secure.actblue.com Open in urlscan Pro
151.101.112.174 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://secure.actblue.com/donate/fmsa_monthly_sep20matchin?refcode=FIR_EM_FR_200917_Beshear_U1_X1&amount=25&utm_me...
Submission: On September 26 via manual (September 26th 2020, 6:32:37 pm UTC) from US

Summary HTTP 31 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 17 IPs in 5 countries across 15 domains to perform 31 HTTP transactions. The main IP is 151.101.112.174, located in Frankfurt am Main, Germany and belongs to FASTLY, US. The main domain is secure.actblue.com.
TLS certificate: Issued by Sectigo RSA Extended Validation Secur... on October 22nd 2019. Valid for: 2 years.

This is the only time secure.actblue.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	151.101.112.174 151.101.112.174	54113 (FASTLY) (FASTLY)
2	52.216.129.171 52.216.129.171	16509 (AMAZON-02) (AMAZON-02)
1	2600:1901:0:b... 2600:1901:0:bc29::	15169 (GOOGLE) (GOOGLE)
2	107.178.240.159 107.178.240.159	15169 (GOOGLE) (GOOGLE)
1	99.86.239.29 99.86.239.29	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:81a::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	99.86.243.27 99.86.243.27	16509 (AMAZON-02) (AMAZON-02)
1 1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:820::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE)
4	104.111.228.123 104.111.228.123	16625 (AKAMAI-AS) (AKAMAI-AS)
2	35.186.226.184 35.186.226.184	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	34.96.67.224 34.96.67.224	15169 (GOOGLE) (GOOGLE)
1	34.102.232.42 34.102.232.42	15169 (GOOGLE) (GOOGLE)
31	17

7 151.101.112.174 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

secure.actblue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.216.129.171 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

actblue-indigo-uploads.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:bc29:: (United States)

ASN15169 (GOOGLE, US)

cdn.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.240.159 (United States)

ASN15169 (GOOGLE, US)
PTR: 159.240.178.107.bc.googleusercontent.com

api-js.mixpanel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.239.29 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-239-29.vie50.r.cloudfront.net

www.datadoghq-browser-agent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.243.27 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-243-27.vie50.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.111.228.123 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-228-123.deploy.static.akamaitechnologies.com

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.226.184 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 184.226.186.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.67.224 (United States)

ASN15169 (GOOGLE, US)
PTR: 224.67.96.34.bc.googleusercontent.com

cdn.sift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.232.42 (United States)

ASN15169 (GOOGLE, US)
PTR: 42.232.102.34.bc.googleusercontent.com

hexagon-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	actblue.com secure.actblue.com	471 KB
4	paypal.com www.paypal.com	78 KB
3	google-analytics.com 1 redirects ssl.google-analytics.com www.google-analytics.com	19 KB
2	facebook.com www.facebook.com	403 B
2	snapchat.com tr.snapchat.com
2	sc-static.net sc-static.net	14 KB
2	facebook.net connect.facebook.net	166 KB
2	mixpanel.com api-js.mixpanel.com	486 B
2	amazonaws.com actblue-indigo-uploads.s3.amazonaws.com	683 KB
1	hexagon-analytics.com hexagon-analytics.com	240 B
1	sift.com cdn.sift.com	20 KB
1	doubleclick.net stats.g.doubleclick.net	112 B
1	googletagmanager.com www.googletagmanager.com	36 KB
1	datadoghq-browser-agent.com www.datadoghq-browser-agent.com	11 KB
1	mxpnl.com cdn.mxpnl.com	27 KB
31	15

	Domain	Requested by
7	secure.actblue.com	secure.actblue.com www.datadoghq-browser-agent.com
4	www.paypal.com	secure.actblue.com www.paypal.com www.datadoghq-browser-agent.com
2	www.facebook.com	secure.actblue.com
2	tr.snapchat.com	secure.actblue.com
2	www.google-analytics.com	www.googletagmanager.com www.datadoghq-browser-agent.com
2	sc-static.net	secure.actblue.com sc-static.net
2	connect.facebook.net	secure.actblue.com connect.facebook.net
2	api-js.mixpanel.com	cdn.mxpnl.com www.datadoghq-browser-agent.com
2	actblue-indigo-uploads.s3.amazonaws.com	secure.actblue.com
1	hexagon-analytics.com
1	cdn.sift.com	secure.actblue.com
1	stats.g.doubleclick.net	secure.actblue.com
1	ssl.google-analytics.com	1 redirects
1	www.googletagmanager.com	secure.actblue.com
1	www.datadoghq-browser-agent.com	secure.actblue.com
1	cdn.mxpnl.com	secure.actblue.com
31	16

This site contains links to these domains. Also see Links.

Domain
go.firemitchsaveamerica.com

Subject Issuer	Validity	Valid
secure.actblue.com Sectigo RSA Extended Validation Secure Server CA	`2019-10-22` - `2021-10-21`	2 years	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2019-11-09` - `2021-03-12`	a year	crt.sh
*.mxpnl.com RapidSSL RSA CA 2018	`2019-07-29` - `2021-07-28`	2 years	crt.sh
*.mixpanel.com GeoTrust RSA CA 2018	`2020-04-20` - `2022-04-21`	2 years	crt.sh
*.datadoghq-browser-agent.com Sectigo RSA Domain Validation Secure Server CA	`2019-04-08` - `2021-04-07`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-09-11` - `2020-12-10`	3 months	crt.sh
sc-static.net DigiCert SHA2 Secure Server CA	`2019-03-11` - `2021-03-15`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2020-01-09` - `2022-01-12`	2 years	crt.sh
tr.snapchat.com DigiCert SHA2 Secure Server CA	`2019-02-19` - `2021-02-23`	2 years	crt.sh
*.sift.com DigiCert SHA2 Secure Server CA	`2019-01-09` - `2021-03-17`	2 years	crt.sh
*.hexagon-analytics.com DigiCert SHA2 Secure Server CA	`2019-08-01` - `2021-11-03`	2 years	crt.sh

This page contains 6 frames:

Primary Page: https://secure.actblue.com/donate/fmsa_monthly_sep20matchin?refcode=FIR_EM_FR_200917_Beshear_U1_X1&amount=25&utm_medium=email&utm_source=saveamerica&utm_content=9+-+Other+Amount+gtgt&utm_campaign=FIR_EM_FR_200917_Beshear_U1_X1&source=FIR_EM_FR_200917_Besh
Frame ID: 5F4FFB14488F93FC2A3EB7E1BA3ED3C0
Requests: 24 HTTP requests in this frame

Frame: https://secure.actblue.com/pages/fmsa_monthly_sep20matchin/tracking_code?t=landing&refcode=FIR_EM_FR_200917_Beshear_U1_X1&amount=25&utm_medium=email&utm_source=saveamerica&utm_content=9+-+Other+Amount+gtgt&utm_campaign=FIR_EM_FR_200917_Beshear_U1_X1&source=FIR_EM_FR_200917_Besh
Frame ID: E92EDE01CFE3F53BD3F9764A104E22F0
Requests: 3 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=648af70e-8088-41e0-943a-02aa6f30aa91
Frame ID: D7869701F305B1FA1B2430DA62C2223A
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: A5B38A5ABB19B8E7BB3F710720D0CCF9
Requests: 1 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UiLCJhdHRycyI6e319&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&sessionID=e9c7f5425c_mtg6mzi6mtk&buttonSessionID=fbac5eef98_mtg6mzi6mtk&enableBNPL=true&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsiZmxleCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlfX19LCJjYXJkIjp7ImVsaWdpYmxlIjpmYWxzZSwiYnJhbmRlZCI6dHJ1ZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19fSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ==&platform=desktop&flow=purchase&currency=USD&intent=capture&disableFunding.0=credit&disableFunding.1=card
Frame ID: 4BFC55B3F989C83226A6D7B0B498B24E
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 59AE688ED2EA94744C5A6CD9428A8A9A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Erlang (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /^Cowboy$/i

Cowboy (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

headers server /^Cowboy$/i

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: $Varnish\/([\d.]+)$)?/i

Page Statistics

31
Requests

100 %
HTTPS

47 %
IPv6

15
Domains

16
Subdomains

17
IPs

5
Countries

1527 kB
Transfer

3640 kB
Size

22
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://go.firemitchsaveamerica.com/page/content/FireMitchSaveAmericaPrivacyPolicy/
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.6.1&utms=1&utmn=1980990400&utmhn=secure.actblue.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=ActBlue&utmhid=1084754396&utmr=-&utmp=%2Fdonate%2Ffmsa_monthly_sep20matchin%3Frefcode%3DFIR_EM_FR_200917_Beshear_U1_X1%26amp%3Bamount%3D25%26amp%3Butm_medium%3Demail%26amp%3Butm_source%3Dsaveamerica%26amp%3Butm_content%3D9%2B-%2BOther%2BAmount%2Bgtgt%26amp%3Butm_campaign%3DFIR_EM_FR_200917_Beshear_U1_X1%26amp%3Bsource%3DFIR_EM_FR_200917_Besh&utmht=1601145138404&utmac=UA-159696-1&utmcc=__utma%3D88171332.663880789.1601145138.1601145138.1601145138.1%3B%2B__utmz%3D88171332.1601145138.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1458983017&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-159696-1&cid=663880789.1601145138&jid=1458983017&_v=5.6.1&z=1980990400

31 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request fmsa_monthly_sep20matchin Show response
secure.actblue.com/donate/ 65 KB
17 KB 181ms
114ms Document
text/html 151.101.112.174
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.actblue.com/donate/fmsa_monthly_sep20matchin?refcode=FIR_EM_FR_200917_Beshear_U1_X1&amount=25&utm_medium=email&utm_source=saveamerica&utm_content=9+-+Other+Amount+gtgt&utm_campaign=FIR_EM_FR_200917_Beshear_U1_X1&source=FIR_EM_FR_200917_Besh

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.174 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

1e71c65dc582764064c5391bd4d8c5e38ec22cb0202c61fde490ae32af9740b2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; report-uri /system/csp_reports
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: secure.actblue.com
:scheme: https
:path: /donate/fmsa_monthly_sep20matchin?refcode=FIR_EM_FR_200917_Beshear_U1_X1&amount=25&utm_medium=email&utm_source=saveamerica&utm_content=9+-+Other+Amount+gtgt&utm_campaign=FIR_EM_FR_200917_Beshear_U1_X1&source=FIR_EM_FR_200917_Besh
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
server: Cowboy
cache-control: no-store, no-cache, must-revalidate, max-age=0
content-security-policy: frame-ancestors 'none'; report-uri /system/csp_reports
content-type: text/html; charset=utf-8
etag: W/"103c9-CgYG6S5ophhFzjXmOChfDljtTWQ"
x-form-app: kittens! [Server: node: us]
x-frame-options: sameorigin
via: 1.1 vegur 1.1 varnish 1.1 varnish
content-encoding: gzip
accept-ranges: bytes
date: Sat, 26 Sep 2020 18:32:17 GMT
age: 2488
vary: Accept-Encoding
set-cookie: skip_prefill_check=true; Secure
x-robots-tag: noindex, nofollow
x-start: 2020-09-26 18:32:17.829
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
content-length: 17262

GET
H2 200 7e7218b9c3b09d5ec4a0.css
secure.actblue.com/cf/assets/app-css/ 21 KB
5 KB 27ms
25ms Stylesheet
text/css 151.101.112.174
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.actblue.com/cf/assets/app-css/7e7218b9c3b09d5ec4a0.css?form_app=us

Requested by

Host: secure.actblue.com
URL: https://secure.actblue.com/donate/fmsa_monthly_sep20matchin?refcode=FIR_EM_FR_200917_Beshear_U1_X1&amount=25&utm_medium=email&utm_source=saveamerica&utm_content=9+-+Other+Amount+gtgt&utm_campaign=FIR_EM_FR_200917_Beshear_U1_X1&source=FIR_EM_FR_200917_Besh

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.174 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

c0a876e22dd207a67ea508bf2a41c88b3f98dbc7ebc1fd335ccf427bf39aa4ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.actblue.com/donate/fmsa_monthly_sep20matchin?refcode=FIR_EM_FR_200917_Beshear_U1_X1&amount=25&utm_medium=email&utm_source=saveamerica&utm_content=9+-+Other+Amount+gtgt&utm_campaign=FIR_EM_FR_200917_Beshear_U1_X1&source=FIR_EM_FR_200917_Besh
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Sep 2020 18:32:17 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 77411
status: 200
content-length: 5073
x-xss-protection: 1; mode=block
last-modified: Fri, 25 Sep 2020 20:56:49 GMT
server: Cowboy
etag: W/"5539-174c70dde68"
strict-transport-security: max-age=31536000
content-type: text/css; charset=UTF-8
via: 1.1 vegur, 1.1 varnish, 1.1 varnish
cache-control: max-age=31557600, must-revalidate
accept-ranges: bytes
x-start: 2020-09-26 18:32:17.965

GET
H/1.1 200
OK 9a8e1f23-b8c2-4ac1-833e-9ce2dd469158-FireMitch_Logo_Reverse-seethru.png
actblue-indigo-uploads.s3.amazonaws.com/uploads/list-editor/brandings/55420/header/image_url/ 13 KB
13 KB 523ms
155ms Image
image/png 52.216.129.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://actblue-indigo-uploads.s3.amazonaws.com/uploads/list-editor/brandings/55420/header/image_url/9a8e1f23-b8c2-4ac1-833e-9ce2dd469158-FireMitch_Logo_Reverse-seethru.png
Requested by: Host: secure.actblue.com
URL: https://secure.actblue.com/donate/fmsa_monthly_sep20matchin?refcode=FIR_EM_FR_200917_Beshear_U1_X1&amount=25&utm_medium=email&utm_source=saveamerica&utm_content=9+-+Other+Amount+gtgt&utm_campaign=FIR_EM_FR_200917_Beshear_U1_X1&source=FIR_EM_FR_200917_Besh
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.129.171 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7586854ad9ecc8f51f4731d4297e1dcaefc74a5583b0080e8f6e9721dcf49976

Request headers

Referer: https://secure.actblue.com/donate/fmsa_monthly_sep20matchin?refcode=FIR_EM_FR_200917_Beshear_U1_X1&amount=25&utm_medium=email&utm_source=saveamerica&utm_content=9+-+Other+Amount+gtgt&utm_campaign=FIR_EM_FR_200917_Beshear_U1_X1&source=FIR_EM_FR_200917_Besh
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 26 Sep 2020 18:32:19 GMT
Last-Modified: Tue, 31 Dec 2019 18:29:58 GMT
Server: AmazonS3
x-amz-request-id: 3Q6NAG7Y0QDK1XCY
ETag: "854e365f10cf271ee95d887d4f1cbc0d"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 13174
x-amz-id-2: v4qhSNp0QrEWWTYCHKPLtI4NLptpbs+OTFMy6j4BNVfcurGM2pIKMQSfx/fw3LLv4oSi8NgcjvQ=

GET
H2 200 7e7218b9c3b09d5ec4a0.js Show response
secure.actblue.com/cf/assets/app/ 2 MB
430 KB 26ms
26ms Script
application/javascript 151.101.112.174
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.actblue.com/cf/assets/app/7e7218b9c3b09d5ec4a0.js?form_app=us

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.174 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

0ca56c81d5b92b31fb3404dc281863249cdeae7ea3911ee70d0aa234ab6360a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.actblue.com/donate/fmsa_monthly_sep20matchin?refcode=FIR_EM_FR_200917_Beshear_U1_X1&amount=25&utm_medium=email&utm_source=saveamerica&utm_content=9+-+Other+Amount+gtgt&utm_campaign=FIR_EM_FR_200917_Beshear_U1_X1&source=FIR_EM_FR_200917_Besh
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Sep 2020 18:32:17 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 77411
status: 200
content-length: 440427
x-xss-protection: 1; mode=block
last-modified: Fri, 25 Sep 2020 20:56:49 GMT
server: Cowboy
etag: W/"189e42-174c70dde68"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8
via: 1.1 vegur, 1.1 varnish, 1.1 varnish
cache-control: max-age=31557600, must-revalidate
accept-ranges: bytes
x-start: 2020-09-26 18:32:17.993

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn.mxpnl.com/libs/ 79 KB
27 KB 21ms
6ms Script
text/javascript 2600:1901:0:bc29::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: secure.actblue.com
URL: https://secure.actblue.com/donate/fmsa_monthly_sep20matchin?refcode=FIR_EM_FR_200917_Beshear_U1_X1&amount=25&utm_medium=email&utm_source=saveamerica&utm_content=9+-+Other+Amount+gtgt&utm_campaign=FIR_EM_FR_200917_Beshear_U1_X1&source=FIR_EM_FR_200917_Besh
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:bc29:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 4232e3c12b3860ed86f62ab38ee1a711ba7393218593d61cefa8100c28afdd6f

Request headers

Referer: https://secure.actblue.com/donate/fmsa_monthly_sep20matchin?refcode=FIR_EM_FR_200917_Beshear_U1_X1&amount=25&utm_medium=email&utm_source=saveamerica&utm_content=9+-+Other+Amount+gtgt&utm_campaign=FIR_EM_FR_200917_Beshear_U1_X1&source=FIR_EM_FR_200917_Besh
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Sep 2020 18:24:00 GMT
content-encoding: gzip
age: 498
x-guploader-uploadid: ABg5-UzXEYoV0f1CEoI0jcH9QN2Pg5XEZBUu9RCQvFTei-sZYDPlg9qOtcyMmeSRZ5OP8mKNTdumsp1Beu6OueAbmRO9p9a5Sw
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 26928
last-modified: Mon, 17 Aug 2020 21:43:08 GMT
server: UploadServer
etag: "0f7532346a033260e6e905e6396195aa"
vary: Accept-Encoding
x-goog-hash: crc32c=AlJgbg==, md5=D3UyNGoDMmDm6QXmOWGVqg==
x-goog-generation: 1597700588364815
access-control-allow-origin: *
cache-control: public,max-age=600
x-goog-stored-content-length: 26928
accept-ranges: bytes
content-type: text/javascript
expires: Sat, 26 Sep 2020 18:34:00 GMT

GET
H/1.1 200
OK 6d68398b-6589-468d-8621-de94638994d5-FireMitch_BSD2.jpg
actblue-indigo-uploads.s3.amazonaws.com/uploads/list-editor/brandings/88411/document_body/background_image_url/ 670 KB
670 KB 503ms
137ms Image
image/jpeg 52.216.129.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://actblue-indigo-uploads.s3.amazonaws.com/uploads/list-editor/brandings/88411/document_body/background_image_url/6d68398b-6589-468d-8621-de94638994d5-FireMitch_BSD2.jpg
Requested by: Host: secure.actblue.com
URL: https://secure.actblue.com/donate/fmsa_monthly_sep20matchin?refcode=FIR_EM_FR_200917_Beshear_U1_X1&amount=25&utm_medium=email&utm_source=saveamerica&utm_content=9+-+Other+Amount+gtgt&utm_campaign=FIR_EM_FR_200917_Beshear_U1_X1&source=FIR_EM_FR_200917_Besh
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.129.171 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: dd8a33769ba8634383bf866dfef4260220ba30c8a8102398742c8b87c14099f1

Request headers

Referer: https://secure.actblue.com/donate/fmsa_monthly_sep20matchin?refcode=FIR_EM_FR_200917_Beshear_U1_X1&amount=25&utm_medium=email&utm_source=saveamerica&utm_content=9+-+Other+Amount+gtgt&utm_campaign=FIR_EM_FR_200917_Beshear_U1_X1&source=FIR_EM_FR_200917_Besh
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 26 Sep 2020 18:32:19 GMT
Last-Modified: Mon, 27 Jul 2020 17:04:30 GMT
Server: AmazonS3
x-amz-request-id: 68DAD3C5C6AB75F1
ETag: "b13621790d3cc3b123dc3d292e170f53"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 685851
x-amz-id-2: njuSYhqn2XoGLyefSL6NrmDazhd0AgiJh9cng9KsWH0A6/n5HfhI6NrAb/X6eVbG7cIq1miC3jQ=

GET
H2 200 / Show response
api-js.mixpanel.com/decide/ 65 B
328 B 72ms
34ms XHR
application/json 107.178.240.159
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api-js.mixpanel.com/decide/?verbose=1&version=1&lib=web&token=1498bce7991dd9e45621a9bf2dbfa01b&ip=1&_=1601145138121
Requested by: Host: cdn.mxpnl.com
URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.240.159 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 159.240.178.107.bc.googleusercontent.com
Software: gunicorn/19.9.0 /
Resource Hash: 5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e

Request headers

Referer: https://secure.actblue.com/donate/fmsa_monthly_sep20matchin?refcode=FIR_EM_FR_200917_Beshear_U1_X1&amount=25&utm_medium=email&utm_source=saveamerica&utm_content=9+-+Other+Amount+gtgt&utm_campaign=FIR_EM_FR_200917_Beshear_U1_X1&source=FIR_EM_FR_200917_Besh
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Sep 2020 18:32:18 GMT
via: 1.1 google
server: gunicorn/19.9.0
access-control-allow-headers: X-Requested-With
status: 200
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://secure.actblue.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
alt-svc: clear

GET
H2 200 datadog-logs-us.js Show response
www.datadoghq-browser-agent.com/ 31 KB
11 KB 114ms
37ms Script
application/javascript 99.86.239.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.datadoghq-browser-agent.com/datadog-logs-us.js
Requested by: Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/7e7218b9c3b09d5ec4a0.js?form_app=us
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.239.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-239-29.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c36a8e2fa9052fd0ee9b99019e8449d80ed1a7dba3c2927879a53cbcbd2ad5fe

Request headers

Referer: https://secure.actblue.com/donate/fmsa_monthly_sep20matchin?refcode=FIR_EM_FR_200917_Beshear_U1_X1&amount=25&utm_medium=email&utm_source=saveamerica&utm_content=9+-+Other+Amount+gtgt&utm_campaign=FIR_EM_FR_200917_Beshear_U1_X1&source=FIR_EM_FR_200917_Besh
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 16:18:46 GMT
content-encoding: gzip
last-modified: Wed, 23 Sep 2020 16:18:41 GMT
server: AmazonS3
age: 267213
etag: W/"d253156c8ef18ec6021597aecb0180a4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=900
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: QsGJVleuT6C7M5lZY4UqlyIDNMCDjhWMNq112O9_UQkrIw702MunAw==
via: 1.1 40e8cff7eb9a18d9e3d7f191f1493514.cloudfront.net (CloudFront)

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 42ms
42ms Script
application/javascript 2a00:1450:4001:81a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-155405144-2

Requested by

Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/7e7218b9c3b09d5ec4a0.js?form_app=us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0146ecf4a33b89a199c51b783fa55db9d1a8d9f51539b2ffc60225ccdec39e7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://secure.actblue.com/donate/fmsa_monthly_sep20matchin?refcode=FIR_EM_FR_200917_Beshear_U1_X1&amount=25&utm_medium=email&utm_source=saveamerica&utm_content=9+-+Other+Amount+gtgt&utm_campaign=FIR_EM_FR_200917_Beshear_U1_X1&source=FIR_EM_FR_200917_Besh
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Sep 2020 18:32:18 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36406
x-xss-protection: 0
last-modified: Sat, 26 Sep 2020 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 26 Sep 2020 18:32:18 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 135 KB
34 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

097afea517679d2e0b986d77cb3fe7808026882b52ca074a050e03e7a4a6996b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://secure.actblue.com/donate/fmsa_monthly_sep20matchin?refcode=FIR_EM_FR_200917_Beshear_U1_X1&amount=25&utm_medium=email&utm_source=saveamerica&utm_content=9+-+Other+Amount+gtgt&utm_campaign=FIR_EM_FR_200917_Beshear_U1_X1&source=FIR_EM_FR_200917_Besh
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 34302
x-xss-protection: 0
pragma: public
x-fb-debug: k1iLjLL45l6FTRE3sUjuWy34+27R/JN8rfUtSlJvcqdhk4ViHIxauXddW7Nud8kY7u2dXP/Vyc+j0yZd3PxPBA==
x-fb-trip-id: 664085054
date: Sat, 26 Sep 2020 18:32:18 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 auth_token Show response
secure.actblue.com/api/cf/ 104 B
427 B 148ms
147ms Fetch
application/json 151.101.112.174
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.actblue.com/api/cf/auth_token

Requested by

Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/7e7218b9c3b09d5ec4a0.js?form_app=us

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.174 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.17.3 + Phusion Passenger 6.0.4 / Phusion Passenger 6.0.4

Resource Hash

a875cb77502fe36afab5f81effdb10409a72d04ff74c0de9529f4e5f0efe43a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.actblue.com/donate/fmsa_monthly_sep20matchin?refcode=FIR_EM_FR_200917_Beshear_U1_X1&amount=25&utm_medium=email&utm_source=saveamerica&utm_content=9+-+Other+Amount+gtgt&utm_campaign=FIR_EM_FR_200917_Beshear_U1_X1&source=FIR_EM_FR_200917_Besh
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Sep 2020 18:32:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 0
x-powered-by: Phusion Passenger 6.0.4
status: 200, 200 OK
vary: Accept-Encoding
content-length: 130
x-xss-protection: 1; mode=block
x-runtime: 0.004617
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.17.3 + Phusion Passenger 6.0.4
x-frame-options: SAMEORIGIN
etag: W/"a875cb77502fe36afab5f81effdb1040"
x-download-options: noopen
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
via: 1.1 varnish
cache-control: no-cache, no-store
x-server-info: ip-10-32-36-136:6350:53a46a2736dfb5caad35b24108dc69e2c63fda89
accept-ranges: bytes, bytes
x-start: 2020-09-26 18:32:18.330

GET
H2 200 tracking_code Show response
secure.actblue.com/pages/fmsa_monthly_sep20matchin/ Frame E92E 1 KB
1 KB 29ms
28ms Document
text/html 151.101.112.174
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.actblue.com/pages/fmsa_monthly_sep20matchin/tracking_code?t=landing&refcode=FIR_EM_FR_200917_Beshear_U1_X1&amount=25&utm_medium=email&utm_source=saveamerica&utm_content=9+-+Other+Amount+gtgt&utm_campaign=FIR_EM_FR_200917_Beshear_U1_X1&source=FIR_EM_FR_200917_Besh

Requested by

Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/7e7218b9c3b09d5ec4a0.js?form_app=us

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.174 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.17.3 + Phusion Passenger 6.0.4 / Phusion Passenger 6.0.4

Resource Hash

282dfeeb89730ab25ccea49f5e1a603805055745e5bb2488e790d4cba522c324

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: secure.actblue.com
:scheme: https
:path: /pages/fmsa_monthly_sep20matchin/tracking_code?t=landing&refcode=FIR_EM_FR_200917_Beshear_U1_X1&amount=25&utm_medium=email&utm_source=saveamerica&utm_content=9+-+Other+Amount+gtgt&utm_campaign=FIR_EM_FR_200917_Beshear_U1_X1&source=FIR_EM_FR_200917_Besh
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://secure.actblue.com/donate/fmsa_monthly_sep20matchin?refcode=FIR_EM_FR_200917_Beshear_U1_X1&amount=25&utm_medium=email&utm_source=saveamerica&utm_content=9+-+Other+Amount+gtgt&utm_campaign=FIR_EM_FR_200917_Beshear_U1_X1&source=FIR_EM_FR_200917_Besh
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: mp_1498bce7991dd9e45621a9bf2dbfa01b_mixpanel=%7B%22distinct_id%22%3A%20%22174cbafebc67f5-0156bb4607582c-1b396256-1d4c00-174cbafebc7a30%22%2C%22%24device_id%22%3A%20%22174cbafebc67f5-0156bb4607582c-1b396256-1d4c00-174cbafebc7a30%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://secure.actblue.com/donate/fmsa_monthly_sep20matchin?refcode=FIR_EM_FR_200917_Beshear_U1_X1&amount=25&utm_medium=email&utm_source=saveamerica&utm_content=9+-+Other+Amount+gtgt&utm_campaign=FIR_EM_FR_200917_Beshear_U1_X1&source=FIR_EM_FR_200917_Besh

Response headers

status: 200 200 OK
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store
content-encoding: gzip
etag: W/"282dfeeb89730ab25ccea49f5e1a6038"
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.17.3 + Phusion Passenger 6.0.4
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: ALLOWALL
x-permitted-cross-domain-policies: none
x-powered-by: Phusion Passenger 6.0.4
x-robots-tag: noindex, nofollow
x-runtime: 0.010644
x-server-info: ip-10-32-1-138:7098:53a46a2736dfb5caad35b24108dc69e2c63fda89
accept-ranges: bytes
date: Sat, 26 Sep 2020 18:32:18 GMT
via: 1.1 varnish
age: 2792
vary: Accept-Encoding
x-start: 2020-09-26 18:32:18.374
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
content-length: 740

GET
H2 200 ga.js Show response
secure.actblue.com/cf/static/ 40 KB
16 KB 25ms
24ms Script
application/javascript 151.101.112.174
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.actblue.com/cf/static/ga.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.174 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

653e7cf0591c3856565188ac0fe9b6baa746f318b2cd4f205ac4e08a76edf338

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.actblue.com/donate/fmsa_monthly_sep20matchin?refcode=FIR_EM_FR_200917_Beshear_U1_X1&amount=25&utm_medium=email&utm_source=saveamerica&utm_content=9+-+Other+Amount+gtgt&utm_campaign=FIR_EM_FR_200917_Beshear_U1_X1&source=FIR_EM_FR_200917_Besh
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Sep 2020 18:32:18 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 77412
status: 200
content-length: 16100
x-xss-protection: 1; mode=block
last-modified: Fri, 25 Sep 2020 20:50:38 GMT
server: Cowboy
etag: W/"9fe9-174c7083530"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8
via: 1.1 vegur, 1.1 varnish, 1.1 varnish
cache-control: max-age=31557600, must-revalidate
accept-ranges: bytes
x-start: 2020-09-26 18:32:18.374

GET
H2 200 scevent.min.js Show response
sc-static.net/ Frame E92E 13 KB
6 KB 137ms
66ms Script
application/javascript 99.86.243.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: secure.actblue.com
URL: https://secure.actblue.com/pages/fmsa_monthly_sep20matchin/tracking_code?t=landing&refcode=FIR_EM_FR_200917_Beshear_U1_X1&amount=25&utm_medium=email&utm_source=saveamerica&utm_content=9+-+Other+Amount+gtgt&utm_campaign=FIR_EM_FR_200917_Beshear_U1_X1&source=FIR_EM_FR_200917_Besh
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.27 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-27.vie50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 4548c412ce3bd15ddf652328dd58fad638a41fbd5c08473a1ab485e5a12076c9

Request headers

Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Sep 2020 18:32:18 GMT
content-encoding: gzip
server: CloudFront
x-amz-cf-pop: VIE50-C1
status: 200
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 5415
via: 1.1 315b8dfb52e5c49bd834510b0301e939.cloudfront.net (CloudFront)
x-amz-cf-id: 47MjJ0cACHMIa4kgTuE0MbYtF_HBKFVeYGsUky1yxe8vyhyRhSBnHw==

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.6.1&utms=1&utmn=1980990400&utmhn=secure.actblue.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=A...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-159696-1&cid=663880789.1601145138&jid=1458983017&_v=5.6.1&z=1980990400

35 B
112 B

16ms
16ms

Image
image/gif

2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-159696-1&cid=663880789.1601145138&jid=1458983017&_v=5.6.1&z=1980990400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.actblue.com/donate/fmsa_monthly_sep20matchin?refcode=FIR_EM_FR_200917_Beshear_U1_X1&amount=25&utm_medium=email&utm_source=saveamerica&utm_content=9+-+Other+Amount+gtgt&utm_campaign=FIR_EM_FR_200917_Beshear_U1_X1&source=FIR_EM_FR_200917_Besh
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 26 Sep 2020 18:32:18 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 26 Sep 2020 18:32:18 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 302
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-159696-1&cid=663880789.1601145138&jid=1458983017&_v=5.6.1&z=1980990400
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 368
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2475653482649183 Show response
connect.facebook.net/signals/config/ 524 KB
133 KB 77ms
77ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2475653482649183?v=2.9.24&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cb91c6501c449b9b2e013d19eec2ef08ac10db943d47ca613830caf8c8825c28

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://secure.actblue.com/donate/fmsa_monthly_sep20matchin?refcode=FIR_EM_FR_200917_Beshear_U1_X1&amount=25&utm_medium=email&utm_source=saveamerica&utm_content=9+-+Other+Amount+gtgt&utm_campaign=FIR_EM_FR_200917_Beshear_U1_X1&source=FIR_EM_FR_200917_Besh
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: x9cmxZKAAzG3RwPTT9hAsbMMnfjfOcATV30742HMKW7Mc43M0VYXuTzAyJMck2RRrlOCgTYAsFG4ekwxntEN1w==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Sat, 26 Sep 2020 18:32:18 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-155405144-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.actblue.com/donate/fmsa_monthly_sep20matchin?refcode=FIR_EM_FR_200917_Beshear_U1_X1&amount=25&utm_medium=email&utm_source=saveamerica&utm_content=9+-+Other+Amount+gtgt&utm_campaign=FIR_EM_FR_200917_Beshear_U1_X1&source=FIR_EM_FR_200917_Besh
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 7117
date: Sat, 26 Sep 2020 16:33:41 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Sat, 26 Sep 2020 18:33:41 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
67 B 13ms
13ms XHR
text/plain 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=1084754396&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Ffmsa_monthly_sep20matchin%3Frefcode%3DFIR_EM_FR_200917_Beshear_U1_X1%26amp%3Bamount%3D25%26amp%3Butm_medium%3Demail%26amp%3Butm_source%3Dsaveamerica%26amp%3Butm_content%3D9%2B-%2BOther%2BAmount%2Bgtgt%26amp%3Butm_campaign%3DFIR_EM_FR_200917_Beshear_U1_X1%26amp%3Bsource%3DFIR_EM_FR_200917_Besh&ul=en-us&de=UTF-8&dt=ActBlue&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=88171332.663880789.1601145138.1601145138.1601145138.1&_utmz=88171332.1601145138.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1601145138441&_u=IQBCAUABAAAAAC~&jid=1973981914&gjid=1113902788&cid=663880789.1601145138&tid=UA-155405144-2&_gid=1431910575.1601145138&_r=1&gtm=2ou9g1&z=1410774477

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs-us.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.actblue.com/donate/fmsa_monthly_sep20matchin?refcode=FIR_EM_FR_200917_Beshear_U1_X1&amount=25&utm_medium=email&utm_source=saveamerica&utm_content=9+-+Other+Amount+gtgt&utm_campaign=FIR_EM_FR_200917_Beshear_U1_X1&source=FIR_EM_FR_200917_Besh
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 26 Sep 2020 18:32:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://secure.actblue.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.paypal.com/sdk/ 250 KB
77 KB 634ms
511ms Script
application/javascript 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&locale=en_US&disable-funding=credit,card&intent=capture&commit=false

Requested by

Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/7e7218b9c3b09d5ec4a0.js?form_app=us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

1c10f30771d3720b3d07b3c55ee640aed36aacafb4fa471627169f9eda1e65f9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-o3n1HfTZmApGohBpM5ppb9SRX2i1L6cTWWfgMYHUK8sHUy1A' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-o3n1HfTZmApGohBpM5ppb9SRX2i1L6cTWWfgMYHUK8sHUy1A' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.actblue.com/donate/fmsa_monthly_sep20matchin?refcode=FIR_EM_FR_200917_Beshear_U1_X1&amount=25&utm_medium=email&utm_source=saveamerica&utm_content=9+-+Other+Amount+gtgt&utm_campaign=FIR_EM_FR_200917_Beshear_U1_X1&source=FIR_EM_FR_200917_Besh
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 315, 315
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-o3n1HfTZmApGohBpM5ppb9SRX2i1L6cTWWfgMYHUK8sHUy1A' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-o3n1HfTZmApGohBpM5ppb9SRX2i1L6cTWWfgMYHUK8sHUy1A' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 0, 10
p3p: true
status: 200
paypal-debug-id: 71785faf3b9b0
dc: phx-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 76845
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
date: Sat, 26 Sep 2020 18:32:19 GMT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=21600
etag: W/"12c2d-i/h9XW+NcBAfjik0rC2LKcJV43o"
expires: Sun, 27 Sep 2020 00:32:19 GMT

GET
H2 200 i
tr.snapchat.com/cm/ Frame D786 0
0 82ms
38ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=648af70e-8088-41e0-943a-02aa6f30aa91

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: tr.snapchat.com
:scheme: https
:path: /cm/i?pid=648af70e-8088-41e0-943a-02aa6f30aa91
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://secure.actblue.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://secure.actblue.com/

Response headers

status: 200
server: nginx/1.17.3
date: Sat, 26 Sep 2020 18:32:18 GMT
content-type: text/html
content-length: 0
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 google
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 /
www.facebook.com/tr/ 44 B
257 B 11ms
11ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2475653482649183&ev=PageView&dl=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Ffmsa_monthly_sep20matchin%3Frefcode%3DFIR_EM_FR_200917_Beshear_U1_X1%26amp%3Bamount%3D25%26amp%3Butm_medium%3Demail%26amp%3Butm_source%3Dsaveamerica%26amp%3Butm_content%3D9%2B-%2BOther%2BAmount%2Bgtgt%26amp%3Butm_campaign%3DFIR_EM_FR_200917_Beshear_U1_X1%26amp%3Bsource%3DFIR_EM_FR_200917_Besh&rl=&if=false&ts=1601145138646&sw=1600&sh=1200&v=2.9.24&r=stable&ec=0&o=30&fbp=fb.1.1601145138646.1917339570&it=1601145138412&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://secure.actblue.com/donate/fmsa_monthly_sep20matchin?refcode=FIR_EM_FR_200917_Beshear_U1_X1&amount=25&utm_medium=email&utm_source=saveamerica&utm_content=9+-+Other+Amount+gtgt&utm_campaign=FIR_EM_FR_200917_Beshear_U1_X1&source=FIR_EM_FR_200917_Besh
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Sep 2020 18:32:18 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sat, 26 Sep 2020 18:32:18 GMT

GET
H2 200 js-sha256-v1.min.js Show response
sc-static.net/ Frame E92E 22 KB
8 KB 133ms
63ms Script
application/javascript 99.86.243.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/js-sha256-v1.min.js
Requested by: Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.27 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-27.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ba3d77e0be4f968f93a865602a9d4c51631083244a570b7a31690cc9e414a253

Request headers

Origin: https://secure.actblue.com
Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Sep 2020 01:51:48 GMT
content-encoding: gzip
age: 60031
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Fri, 05 Apr 2019 00:32:08 GMT
server: AmazonS3
etag: W/"68f2467c84878293c9ee497dbc99a17f"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 fd2756277dcf50743fb09f4526b54aca.cloudfront.net (CloudFront)
access-control-expose-headers: Content-Type
cache-control: public, s-maxage=86400, max-age=600
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: dvzsWAgjb9r7ekKsV1f9h1cwrjb4qI-T_rXnZq4tL-nYFkPtdWIEIg==

POST
H3-Q050 200 p
tr.snapchat.com/ Frame A5B3 0
0 88ms
46ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

35.186.226.184 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: POST
:authority: tr.snapchat.com
:scheme: https
:path: /p
content-length: 936
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://secure.actblue.com
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://secure.actblue.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://secure.actblue.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://secure.actblue.com/

Response headers

status: 200
server: nginx/1.17.3
date: Sat, 26 Sep 2020 18:32:18 GMT
content-type: text/html
content-length: 0
access-control-allow-origin: *
cache-control: no-cache, no-transform
set-cookie: sc_at=v2|H4sIAAAAAAAAAAXBgQ3AIAwDsIsqNSwEdk4nwhU9fnZl0d90nJEI6kVsusLSWEvg8e2GEuDEszt/39DjkzIAAAA=;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 google
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 /
www.facebook.com/tr/ 44 B
146 B 6ms
5ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2475653482649183&ev=Microdata&dl=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Ffmsa_monthly_sep20matchin%3Frefcode%3DFIR_EM_FR_200917_Beshear_U1_X1%26amp%3Bamount%3D25%26amp%3Butm_medium%3Demail%26amp%3Butm_source%3Dsaveamerica%26amp%3Butm_content%3D9%2B-%2BOther%2BAmount%2Bgtgt%26amp%3Butm_campaign%3DFIR_EM_FR_200917_Beshear_U1_X1%26amp%3Bsource%3DFIR_EM_FR_200917_Besh&rl=&if=false&ts=1601145139150&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Save%20America%20Fund%20%E2%80%94%20Donate%20via%20ActBlue%22%7D&cd[OpenGraph]=%7B%22product%3Apayment_method%22%3A%22ApplePay%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Ffmsa_monthly_sep20matchin%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Factblue-indigo-uploads.s3.amazonaws.com%2Fuploads%2Flist-editor%2F97e74bdb-b27a-4b42-9ac8-cd08a92f9688-AB_opengraph.jpg%22%2C%22og%3Atitle%22%3A%22Fire%20Mitch.%20Save%20America.%22%2C%22og%3Asite_name%22%3A%22ActBlue%22%2C%22og%3Adescription%22%3A%22Chip%20in%20to%20FIRE%20MITCH!%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.24&r=stable&ec=1&o=30&fbp=fb.1.1601145138646.1917339570&it=1601145138412&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://secure.actblue.com/donate/fmsa_monthly_sep20matchin?refcode=FIR_EM_FR_200917_Beshear_U1_X1&amount=25&utm_medium=email&utm_source=saveamerica&utm_content=9+-+Other+Amount+gtgt&utm_campaign=FIR_EM_FR_200917_Beshear_U1_X1&source=FIR_EM_FR_200917_Besh
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Sep 2020 18:32:19 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sat, 26 Sep 2020 18:32:19 GMT

GET
H2 200 buttons
www.paypal.com/smart/ Frame 4BFC 0
0 329ms
329ms Document
text/html 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UiLCJhdHRycyI6e319&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&sessionID=e9c7f5425c_mtg6mzi6mtk&buttonSessionID=fbac5eef98_mtg6mzi6mtk&enableBNPL=true&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsiZmxleCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlfX19LCJjYXJkIjp7ImVsaWdpYmxlIjpmYWxzZSwiYnJhbmRlZCI6dHJ1ZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19fSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ==&platform=desktop&flow=purchase&currency=USD&intent=capture&disableFunding.0=credit&disableFunding.1=card

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&locale=en_US&disable-funding=credit,card&intent=capture&commit=false

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	form-action 'self' https://.paypal.com https://.cardinalcommerce.com; default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com: https://.paypalobjects.com https://.googleapis.com https://.firebaseio.com wss://.firebaseio.com http://127.0.0.1:* https://.qualtrics.com; frame-src 'self' https://.paypal.com:* https://.paypalobjects.com https://.cardinalcommerce.com https://.firebaseapp.com https://.qualtrics.com; script-src 'self' https://.paypal.com: https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://.paypal.com:* https://.paypalobjects.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.paypal.com
:scheme: https
:path: /smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UiLCJhdHRycyI6e319&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&sessionID=e9c7f5425c_mtg6mzi6mtk&buttonSessionID=fbac5eef98_mtg6mzi6mtk&enableBNPL=true&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsiZmxleCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlfX19LCJjYXJkIjp7ImVsaWdpYmxlIjpmYWxzZSwiYnJhbmRlZCI6dHJ1ZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19fSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ==&platform=desktop&flow=purchase&currency=USD&intent=capture&disableFunding.0=credit&disableFunding.1=card
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://secure.actblue.com/donate/fmsa_monthly_sep20matchin?refcode=FIR_EM_FR_200917_Beshear_U1_X1&amount=25&utm_medium=email&utm_source=saveamerica&utm_content=9+-+Other+Amount+gtgt&utm_campaign=FIR_EM_FR_200917_Beshear_U1_X1&source=FIR_EM_FR_200917_Besh
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: l7_az=dcg13.slc; X-PP-SILOVER=name%3DLIVE3.WEB.1%26silo_version%3D880%26app%3Dclientsdknodeweb%26TIME%3D1591643782%26HTTP_X_PP_AZ_LOCATOR%3Ddcg13.slc; ts=vreXpYrS%3D1695753138%26vteXpYrS%3D1601146938%26vr%3Dcbafee9a1740a760db55da9cfe7d5f9b%26vt%3Dcbafee9a1740a760db55da9cfe7d5f9a%26vtyp%3Dnew; ts_c=vr%3Dcbafee9a1740a760db55da9cfe7d5f9b%26vt%3Dcbafee9a1740a760db55da9cfe7d5f9a; akavpau_ppsd=1601145739~id=8e00b6b1d5c26a1c189e7011f36fb8ba
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://secure.actblue.com/donate/fmsa_monthly_sep20matchin?refcode=FIR_EM_FR_200917_Beshear_U1_X1&amount=25&utm_medium=email&utm_source=saveamerica&utm_content=9+-+Other+Amount+gtgt&utm_campaign=FIR_EM_FR_200917_Beshear_U1_X1&source=FIR_EM_FR_200917_Besh

Response headers

status: 200
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-disposition: inline
content-security-policy: form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
etag: W/"34048-9S7t6UgXE0ToE2YZTyLdDaObhmI"
p3p: true
paypal-debug-id: a933b4baeb0c2
x-content-type-options: nosniff
x-csrf-jwt: __blank__
x-xss-protection: 1; mode=block
dc: slc-b-origin-www-1.paypal.com
x-edgeconnect-midmile-rtt: 157
x-edgeconnect-origin-mex-latency: 97
vary: Accept-Encoding
content-encoding: gzip
date: Sat, 26 Sep 2020 18:32:19 GMT
set-cookie: tsrce=smartcomponentnodeweb; Domain=.paypal.com; Path=/; Expires=Tue, 29 Sep 2020 18:32:19 GMT; HttpOnly; Secure; SameSite=None l7_az=dcg13.slc; Path=/; Domain=paypal.com; Expires=Sat, 26 Sep 2020 19:02:19 GMT; HttpOnly; Secure; SameSite=None X-PP-SILOVER=name%3DLIVE3.WEB.1%26silo_version%3D880%26app%3Dsmartcomponentnodeweb%26TIME%3D1591643782%26HTTP_X_PP_AZ_LOCATOR%3Ddcg13.slc; Path=/; Domain=paypal.com; Expires=Sat, 26 Sep 2020 19:02:19 GMT; HttpOnly; Secure; SameSite=None ts=vreXpYrS%3D1695753139%26vteXpYrS%3D1601146939%26vr%3Dcbafee9a1740a760db55da9cfe7d5f9b%26vt%3Dcbafee9a1740a760db55da9cfe7d5f9a%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Tue, 26 Sep 2023 18:32:19 GMT; HttpOnly; Secure; SameSite=None ts_c=vr%3Dcbafee9a1740a760db55da9cfe7d5f9b%26vt%3Dcbafee9a1740a760db55da9cfe7d5f9a; Path=/; Domain=paypal.com; Expires=Tue, 26 Sep 2023 18:32:19 GMT; Secure; SameSite=None x-cdn=akamai; path=/; domain=.paypal.com; secure akavpau_ppsd=1601145739~id=8e00b6b1d5c26a1c189e7011f36fb8ba; Domain=www.paypal.com; Path=/; Secure; SameSite=None
strict-transport-security: max-age=63072000

GET
DATA 200
OK truncated
/ Frame 59AE 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 441ab7af7bb690d05693c45d53e8ea1f8648ead7ebab5c5463fc6cf1814bbbb2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 trackables Show response
secure.actblue.com/ 0
460 B 502ms
501ms Fetch
text/html 151.101.112.174
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.actblue.com/trackables

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs-us.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.174 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.17.3 + Phusion Passenger 6.0.4 / Phusion Passenger 6.0.4

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.actblue.com/donate/fmsa_monthly_sep20matchin?refcode=FIR_EM_FR_200917_Beshear_U1_X1&amount=25&utm_medium=email&utm_source=saveamerica&utm_content=9+-+Other+Amount+gtgt&utm_campaign=FIR_EM_FR_200917_Beshear_U1_X1&source=FIR_EM_FR_200917_Besh
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Sat, 26 Sep 2020 18:32:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-powered-by: Phusion Passenger 6.0.4
status: 200, 200 OK
vary: Accept-Encoding
content-length: 25
x-xss-protection: 1; mode=block
x-runtime: 0.016322
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.17.3 + Phusion Passenger 6.0.4
x-frame-options: SAMEORIGIN
x-download-options: noopen
strict-transport-security: max-age=31536000
content-type: text/html
via: 1.1 varnish
cache-control: no-cache, no-store
x-server-info: ip-10-32-1-64:6929:53a46a2736dfb5caad35b24108dc69e2c63fda89
accept-ranges: bytes
x-start: 2020-09-26 18:32:19.733

GET
H2 200 s.js Show response
cdn.sift.com/ 61 KB
20 KB 73ms
17ms Script
application/javascript 34.96.67.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sift.com/s.js
Requested by: Host: secure.actblue.com
URL: https://secure.actblue.com/donate/fmsa_monthly_sep20matchin?refcode=FIR_EM_FR_200917_Beshear_U1_X1&amount=25&utm_medium=email&utm_source=saveamerica&utm_content=9+-+Other+Amount+gtgt&utm_campaign=FIR_EM_FR_200917_Beshear_U1_X1&source=FIR_EM_FR_200917_Besh
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.67.224 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.67.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 7921df86278b7fa9be0cbd78d9990071763ec4e9e88aaff2c3d466723090b8ae

Request headers

Referer: https://secure.actblue.com/donate/fmsa_monthly_sep20matchin?refcode=FIR_EM_FR_200917_Beshear_U1_X1&amount=25&utm_medium=email&utm_source=saveamerica&utm_content=9+-+Other+Amount+gtgt&utm_campaign=FIR_EM_FR_200917_Beshear_U1_X1&source=FIR_EM_FR_200917_Besh
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Sep 2020 07:09:30 GMT
content-encoding: gzip
age: 40969
x-guploader-uploadid: ABg5-Ux3J_OZwfgqCr37FeoEBZNZjTEQxG_0iu7xsxaIniDxDI-Ev2M4VrBb2nhXyuSGmHisZNJqKV2-1CuRzUx581k
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 20452
last-modified: Thu, 09 Apr 2020 21:59:13 GMT
server: UploadServer
etag: "07cb8203158abb26b3c18318350e7b36"
vary: Accept-Encoding
x-goog-hash: crc32c=fIrBTA==, md5=B8uCAxWKuyazwYMYNQ57Ng==
x-goog-generation: 1586469553682331
cache-control: public, max-age=86400
x-goog-stored-content-length: 20452
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 27 Sep 2020 07:09:30 GMT

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 2 B
1 KB 246ms
246ms XHR
application/json 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs-us.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

/ Express

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://secure.actblue.com/donate/fmsa_monthly_sep20matchin?refcode=FIR_EM_FR_200917_Beshear_U1_X1&amount=25&utm_medium=email&utm_source=saveamerica&utm_content=9+-+Other+Amount+gtgt&utm_campaign=FIR_EM_FR_200917_Beshear_U1_X1&source=FIR_EM_FR_200917_Besh
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: application/json

Response headers

x-edgeconnect-origin-mex-latency: 47
date: Sat, 26 Sep 2020 18:32:20 GMT
x-content-type-options: nosniff
status: 200
x-powered-by: Express
strict-transport-security: max-age=63072000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://secure.actblue.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-edgeconnect-midmile-rtt: 146
paypal-debug-id: e15843af6e9f9
dc: slc-b-origin-www-1.paypal.com
content-length: 2
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 292ms
228ms Other
application/json 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.paypal.com/xoplatform/logger/api/logger
Protocol: H2
Server: 104.111.228.123 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-228-123.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://secure.actblue.com
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://secure.actblue.com

GET
H2 200 628031.gif
hexagon-analytics.com/images/ 43 B
240 B 154ms
115ms Image
image/gif 34.102.232.42
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hexagon-analytics.com/images/628031.gif?bk=19482a20cc&tm=72&r=284324774&v=105&cs=UTF-8&h=secure.actblue.com&l=en-US&S=c5fca13689c172d7b00ec2a5da9ca789&uu=69e36de4e75608e3d076355ac2eb470&t=Save%20America%20Fund%20%E2%80%94%20Donate%20via%20ActBlue&u=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Ffmsa_monthly_sep20matchin%3Frefcode%3DFIR_EM_FR_200917_Beshear_U1_X1%26amp%3Bamount%3D25%26amp%3Butm_medium%3Demail%26amp%3Bu&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&nm=0&mh=d41d8cd98f00b204e9800998ecf8427e&np=0&ph=d41d8cd98f00b204e9800998ecf8427e&sh=1200&sw=1600&cd=24&p=Linux%20x86_64&to=-120&d=60&ce=true&tp=0&ol=true&pr=Gecko&ps=20030107&vd=Google%20Inc.&vs=&hc=16&je=false&ss=true&ls=true&in=true&db=false&tl=false&tr=false&ts=true&tb=false&ab=false&cf=d070d7f80ecae06d18d89fb70ca3f89e&z=z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.232.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

42.232.102.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.actblue.com/donate/fmsa_monthly_sep20matchin?refcode=FIR_EM_FR_200917_Beshear_U1_X1&amount=25&utm_medium=email&utm_source=saveamerica&utm_content=9+-+Other+Amount+gtgt&utm_campaign=FIR_EM_FR_200917_Beshear_U1_X1&source=FIR_EM_FR_200917_Besh
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Sep 2020 18:32:19 GMT
via: 1.1 google
x-content-type-options: nosniff
server: nginx
content-type: image/gif
status: 200
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: clear
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 / Show response
api-js.mixpanel.com/track/ 25 B
158 B 48ms
48ms XHR
application/json 107.178.240.159
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api-js.mixpanel.com/track/?verbose=1&ip=1&_=1601145143116
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs-us.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.240.159 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 159.240.178.107.bc.googleusercontent.com
Software: envoy /
Resource Hash: e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba

Request headers

Referer: https://secure.actblue.com/donate/fmsa_monthly_sep20matchin?refcode=FIR_EM_FR_200917_Beshear_U1_X1&amount=25&utm_medium=email&utm_source=saveamerica&utm_content=9+-+Other+Amount+gtgt&utm_campaign=FIR_EM_FR_200917_Beshear_U1_X1&source=FIR_EM_FR_200917_Besh
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 26 Sep 2020 18:32:22 GMT
via: 1.1 google
server: envoy
access-control-allow-headers: X-Requested-With
status: 200
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://secure.actblue.com
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 12
alt-svc: clear
content-length: 25

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.paypal.com/	1970-01-20 15:02:33	Name: ts Value: vreXpYrS%3D1695753139%26vteXpYrS%3D1601146939%26vr%3Dcbafee9a1740a760db55da9cfe7d5f9b%26vt%3Dcbafee9a1740a760db55da9cfe7d5f9a%26vtyp%3Dnew
.paypal.com/	1970-01-19 12:45:46	Name: X-PP-SILOVER Value: name%3DLIVE3.WEB.1%26silo_version%3D880%26app%3Dsmartcomponentnodeweb%26TIME%3D1591643782%26HTTP_X_PP_AZ_LOCATOR%3Ddcg13.slc
.paypal.com/	1970-01-19 12:50:04	Name: tsrce Value: smartcomponentnodeweb
.www.paypal.com/	1969-12-31 23:59:59	Name: akavpau_ppsd Value: 1601145739~id=8e00b6b1d5c26a1c189e7011f36fb8ba
.paypal.com/	1970-01-19 12:45:46	Name: l7_az Value: dcg13.slc
.actblue.com/	1970-01-19 22:15:31	Name: _scid Value: 558f761b-a585-4db9-b43d-f06f734d8487
.paypal.com/	1970-01-20 15:02:33	Name: ts_c Value: vr%3Dcbafee9a1740a760db55da9cfe7d5f9b%26vt%3Dcbafee9a1740a760db55da9cfe7d5f9a
.actblue.com/	1970-01-19 14:55:21	Name: _fbp Value: fb.1.1601145138646.1917339570
.actblue.com/	1970-01-25 09:01:06	Name: ab_token Value: 768781fe-4558-4e09-a9f7-376a10d4cf92
.secure.actblue.com/	1970-01-19 12:45:48	Name: _session_id Value: 36b6dbe3e06284e25260a5db7806f8bd
secure.actblue.com/	1970-01-19 12:45:46	Name: _dd_s Value: logs=1&id=b3f35126-bfad-4425-b79a-84da3fd6cb99&created=1601145138432&expire=1601146038432
.actblue.com/	1970-01-19 12:45:45	Name: _gat_gtag_UA_155405144_2 Value: 1
.actblue.com/	1970-01-20 06:16:57	Name: _ga Value: GA1.2.663880789.1601145138
.actblue.com/	1970-01-19 12:47:11	Name: _gid Value: GA1.2.1431910575.1601145138
.actblue.com/	1970-01-19 12:45:46	Name: __utmb Value: 88171332.1.10.1601145138
.actblue.com/	1970-01-19 12:45:45	Name: __utmt Value: 1
.actblue.com/	1970-01-19 21:31:21	Name: mp_1498bce7991dd9e45621a9bf2dbfa01b_mixpanel Value: %7B%22distinct_id%22%3A%20%22174cbafebc67f5-0156bb4607582c-1b396256-1d4c00-174cbafebc7a30%22%2C%22%24device_id%22%3A%20%22174cbafebc67f5-0156bb4607582c-1b396256-1d4c00-174cbafebc7a30%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.snapchat.com/	1970-01-19 22:07:21	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBgQ3AIAwDsIsqNSwEdk4nwhU9fnZl0d90nJEI6kVsusLSWEvg8e2GEuDEszt/39DjkzIAAAA=
.actblue.com/	1970-01-19 17:08:33	Name: __utmz Value: 88171332.1601145138.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.actblue.com/	1970-01-20 06:16:57	Name: __utma Value: 88171332.663880789.1601145138.1601145138.1601145138.1
.actblue.com/	1969-12-31 23:59:59	Name: __utmc Value: 88171332
secure.actblue.com/donate	1969-12-31 23:59:59	Name: skip_prefill_check Value: true

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'none'; report-uri /system/csp_reports
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

actblue-indigo-uploads.s3.amazonaws.com
api-js.mixpanel.com
cdn.mxpnl.com
cdn.sift.com
connect.facebook.net
hexagon-analytics.com
sc-static.net
secure.actblue.com
ssl.google-analytics.com
stats.g.doubleclick.net
tr.snapchat.com
www.datadoghq-browser-agent.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.paypal.com
104.111.228.123
107.178.240.159
151.101.112.174
2600:1901:0:bc29::
2a00:1450:4001:806::2008
2a00:1450:4001:81a::2008
2a00:1450:4001:820::200e
2a00:1450:4001:821::200e
2a00:1450:400c:c0c::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.102.232.42
34.96.67.224
35.186.226.184
52.216.129.171
99.86.239.29
99.86.243.27
0146ecf4a33b89a199c51b783fa55db9d1a8d9f51539b2ffc60225ccdec39e7e
097afea517679d2e0b986d77cb3fe7808026882b52ca074a050e03e7a4a6996b
0ca56c81d5b92b31fb3404dc281863249cdeae7ea3911ee70d0aa234ab6360a5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1c10f30771d3720b3d07b3c55ee640aed36aacafb4fa471627169f9eda1e65f9
1e71c65dc582764064c5391bd4d8c5e38ec22cb0202c61fde490ae32af9740b2
282dfeeb89730ab25ccea49f5e1a603805055745e5bb2488e790d4cba522c324
4232e3c12b3860ed86f62ab38ee1a711ba7393218593d61cefa8100c28afdd6f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
441ab7af7bb690d05693c45d53e8ea1f8648ead7ebab5c5463fc6cf1814bbbb2
4548c412ce3bd15ddf652328dd58fad638a41fbd5c08473a1ab485e5a12076c9
5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
653e7cf0591c3856565188ac0fe9b6baa746f318b2cd4f205ac4e08a76edf338
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7586854ad9ecc8f51f4731d4297e1dcaefc74a5583b0080e8f6e9721dcf49976
7921df86278b7fa9be0cbd78d9990071763ec4e9e88aaff2c3d466723090b8ae
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a875cb77502fe36afab5f81effdb10409a72d04ff74c0de9529f4e5f0efe43a0
ba3d77e0be4f968f93a865602a9d4c51631083244a570b7a31690cc9e414a253
c0a876e22dd207a67ea508bf2a41c88b3f98dbc7ebc1fd335ccf427bf39aa4ec
c36a8e2fa9052fd0ee9b99019e8449d80ed1a7dba3c2927879a53cbcbd2ad5fe
cb91c6501c449b9b2e013d19eec2ef08ac10db943d47ca613830caf8c8825c28
dd8a33769ba8634383bf866dfef4260220ba30c8a8102398742c8b87c14099f1
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

secure.actblue.com Open in urlscan Pro 151.101.112.174 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

31 Requests

100 %HTTPS

47 %IPv6

15 Domains

16 Subdomains

17 IPs

5 Countries

1527 kBTransfer

3640 kBSize

22 Cookies

1 Outgoing links

Redirected requests

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

secure.actblue.com Open in urlscan Pro
151.101.112.174 Public Scan

Screenshot
Live screenshot

Full Image

31
Requests

100 %
HTTPS

47 %
IPv6

15
Domains

16
Subdomains

17
IPs

5
Countries

1527 kB
Transfer

3640 kB
Size

22
Cookies

31 HTTP transactions
1 data transactions