3b4c5b7e7a914d9bd888de2ad811b1a
d9a77c4bdbd45138bd8f33dffb44c67b91c10e909590f1591f782eb3ce2ce9c8
da62c8243a9f996c4947b72585190791acae0394483f044e01d21327a7562957
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0d38886fe77a4f965380f314f56745ee497d565a4918afb98fc0f8823de25b6
e18b903813d3e73a4c9dce7489326a7afb3f7ba9574de4dd0c32d153104e3917
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5882dac211da462d489c82118f7ed910d962beac5b8aa68d1897e7c672f6431
e619c2e5786ff36eb5b18fbf2f2d86e37e5a441ac3aff263405f214f0d87fcd8
e722d7b952e4f867e12ea50cb7b7854b5839dfc2e1ec16b84895591615a09234
e88486dd7c778c33d85cd4ffe10740da6bbcc4e54464915fe1876abc08543066
ee1151a80ce88380f67bc021bda43eb63ab2fe6a9a0322466a88182638b7fdd5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f74733d14bd575a6188a205c1f773505971dc5a8f50e23a32de2b59f3d44cbf4
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

secure.actblue.com Open in urlscan Pro 151.101.112.174 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

91 Requests

100 %HTTPS

55 %IPv6

25 Domains

31 Subdomains

32 IPs

5 Countries

2353 kBTransfer

6593 kBSize

20 Cookies

1 Outgoing links

Page URL History

Redirected requests

91 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

secure.actblue.com Open in urlscan Pro
151.101.112.174 Public Scan

Screenshot
Live screenshot

Full Image

91
Requests

100 %
HTTPS

55 %
IPv6

25
Domains

31
Subdomains

32
IPs

5
Countries

2353 kB
Transfer

6593 kB
Size

20
Cookies

91 HTTP transactions
4 data transactions