secure.actblue.com Open in urlscan Pro
151.101.0.174 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.actionnetwork.org/ss/c/wehEm_vu1NBVXOKYSqOxTOi34aJoCJC1EivM7Ih953yEOQgSlkg29MQMFLkzVkhZSwk4Ng1Q54wLQx9hPz1w92KaLsW...
Effective URL:
https://secure.actblue.com/donate/em-bfp-november-2023?refcode=jb_em_fr_2023.11.16_b1_tbh_actives1_rtb_evg_c1_na-ac&link_id...
Submission: On November 16 via manual (November 16th 2023, 6:23:04 pm UTC) from US — Scanned from DE

Summary HTTP 69 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 23 IPs in 3 countries across 18 domains to perform 69 HTTP transactions. The main IP is 151.101.0.174, located in United States and belongs to FASTLY, US. The main domain is secure.actblue.com. The Cisco Umbrella rank of the primary domain is 55833.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2023 Q2 on June 24th 2023. Valid for: a year.

This is the only time secure.actblue.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700::68... 2606:4700::6812:12bc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	151.101.0.174 151.101.0.174	54113 (FASTLY) (FASTLY)
2	151.101.128.174 151.101.128.174	54113 (FASTLY) (FASTLY)
4	2600:1901:0:7... 2600:1901:0:7a0b::	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
1	108.138.181.64 108.138.181.64	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::200d	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
10	151.101.65.21 151.101.65.21	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:400c:c07::5c	15169 (GOOGLE) (GOOGLE)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	108.138.217.96 108.138.217.96	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	151.101.66.133 151.101.66.133	54113 (FASTLY) (FASTLY)
2	151.101.129.35 151.101.129.35	54113 (FASTLY) (FASTLY)
5	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	34.96.67.224 34.96.67.224	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
14	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	34.102.232.42 34.102.232.42	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
69	23

1 2606:4700::6812:12bc (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

click.actionnetwork.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.0.174 (United States)

ASN54113 (FASTLY, US)

secure.actblue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.128.174 (United States)

ASN54113 (FASTLY, US)

proxy-service.actblue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1901:0:7a0b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

sessions.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.181.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-181-64.mxp64.r.cloudfront.net

www.datadoghq-browser-agent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.65.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c07::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.217.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-217-96.lhr61.r.cloudfront.net

zgen2d20.micpn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.66.133 (United States)

ASN54113 (FASTLY, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.67.224 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 224.67.96.34.bc.googleusercontent.com

cdn.sift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.232.42 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 42.232.102.34.bc.googleusercontent.com

hexagon-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	google.com 1 redirects accounts.google.com — Cisco Umbrella Rank: 24 www.google.com — Cisco Umbrella Rank: 2 pay.google.com — Cisco Umbrella Rank: 2685 play.google.com — Cisco Umbrella Rank: 28	502 KB
12	paypal.com www.paypal.com — Cisco Umbrella Rank: 2811 t.paypal.com — Cisco Umbrella Rank: 3468	276 KB
10	actblue.com secure.actblue.com — Cisco Umbrella Rank: 55833 proxy-service.actblue.com — Cisco Umbrella Rank: 98947	2 MB
5	gstatic.com www.gstatic.com	102 KB
5	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2612	40 KB
4	bugsnag.com sessions.bugsnag.com — Cisco Umbrella Rank: 832	175 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	89 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6862	563 B
2	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	3 KB
1	hexagon-analytics.com hexagon-analytics.com — Cisco Umbrella Rank: 5403	297 B
1	sift.com cdn.sift.com — Cisco Umbrella Rank: 14464	21 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	185 B
1	micpn.com zgen2d20.micpn.com	15 KB
1	adsrvr.org insight.adsrvr.org — Cisco Umbrella Rank: 584	149 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145	2 KB
1	datadoghq-browser-agent.com www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 1471	12 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	74 KB
1	actionnetwork.org 1 redirects click.actionnetwork.org — Cisco Umbrella Rank: 77119	921 B
69	18

	Domain	Requested by
14	play.google.com	www.gstatic.com
10	www.paypal.com	secure.actblue.com www.paypal.com www.paypalobjects.com www.datadoghq-browser-agent.com
8	secure.actblue.com	secure.actblue.com
5	www.gstatic.com	secure.actblue.com pay.google.com www.gstatic.com
5	www.paypalobjects.com	secure.actblue.com www.paypal.com www.paypalobjects.com
4	pay.google.com	secure.actblue.com pay.google.com www.gstatic.com
4	sessions.bugsnag.com	secure.actblue.com www.datadoghq-browser-agent.com
2	t.paypal.com	secure.actblue.com
2	connect.facebook.net	secure.actblue.com connect.facebook.net
2	www.google.de	secure.actblue.com
2	www.google.com	1 redirects secure.actblue.com
2	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
2	proxy-service.actblue.com	secure.actblue.com www.datadoghq-browser-agent.com
1	hexagon-analytics.com
1	cdn.sift.com	secure.actblue.com
1	www.facebook.com	secure.actblue.com
1	zgen2d20.micpn.com	secure.actblue.com
1	insight.adsrvr.org	secure.actblue.com
1	www.googleadservices.com	www.googletagmanager.com
1	accounts.google.com	secure.actblue.com
1	www.datadoghq-browser-agent.com	secure.actblue.com
1	www.googletagmanager.com	secure.actblue.com
1	click.actionnetwork.org	1 redirects
69	23

This site contains links to these domains. Also see Links.

Domain
joebiden.com

Subject Issuer	Validity	Valid
secure.actblue.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-06-24` - `2024-07-25`	a year	crt.sh
proxy-service.actblue.com R3	`2023-11-15` - `2024-02-13`	3 months	crt.sh
*.bugsnag.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-19` - `2024-04-12`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.datadoghq-browser-agent.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-14` - `2024-01-16`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2023-10-13` - `2024-08-20`	10 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.micpn.com Amazon RSA 2048 M01	`2023-03-01` - `2024-02-16`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-26` - `2023-11-24`	3 months	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2023-09-21` - `2024-10-21`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.sift.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-10` - `2024-02-10`	a year	crt.sh
*.hexagon-analytics.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-31` - `2023-12-01`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://secure.actblue.com/donate/em-bfp-november-2023?refcode=jb_em_fr_2023.11.16_b1_tbh_actives1_rtb_evg_c1_na-ac&link_id=1&can_id=1748cf16bd65e968f73bdfad4a024fb2&source=email-bh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-capture-hpc-highestpreviouscontribution-endcapture-assign-hpc_number-hpc-times-1-capture-askstring&email_referrer=email_2116074&email_subject=bh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-capture-hpc-highestpreviouscontribution-endcapture-assign-hpc_number-hpc-times-1-capture-askstring-36-if-hpc_number-25-hpc_number-else-25-endif-endcapture-if-hpc_number-25-hpc_number-else-25-endif-else-1-endif-before-midnight&refcodeEmailReferrer=email_2116074
Frame ID: CA517CB5569C2178C0E5D3055E6866A3
Requests: 29 HTTP requests in this frame

Frame: https://secure.actblue.com/pages/em-bfp-november-2023/tracking_code?t=landing&refcode=jb_em_fr_2023.11.16_b1_tbh_actives1_rtb_evg_c1_na-ac&link_id=1&can_id=1748cf16bd65e968f73bdfad4a024fb2&source=email-bh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-capture-hpc-highestpreviouscontribution-endcapture-assign-hpc_number-hpc-times-1-capture-askstring&email_referrer=email_2116074&email_subject=bh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-capture-hpc-highestpreviouscontribution-endcapture-assign-hpc_number-hpc-times-1-capture-askstring-36-if-hpc_number-25-hpc_number-else-25-endif-endcapture-if-hpc_number-25-hpc_number-else-25-endif-else-1-endif-before-midnight&refcodeEmailReferrer=email_2116074&auth_token=null
Frame ID: 39F95772AB64B78B107AE0CF44A2208D
Requests: 6 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=44&style.menuPlacement=below&sdkVersion=5.0.409&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UmZW5hYmxlLWZ1bmRpbmc9dmVubW8iLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9mbWdpY3pibHBhZ211bHhpc2F1Z2VianVpb21iamsifX0&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&sdkCorrelationID=06b475109a5a9&storageID=uid_e73f657bbb_mtg6mji6ntc&sessionID=uid_c1553d5070_mtg6mji6ntc&buttonSessionID=uid_d5c3ab7518_mtg6mji6ntc&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&enableFunding.0=venmo&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&renderedButtons.1=sepa&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true&experimentation.experience=107634&experimentation.treatment=135612
Frame ID: E5CAB9645C46C3819EC67732089704E1
Requests: 6 HTTP requests in this frame

Frame: https://www.paypalobjects.com/js-sdk-logos/2.2.7/paypal-blue.svg
Frame ID: 426C2141D88DC6F8449CC59FE47CD7B8
Requests: 2 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fsecure.actblue.com&mid=
Frame ID: 6F026ADEDF026F54E4E44DE84BF317EE
Requests: 14 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: 46DAFD3826B1B244140B240E5E46F110
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Joe Biden — Donate via ActBlue

Page URL History Show full URLs

https://click.actionnetwork.org/ss/c/wehEm_vu1NBVXOKYSqOxTOi34aJoCJC1EivM7Ih953yEOQgSlkg29MQMFLkzVkhZSwk4Ng1... HTTP 302
https://secure.actblue.com/donate/em-bfp-november-2023?refcode=jb_em_fr_2023.11.16_b1_tbh_actives1_rtb_... Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 75%
Detected patterns

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Sift (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.sift(?:science)?\.com/s\.js

Page Statistics

69
Requests

99 %
HTTPS

52 %
IPv6

18
Domains

23
Subdomains

23
IPs

3
Countries

2874 kB
Transfer

6616 kB
Size

17
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://joebiden.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://joebiden.com/terms-of-service
Title: Terms of Service

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.actionnetwork.org/ss/c/wehEm_vu1NBVXOKYSqOxTOi34aJoCJC1EivM7Ih953yEOQgSlkg29MQMFLkzVkhZSwk4Ng1Q54wLQx9hPz1w92KaLsWQ6-0_eJ8N2-PXVXykvEHtTlsq0VP92rzGRbirgoSwZlSb81ijQULXwR0pMTQYH9xBZFa1Uw7dCKFwHbpH6FKVFoCPO-f26mjkhigPr43kFJXk9IUrKZPLtcjb9v6AuiumULFIhb0knoli6bL9HWLxjPv4xIz9RL5PwOUedjoIhf4hpDqsqDbcEnvj6ty6mJdTvzO2aVVFgWTWrFru3Rp0AdXQ5jn8IHlqnm79MgUAe7NOHGDlGEdl1zGF5Xn49hg3Sun3-UemeI0J24Do7T9hEcRkLs_PNZZ-ISoTLS_6TUMsHVrsExp4J-Pup-j4P21gkZom_QQLONpSiZDvOapvrB9mNAv1QAkp3OVQdIddzxZo6VUEi9b5wnb5ggOxiuaYfoHXdjrRnckoIKVvWr0a7VjJ8MkAqAKK962VVTcA-go--ztoJfb5JP7GWx3FC7UjdxGKS0Zf6zgMFj1aO-lweU8o6ae5gqcP9t1df-sOjHXo4671AyI1F4Y7X9ejJVNDsWD0fmkjx4nbDEYBMIj65BqItxuw6TK4HPVEd_pWj7d4hbnwLS-bjWm6lY0svlIHW6tpTLpOmxbZjKdIHuENr_eChzfBqdcDvD5q3HgRbQbgb_rknMtLCD5uusF07U2348ZmGshx2LC1SbYpgYFx6qofw5gFmgdd2G0xSVQ57dOQj4s0V6DFyeGPwA3hUq6b8mamjYlf9_rHONUYUZeG-aqLRILkxiL2ChTc54qS9-v4Y8K9tDBmSxjyx49pKFsfxbV0Sb_VmlQ00V_MMrZ4XcPy689qZu3r9mJyLZMznRX8-TlpdX3J0YDUhFt8_8uRE2UFyUBaGePAvWg0pubvDibQ6MTX4QsACjN03e-c2MPFFt7kLI0E1xmLlp6_uRbX44FuvmtUDBVq4G9jJBbIzs5J7WqT591VdmsSpZViulLqn-E5b5SHZlFFbA/41c/WPV9b_urSLCCLMkBM_BPIg/h0/OAjHlEJbakmvmU5WRWbZSSNLKofBbfqcZ91gIYyZamg HTTP 302
https://secure.actblue.com/donate/em-bfp-november-2023?refcode=jb_em_fr_2023.11.16_b1_tbh_actives1_rtb_evg_c1_na-ac&link_id=1&can_id=1748cf16bd65e968f73bdfad4a024fb2&source=email-bh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-capture-hpc-highestpreviouscontribution-endcapture-assign-hpc_number-hpc-times-1-capture-askstring&email_referrer=email_2116074&email_subject=bh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-capture-hpc-highestpreviouscontribution-endcapture-assign-hpc_number-hpc-times-1-capture-askstring-36-if-hpc_number-25-hpc_number-else-25-endif-endcapture-if-hpc_number-25-hpc_number-else-25-endif-else-1-endif-before-midnight&refcodeEmailReferrer=email_2116074 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11154426359/?random=1561020242&cv=11&fst=1700158976793&bg=ffffff&guid=ON&async=1&gtm=45be3b81v9115732004&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fem-bfp-november-2023%3Frefcode%3Djb_em_fr_2023.11.16_b1_tbh_actives1_rtb_evg_c1_na-ac%26link_id%3D1%26can_id%3D1748cf16bd65e968f73bdfad4a024fb2%26source%3Demail-bh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-capture-hpc-highestpreviouscontribution-endcapture-assign-hpc_number-hpc-times-1-capture-askstring%26email_referrer%3Demail_2116074%26email_subject%3Dbh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-c&label=OInWCOy815kYEPeT7MYp&hn=www.googleadservices.com&frm=0&tiba=ActBlue&gtm_ee=1&auid=31536046.1700158977&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&ocp_id=AV5WZdKACOah9u8PpOiX8Ao&sscte=1&crd=&pscrd=EktDaEFJZ0pqWHFnWVFrcWo2MHFQMW9JQTlFaVFBNEtDUC10dTRUVENIZEwwc2ZvZ2tfbWI3azVJeERnNmxMUXJfOFZ2UXlhOUdJS2caVkNoQUlnSmpYcWdZUW43N01pTXU4aWNORUVpd0E5REliSXdIY1l1a3R3RlhWcVV0T3ZRTFdleU5iUjEtQXhSTWhZbTVQUTA1QmlwSkV5cWc4SGh6dUlnIhMIkoWT35HJggMV5pD9Bx0k9AWu HTTP 302
https://www.google.com/pagead/1p-conversion/11154426359/?random=1561020242&cv=11&fst=1700158976793&bg=ffffff&guid=ON&async=1&gtm=45be3b81v9115732004&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fem-bfp-november-2023%3Frefcode%3Djb_em_fr_2023.11.16_b1_tbh_actives1_rtb_evg_c1_na-ac%26link_id%3D1%26can_id%3D1748cf16bd65e968f73bdfad4a024fb2%26source%3Demail-bh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-capture-hpc-highestpreviouscontribution-endcapture-assign-hpc_number-hpc-times-1-capture-askstring%26email_referrer%3Demail_2116074%26email_subject%3Dbh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-c&label=OInWCOy815kYEPeT7MYp&hn=www.googleadservices.com&frm=0&tiba=ActBlue&gtm_ee=1&auid=31536046.1700158977&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EktDaEFJZ0pqWHFnWVFrcWo2MHFQMW9JQTlFaVFBNEtDUC10dTRUVENIZEwwc2ZvZ2tfbWI3azVJeERnNmxMUXJfOFZ2UXlhOUdJS2caVkNoQUlnSmpYcWdZUW43N01pTXU4aWNORUVpd0E5REliSXdIY1l1a3R3RlhWcVV0T3ZRTFdleU5iUjEtQXhSTWhZbTVQUTA1QmlwSkV5cWc4SGh6dUlnIhMIkoWT35HJggMV5pD9Bx0k9AWu&is_vtc=1&ocp_id=AV5WZdKACOah9u8PpOiX8Ao&cid=CAQSKQDICaaNw7lE3C-SgV_TRZ8hNNZ2N0WYG5BDRay_uGF2XjgpBRmUcd7r&random=1405377399 HTTP 302
https://www.google.de/pagead/1p-conversion/11154426359/?random=1561020242&cv=11&fst=1700158976793&bg=ffffff&guid=ON&async=1&gtm=45be3b81v9115732004&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fem-bfp-november-2023%3Frefcode%3Djb_em_fr_2023.11.16_b1_tbh_actives1_rtb_evg_c1_na-ac%26link_id%3D1%26can_id%3D1748cf16bd65e968f73bdfad4a024fb2%26source%3Demail-bh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-capture-hpc-highestpreviouscontribution-endcapture-assign-hpc_number-hpc-times-1-capture-askstring%26email_referrer%3Demail_2116074%26email_subject%3Dbh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-c&label=OInWCOy815kYEPeT7MYp&hn=www.googleadservices.com&frm=0&tiba=ActBlue&gtm_ee=1&auid=31536046.1700158977&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EktDaEFJZ0pqWHFnWVFrcWo2MHFQMW9JQTlFaVFBNEtDUC10dTRUVENIZEwwc2ZvZ2tfbWI3azVJeERnNmxMUXJfOFZ2UXlhOUdJS2caVkNoQUlnSmpYcWdZUW43N01pTXU4aWNORUVpd0E5REliSXdIY1l1a3R3RlhWcVV0T3ZRTFdleU5iUjEtQXhSTWhZbTVQUTA1QmlwSkV5cWc4SGh6dUlnIhMIkoWT35HJggMV5pD9Bx0k9AWu&is_vtc=1&ocp_id=AV5WZdKACOah9u8PpOiX8Ao&cid=CAQSKQDICaaNw7lE3C-SgV_TRZ8hNNZ2N0WYG5BDRay_uGF2XjgpBRmUcd7r&random=1405377399&ipr=y

69 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request em-bfp-november-2023 Show response
secure.actblue.com/donate/
Redirect Chain

https://click.actionnetwork.org/ss/c/wehEm_vu1NBVXOKYSqOxTOi34aJoCJC1EivM7Ih953yEOQgSlkg29MQMFLkzVkhZSwk4Ng1Q54wLQx9hPz1w92KaLsWQ6-0_eJ8N2-PXVXykvEHtTlsq0VP92rzGRbirgoSwZlSb81ijQULXwR0pMTQYH9xBZFa1...
https://secure.actblue.com/donate/em-bfp-november-2023?refcode=jb_em_fr_2023.11.16_b1_tbh_actives1_rtb_evg_c1_na-ac&link_id=1&can_id=1748cf16bd65e968f73bdfad4a024fb2&source=email-bh_campaign_donor-...

52 KB
13 KB

185ms
57ms

Document
text/html

151.101.0.174
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.actblue.com/donate/em-bfp-november-2023?refcode=jb_em_fr_2023.11.16_b1_tbh_actives1_rtb_evg_c1_na-ac&link_id=1&can_id=1748cf16bd65e968f73bdfad4a024fb2&source=email-bh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-capture-hpc-highestpreviouscontribution-endcapture-assign-hpc_number-hpc-times-1-capture-askstring&email_referrer=email_2116074&email_subject=bh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-capture-hpc-highestpreviouscontribution-endcapture-assign-hpc_number-hpc-times-1-capture-askstring-36-if-hpc_number-25-hpc_number-else-25-endif-endcapture-if-hpc_number-25-hpc_number-else-25-endif-else-1-endif-before-midnight&refcodeEmailReferrer=email_2116074

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.174 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d20a92af33210457aed59b75bf5cc79018a32e7b6fb9d5844b86e7fc64711c97

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; report-uri /system/csp_reports
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2815
cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-length: 12420
content-security-policy: frame-ancestors 'none'; report-uri /system/csp_reports
content-type: text/html; charset=utf-8
date: Thu, 16 Nov 2023 18:22:54 GMT
etag: W/"d055-asd7RbuWTZEnlKZUyncQD/CnVBk"
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1700156159&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=6PppUang3YvKMWovY8etvvuaIzzNQHlbn38VBYgc4u8%3D"}]}
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1700156159&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=6PppUang3YvKMWovY8etvvuaIzzNQHlbn38VBYgc4u8%3D
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 vegur, 1.1 varnish, 1.1 varnish
x-form-app: kittens! [Server: node: us]
x-frame-options: sameorigin
x-robots-tag: noindex, nofollow
x-start: 2023-11-16 18:22:54.883

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8271c3156d8d693a-FRA
content-type: text/html; charset=utf-8
date: Thu, 16 Nov 2023 18:22:54 GMT
location: https://secure.actblue.com/donate/em-bfp-november-2023?refcode=jb_em_fr_2023.11.16_b1_tbh_actives1_rtb_evg_c1_na-ac&link_id=1&can_id=1748cf16bd65e968f73bdfad4a024fb2&source=email-bh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-capture-hpc-highestpreviouscontribution-endcapture-assign-hpc_number-hpc-times-1-capture-askstring&email_referrer=email_2116074&email_subject=bh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-capture-hpc-highestpreviouscontribution-endcapture-assign-hpc_number-hpc-times-1-capture-askstring-36-if-hpc_number-25-hpc_number-else-25-endif-endcapture-if-hpc_number-25-hpc_number-else-25-endif-else-1-endif-before-midnight&refcodeEmailReferrer=email_2116074
server: cloudflare
strict-transport-security: max-age=10
x-robots-tag: noindex, nofollow

GET
H2 200 eb965d9fe71653677cad.css
secure.actblue.com/cf/assets/app-css/ 20 KB
5 KB 302ms
290ms Stylesheet
text/css 151.101.0.174
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.actblue.com/cf/assets/app-css/eb965d9fe71653677cad.css?form_app=us

Requested by

Host: secure.actblue.com
URL: https://secure.actblue.com/donate/em-bfp-november-2023?refcode=jb_em_fr_2023.11.16_b1_tbh_actives1_rtb_evg_c1_na-ac&link_id=1&can_id=1748cf16bd65e968f73bdfad4a024fb2&source=email-bh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-capture-hpc-highestpreviouscontribution-endcapture-assign-hpc_number-hpc-times-1-capture-askstring&email_referrer=email_2116074&email_subject=bh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-capture-hpc-highestpreviouscontribution-endcapture-assign-hpc_number-hpc-times-1-capture-askstring-36-if-hpc_number-25-hpc_number-else-25-endif-endcapture-if-hpc_number-25-hpc_number-else-25-endif-else-1-endif-before-midnight&refcodeEmailReferrer=email_2116074

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.174 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e7a17d448ce2deae2459d1ed87980c2f0f1cae0e5fb329f93d6fa953a9081c61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.actblue.com/donate/em-bfp-november-2023?refcode=jb_em_fr_2023.11.16_b1_tbh_actives1_rtb_evg_c1_na-ac&link_id=1&can_id=1748cf16bd65e968f73bdfad4a024fb2&source=email-bh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-capture-hpc-highestpreviouscontribution-endcapture-assign-hpc_number-hpc-times-1-capture-askstring&email_referrer=email_2116074&email_subject=bh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-capture-hpc-highestpreviouscontribution-endcapture-assign-hpc_number-hpc-times-1-capture-askstring-36-if-hpc_number-25-hpc_number-else-25-endif-endcapture-if-hpc_number-25-hpc_number-else-25-endif-else-1-endif-before-midnight&refcodeEmailReferrer=email_2116074
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 18:22:54 GMT
via: 1.1 vegur, 1.1 varnish, 1.1 varnish
content-encoding: gzip
strict-transport-security: max-age=31536000
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 2827
x-start: 2023-11-16 18:22:54.982
content-length: 4667
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1700156147&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=guQNDvrofr67K%2FX0O2Q6KJW6FiMxDHMCsAh%2BBHKC5TY%3D
last-modified: Wed, 15 Nov 2023 21:37:17 GMT
etag: W/"4ede-18bd4eac2c8"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1700156147&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=guQNDvrofr67K%2FX0O2Q6KJW6FiMxDHMCsAh%2BBHKC5TY%3D"}]}
content-type: text/css; charset=UTF-8
cache-control: max-age=31557600, must-revalidate
accept-ranges: bytes

GET
H2 200 actblue.js Show response
secure.actblue.com/cf/assets/ 29 KB
10 KB 68ms
57ms Script
application/javascript 151.101.0.174
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.actblue.com/cf/assets/actblue.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.174 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b30136e41af0cb6a31fe3e5ea66e0b57ce11a46b57ef58d6cc31c8c9a1a8d279

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.actblue.com/donate/em-bfp-november-2023?refcode=jb_em_fr_2023.11.16_b1_tbh_actives1_rtb_evg_c1_na-ac&link_id=1&can_id=1748cf16bd65e968f73bdfad4a024fb2&source=email-bh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-capture-hpc-highestpreviouscontribution-endcapture-assign-hpc_number-hpc-times-1-capture-askstring&email_referrer=email_2116074&email_subject=bh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-capture-hpc-highestpreviouscontribution-endcapture-assign-hpc_number-hpc-times-1-capture-askstring-36-if-hpc_number-25-hpc_number-else-25-endif-endcapture-if-hpc_number-25-hpc_number-else-25-endif-else-1-endif-before-midnight&refcodeEmailReferrer=email_2116074
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 18:22:54 GMT
via: 1.1 vegur, 1.1 varnish, 1.1 varnish
content-encoding: gzip
strict-transport-security: max-age=31536000
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 2827
x-start: 2023-11-16 18:22:54.984
content-length: 9342
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1700156147&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=guQNDvrofr67K%2FX0O2Q6KJW6FiMxDHMCsAh%2BBHKC5TY%3D
last-modified: Wed, 15 Nov 2023 21:35:49 GMT
etag: W/"73ca-18bd4e96b08"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1700156147&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=guQNDvrofr67K%2FX0O2Q6KJW6FiMxDHMCsAh%2BBHKC5TY%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=600, must-revalidate
accept-ranges: bytes

GET
H2 200 eb965d9fe71653677cad.js Show response
secure.actblue.com/cf/assets/app/ 2 MB
463 KB 127ms
116ms Script
application/javascript 151.101.0.174
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.actblue.com/cf/assets/app/eb965d9fe71653677cad.js?form_app=us

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.174 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

28c5bf64b24e3b1dbcf4d6f19e4b7fb37689df7c87eda71384541dc3e0e3bdd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.actblue.com/donate/em-bfp-november-2023?refcode=jb_em_fr_2023.11.16_b1_tbh_actives1_rtb_evg_c1_na-ac&link_id=1&can_id=1748cf16bd65e968f73bdfad4a024fb2&source=email-bh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-capture-hpc-highestpreviouscontribution-endcapture-assign-hpc_number-hpc-times-1-capture-askstring&email_referrer=email_2116074&email_subject=bh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-capture-hpc-highestpreviouscontribution-endcapture-assign-hpc_number-hpc-times-1-capture-askstring-36-if-hpc_number-25-hpc_number-else-25-endif-endcapture-if-hpc_number-25-hpc_number-else-25-endif-else-1-endif-before-midnight&refcodeEmailReferrer=email_2116074
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 18:22:54 GMT
via: 1.1 vegur, 1.1 varnish, 1.1 varnish
content-encoding: gzip
strict-transport-security: max-age=31536000
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 2828
x-start: 2023-11-16 18:22:54.985
content-length: 473578
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1700156146&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=5TxKGc5JqR8XIHsfgZrdaeuAzEsQAgMUQ5Qb9zBJXo8%3D
last-modified: Wed, 15 Nov 2023 21:37:17 GMT
etag: W/"1833d7-18bd4eac2c8"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1700156146&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=5TxKGc5JqR8XIHsfgZrdaeuAzEsQAgMUQ5Qb9zBJXo8%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31557600, must-revalidate
accept-ranges: bytes

GET
H2 200 lib.min.js Show response
proxy-service.actblue.com/ 52 KB
18 KB 516ms
164ms Script
text/javascript 151.101.128.174
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://proxy-service.actblue.com/lib.min.js
Requested by: Host: secure.actblue.com
URL: https://secure.actblue.com/donate/em-bfp-november-2023?refcode=jb_em_fr_2023.11.16_b1_tbh_actives1_rtb_evg_c1_na-ac&link_id=1&can_id=1748cf16bd65e968f73bdfad4a024fb2&source=email-bh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-capture-hpc-highestpreviouscontribution-endcapture-assign-hpc_number-hpc-times-1-capture-askstring&email_referrer=email_2116074&email_subject=bh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-capture-hpc-highestpreviouscontribution-endcapture-assign-hpc_number-hpc-times-1-capture-askstring-36-if-hpc_number-25-hpc_number-else-25-endif-endcapture-if-hpc_number-25-hpc_number-else-25-endif-else-1-endif-before-midnight&refcodeEmailReferrer=email_2116074
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.128.174 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: acb1221313fbb4d27f785ffd7a9ade0f7f44c37567ce1abf6aff7c399a7992d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 18:22:55 GMT
content-encoding: gzip
via: 1.1 varnish
age: 373
x-guploader-uploadid: ABPtcPr4VKTm6mOe5IHtWP_YY7zmUXCNbSEMA4WYs3LcJEjzRgu82Yb-L4a_j556EpicYUlntIJdJmuR7zt7NFGXe-SJJQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 18139
last-modified: Tue, 14 Nov 2023 19:54:10 GMT
etag: "dff66d0b72bdc18a02be56412d5ef8c4"
vary: Accept-Encoding
x-goog-generation: 1699991650202934
x-goog-hash: crc32c=VW26dg==, md5=3/ZtC3K9wYoCvlZBLV74xA==
access-control-allow-origin: *
content-type: text/javascript
cache-control: public,max-age=600
x-goog-stored-content-length: 18139
accept-ranges: bytes
expires: Tue, 14 Nov 2023 20:07:32 GMT

OPTIONS
H2 200 /
sessions.bugsnag.com/ Frame 0
0 240ms
154ms Preflight 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method: POST
Origin: https://secure.actblue.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 16 Nov 2023 18:22:56 GMT
via: 1.1 google

POST
H2 202 / Show response
sessions.bugsnag.com/ 21 B
140 B 208ms
204ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/eb965d9fe71653677cad.js?form_app=us
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1
Referer: https://secure.actblue.com/
Bugsnag-Sent-At: 2023-11-16T18:22:56.425Z
accept-language: de-DE,de;q=0.9
Bugsnag-Api-Key: 04c1a9de88bb73e22614162ba813a0b9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Thu, 16 Nov 2023 18:22:56 GMT
via: 1.1 google
bugsnag-session-uuid: fd9ea431-73de-4822-89a7-37d68eb84075
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
content-type: application/json

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 205 KB
74 KB 116ms
36ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11154426359

Requested by

Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/eb965d9fe71653677cad.js?form_app=us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b1d497c18851bcd204974c4928fe66d0e0afab1124ccf815b0a019d301f7a6ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 18:22:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75318
x-xss-protection: 0
last-modified: Thu, 16 Nov 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 Nov 2023 18:22:56 GMT

GET
H2 200 auth_token Show response
secure.actblue.com/api/cf/ 102 B
586 B 431ms
367ms Fetch
application/json 151.101.0.174
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.actblue.com/api/cf/auth_token

Requested by

Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/eb965d9fe71653677cad.js?form_app=us

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.174 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

dfed699c2e029df8b104490c909f8620da4598e7e507bfb79e65a7aec1aec92a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.actblue.com/donate/em-bfp-november-2023?refcode=jb_em_fr_2023.11.16_b1_tbh_actives1_rtb_evg_c1_na-ac&link_id=1&can_id=1748cf16bd65e968f73bdfad4a024fb2&source=email-bh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-capture-hpc-highestpreviouscontribution-endcapture-assign-hpc_number-hpc-times-1-capture-askstring&email_referrer=email_2116074&email_subject=bh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-capture-hpc-highestpreviouscontribution-endcapture-assign-hpc_number-hpc-times-1-capture-askstring-36-if-hpc_number-25-hpc_number-else-25-endif-endcapture-if-hpc_number-25-hpc_number-else-25-endif-else-1-endif-before-midnight&refcodeEmailReferrer=email_2116074
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 18:22:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 varnish
x-permitted-cross-domain-policies: none
status: 200 OK
x-start: 2023-11-16 18:22:56.641
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
etag: W/"dfed699c2e029df8b104490c909f8620"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept, Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, no-store
accept-ranges: bytes

GET
H2 200 datadog-logs.js Show response
www.datadoghq-browser-agent.com/ 33 KB
12 KB 97ms
20ms Script
application/javascript 108.138.181.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.datadoghq-browser-agent.com/datadog-logs.js
Requested by: Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/eb965d9fe71653677cad.js?form_app=us
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.181.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-181-64.mxp64.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 912bc848d461e328a48863196601323b69ed445926c856f23a426efe674e67eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 18:22:41 GMT
content-encoding: br
via: 1.1 b238d3f6f579ec0d467edb5df6f43bbe.cloudfront.net (CloudFront)
last-modified: Tue, 27 Jul 2021 15:01:20 GMT
server: AmazonS3
x-amz-cf-pop: MXP64-P1
age: 20
etag: W/"9eb57181f3149e3310d96317ef9188ac"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=14400, s-maxage=60
timing-allow-origin: *
x-amz-cf-id: J81ZfGhv2J-RXZrOxWHbgmvdHEG2BaktVJcBmY89FfPujFAxWyRP-g==

GET
H2 200 tracking_code Show response
secure.actblue.com/pages/em-bfp-november-2023/ Frame 39F9 2 KB
1 KB 535ms
531ms Document
text/html 151.101.0.174
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.actblue.com/pages/em-bfp-november-2023/tracking_code?t=landing&refcode=jb_em_fr_2023.11.16_b1_tbh_actives1_rtb_evg_c1_na-ac&link_id=1&can_id=1748cf16bd65e968f73bdfad4a024fb2&source=email-bh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-capture-hpc-highestpreviouscontribution-endcapture-assign-hpc_number-hpc-times-1-capture-askstring&email_referrer=email_2116074&email_subject=bh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-capture-hpc-highestpreviouscontribution-endcapture-assign-hpc_number-hpc-times-1-capture-askstring-36-if-hpc_number-25-hpc_number-else-25-endif-endcapture-if-hpc_number-25-hpc_number-else-25-endif-else-1-endif-before-midnight&refcodeEmailReferrer=email_2116074&auth_token=null

Requested by

Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/eb965d9fe71653677cad.js?form_app=us

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.174 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ab752339ce1284d73fffb260230bfe522c7255f5ff2ec045f77bfc1955a8a38f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	0

Request headers

Referer: https://secure.actblue.com/donate/em-bfp-november-2023?refcode=jb_em_fr_2023.11.16_b1_tbh_actives1_rtb_evg_c1_na-ac&link_id=1&can_id=1748cf16bd65e968f73bdfad4a024fb2&source=email-bh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-capture-hpc-highestpreviouscontribution-endcapture-assign-hpc_number-hpc-times-1-capture-askstring&email_referrer=email_2116074&email_subject=bh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-capture-hpc-highestpreviouscontribution-endcapture-assign-hpc_number-hpc-times-1-capture-askstring-36-if-hpc_number-25-hpc_number-else-25-endif-endcapture-if-hpc_number-25-hpc_number-else-25-endif-else-1-endif-before-midnight&refcodeEmailReferrer=email_2116074
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
cache-control: no-store
content-encoding: gzip
content-length: 972
content-type: text/html; charset=utf-8
date: Thu, 16 Nov 2023 18:22:57 GMT
etag: W/"ab752339ce1284d73fffb260230bfe52"
referrer-policy: strict-origin-when-cross-origin
status: 200 OK
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 varnish
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: ALLOWALL
x-permitted-cross-domain-policies: none
x-robots-tag: noindex, nofollow
x-start: 2023-11-16 18:22:56.677
x-xss-protection: 0

GET
H2 200 client Show response
accounts.google.com/gsi/ 199 KB
79 KB 354ms
313ms Script
application/javascript 2a00:1450:4001:82a::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/eb965d9fe71653677cad.js?form_app=us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7ff83d4a65fa84f4d78c1ba312ea1533df4912b90cdf84e8ff2411f2b389a778

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-cKxKvOcxein3KLpVt6GUMA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 18:22:57 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-cKxKvOcxein3KLpVt6GUMA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Thu, 16 Nov 2023 18:22:57 GMT

GET
H2 200 260059c2-94ed-4236-82ad-624d031cc757-240424-JRB_KDH-Wrapper-4ae6f564.png
secure.actblue.com/x/object/actblue-cyanotypes/replaced_images/branding/249384/ 1 MB
1 MB 805ms
803ms Image
image/png 151.101.0.174
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.actblue.com/x/object/actblue-cyanotypes/replaced_images/branding/249384/260059c2-94ed-4236-82ad-624d031cc757-240424-JRB_KDH-Wrapper-4ae6f564.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.174 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b0ad1c94c8d49c34ef22fa625ffc4ce241f2159a606bffa357c9c1aeb772343e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.actblue.com/donate/em-bfp-november-2023?refcode=jb_em_fr_2023.11.16_b1_tbh_actives1_rtb_evg_c1_na-ac&link_id=1&can_id=1748cf16bd65e968f73bdfad4a024fb2&source=email-bh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-capture-hpc-highestpreviouscontribution-endcapture-assign-hpc_number-hpc-times-1-capture-askstring&email_referrer=email_2116074&email_subject=bh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-capture-hpc-highestpreviouscontribution-endcapture-assign-hpc_number-hpc-times-1-capture-askstring-36-if-hpc_number-25-hpc_number-else-25-endif-endcapture-if-hpc_number-25-hpc_number-else-25-endif-else-1-endif-before-midnight&refcodeEmailReferrer=email_2116074
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: 3qIe7whJD8VX.QS3YNgtVcdTNfjVBGSY
date: Thu, 16 Nov 2023 18:22:57 GMT
via: 1.1 varnish
strict-transport-security: max-age=31536000
x-amz-request-id: NK2182ZCH7CHAS9K
age: 1
x-amz-server-side-encryption: AES256
x-start: 2023-11-16 18:22:56.680
x-amz-replication-status: COMPLETED
content-disposition: attachment; filename="260059c2-94ed-4236-82ad-624d031cc757-240424-JRB_KDH-Wrapper.png"
content-length: 1257250
x-amz-id-2: fSC6KvAamvuBVyRVGfy5gKZ1fnFd5c/mq8utrbQ2yPIKnuPdB0jyQrX7M7G24lTrGar5Zf5sIm8=
last-modified: Mon, 24 Apr 2023 13:40:46 GMT
etag: "a9272e8166f30f235595d1ea6fb6e431"
content-type: image/png
cache-control: max-age=2678405
accept-ranges: bytes

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11154426359/ 4 KB
2 KB 134ms
30ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11154426359/?random=1700158976777&cv=11&fst=1700158976777&bg=ffffff&guid=ON&async=1&gtm=45be3b81v9115732004&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fem-bfp-november-2023%3Frefcode%3Djb_em_fr_2023.11.16_b1_tbh_actives1_rtb_evg_c1_na-ac%26link_id%3D1%26can_id%3D1748cf16bd65e968f73bdfad4a024fb2%26source%3Demail-bh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-capture-hpc-highestpreviouscontribution-endcapture-assign-hpc_number-hpc-times-1-capture-askstring%26email_referrer%3Demail_2116074%26email_subject%3Dbh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-c&hn=www.googleadservices.com&frm=0&tiba=ActBlue&auid=31536046.1700158977&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11154426359

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfab4c4a4b1c34a89038bf786e20a111d175bb742ee6c07f0598bc80f6d88208

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 18:22:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1481
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/11154426359/ 3 KB
2 KB 353ms
33ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/11154426359/?random=1700158976793&cv=11&fst=1700158976793&bg=ffffff&guid=ON&async=1&gtm=45be3b81v9115732004&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fem-bfp-november-2023%3Frefcode%3Djb_em_fr_2023.11.16_b1_tbh_actives1_rtb_evg_c1_na-ac%26link_id%3D1%26can_id%3D1748cf16bd65e968f73bdfad4a024fb2%26source%3Demail-bh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-capture-hpc-highestpreviouscontribution-endcapture-assign-hpc_number-hpc-times-1-capture-askstring%26email_referrer%3Demail_2116074%26email_subject%3Dbh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-c&label=OInWCOy815kYEPeT7MYp&hn=www.googleadservices.com&frm=0&tiba=ActBlue&gtm_ee=1&auid=31536046.1700158977&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11154426359

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

a64c95d259e3fb0d57b47e731db1be1ea10c9edd6f9c16986895f53eeb6b0fb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 18:22:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1799
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/11154426359/ 42 B
455 B 73ms
30ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11154426359/?random=1700158976777&cv=11&fst=1700157600000&bg=ffffff&guid=ON&async=1&gtm=45be3b81v9115732004&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fem-bfp-november-2023%3Frefcode%3Djb_em_fr_2023.11.16_b1_tbh_actives1_rtb_evg_c1_na-ac%26link_id%3D1%26can_id%3D1748cf16bd65e968f73bdfad4a024fb2%26source%3Demail-bh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-capture-hpc-highestpreviouscontribution-endcapture-assign-hpc_number-hpc-times-1-capture-askstring%26email_referrer%3Demail_2116074%26email_subject%3Dbh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-c&frm=0&tiba=ActBlue&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaN0yXjacG5LNMkmBzswrEq4UylDLuMSA&random=3440117424&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 18:22:57 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/11154426359/ 42 B
455 B 91ms
26ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/11154426359/?random=1700158976777&cv=11&fst=1700157600000&bg=ffffff&guid=ON&async=1&gtm=45be3b81v9115732004&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fem-bfp-november-2023%3Frefcode%3Djb_em_fr_2023.11.16_b1_tbh_actives1_rtb_evg_c1_na-ac%26link_id%3D1%26can_id%3D1748cf16bd65e968f73bdfad4a024fb2%26source%3Demail-bh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-capture-hpc-highestpreviouscontribution-endcapture-assign-hpc_number-hpc-times-1-capture-askstring%26email_referrer%3Demail_2116074%26email_subject%3Dbh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-c&frm=0&tiba=ActBlue&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaN0yXjacG5LNMkmBzswrEq4UylDLuMSA&random=3440117424&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 18:22:57 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H3 200 /
sessions.bugsnag.com/ Frame 0
0 149ms
146ms Preflight 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method: POST
Origin: https://secure.actblue.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 16 Nov 2023 18:22:57 GMT
via: 1.1 google

POST
H3 202 / Show response
sessions.bugsnag.com/ 21 B
35 B 151ms
151ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1
Referer: https://secure.actblue.com/
Bugsnag-Sent-At: 2023-11-16T18:22:57.054Z
accept-language: de-DE,de;q=0.9
Bugsnag-Api-Key: 04c1a9de88bb73e22614162ba813a0b9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Thu, 16 Nov 2023 18:22:57 GMT
via: 1.1 google
bugsnag-session-uuid: ae8e4d66-01a7-419f-90ec-429202ba7a45
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
content-type: application/json

GET
H2 200 js Show response
www.paypal.com/sdk/ 290 KB
79 KB 62ms
25ms Script
application/javascript 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&locale=en_US&disable-funding=credit,card&intent=capture&commit=false&enable-funding=venmo

Requested by

Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/eb965d9fe71653677cad.js?form_app=us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9e4b6ea4b1ca81a9f123382b87af8ad09a08d4d2b36087a951753a1b91c48132

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-fx38o92TzvOv2rT8AHFRSInrfBoFpwLLeQDmjS2bxvYvIBJ4' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-fx38o92TzvOv2rT8AHFRSInrfBoFpwLLeQDmjS2bxvYvIBJ4' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-fx38o92TzvOv2rT8AHFRSInrfBoFpwLLeQDmjS2bxvYvIBJ4' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-fx38o92TzvOv2rT8AHFRSInrfBoFpwLLeQDmjS2bxvYvIBJ4' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
disable-set-cookie: true
via: 1.1 varnish, 1.1 varnish
date: Thu, 16 Nov 2023 18:22:57 GMT
age: 8497
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT, MISS
p3p: true
paypal-debug-id: f5242535812dd
server-timing: "traceparent;desc="00-0000000000000000000f5242535812dd-c51e8224a1218a9e-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 79302
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230102-FRA, cache-fra-eddf8230102-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f5242535812dd-7858fc5e71fbe0a2-01
x-timer: S1700158977.168724,VS0,VE10
etag: W/"135c6-WDUY6zaP1rI24+1Wn7pPzxgbJYw"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ 118 KB
37 KB 175ms
96ms Script
application/javascript 2a00:1450:400c:c07::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/eb965d9fe71653677cad.js?form_app=us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

81b3cfec8709a5844f547eae1fc0966ca4db5ec5c762a371b31954967cbda57b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GiMHrmAU4MeUxvwd9JQrEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 18:22:57 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-GiMHrmAU4MeUxvwd9JQrEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Thu, 16 Nov 2023 18:22:57 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/11154426359/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11154426359/?random=1561020242&cv=11&fst=1700158976793&bg=ffffff&guid=ON&async=1&gtm=45be3b81v9115732004&gcd=11l1l1l1l1&dma_cps=syph...
https://www.google.com/pagead/1p-conversion/11154426359/?random=1561020242&cv=11&fst=1700158976793&bg=ffffff&guid=ON&async=1&gtm=45be3b81v9115732004&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h...
https://www.google.de/pagead/1p-conversion/11154426359/?random=1561020242&cv=11&fst=1700158976793&bg=ffffff&guid=ON&async=1&gtm=45be3b81v9115732004&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=...

42 B
108 B

34ms
33ms

Image
image/gif

2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/11154426359/?random=1561020242&cv=11&fst=1700158976793&bg=ffffff&guid=ON&async=1&gtm=45be3b81v9115732004&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fem-bfp-november-2023%3Frefcode%3Djb_em_fr_2023.11.16_b1_tbh_actives1_rtb_evg_c1_na-ac%26link_id%3D1%26can_id%3D1748cf16bd65e968f73bdfad4a024fb2%26source%3Demail-bh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-capture-hpc-highestpreviouscontribution-endcapture-assign-hpc_number-hpc-times-1-capture-askstring%26email_referrer%3Demail_2116074%26email_subject%3Dbh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-c&label=OInWCOy815kYEPeT7MYp&hn=www.googleadservices.com&frm=0&tiba=ActBlue&gtm_ee=1&auid=31536046.1700158977&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EktDaEFJZ0pqWHFnWVFrcWo2MHFQMW9JQTlFaVFBNEtDUC10dTRUVENIZEwwc2ZvZ2tfbWI3azVJeERnNmxMUXJfOFZ2UXlhOUdJS2caVkNoQUlnSmpYcWdZUW43N01pTXU4aWNORUVpd0E5REliSXdIY1l1a3R3RlhWcVV0T3ZRTFdleU5iUjEtQXhSTWhZbTVQUTA1QmlwSkV5cWc4SGh6dUlnIhMIkoWT35HJggMV5pD9Bx0k9AWu&is_vtc=1&ocp_id=AV5WZdKACOah9u8PpOiX8Ao&cid=CAQSKQDICaaNw7lE3C-SgV_TRZ8hNNZ2N0WYG5BDRay_uGF2XjgpBRmUcd7r&random=1405377399&ipr=y

Requested by

Protocol

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 18:22:57 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 18:22:57 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/11154426359/?random=1561020242&cv=11&fst=1700158976793&bg=ffffff&guid=ON&async=1&gtm=45be3b81v9115732004&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fem-bfp-november-2023%3Frefcode%3Djb_em_fr_2023.11.16_b1_tbh_actives1_rtb_evg_c1_na-ac%26link_id%3D1%26can_id%3D1748cf16bd65e968f73bdfad4a024fb2%26source%3Demail-bh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-capture-hpc-highestpreviouscontribution-endcapture-assign-hpc_number-hpc-times-1-capture-askstring%26email_referrer%3Demail_2116074%26email_subject%3Dbh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-c&label=OInWCOy815kYEPeT7MYp&hn=www.googleadservices.com&frm=0&tiba=ActBlue&gtm_ee=1&auid=31536046.1700158977&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EktDaEFJZ0pqWHFnWVFrcWo2MHFQMW9JQTlFaVFBNEtDUC10dTRUVENIZEwwc2ZvZ2tfbWI3azVJeERnNmxMUXJfOFZ2UXlhOUdJS2caVkNoQUlnSmpYcWdZUW43N01pTXU4aWNORUVpd0E5REliSXdIY1l1a3R3RlhWcVV0T3ZRTFdleU5iUjEtQXhSTWhZbTVQUTA1QmlwSkV5cWc4SGh6dUlnIhMIkoWT35HJggMV5pD9Bx0k9AWu&is_vtc=1&ocp_id=AV5WZdKACOah9u8PpOiX8Ao&cid=CAQSKQDICaaNw7lE3C-SgV_TRZ8hNNZ2N0WYG5BDRay_uGF2XjgpBRmUcd7r&random=1405377399&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
insight.adsrvr.org/track/pxl/ Frame 39F9 70 B
149 B 178ms
34ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=ncocrig&ct=0:26uxqpk&fmt=3
Requested by: Host: secure.actblue.com
URL: https://secure.actblue.com/pages/em-bfp-november-2023/tracking_code?t=landing&refcode=jb_em_fr_2023.11.16_b1_tbh_actives1_rtb_evg_c1_na-ac&link_id=1&can_id=1748cf16bd65e968f73bdfad4a024fb2&source=email-bh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-capture-hpc-highestpreviouscontribution-endcapture-assign-hpc_number-hpc-times-1-capture-askstring&email_referrer=email_2116074&email_subject=bh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-capture-hpc-highestpreviouscontribution-endcapture-assign-hpc_number-hpc-times-1-capture-askstring-36-if-hpc_number-25-hpc_number-else-25-endif-endcapture-if-hpc_number-25-hpc_number-else-25-endif-else-1-endif-before-midnight&refcodeEmailReferrer=email_2116074&auth_token=null
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 18:22:57 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 1.js Show response
zgen2d20.micpn.com/p/js/ Frame 39F9 43 KB
15 KB 209ms
119ms Script
text/javascript 108.138.217.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://zgen2d20.micpn.com/p/js/1.js
Requested by: Host: secure.actblue.com
URL: https://secure.actblue.com/pages/em-bfp-november-2023/tracking_code?t=landing&refcode=jb_em_fr_2023.11.16_b1_tbh_actives1_rtb_evg_c1_na-ac&link_id=1&can_id=1748cf16bd65e968f73bdfad4a024fb2&source=email-bh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-capture-hpc-highestpreviouscontribution-endcapture-assign-hpc_number-hpc-times-1-capture-askstring&email_referrer=email_2116074&email_subject=bh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-capture-hpc-highestpreviouscontribution-endcapture-assign-hpc_number-hpc-times-1-capture-askstring-36-if-hpc_number-25-hpc_number-else-25-endif-endcapture-if-hpc_number-25-hpc_number-else-25-endif-else-1-endif-before-midnight&refcodeEmailReferrer=email_2116074&auth_token=null
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.217.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-217-96.lhr61.r.cloudfront.net
Software: /
Resource Hash: c8687251f7338f46903d59714005918f662980f36eb6579a4f47da241bac107e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 18:22:57 GMT
content-encoding: gzip
via: 1.1 8b225d7dbb570edc490ce7b9b77a3a2e.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P3
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript
p3p: policyref="https://movableink.com/w3c/p3p.xml", CP="DEVa PSAa PSDa IVAa IVDa OUR IND DSP NON COR NAV UNI"
cache-control: no-cache max-age=0
timing-allow-origin: https://secure.actblue.com
x-amz-cf-id: AzHW2YBcdKazpqLhbdoOKLiQz7AaZXrgyqvNMqK06wJO31YSbOsldQ==
x-uuid: 4ea8a4cf-e9d6-4d01-b861-73a44f63e275
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 39F9 202 KB
54 KB 45ms
11ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: secure.actblue.com
URL: https://secure.actblue.com/pages/em-bfp-november-2023/tracking_code?t=landing&refcode=jb_em_fr_2023.11.16_b1_tbh_actives1_rtb_evg_c1_na-ac&link_id=1&can_id=1748cf16bd65e968f73bdfad4a024fb2&source=email-bh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-capture-hpc-highestpreviouscontribution-endcapture-assign-hpc_number-hpc-times-1-capture-askstring&email_referrer=email_2116074&email_subject=bh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-capture-hpc-highestpreviouscontribution-endcapture-assign-hpc_number-hpc-times-1-capture-askstring-36-if-hpc_number-25-hpc_number-else-25-endif-endcapture-if-hpc_number-25-hpc_number-else-25-endif-else-1-endif-before-midnight&refcodeEmailReferrer=email_2116074&auth_token=null

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 16 Nov 2023 18:22:57 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: GkSVWQ4CzZ2EFRoDKG1PvwhuFv0r9Bituwuml40qbwJwUxD4WyZ1FxJNqj5UqciIDJ+07IQftqD2DISMJVPlAQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 14 KB
5 KB 21ms
20ms Script
application/x-javascript 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=secure.actblue.com&t=xo&v=5.0.409&source=payments_sdk&client_id=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&disableSetCookie=true&vault=false

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&locale=en_US&disable-funding=credit,card&intent=capture&commit=false&enable-funding=venmo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b7835ddf7f4bdc5fca38eab485755c7602c12caf9ccfd76db77ee611a7a806ff

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-gTwkBFyvvNGMrrd+Wkmqwmh4nOyr6J8aqlo8wBcC4iJZiiz5' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-gTwkBFyvvNGMrrd+Wkmqwmh4nOyr6J8aqlo8wBcC4iJZiiz5' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 16 Nov 2023 18:22:57 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 81382
x-cache: HIT, MISS
paypal-debug-id: f509167a4bcf8
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 4773
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230102-FRA, cache-fra-eddf8230102-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f509167a4bcf8-49397d877d6383be-01
x-timer: S1700158977.262256,VS0,VE7
etag: W/"3668-NYTNHmrp1xI9fommrxBhoz+6Wqw"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=3600
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 buttons Show response
www.paypal.com/smart/ Frame E5CA 411 KB
107 KB 451ms
447ms Document
text/html 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=44&style.menuPlacement=below&sdkVersion=5.0.409&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UmZW5hYmxlLWZ1bmRpbmc9dmVubW8iLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9mbWdpY3pibHBhZ211bHhpc2F1Z2VianVpb21iamsifX0&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&sdkCorrelationID=06b475109a5a9&storageID=uid_e73f657bbb_mtg6mji6ntc&sessionID=uid_c1553d5070_mtg6mji6ntc&buttonSessionID=uid_d5c3ab7518_mtg6mji6ntc&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&enableFunding.0=venmo&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&renderedButtons.1=sepa&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true&experimentation.experience=107634&experimentation.treatment=135612

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

40d3144de692987b16d83985b0042e16ce1c2454859c19f069ca066faa68e38a

Security Headers

Name	Value
Content-Security-Policy	form-action 'self' https://.paypal.com https://.cardinalcommerce.com; default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com: https://.paypalobjects.com https://.googleapis.com https://.firebaseio.com wss://.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://.qualtrics.com; frame-src 'self' https://.paypal.com:* https://.paypalobjects.com https://.cardinalcommerce.com https://.firebaseapp.com https://.qualtrics.com; script-src 'self' https://.paypal.com: https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://.paypal.com:* https://.paypalobjects.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.actblue.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-disposition: inline
content-encoding: gzip
content-security-policy: form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
date: Thu, 16 Nov 2023 18:22:57 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"66b7b-oG1TmHxK0Y6Ow6pJ4giaKHkyRNc"
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
p3p: true
paypal-debug-id: f96615776526f
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: "traceparent;desc="00-0000000000000000000f96615776526f-5a2697c3a7af6329-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f96615776526f-068302b491f89519-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-csrf-jwt: __blank__
x-served-by: cache-fra-eddf8230102-FRA, cache-fra-eddf8230102-FRA
x-timer: S1700158977.360009,VS0,VE439
x-xss-protection: 1; mode=block

GET
H2 200 paypal-blue.svg
www.paypalobjects.com/js-sdk-logos/2.2.7/ Frame 426C 3 KB
4 KB 71ms
11ms Image
image/svg+xml 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/js-sdk-logos/2.2.7/paypal-blue.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 18:22:57 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
log-origin: shield=SJC,src_ip=157.52.96.49,alternate_path=0,ip=157.52.96.49,port=443,name=shield_ssl_cache_sjc10049_SJC,status=200,reason=OK,method=GET,url="/js-sdk-logos/2.2.7/paypal-blue.svg",host=www.paypalobjects.com
log-timing: fetch=172961,misspass=175,do_stream=0
x-cache: HIT, HIT
paypal-debug-id: a9c403155406c
dc: ccg11-origin-www-1.paypal.com
content-length: 3266
x-served-by: cache-sjc10049-SJC, cache-fra-eddf8230054-FRA
last-modified: Tue, 04 Apr 2023 21:46:19 GMT
traceparent: 00-0000000000000000000a9c403155406c-daf84a9867d9436a-01
x-timer: S1700158977.403865,VS0,VE0
etag: "642c9aab-cc2"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 1, 9022

GET
H2 200 sepa-default.svg
www.paypalobjects.com/js-sdk-logos/2.2.7/ Frame 426C 9 KB
3 KB 69ms
10ms Image
image/svg+xml 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/js-sdk-logos/2.2.7/sepa-default.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e0d38886fe77a4f965380f314f56745ee497d565a4918afb98fc0f8823de25b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 18:22:57 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
x-cache: HIT, HIT
paypal-debug-id: a7f34e4881e8b
dc: ccg11-origin-www-1.paypal.com
content-length: 3135
x-served-by: cache-sjc10081-SJC, cache-fra-eddf8230054-FRA
last-modified: Tue, 04 Apr 2023 21:46:19 GMT
traceparent: 00-0000000000000000000a7f34e4881e8b-0d2becf8a5cffb22-01
x-timer: S1700158977.403424,VS0,VE0
etag: W/"642c9aab-2204"
vary: Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 6, 62

GET
H2 200 muse.js Show response
www.paypalobjects.com/muse/ 55 KB
16 KB 51ms
9ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/muse.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=secure.actblue.com&t=xo&v=5.0.409&source=payments_sdk&client_id=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&disableSetCookie=true&vault=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 18:22:57 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
log-origin: shield=SJC,src_ip=157.52.96.131,alternate_path=0,ip=157.52.96.81,port=443,name=shield_ssl_cache_sjc10081_SJC,status=200,reason=OK,method=GET,url="/muse/muse.js",host=www.paypalobjects.com
strict-transport-security: max-age=31557600
log-timing: fetch=178261,misspass=93,do_stream=0
x-cache: HIT, HIT
paypal-debug-id: 3fd9c4a83a728
dc: ccg11-origin-www-1.paypal.com
content-length: 15742
x-served-by: cache-sjc10081-SJC, cache-fra-eddf8230054-FRA
last-modified: Fri, 01 Sep 2023 21:10:59 GMT
traceparent: 00-00000000000000000003fd9c4a83a728-6a5561e0f3f2e3ff-01
x-timer: S1700158977.403357,VS0,VE0
etag: W/"64f25363-daa8"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 9, 22527

GET
H2 200 ts
t.paypal.com/ 42 B
510 B 274ms
198ms Image
image/gif 151.101.129.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3ANGJ83G9Z8QXZ8-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3ANGJ83G9Z8QXZ8-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=fe4dca86-323c-4442-b2a6-6bd13ac56ad7&fltp=analytics&mrid=NGJ83G9Z8QXZ8&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Joe%20Biden%20%E2%80%94%20Donate%20via%20ActBlue&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1700158977358&g=-60&completeurl=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fem-bfp-november-2023%3Frefcode%3Djb_em_fr_2023.11.16_b1_tbh_actives1_rtb_evg_c1_na-ac%26link_id%3D1%26can_id%3D1748cf16bd65e968f73bdfad4a024fb2%26source%3Demail-bh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-capture-hpc-highestpreviouscontribution-endcapture-assign-hpc_number-hpc-times-1-capture-askstring%26email_referrer%3Demail_2116074%26email_subject%3Dbh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-capture-hpc-highestpreviouscontribution-endcapture-assign-hpc_number-hpc-times-1-capture-askstring-36-if-hpc_number-25-hpc_number-else-25-endif-endcapture-if-hpc_number-25-hpc_number-else-25-endif-else-1-endif-before-midnight%26refcodeEmailReferrer%3Demail_2116074&disableSetCookie=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 16 Nov 2023 18:22:57 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: dd8a07dacba6a
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-eddf8230065-FRA
pragma: no-cache
correlation-id: dd8a07dacba6a
traceparent: 00-0000000000000000000dd8a07dacba6a-90cec6db8ff7005e-01
x-timer: S1700158977.451433,VS0,VE166
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Nov 2023 18:22:57 GMT

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 6F02 19 KB
8 KB 214ms
213ms Document
text/html 2a00:1450:400c:c07::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fsecure.actblue.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

476fc4f4592678274c27d94b1dc8b99e6117960b2613bfceea1a67f0ba5e8105

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-p95D6dKxuo76wF1lvwBhvQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.actblue.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-p95D6dKxuo76wF1lvwBhvQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Thu, 16 Nov 2023 18:22:57 GMT
expires: Thu, 16 Nov 2023 18:22:57 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 200 1663341264181988 Show response
connect.facebook.net/signals/config/ Frame 39F9 133 KB
35 KB 161ms
159ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1663341264181988?v=2.9.138&r=stable&domain=secure.actblue.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7ced00d7901dabdaf25993d9d328fffd1165e98b894805a12b63319431172705

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 16 Nov 2023 18:22:57 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: RYw8wxoGIVWaRKE2cgaQOvVVsSkzhuelILiwUobRsbAuFMN/zWWCXNK70PnxMpXGJE0IChI1hc10rfLHbF8h2Q==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 dark_gpay.svg
www.gstatic.com/instantbuy/svg/ 2 KB
1 KB 75ms
14ms Image
image/svg+xml 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/instantbuy/svg/dark_gpay.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f383d270511912b2da11555947cb3e6012e6375cb5f0d90493c25f6048169073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 18:39:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 603835
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 871
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/svg+xml
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 08 Nov 2024 18:39:02 GMT

GET
H2 200 index.html Show response
www.paypalobjects.com/muse/analytics/ Frame 46DA 55 KB
16 KB 13ms
13ms Document
text/html 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/analytics/index.html

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7247ab83a30fbd92bf8425aca87dbb9f3f44c1b7facc6f7fd80df157ea6b5e03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.actblue.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: br
content-length: 16039
content-type: text/html
date: Thu, 16 Nov 2023 18:22:57 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"64f25363-dacc"
last-modified: Fri, 01 Sep 2023 21:10:59 GMT
log-origin: shield=SJC,src_ip=157.52.96.92,alternate_path=0,ip=157.52.96.107,port=443,name=shield_ssl_cache_sjc1000107_SJC,status=200,reason=OK,method=GET,url="/muse/analytics/index.html",host=www.paypalobjects.com
log-timing: fetch=147177,misspass=72,do_stream=0
paypal-debug-id: 7d8e18e65f05e
strict-transport-security: max-age=31557600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-00000000000000000007d8e18e65f05e-bff6b7eca9fa3c2d-01
vary: Accept-Encoding, Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 7, 22649
x-content-type-options: nosniff
x-served-by: cache-sjc1000107-SJC, cache-fra-eddf8230054-FRA
x-timer: S1700158977.462663,VS0,VE0

GET
H2 200 noop.js Show response
www.paypalobjects.com/muse/ Frame 46DA 18 B
421 B 229ms
216ms Fetch
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/noop.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypalobjects.com/muse/analytics/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-cache-hits: 10437, 22318
date: Thu, 16 Nov 2023 18:22:57 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
log-origin: shield=SJC,src_ip=157.52.96.145,alternate_path=0,ip=157.52.96.145,port=443,name=shield_ssl_cache_sjc1000145_SJC,status=200,reason=OK,method=GET,url="/muse/noop.js",host=www.paypalobjects.com
log-timing: fetch=146948,misspass=79,do_stream=0
x-cache: HIT, HIT
paypal-debug-id: 7f4693eaf4cf1
dc: ccg11-origin-www-1.paypal.com
content-length: 18
x-served-by: cache-sjc1000145-SJC, cache-fra-eddf8230054-FRA
last-modified: Sat, 13 Feb 2021 00:26:56 GMT
traceparent: 00-00000000000000000007f4693eaf4cf1-0dbd27aaa054f89f-01
x-timer: S1700158978.739364,VS0,VE0
etag: "60271cd0-12"
vary: Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-client-location: DE

GET
H2 200 ts
t.paypal.com/ 42 B
164 B 179ms
173ms Image
image/gif 151.101.129.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3ANGJ83G9Z8QXZ8-1&page=muse%3Aoffer%3A%3A%3ANGJ83G9Z8QXZ8-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=fe4dca86-323c-4442-b2a6-6bd13ac56ad7&es=visitorInfoFlowStarted&mrid=NGJ83G9Z8QXZ8&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Joe%20Biden%20%E2%80%94%20Donate%20via%20ActBlue&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1700158977519&g=-60&completeurl=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fem-bfp-november-2023%3Frefcode%3Djb_em_fr_2023.11.16_b1_tbh_actives1_rtb_evg_c1_na-ac%26link_id%3D1%26can_id%3D1748cf16bd65e968f73bdfad4a024fb2%26source%3Demail-bh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-capture-hpc-highestpreviouscontribution-endcapture-assign-hpc_number-hpc-times-1-capture-askstring%26email_referrer%3Demail_2116074%26email_subject%3Dbh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-capture-hpc-highestpreviouscontribution-endcapture-assign-hpc_number-hpc-times-1-capture-askstring-36-if-hpc_number-25-hpc_number-else-25-endif-endcapture-if-hpc_number-25-hpc_number-else-25-endif-else-1-endif-before-midnight%26refcodeEmailReferrer%3Demail_2116074&disableSetCookie=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 16 Nov 2023 18:22:57 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 53fe111ae42ae
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-eddf8230065-FRA
pragma: no-cache
correlation-id: 53fe111ae42ae
traceparent: 00-000000000000000000053fe111ae42ae-0c40fb048195d0de-01
x-timer: S1700158978.536019,VS0,VE162
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Nov 2023 18:22:57 GMT

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.MOKkx_he4kc.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame 6F02 159 KB
57 KB 26ms
24ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.MOKkx_he4kc.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfri-q2AyGdG4pfctk2Ymn9GaZnMncQ/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fsecure.actblue.com&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d641cd345ecb8a76c6c52db24e446414e58e1ea3b3de1e6962a277fd5a86858

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 17:45:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88638
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57479
x-xss-protection: 0
last-modified: Wed, 15 Nov 2023 07:33:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Nov 2024 17:45:39 GMT

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 6F02 2 KB
2 KB 133ms
122ms Other
text/html 2a00:1450:400c:c07::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: secure.actblue.com
URL: https://secure.actblue.com/donate/em-bfp-november-2023?refcode=jb_em_fr_2023.11.16_b1_tbh_actives1_rtb_evg_c1_na-ac&link_id=1&can_id=1748cf16bd65e968f73bdfad4a024fb2&source=email-bh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-capture-hpc-highestpreviouscontribution-endcapture-assign-hpc_number-hpc-times-1-capture-askstring&email_referrer=email_2116074&email_subject=bh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-capture-hpc-highestpreviouscontribution-endcapture-assign-hpc_number-hpc-times-1-capture-askstring-36-if-hpc_number-25-hpc_number-else-25-endif-endcapture-if-hpc_number-25-hpc_number-else-25-endif-else-1-endif-before-midnight&refcodeEmailReferrer=email_2116074
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c07::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 16 Nov 2023 18:22:57 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H2 200 /
www.facebook.com/tr/ Frame 39F9 0
185 B 39ms
8ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1663341264181988&ev=PageView&dl=https%3A%2F%2Fsecure.actblue.com%2Fpages%2Fem-bfp-november-2023%2Ftracking_code%3Ft%3Dlanding%26refcode%3Djb_em_fr_2023.11.16_b1_tbh_actives1_rtb_evg_c1_na-ac%26link_id%3D1%26can_id%3D1748cf16bd65e968f73bdfad4a024fb2%26source%3Demail-bh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-capture-hpc-highestpreviouscontribution-endcapture-assign-hpc_number-hpc-times-1-capture-askstring%26email_referrer%3Demail_2116074%26email_subject%3Dbh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-capture-hpc-highestpreviouscontribution-endcapture-assign-hpc_number-hpc-times-1-capture-askstring-36-if-hpc_number-25-hpc_number-else-25-endif-endcapture-if-hpc_number-25-hpc_number-else-25-endif-else-1-endif-before-midnight%26refcodeEmailReferrer%3Demail_2116074%26auth_token%3Dnull&rl=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fem-bfp-november-2023%3Frefcode%3Djb_em_fr_2023.11.16_b1_tbh_actives1_rtb_evg_c1_na-ac%26link_id%3D1%26can_id%3D1748cf16bd65e968f73bdfad4a024fb2%26source%3Demail-bh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-capture-hpc-highestpreviouscontribution-endcapture-assign-hpc_number-hpc-times-1-capture-askstring%26email_referrer%3Demail_2116074%26email_subject%3Dbh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-capture-hpc-highestpreviouscontribution-endcapture-assign-hpc_number-hpc-times-1-capture-askstring-36-if-hpc_number-25-hpc_number-else-25-endif-endcapture-if-hpc_number-25-hpc_number-else-25-endif-else-1-endif-before-midnight%26refcodeEmailReferrer%3Demail_2116074&if=true&ts=1700158977650&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1700158977648.1422257437&it=1700158977418&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 16 Nov 2023 18:22:57 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 m=Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.MOKkx_he4kc.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.YXtBVX... Frame 6F02 73 KB
27 KB 221ms
220ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.MOKkx_he4kc.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.YXtBVXxVcck.L.B1.O/am=EIYY/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfriuTIfKJvcF0dHzmQsniDQ7pbD2jQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.MOKkx_he4kc.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfri-q2AyGdG4pfctk2Ymn9GaZnMncQ/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

747693094d8736b1d3c2f6997bd01af07b156db9bff54a8db587d3709955d943

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 18:22:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27293
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 02:58:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 18:22:57 GMT

OPTIONS
H2 204 graphql
www.paypal.com/targeting/ Frame 0
0 256ms
226ms Preflight 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql?disableSetCookie=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,disable-set-cookie
Access-Control-Request-Method: POST
Origin: https://www.paypalobjects.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,disable-set-cookie
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Thu, 16 Nov 2023 18:22:57 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f768269e2d06d
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f768269e2d06d-187acf52bbdfc280-01
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-served-by: cache-fra-eddf8230104-FRA, cache-fra-eddf8230104-FRA
x-timer: S1700158978.791965,VS0,VE186

POST
H2 200 graphql Show response
www.paypal.com/targeting/ Frame 46DA 435 B
1 KB 314ms
314ms Fetch
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql?disableSetCookie=true

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2c87ca07684e0023e19ef6ded6f42e7a6107089aa13b29fc295ca14c4fa600f4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; img-src 'self' https:; script-src 'nonce-ue5oIE44/tuT3DrQMJhBloJ6bC3BZQbP+EpuK16vgpIj2Ycs' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; object-src 'none'; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypalobjects.com/
disable-set-cookie: true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-ue5oIE44/tuT3DrQMJhBloJ6bC3BZQbP+EpuK16vgpIj2Ycs' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Thu, 16 Nov 2023 18:22:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
paypal-debug-id: f76826938d6c1
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230102-FRA, cache-fra-eddf8230102-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f76826938d6c1-6b8507aec888c766-01
x-timer: S1700158978.020641,VS0,VE303
etag: W/"1b3-GJy1CU64+2NjvlIi8DMWLPZOlao"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 js Show response
www.paypal.com/sdk/ Frame E5CA 290 KB
79 KB 48ms
48ms Script
application/javascript 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=44&style.menuPlacement=below&sdkVersion=5.0.409&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UmZW5hYmxlLWZ1bmRpbmc9dmVubW8iLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9mbWdpY3pibHBhZ211bHhpc2F1Z2VianVpb21iamsifX0&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&sdkCorrelationID=06b475109a5a9&storageID=uid_e73f657bbb_mtg6mji6ntc&sessionID=uid_c1553d5070_mtg6mji6ntc&buttonSessionID=uid_d5c3ab7518_mtg6mji6ntc&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&enableFunding.0=venmo&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&renderedButtons.1=sepa&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true&experimentation.experience=107634&experimentation.treatment=135612

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9e4b6ea4b1ca81a9f123382b87af8ad09a08d4d2b36087a951753a1b91c48132

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-fx38o92TzvOv2rT8AHFRSInrfBoFpwLLeQDmjS2bxvYvIBJ4' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-fx38o92TzvOv2rT8AHFRSInrfBoFpwLLeQDmjS2bxvYvIBJ4' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=44&style.menuPlacement=below&sdkVersion=5.0.409&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UmZW5hYmxlLWZ1bmRpbmc9dmVubW8iLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9mbWdpY3pibHBhZ211bHhpc2F1Z2VianVpb21iamsifX0&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&sdkCorrelationID=06b475109a5a9&storageID=uid_e73f657bbb_mtg6mji6ntc&sessionID=uid_c1553d5070_mtg6mji6ntc&buttonSessionID=uid_d5c3ab7518_mtg6mji6ntc&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&enableFunding.0=venmo&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&renderedButtons.1=sepa&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true&experimentation.experience=107634&experimentation.treatment=135612
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-fx38o92TzvOv2rT8AHFRSInrfBoFpwLLeQDmjS2bxvYvIBJ4' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-fx38o92TzvOv2rT8AHFRSInrfBoFpwLLeQDmjS2bxvYvIBJ4' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
disable-set-cookie: true
via: 1.1 varnish, 1.1 varnish
date: Thu, 16 Nov 2023 18:22:57 GMT
age: 8498
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT, MISS
p3p: true
paypal-debug-id: f5242535812dd
server-timing: "traceparent;desc="00-0000000000000000000f5242535812dd-c51e8224a1218a9e-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 79302
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230102-FRA, cache-fra-eddf8230102-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f5242535812dd-7858fc5e71fbe0a2-01
x-timer: S1700158978.825877,VS0,VE19
etag: W/"135c6-WDUY6zaP1rI24+1Wn7pPzxgbJYw"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 2, 0

GET
DATA 200
OK truncated
/ Frame E5CA 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E5CA 9 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0d38886fe77a4f965380f314f56745ee497d565a4918afb98fc0f8823de25b6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 6F02 1 MB
375 KB 110ms
109ms XHR
text/html 2a00:1450:400c:c07::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a052b94a8afb2410c84389f7453451e172ead627f57db68fe28fbd1679f31e8e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hPd4ogi7f0mnHEBsrg8cSw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 18:22:58 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-hPd4ogi7f0mnHEBsrg8cSw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Thu, 16 Nov 2023 18:22:58 GMT

POST
H2 200 trackables Show response
secure.actblue.com/ 0
416 B 373ms
373ms Fetch
text/html 151.101.0.174
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.actblue.com/trackables

Requested by

Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/eb965d9fe71653677cad.js?form_app=us

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.174 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://secure.actblue.com/donate/em-bfp-november-2023?refcode=jb_em_fr_2023.11.16_b1_tbh_actives1_rtb_evg_c1_na-ac&link_id=1&can_id=1748cf16bd65e968f73bdfad4a024fb2&source=email-bh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-capture-hpc-highestpreviouscontribution-endcapture-assign-hpc_number-hpc-times-1-capture-askstring&email_referrer=email_2116074&email_subject=bh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-capture-hpc-highestpreviouscontribution-endcapture-assign-hpc_number-hpc-times-1-capture-askstring-36-if-hpc_number-25-hpc_number-else-25-endif-endcapture-if-hpc_number-25-hpc_number-else-25-endif-else-1-endif-before-midnight&refcodeEmailReferrer=email_2116074
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Thu, 16 Nov 2023 18:22:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 varnish
x-permitted-cross-domain-policies: none
status: 200 OK
x-start: 2023-11-16 18:22:58.066
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html
cache-control: private, no-store
accept-ranges: bytes

GET
H2 200 s.js Show response
cdn.sift.com/ 62 KB
21 KB 160ms
16ms Script
application/javascript 34.96.67.224
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.sift.com/s.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.67.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

224.67.96.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

eeedc1abe03200da1b9ad6c8d55cfc0c7a5f8c47e492d5826f64f3e719eacb76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 13:49:16 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1830822
x-guploader-uploadid: ABPtcPrpWrrkjBrDAWi7zXpGnSNqQhD1RbWpgmoSpzmfynnfH7j6Yi4kwFRkJXKq0DZAZqx8eRgV47GTIGNN_wMXJQAb
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20500
last-modified: Tue, 28 Feb 2023 22:39:30 GMT
server: UploadServer
etag: "476f50cbc514dd2a147e8856d7d6a2eb"
x-goog-generation: 1677623970358201
x-goog-hash: crc32c=v7KhDA==, md5=R29Qy8UU3SoUfohW19ai6w==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 20500
accept-ranges: bytes
expires: Fri, 25 Oct 2024 13:49:16 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.MOKkx_he4kc.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.YXtBVX... Frame 6F02 9 KB
4 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.MOKkx_he4kc.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.YXtBVXxVcck.L.B1.O/am=EIYY/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfriuTIfKJvcF0dHzmQsniDQ7pbD2jQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22aff09a4899c48a59b0b6963e2fc945a674556db20ce9576b54fce2d1de0812

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 19:11:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83501
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3731
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 02:58:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Nov 2024 19:11:17 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.MOKkx_he4kc.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.YXtBVX... Frame 6F02 37 KB
14 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.MOKkx_he4kc.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.YXtBVXxVcck.L.B1.O/am=EIYY/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfriuTIfKJvcF0dHzmQsniDQ7pbD2jQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33024a69c55c2172b2db5fa2774cec3a2ca7c2e7775847edd69bdf4d358cc336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 19:11:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83501
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14131
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 02:58:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Nov 2024 19:11:17 GMT

POST
H3 200 log Show response
play.google.com/ Frame 6F02 131 B
155 B 74ms
48ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 16 Nov 2023 18:22:58 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 16 Nov 2023 18:22:58 GMT

POST
H3 200 log Show response
play.google.com/ Frame 6F02 131 B
155 B 78ms
51ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 16 Nov 2023 18:22:58 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 16 Nov 2023 18:22:58 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 151ms
26ms Preflight
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 16 Nov 2023 18:22:58 GMT
expires: Thu, 16 Nov 2023 18:22:58 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 145ms
26ms Preflight
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 16 Nov 2023 18:22:58 GMT
expires: Thu, 16 Nov 2023 18:22:58 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 6F02 131 B
155 B 78ms
49ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 16 Nov 2023 18:22:58 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 16 Nov 2023 18:22:58 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 139ms
25ms Preflight
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 16 Nov 2023 18:22:58 GMT
expires: Thu, 16 Nov 2023 18:22:58 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 6F02 131 B
155 B 73ms
47ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 16 Nov 2023 18:22:58 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 16 Nov 2023 18:22:58 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 132ms
26ms Preflight
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 16 Nov 2023 18:22:58 GMT
expires: Thu, 16 Nov 2023 18:22:58 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 6F02 131 B
155 B 79ms
48ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 16 Nov 2023 18:22:58 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 16 Nov 2023 18:22:58 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 115ms
22ms Preflight
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 16 Nov 2023 18:22:58 GMT
expires: Thu, 16 Nov 2023 18:22:58 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 6F02 131 B
155 B 77ms
51ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 16 Nov 2023 18:22:58 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 16 Nov 2023 18:22:58 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 72ms
27ms Preflight
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 16 Nov 2023 18:22:58 GMT
expires: Thu, 16 Nov 2023 18:22:58 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 64ms
25ms Preflight
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 16 Nov 2023 18:22:58 GMT
expires: Thu, 16 Nov 2023 18:22:58 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 6F02 131 B
155 B 76ms
47ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 16 Nov 2023 18:22:58 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 16 Nov 2023 18:22:58 GMT

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ Frame E5CA 1022 B
823 B 228ms
223ms XHR
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d78f2fac62146c8fe1f4ce42e96c5d28728e1a2e2063b0dd39415c0c79a7448e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.paypal.com/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=44&style.menuPlacement=below&sdkVersion=5.0.409&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UmZW5hYmxlLWZ1bmRpbmc9dmVubW8iLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9mbWdpY3pibHBhZ211bHhpc2F1Z2VianVpb21iamsifX0&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&sdkCorrelationID=06b475109a5a9&storageID=uid_e73f657bbb_mtg6mji6ntc&sessionID=uid_c1553d5070_mtg6mji6ntc&buttonSessionID=uid_d5c3ab7518_mtg6mji6ntc&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&enableFunding.0=venmo&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&renderedButtons.1=sepa&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true&experimentation.experience=107634&experimentation.treatment=135612
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: application/json

Response headers

date: Thu, 16 Nov 2023 18:22:58 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS, MISS
paypal-debug-id: f76826943bb95
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-fra-eddf8230102-FRA, cache-fra-eddf8230102-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f76826943bb95-a1820cfaa6dfc604-01
x-timer: S1700158978.210584,VS0,VE210
etag: W/"3fe-IbQunFH4/iBPnfiao1eCNMhj8gI"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
x-cache-hits: 0, 0

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1016 B
870 B 315ms
314ms XHR
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ab45393a19c162763b3557bd12bae06a65153d1f5b73b2cb4ed6feecc71490a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://secure.actblue.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: application/json

Response headers

date: Thu, 16 Nov 2023 18:22:58 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS, MISS
paypal-debug-id: f615172ac6ec0
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-fra-eddf8230104-FRA, cache-fra-eddf8230104-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f615172ac6ec0-5682c7da85e29b8c-01
x-timer: S1700158979.531718,VS0,VE202
etag: W/"3f8-yYf49hjY+EQ9AI/AqbJm2UEMZ+w"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://secure.actblue.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
x-cache-hits: 0, 0

POST
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame E5CA 1022 B
1 KB 204ms
200ms Ping
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

74fa77a33604706b3188fd24e03f74d00a96507bbcdb127173836b98d548d806

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=44&style.menuPlacement=below&sdkVersion=5.0.409&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UmZW5hYmxlLWZ1bmRpbmc9dmVubW8iLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9mbWdpY3pibHBhZ211bHhpc2F1Z2VianVpb21iamsifX0&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&sdkCorrelationID=06b475109a5a9&storageID=uid_e73f657bbb_mtg6mji6ntc&sessionID=uid_c1553d5070_mtg6mji6ntc&buttonSessionID=uid_d5c3ab7518_mtg6mji6ntc&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&enableFunding.0=venmo&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&renderedButtons.1=sepa&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true&experimentation.experience=107634&experimentation.treatment=135612
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 16 Nov 2023 18:22:58 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS, MISS
paypal-debug-id: f7682696b28a2
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-fra-eddf8230102-FRA, cache-fra-eddf8230102-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f7682696b28a2-06fd12144a98b949-01
x-timer: S1700158978.221683,VS0,VE181
etag: W/"3fe-HP/u5OhZYCJC5Ae1W2Ius5syx/w"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
x-cache-hits: 0, 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 255ms
251ms Preflight 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://secure.actblue.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://secure.actblue.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-length: 0
date: Thu, 16 Nov 2023 18:22:58 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f768269780a8d
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f768269780a8d-787a31c6996acf14-01
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-served-by: cache-fra-eddf8230104-FRA, cache-fra-eddf8230104-FRA
x-timer: S1700158978.210533,VS0,VE185

GET
H2 200 740303.gif
hexagon-analytics.com/images/ 43 B
297 B 161ms
108ms Image
image/gif 34.102.232.42
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hexagon-analytics.com/images/740303.gif?bk=19482a20cc&tm=119&r=392888461&v=106&cs=UTF-8&h=secure.actblue.com&l=en-US&S=5ab864cb822ecee229dacc52825618e2&uu=756049480b5503b0db58c0dd2270f27&t=Joe%20Biden%20%E2%80%94%20Donate%20via%20ActBlue&u=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fem-bfp-november-2023%3Frefcode%3Djb_em_fr_2023.11.16_b1_tbh_active&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.159%20Safari%2F537.36&nm=4&mh=fe407dda3b01b3e3c72476fe7bf9f870&np=3&ph=596d9e73a4a75c4ceee60ad7b54864b3&sh=1200&sw=1600&cd=24&p=Win32&to=-60&d=60&ce=true&tp=0&ol=true&pr=Gecko&ps=20030107&vd=Google%20Inc.&vs=&hc=4&je=false&ss=true&ls=true&in=true&db=false&tl=false&tr=false&ts=false&tb=false&ab=false&cf=64d58bfddb44af6942e7931de5174ca7&z=z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.232.42 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

42.232.102.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.actblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 18:22:58 GMT
via: 1.1 google
x-content-type-options: nosniff
server: nginx
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 / Show response
proxy-service.actblue.com/track/ 25 B
353 B 301ms
300ms XHR
application/json 151.101.128.174
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://proxy-service.actblue.com/track/?verbose=1&ip=1&_=1700158980808

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.128.174 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://secure.actblue.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=604800; includeSubDomains
via: 1.1 google, 1.1 varnish
date: Thu, 16 Nov 2023 18:23:01 GMT
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://secure.actblue.com
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 51
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
content-length: 25

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
secure.actblue.com/cf/assets/app-css	1969-12-31 23:59:59	Name: skip_prefill_check Value: true
secure.actblue.com/cf/assets/app	1969-12-31 23:59:59	Name: skip_prefill_check Value: true
secure.actblue.com/cf/assets	1969-12-31 23:59:59	Name: skip_prefill_check Value: true
secure.actblue.com/donate	1969-12-31 23:59:59	Name: skip_prefill_check Value: true
.actionnetwork.org/	1970-01-20 16:16:00	Name: __cf_bm Value: 3SA0OzvSuN46jqCV_.t9Mlv.sTnQ4G.R3XK6xVLvvWw-1700158974-0-AaUbK9sXgO8h/CRYhZiWo+Yt5wVOfoC9DUV+frGy/ZX6aybXd61LdkjaxQgBKuPd+VvyBqkR28HqGaCOkwzZHHk=
.actblue.com/	1970-01-21 01:01:34	Name: mp_1498bce7991dd9e45621a9bf2dbfa01b_mixpanel Value: %7B%22distinct_id%22%3A%20%22%24device%3A18bd95f2f72f80-0c115f358eac54-61325e53-1d4c00-18bd95f2f72f80%22%2C%22%24device_id%22%3A%20%2218bd95f2f72f80-0c115f358eac54-61325e53-1d4c00-18bd95f2f72f80%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
secure.actblue.com/	1970-01-20 16:15:59	Name: _dd_s Value: logs=1&id=bd5b23ab-f9e5-4f3f-9b00-eb1a13044de7&created=1700158976740&expire=1700159876740
.actblue.com/	1970-01-20 18:25:34	Name: _gcl_au Value: 1.1.31536046.1700158977
.secure.actblue.com/	1970-01-20 16:16:02	Name: _session_id Value: 777d66292af2aa7b4fb4441d89f8dd7b
.doubleclick.net/	1970-01-21 01:37:34	Name: IDE Value: AHWqTUlFGoIwl1HmJfsj2xLaKexTiI8yPVrVpWQ1y0uleo-X05Jc9P9ACLsT-dRb
.google.com/	1970-01-20 20:39:30	Name: NID Value: 511=LlbrCKk_eM1S4gnkxuCVKD0UavOU-8vfQbH7TpeYnoEH9ZTHT1OajaIvhAVskB-QX8qj73aKgWv_vawrEQw0WCiwtUh4-QE8a7XxMSNnSCbo_E8SaY5DGlLR33yZ9oyubPmgcOmuvbi1lCdvXHrz3hqjNRr5JXYqCMhOSqFM6VE
.actblue.com/	1970-01-20 18:25:34	Name: _fbp Value: fb.1.1700158977648.1422257437
.paypal.com/	1970-01-20 16:20:18	Name: tsrce Value: smartcomponentnodeweb
.paypal.com/	1970-01-20 16:16:00	Name: l7_az Value: dcg14.slc
.paypal.com/	1970-01-21 01:51:58	Name: ts Value: vreXpYrS%3D1794853377%26vteXpYrS%3D1700160777%26vr%3Dd95f35b018b0ad1024f912ecfe30eb1f%26vt%3Dd95f35b018b0ad1024f912ecfe30eb1e%26vtyp%3Dnew
.paypal.com/	1970-01-21 01:51:58	Name: ts_c Value: vr%3Dd95f35b018b0ad1024f912ecfe30eb1f%26vt%3Dd95f35b018b0ad1024f912ecfe30eb1e
.actblue.com/	1970-01-21 01:51:58	Name: __ssid Value: 756049480b5503b0db58c0dd2270f27

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://secure.actblue.com/pages/em-bfp-november-2023/tracking_code?t=landing&refcode=jb_em_fr_2023.11.16_b1_tbh_actives1_rtb_evg_c1_na-ac&link_id=1&can_id=1748cf16bd65e968f73bdfad4a024fb2&source=email-bh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-capture-hpc-highestpreviouscontribution-endcapture-assign-hpc_number-hpc-times-1-capture-askstring&email_referrer=email_2116074&email_subject=bh_campaign_donor-contains_tag-assign-bh_campaign_donor-contains_tag-just-if-bh_campaign_donor-capture-hpc-highestpreviouscontribution-endcapture-assign-hpc_number-hpc-times-1-capture-askstring-36-if-hpc_number-25-hpc_number-else-25-endif-endcapture-if-hpc_number-25-hpc_number-else-25-endif-else-1-endif-before-midnight&refcodeEmailReferrer=email_2116074&auth_token=null(Line 6) Message: document.domain mutation is ignored because the surrounding agent cluster is origin-keyed.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'none'; report-uri /system/csp_reports
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
cdn.sift.com
click.actionnetwork.org
connect.facebook.net
googleads.g.doubleclick.net
hexagon-analytics.com
insight.adsrvr.org
pay.google.com
play.google.com
proxy-service.actblue.com
secure.actblue.com
sessions.bugsnag.com
t.paypal.com
www.datadoghq-browser-agent.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
zgen2d20.micpn.com
108.138.181.64
108.138.217.96
142.250.186.162
15.197.193.217
151.101.0.174
151.101.128.174
151.101.129.35
151.101.65.21
151.101.66.133
2600:1901:0:7a0b::
2606:4700::6812:12bc
2a00:1450:4001:802::2004
2a00:1450:4001:806::2003
2a00:1450:4001:80e::2008
2a00:1450:4001:827::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200d
2a00:1450:400c:c07::5c
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
34.102.232.42
34.96.67.224
0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0d641cd345ecb8a76c6c52db24e446414e58e1ea3b3de1e6962a277fd5a86858
20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c
22aff09a4899c48a59b0b6963e2fc945a674556db20ce9576b54fce2d1de0812
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b
28c5bf64b24e3b1dbcf4d6f19e4b7fb37689df7c87eda71384541dc3e0e3bdd4
2c87ca07684e0023e19ef6ded6f42e7a6107089aa13b29fc295ca14c4fa600f4
33024a69c55c2172b2db5fa2774cec3a2ca7c2e7775847edd69bdf4d358cc336
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
40d3144de692987b16d83985b0042e16ce1c2454859c19f069ca066faa68e38a
476fc4f4592678274c27d94b1dc8b99e6117960b2613bfceea1a67f0ba5e8105
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
7247ab83a30fbd92bf8425aca87dbb9f3f44c1b7facc6f7fd80df157ea6b5e03
747693094d8736b1d3c2f6997bd01af07b156db9bff54a8db587d3709955d943
74fa77a33604706b3188fd24e03f74d00a96507bbcdb127173836b98d548d806
7ced00d7901dabdaf25993d9d328fffd1165e98b894805a12b63319431172705
7ff83d4a65fa84f4d78c1ba312ea1533df4912b90cdf84e8ff2411f2b389a778
81b3cfec8709a5844f547eae1fc0966ca4db5ec5c762a371b31954967cbda57b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
912bc848d461e328a48863196601323b69ed445926c856f23a426efe674e67eb
9e4b6ea4b1ca81a9f123382b87af8ad09a08d4d2b36087a951753a1b91c48132
a052b94a8afb2410c84389f7453451e172ead627f57db68fe28fbd1679f31e8e
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a64c95d259e3fb0d57b47e731db1be1ea10c9edd6f9c16986895f53eeb6b0fb7
ab45393a19c162763b3557bd12bae06a65153d1f5b73b2cb4ed6feecc71490a8
ab752339ce1284d73fffb260230bfe522c7255f5ff2ec045f77bfc1955a8a38f
acb1221313fbb4d27f785ffd7a9ade0f7f44c37567ce1abf6aff7c399a7992d4
b0ad1c94c8d49c34ef22fa625ffc4ce241f2159a606bffa357c9c1aeb772343e
b1d497c18851bcd204974c4928fe66d0e0afab1124ccf815b0a019d301f7a6ad
b30136e41af0cb6a31fe3e5ea66e0b57ce11a46b57ef58d6cc31c8c9a1a8d279
b7835ddf7f4bdc5fca38eab485755c7602c12caf9ccfd76db77ee611a7a806ff
c8687251f7338f46903d59714005918f662980f36eb6579a4f47da241bac107e
d20a92af33210457aed59b75bf5cc79018a32e7b6fb9d5844b86e7fc64711c97
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d78f2fac62146c8fe1f4ce42e96c5d28728e1a2e2063b0dd39415c0c79a7448e
dfab4c4a4b1c34a89038bf786e20a111d175bb742ee6c07f0598bc80f6d88208
dfed699c2e029df8b104490c909f8620da4598e7e507bfb79e65a7aec1aec92a
e0d38886fe77a4f965380f314f56745ee497d565a4918afb98fc0f8823de25b6
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7a17d448ce2deae2459d1ed87980c2f0f1cae0e5fb329f93d6fa953a9081c61
eeedc1abe03200da1b9ad6c8d55cfc0c7a5f8c47e492d5826f64f3e719eacb76
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f383d270511912b2da11555947cb3e6012e6375cb5f0d90493c25f6048169073

secure.actblue.com Open in urlscan Pro 151.101.0.174 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

69 Requests

99 %HTTPS

52 %IPv6

18 Domains

23 Subdomains

23 IPs

3 Countries

2874 kBTransfer

6616 kBSize

17 Cookies

2 Outgoing links

Page URL History

Redirected requests

69 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

secure.actblue.com Open in urlscan Pro
151.101.0.174 Public Scan

Screenshot
Live screenshot

Full Image

69
Requests

99 %
HTTPS

52 %
IPv6

18
Domains

23
Subdomains

23
IPs

3
Countries

2874 kB
Transfer

6616 kB
Size

17
Cookies

69 HTTP transactions
2 data transactions