urlscan.io logo urlscan.io
SecurityTrails logo

secure.actblue.com Open in urlscan Pro
151.101.192.174  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://go.jaimeharrison.com/page/m/65103bb7/1114366e/5e1a63d2/7c520841/3244954333/VEsEBQ/p/eyJlM3RoYlc5MWJuUjlmUT09IjoiMTAiL...
Effective URL: https://secure.actblue.com/donate/ms_harrison_fr_q42020_3x-match?refcode=MS_EM_FR_2020.10.25_B3_EOQ-3_X__F1_S1_C1__ALL_RS&a...
Submission Tags: falconsandbox
Submission: On October 25 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 4 countries across 12 domains to perform 33 HTTP transactions. The main IP is 151.101.192.174, located in United States and belongs to FASTLY, US. The main domain is secure.actblue.com.
TLS certificate: Issued by Sectigo RSA Extended Validation Secur... on October 22nd 2019. Valid for: 2 years.
This is the only time secure.actblue.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 65.9.57.60 16509 (AMAZON-02)
8 151.101.192.174 54113 (FASTLY)
5 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 2a02:26f0:10c... 20940 (AKAMAI-ASN1)
1 2600:1901:0:4... 15169 (GOOGLE)
1 65.9.44.70 16509 (AMAZON-02)
2 35.190.25.25 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.216.25.156 16509 (AMAZON-02)
5 151.101.1.21 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
2 104.79.88.92 20940 (AKAMAI-ASN1)
3 151.101.1.35 54113 (FASTLY)
33 13
1    65.9.57.60 (Seattle, United States)

ASN16509 (AMAZON-02, US)
go.jaimeharrison.com
8    151.101.192.174 (United States)

ASN54113 (FASTLY, US)
secure.actblue.com
5    2a02:26f0:6c00::210:ba0a (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
use.typekit.net
2    2a02:26f0:10c:5a4::19fd (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
p.typekit.net
1    2600:1901:0:498c:: (United States)

ASN15169 (GOOGLE, US)
cdn.mxpnl.com
1    65.9.44.70 (Seattle, United States)

ASN16509 (AMAZON-02, US)
www.datadoghq-browser-agent.com
2    35.190.25.25 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 25.25.190.35.bc.googleusercontent.com
api-js.mixpanel.com
1    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    52.216.25.156 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
actblue-indigo-uploads.s3.amazonaws.com
5    151.101.1.21 (United States)

ASN54113 (FASTLY, US)
www.paypal.com
2    2a00:1450:400c:c00::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
pay.google.com
2    104.79.88.92 (United States)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a104-79-88-92.deploy.static.akamaitechnologies.com
www.paypalobjects.com
3    151.101.1.35 (United States)

ASN54113 (FASTLY, US)
t.paypal.com
Domain Requested by
8 secure.actblue.com secure.actblue.com
www.datadoghq-browser-agent.com
5 www.paypal.com secure.actblue.com
www.paypal.com
www.datadoghq-browser-agent.com
5 use.typekit.net secure.actblue.com
use.typekit.net
3 t.paypal.com
2 www.paypalobjects.com www.paypal.com
www.paypalobjects.com
2 pay.google.com secure.actblue.com
pay.google.com
2 api-js.mixpanel.com cdn.mxpnl.com
www.datadoghq-browser-agent.com
2 p.typekit.net use.typekit.net
1 actblue-indigo-uploads.s3.amazonaws.com secure.actblue.com
1 stats.g.doubleclick.net secure.actblue.com
1 ssl.google-analytics.com 1 redirects
1 www.datadoghq-browser-agent.com secure.actblue.com
1 cdn.mxpnl.com secure.actblue.com
1 go.jaimeharrison.com 1 redirects
33 14

This site contains links to these domains. Also see Links.

Domain
jaimeharrison.com
Subject Issuer Validity Valid
secure.actblue.com
Sectigo RSA Extended Validation Secure Server CA		 2019-10-22 -
2021-10-21		 2 years crt.sh
use.typekit.net
DigiCert SHA2 Secure Server CA		 2020-01-28 -
2022-02-01		 2 years crt.sh
*.typekit.net
DigiCert SHA2 Secure Server CA		 2019-12-06 -
2021-12-10		 2 years crt.sh
*.mxpnl.com
RapidSSL RSA CA 2018		 2019-07-29 -
2021-07-28		 2 years crt.sh
*.datadoghq-browser-agent.com
Sectigo RSA Domain Validation Secure Server CA		 2019-04-08 -
2021-04-07		 2 years crt.sh
*.mixpanel.com
GeoTrust RSA CA 2018		 2020-04-20 -
2022-04-21		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
*.s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2019-11-09 -
2021-03-12		 a year crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2020-03-10 -
2022-03-15		 2 years crt.sh
*.google.com
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
t.paypal.com
DigiCert SHA2 High Assurance Server CA		 2020-07-15 -
2022-07-20		 2 years crt.sh

This page contains 5 frames:

Primary Page: https://secure.actblue.com/donate/ms_harrison_fr_q42020_3x-match?refcode=MS_EM_FR_2020.10.25_B3_EOQ-3_X__F1_S1_C1__ALL_RS&amount=10&amounts=10,25,50,100,250
Frame ID: F09D19BD398E6BB64DBAF70975B10D72
Requests: 29 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fsecure.actblue.com&mid=
Frame ID: 2B0C34CAA3407E5AF10D3530FFB15FE7
Requests: 1 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=45&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UiLCJhdHRycyI6eyJkYXRhLXVpZCI6IjU2NjVkYjNlNGZfbWplNm10cTZudGEifX0&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&sessionID=61913ac73f_mje6mtq6nta&buttonSessionID=0952e6f5ac_mje6mtq6nta&enableBNPL=true&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsiZmxleCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlfX19LCJjYXJkIjp7ImVsaWdpYmxlIjpmYWxzZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19fSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ==&platform=desktop&flow=purchase&currency=USD&intent=capture&disableFunding.0=credit&disableFunding.1=card
Frame ID: 575A90FF9E29493CBD7F8E40C794EBC7
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: E9120A0CB4945FCA46CC476BC4E945CE
Requests: 1 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html?frameId=63693506-a0c2-41fe-8f14-5bf5144b7da9&propertyId=NGJ83G9Z8QXZ8-1&flow=visitor-info&variant=analytics&mrid=NGJ83G9Z8QXZ8&isMobileEnabled=true&isDesktopEnabled=true&shouldCheckCountry=true&mobileVariant=analytics&mobileFlow=visitor-info
Frame ID: 8CE9349C679EA9E3CB0C794E2E1C67C7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://go.jaimeharrison.com/page/m/65103bb7/1114366e/5e1a63d2/7c520841/3244954333/VEsEBQ/p/eyJlM3RoYlc5M... HTTP 302
    https://secure.actblue.com/donate/ms_harrison_fr_q42020_3x-match?refcode=MS_EM_FR_2020.10.25_B3_EOQ-3_X... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^Cowboy$/i
Overall confidence: 100%
Detected patterns
  • headers server /^Cowboy$/i
Overall confidence: 100%
Detected patterns
  • headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i

Page Statistics

33
Requests

100 %
HTTPS

43 %
IPv6

12
Domains

14
Subdomains

13
IPs

4
Countries

861 kB
Transfer

2510 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://go.jaimeharrison.com/page/m/65103bb7/1114366e/5e1a63d2/7c520841/3244954333/VEsEBQ/p/eyJlM3RoYlc5MWJuUjlmUT09IjoiMTAiLCJlM3R6WldOdmJtUmZZVzF2ZFc1MGZYMD0iOiIyNSIsImUzdDBhR2x5WkY5aGJXOTFiblI5ZlE9PSI6IjUwIiwiZTN0bWIzVnlkR2hmWVcxdmRXNTBmWDA9IjoiMTAwIiwiZTN0bWFXWjBhRjloYlc5MWJuUjlmUT09IjoiMjUwIn0=/?g=6_Hkaa_HJ6Fdeyr53cBFESA HTTP 302
    https://secure.actblue.com/donate/ms_harrison_fr_q42020_3x-match?refcode=MS_EM_FR_2020.10.25_B3_EOQ-3_X__F1_S1_C1__ALL_RS&amount=10&amounts=10,25,50,100,250 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.6.1&utms=1&utmn=1395789821&utmhn=secure.actblue.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=ActBlue&utmhid=1269444436&utmr=-&utmp=%2Fdonate%2Fms_harrison_fr_q42020_3x-match%3Frefcode%3DMS_EM_FR_2020.10.25_B3_EOQ-3_X__F1_S1_C1__ALL_RS%26amount%3D10%26amounts%3D10%2C25%2C50%2C100%2C250&utmht=1603660489749&utmac=UA-159696-1&utmcc=__utma%3D88171332.1103424628.1603660490.1603660490.1603660490.1%3B%2B__utmz%3D88171332.1603660490.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1715735518&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-159696-1&cid=1103424628.1603660490&jid=1715735518&_v=5.6.1&z=1395789821

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ms_harrison_fr_q42020_3x-match
secure.actblue.com/donate/
Redirect Chain
  • https://go.jaimeharrison.com/page/m/65103bb7/1114366e/5e1a63d2/7c520841/3244954333/VEsEBQ/p/eyJlM3RoYlc5MWJuUjlmUT09IjoiMTAiLCJlM3R6WldOdmJtUmZZVzF2ZFc1MGZYMD0iOiIyNSIsImUzdDBhR2x5WkY5aGJXOTFiblI5Z...
  • https://secure.actblue.com/donate/ms_harrison_fr_q42020_3x-match?refcode=MS_EM_FR_2020.10.25_B3_EOQ-3_X__F1_S1_C1__ALL_RS&amount=10&amounts=10,25,50,100,250
89 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.actblue.com/donate/ms_harrison_fr_q42020_3x-match?refcode=MS_EM_FR_2020.10.25_B3_EOQ-3_X__F1_S1_C1__ALL_RS&amount=10&amounts=10,25,50,100,250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.192.174 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
6800268ccda19cc2692b8092046aa00ee0f6a75c1a5e57fe804a2acba12e69f8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri /system/csp_reports
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
secure.actblue.com
:scheme
https
:path
/donate/ms_harrison_fr_q42020_3x-match?refcode=MS_EM_FR_2020.10.25_B3_EOQ-3_X__F1_S1_C1__ALL_RS&amount=10&amounts=10,25,50,100,250
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
server
Cowboy
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-security-policy
frame-ancestors 'none'; report-uri /system/csp_reports
content-type
text/html; charset=utf-8
etag
W/"1634e-/83DFLvEHqtZEU8WdnJQx65eMdA"
x-form-app
kittens! [Server: node: us]
x-frame-options
sameorigin
via
1.1 vegur, 1.1 varnish, 1.1 varnish
content-encoding
gzip
accept-ranges
bytes
date
Sun, 25 Oct 2020 21:14:49 GMT
age
9942
vary
Accept-Encoding
set-cookie
skip_prefill_check=true; Secure
x-start
2020-10-25 21:14:49.177
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
content-length
20318

Redirect headers

status
302
content-type
application/octet-stream
content-length
0
location
https://secure.actblue.com/donate/ms_harrison_fr_q42020_3x-match?refcode=MS_EM_FR_2020.10.25_B3_EOQ-3_X__F1_S1_C1__ALL_RS&amount=10&amounts=10,25,50,100,250
server
awselb/2.0
date
Sun, 25 Oct 2020 21:14:49 GMT
set-cookie
guid=6_Hkaa_HJ6Fdeyr53cBFESA; Domain=go.jaimeharrison.com; Path=/; Expires=Tue, 27 Oct 2020 21:14:48 GMT mcid=1114366e; Domain=go.jaimeharrison.com; Path=/; Expires=Tue, 27 Oct 2020 21:14:48 GMT; HttpOnly msid=65103bb7; Domain=go.jaimeharrison.com; Path=/; Expires=Tue, 27 Oct 2020 21:14:48 GMT mlid=7c520841; Domain=go.jaimeharrison.com; Path=/; Expires=Tue, 27 Oct 2020 21:14:48 GMT mrid=5e1a63d2; Domain=go.jaimeharrison.com; Path=/; Expires=Tue, 27 Oct 2020 21:14:48 GMT; HttpOnly
x-cache
Miss from cloudfront
via
1.1 cd23adf07b7eb0d59b4b67067495bc7c.cloudfront.net (CloudFront)
x-amz-cf-pop
ARN54-C1
x-amz-cf-id
Jzx0DtPc-qf-xfrrG7kYA2pVYEiKLzU7MqmBjkkTPbjy9vv8L6MdjQ==
lak8drx.css
use.typekit.net/ 		3 KB
916 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/lak8drx.css
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/donate/ms_harrison_fr_q42020_3x-match?refcode=MS_EM_FR_2020.10.25_B3_EOQ-3_X__F1_S1_C1__ALL_RS&amount=10&amounts=10,25,50,100,250
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
nginx /
Resource Hash
13911220eda9e2fe0fa991692b852c67a33ce7d33d67e9c304d91b3da7f7a1e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
https://secure.actblue.com/donate/ms_harrison_fr_q42020_3x-match?refcode=MS_EM_FR_2020.10.25_B3_EOQ-3_X__F1_S1_C1__ALL_RS&amount=10&amounts=10,25,50,100,250
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
status
200
date
Sun, 25 Oct 2020 21:14:49 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
timing-allow-origin
*
content-length
716
c03dbe4f9bf6237319b4.css
secure.actblue.com/cf/assets/app-css/ 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.actblue.com/cf/assets/app-css/c03dbe4f9bf6237319b4.css?form_app=us
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/donate/ms_harrison_fr_q42020_3x-match?refcode=MS_EM_FR_2020.10.25_B3_EOQ-3_X__F1_S1_C1__ALL_RS&amount=10&amounts=10,25,50,100,250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.192.174 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
c0a876e22dd207a67ea508bf2a41c88b3f98dbc7ebc1fd335ccf427bf39aa4ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.actblue.com/donate/ms_harrison_fr_q42020_3x-match?refcode=MS_EM_FR_2020.10.25_B3_EOQ-3_X__F1_S1_C1__ALL_RS&amount=10&amounts=10,25,50,100,250
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 25 Oct 2020 21:14:49 GMT
content-encoding
gzip
vary
Accept-Encoding
age
167753
status
200
content-length
5073
x-xss-protection
1; mode=block
last-modified
Fri, 23 Oct 2020 16:16:56 GMT
server
Cowboy
etag
W/"5539-175563fb0c0"
strict-transport-security
max-age=31536000
content-type
text/css; charset=UTF-8
via
1.1 vegur, 1.1 varnish, 1.1 varnish
cache-control
max-age=31557600, must-revalidate
accept-ranges
bytes
x-start
2020-10-25 21:14:49.304
c03dbe4f9bf6237319b4.js
secure.actblue.com/cf/assets/app/ 		2 MB
443 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.actblue.com/cf/assets/app/c03dbe4f9bf6237319b4.js?form_app=us
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/donate/ms_harrison_fr_q42020_3x-match?refcode=MS_EM_FR_2020.10.25_B3_EOQ-3_X__F1_S1_C1__ALL_RS&amount=10&amounts=10,25,50,100,250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.192.174 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
3b412d641286c99c442b24011638eab08b2d6dbbd777906a54eed18a33404084
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.actblue.com/donate/ms_harrison_fr_q42020_3x-match?refcode=MS_EM_FR_2020.10.25_B3_EOQ-3_X__F1_S1_C1__ALL_RS&amount=10&amounts=10,25,50,100,250
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 25 Oct 2020 21:14:49 GMT
content-encoding
gzip
vary
Accept-Encoding
age
167753
status
200
content-length
452852
x-xss-protection
1; mode=block
last-modified
Fri, 23 Oct 2020 16:16:56 GMT
server
Cowboy
etag
W/"193f66-175563fb0c0"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=UTF-8
via
1.1 vegur, 1.1 varnish, 1.1 varnish
cache-control
max-age=31557600, must-revalidate
accept-ranges
bytes
x-start
2020-10-25 21:14:49.304
p.css
p.typekit.net/ 		5 B
149 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=lak8drx&ht=tk&f=37515.37516.37521.37522&a=12641256&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/lak8drx.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:5a4::19fd , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer
https://use.typekit.net/lak8drx.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 25 Oct 2020 21:14:49 GMT
last-modified
Wed, 02 Sep 2020 04:00:22 GMT
server
nginx
etag
"5f4f18d6-5"
status
200
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
5
mixpanel-2-latest.min.js
cdn.mxpnl.com/libs/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/donate/ms_harrison_fr_q42020_3x-match?refcode=MS_EM_FR_2020.10.25_B3_EOQ-3_X__F1_S1_C1__ALL_RS&amount=10&amounts=10,25,50,100,250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:498c:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
4232e3c12b3860ed86f62ab38ee1a711ba7393218593d61cefa8100c28afdd6f

Request headers

Referer
https://secure.actblue.com/donate/ms_harrison_fr_q42020_3x-match?refcode=MS_EM_FR_2020.10.25_B3_EOQ-3_X__F1_S1_C1__ALL_RS&amount=10&amounts=10,25,50,100,250
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 25 Oct 2020 21:07:41 GMT
content-encoding
gzip
age
428
x-guploader-uploadid
ABg5-UzAESocMlIYLxe557rh7IS6zjx2NMKLw24mwdNdsTYh3AlJOZa9Bw4Mo0-5gfSip1Qfyr1sTJvTBX6cY4CPsqc
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
26928
last-modified
Mon, 17 Aug 2020 21:43:08 GMT
server
UploadServer
etag
"0f7532346a033260e6e905e6396195aa"
vary
Accept-Encoding
x-goog-hash
crc32c=AlJgbg==, md5=D3UyNGoDMmDm6QXmOWGVqg==
x-goog-generation
1597700588364815
access-control-allow-origin
*
cache-control
public,max-age=600
x-goog-stored-content-length
26928
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 25 Oct 2020 21:17:41 GMT
datadog-logs.js
www.datadoghq-browser-agent.com/ 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.datadoghq-browser-agent.com/datadog-logs.js
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/c03dbe4f9bf6237319b4.js?form_app=us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.44.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7d2baa3456ac18611168406269a4553dcceeb6a363edcb1ab1d89c39a209ab92

Request headers

Referer
https://secure.actblue.com/donate/ms_harrison_fr_q42020_3x-match?refcode=MS_EM_FR_2020.10.25_B3_EOQ-3_X__F1_S1_C1__ALL_RS&amount=10&amounts=10,25,50,100,250
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 08:59:37 GMT
content-encoding
gzip
last-modified
Tue, 20 Oct 2020 08:59:33 GMT
server
AmazonS3
age
476113
etag
W/"1530c04b292e3e9a2f4fde2d59679bf7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=900
x-amz-cf-pop
ARN54-C1
x-amz-cf-id
dIa4X39zkBjGO1D3li-91Q-W4f0BIDgIJp4n9LRkWO3AzwbJD0ZDNQ==
via
1.1 4bdc4e02725e6de1af31e5bb25800f69.cloudfront.net (CloudFront)
auth_token
secure.actblue.com/api/cf/ 		104 B
363 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://secure.actblue.com/api/cf/auth_token
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/c03dbe4f9bf6237319b4.js?form_app=us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.192.174 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 + Phusion Passenger 6.0.6 / Phusion Passenger 6.0.6
Resource Hash
c8d8d6089a5ae9dd8dfb1e5e77673f1225f07592a85bc01b7ad06f29960c4c43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.actblue.com/donate/ms_harrison_fr_q42020_3x-match?refcode=MS_EM_FR_2020.10.25_B3_EOQ-3_X__F1_S1_C1__ALL_RS&amount=10&amounts=10,25,50,100,250
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 25 Oct 2020 21:14:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
0
x-powered-by
Phusion Passenger 6.0.6
status
200, 200 OK
vary
Accept-Encoding
content-length
130
x-xss-protection
1; mode=block
x-runtime
0.004197
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.18.0 + Phusion Passenger 6.0.6
x-frame-options
SAMEORIGIN
etag
W/"c8d8d6089a5ae9dd8dfb1e5e77673f12"
x-download-options
noopen
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
via
1.1 varnish
cache-control
no-cache, no-store
x-server-info
ip-10-32-7-125:10585:530878422774b62d7c0586945e83580e25407828
accept-ranges
bytes
x-start
2020-10-25 21:14:49.714
active_ab_test_weights
secure.actblue.com/api/lists/ms_harrison_fr_q42020_3x-match/ 		110 B
600 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://secure.actblue.com/api/lists/ms_harrison_fr_q42020_3x-match/active_ab_test_weights
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/c03dbe4f9bf6237319b4.js?form_app=us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.192.174 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 + Phusion Passenger 6.0.6 / Phusion Passenger 6.0.6
Resource Hash
71b1bcdffa788c6d0baa0a640fe9ae5f388499695dbb57b569d381eb67e81762
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.actblue.com/donate/ms_harrison_fr_q42020_3x-match?refcode=MS_EM_FR_2020.10.25_B3_EOQ-3_X__F1_S1_C1__ALL_RS&amount=10&amounts=10,25,50,100,250
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 25 Oct 2020 21:14:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
0
x-powered-by
Phusion Passenger 6.0.6
status
200, 200 OK
vary
Accept-Encoding
content-length
113
x-xss-protection
1; mode=block
x-runtime
0.011737
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.18.0 + Phusion Passenger 6.0.6
x-frame-options
SAMEORIGIN
etag
W/"71b1bcdffa788c6d0baa0a640fe9ae5f"
x-download-options
noopen
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
via
1.1 varnish
cache-control
no-cache, no-store
x-server-info
ip-10-32-19-114:10468:530878422774b62d7c0586945e83580e25407828
accept-ranges
bytes
x-start
2020-10-25 21:14:49.714
ga.js
secure.actblue.com/cf/static/ 		40 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.actblue.com/cf/static/ga.js
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/donate/ms_harrison_fr_q42020_3x-match?refcode=MS_EM_FR_2020.10.25_B3_EOQ-3_X__F1_S1_C1__ALL_RS&amount=10&amounts=10,25,50,100,250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.192.174 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
653e7cf0591c3856565188ac0fe9b6baa746f318b2cd4f205ac4e08a76edf338
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.actblue.com/donate/ms_harrison_fr_q42020_3x-match?refcode=MS_EM_FR_2020.10.25_B3_EOQ-3_X__F1_S1_C1__ALL_RS&amount=10&amounts=10,25,50,100,250
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 25 Oct 2020 21:14:49 GMT
content-encoding
gzip
vary
Accept-Encoding
age
167755
status
200
content-length
16100
x-xss-protection
1; mode=block
last-modified
Fri, 23 Oct 2020 16:10:26 GMT
server
Cowboy
etag
W/"9fe9-1755639bd50"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=UTF-8
via
1.1 vegur, 1.1 varnish, 1.1 varnish
cache-control
max-age=31557600, must-revalidate
accept-ranges
bytes
x-start
2020-10-25 21:14:49.724
/
api-js.mixpanel.com/decide/ 		65 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-js.mixpanel.com/decide/?verbose=1&version=1&lib=web&token=1498bce7991dd9e45621a9bf2dbfa01b&ip=1&_=1603660489731
Requested by
Host: cdn.mxpnl.com
URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.25.25 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
25.25.190.35.bc.googleusercontent.com
Software
gunicorn/19.9.0 /
Resource Hash
5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e

Request headers

Referer
https://secure.actblue.com/donate/ms_harrison_fr_q42020_3x-match?refcode=MS_EM_FR_2020.10.25_B3_EOQ-3_X__F1_S1_C1__ALL_RS&amount=10&amounts=10,25,50,100,250
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 25 Oct 2020 21:14:49 GMT
via
1.1 google
server
gunicorn/19.9.0
access-control-allow-headers
X-Requested-With
status
200
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://secure.actblue.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
alt-svc
clear
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.6.1&utms=1&utmn=1395789821&utmhn=secure.actblue.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=A...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-159696-1&cid=1103424628.1603660490&jid=1715735518&_v=5.6.1&z=1395789821
35 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-159696-1&cid=1103424628.1603660490&jid=1715735518&_v=5.6.1&z=1395789821
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/donate/ms_harrison_fr_q42020_3x-match?refcode=MS_EM_FR_2020.10.25_B3_EOQ-3_X__F1_S1_C1__ALL_RS&amount=10&amounts=10,25,50,100,250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.actblue.com/donate/ms_harrison_fr_q42020_3x-match?refcode=MS_EM_FR_2020.10.25_B3_EOQ-3_X__F1_S1_C1__ALL_RS&amount=10&amounts=10,25,50,100,250
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 25 Oct 2020 21:14:49 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 25 Oct 2020 21:14:49 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
302
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-159696-1&cid=1103424628.1603660490&jid=1715735518&_v=5.6.1&z=1395789821
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
369
expires
Fri, 01 Jan 1990 00:00:00 GMT
49d719dd-1da7-4790-8412-66578dc13904-Jaime_Wrapper-ActBlue_20190625.jpg
actblue-indigo-uploads.s3.amazonaws.com/uploads/list-editor/brandings/29172/document_body/background_image_url/ 		136 KB
136 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://actblue-indigo-uploads.s3.amazonaws.com/uploads/list-editor/brandings/29172/document_body/background_image_url/49d719dd-1da7-4790-8412-66578dc13904-Jaime_Wrapper-ActBlue_20190625.jpg
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/donate/ms_harrison_fr_q42020_3x-match?refcode=MS_EM_FR_2020.10.25_B3_EOQ-3_X__F1_S1_C1__ALL_RS&amount=10&amounts=10,25,50,100,250
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.25.156 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
b730c57cedc209d662cc54325e9def3e6750a8e068fca18aceb9bbb4accdc900

Request headers

Referer
https://secure.actblue.com/donate/ms_harrison_fr_q42020_3x-match?refcode=MS_EM_FR_2020.10.25_B3_EOQ-3_X__F1_S1_C1__ALL_RS&amount=10&amounts=10,25,50,100,250
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 25 Oct 2020 21:14:51 GMT
Last-Modified
Tue, 25 Jun 2019 20:24:03 GMT
Server
AmazonS3
x-amz-request-id
9P9JAZ3H4N8X0Y3Y
ETag
"faa60d62f94432c67ce7b933cdceebd4"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
139406
x-amz-id-2
jOyI7G4z3cgXlSw9wEELUflAkLkxvWFbYqlaRDx19SrXgMTA6yPXWD5YEmJ4Bqk7HhUbW3A/Qjg=
js
www.paypal.com/sdk/ 		255 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?client-id=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&locale=en_US&disable-funding=credit,card&intent=capture&commit=false
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/c03dbe4f9bf6237319b4.js?form_app=us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c939f44262f5bb40c448cf1dc31c41fdae184d17810ea93df591f00d999077be
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-RFfgEH8fw1w6cPuuo5XEXqwH8xEyTJJ+YQMvOx1qPySVskyG' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-RFfgEH8fw1w6cPuuo5XEXqwH8xEyTJJ+YQMvOx1qPySVskyG' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.actblue.com/donate/ms_harrison_fr_q42020_3x-match?refcode=MS_EM_FR_2020.10.25_B3_EOQ-3_X__F1_S1_C1__ALL_RS&amount=10&amounts=10,25,50,100,250
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-RFfgEH8fw1w6cPuuo5XEXqwH8xEyTJJ+YQMvOx1qPySVskyG' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-RFfgEH8fw1w6cPuuo5XEXqwH8xEyTJJ+YQMvOx1qPySVskyG' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
age
13964
x-cache
HIT, HIT
p3p
true
status
200
paypal-debug-id
94316e2eba40f
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
78238
etag
W/"1319e-i8xHmdoKgze48nD48ZIUcNbcxps"
x-served-by
cache-lhr7346-LHR, cache-cph20643-CPH
access-control-allow-origin
*
expires
Sun, 25 Oct 2020 20:20:32 GMT
x-timer
S1603660490.381791,VS0,VE105
x-frame-options
SAMEORIGIN
date
Sun, 25 Oct 2020 21:14:50 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
x-xss-protection
1; mode=block
cache-control
max-age=10800
accept-ranges
bytes
x-cache-hits
1, 1
trackables
secure.actblue.com/ 		0
445 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://secure.actblue.com/trackables
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.192.174 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 + Phusion Passenger 6.0.6 / Phusion Passenger 6.0.6
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.actblue.com/donate/ms_harrison_fr_q42020_3x-match?refcode=MS_EM_FR_2020.10.25_B3_EOQ-3_X__F1_S1_C1__ALL_RS&amount=10&amounts=10,25,50,100,250
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Sun, 25 Oct 2020 21:14:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-powered-by
Phusion Passenger 6.0.6
status
200, 200 OK
vary
Accept-Encoding
content-length
25
x-xss-protection
1; mode=block
x-runtime
0.019080
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.18.0 + Phusion Passenger 6.0.6
x-frame-options
SAMEORIGIN
x-download-options
noopen
strict-transport-security
max-age=31536000
content-type
text/html
via
1.1 varnish
cache-control
no-cache, no-store
x-server-info
ip-10-32-7-26:10232:530878422774b62d7c0586945e83580e25407828
accept-ranges
bytes
x-start
2020-10-25 21:14:50.391
cd530922bb3ec0af-61d85c57-4b58-42c4-a514-41f7eadfbf29-jh-logo-actblue.png
secure.actblue.com/x/object/actblue-cyanotypes/replaced_images/list/362931/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.actblue.com/x/object/actblue-cyanotypes/replaced_images/list/362931/cd530922bb3ec0af-61d85c57-4b58-42c4-a514-41f7eadfbf29-jh-logo-actblue.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.192.174 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2a939a02b4ac02f7a18feae461d502539e5049ed8664f3efbdb1fb8ff12f7cab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.actblue.com/donate/ms_harrison_fr_q42020_3x-match?refcode=MS_EM_FR_2020.10.25_B3_EOQ-3_X__F1_S1_C1__ALL_RS&amount=10&amounts=10,25,50,100,250
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
e2U8CIGAGuw2pV3A6lMdLpLB8NE2zoXb
via
1.1 varnish
etag
"4e88f0056c1fe0f28bab6374d45bbb5b"
age
1487
status
200
x-amz-replication-status
COMPLETED
content-disposition
attachment; filename="61d85c57-4b58-42c4-a514-41f7eadfbf29-jh-logo-actblue.png"
content-length
25583
x-amz-id-2
VqoIZ3whHM9NGyWaiUwsqmhAgt0sH3fKvUwF0AZzaXzT8CbK5JNr3bLYlSsGuhkSMwAL12UhtDY=
last-modified
Fri, 08 Mar 2019 20:43:56 GMT
server
AmazonS3
date
Sun, 25 Oct 2020 21:14:50 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
6AC3DC63C57ABCAA
x-xss-protection
1; mode=block
accept-ranges
bytes
content-type
image/png
x-start
2020-10-25 21:14:50.394
pay.js
pay.google.com/gp/p/js/ 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/js/pay.js
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/c03dbe4f9bf6237319b4.js?form_app=us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ce3f620e5b8d877113a0e828a508cc7d9dd8a44bfd521caef4537f4f68c161ed
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-/uyWWURBL1+k5/ww6g4drQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-/uyWWURBL1+k5/ww6g4drQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://secure.actblue.com/donate/ms_harrison_fr_q42020_3x-match?refcode=MS_EM_FR_2020.10.25_B3_EOQ-3_X__F1_S1_C1__ALL_RS&amount=10&amounts=10,25,50,100,250
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 25 Oct 2020 21:14:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
status
200
cache-control
private, max-age=600
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-/uyWWURBL1+k5/ww6g4drQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-/uyWWURBL1+k5/ww6g4drQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport
content-type
application/javascript; charset=utf-8
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Sun, 25 Oct 2020 21:14:50 GMT
lak8drx.css
use.typekit.net/ 		3 KB
916 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/lak8drx.css
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/c03dbe4f9bf6237319b4.js?form_app=us
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
nginx /
Resource Hash
13911220eda9e2fe0fa991692b852c67a33ce7d33d67e9c304d91b3da7f7a1e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
https://secure.actblue.com/donate/ms_harrison_fr_q42020_3x-match?refcode=MS_EM_FR_2020.10.25_B3_EOQ-3_X__F1_S1_C1__ALL_RS&amount=10&amounts=10,25,50,100,250
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
status
200
date
Sun, 25 Oct 2020 21:14:50 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
timing-allow-origin
*
content-length
716
p.css
p.typekit.net/ 		5 B
149 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=lak8drx&ht=tk&f=37515.37516.37521.37522&a=12641256&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/lak8drx.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:5a4::19fd , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer
https://use.typekit.net/lak8drx.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 25 Oct 2020 21:14:50 GMT
last-modified
Wed, 02 Sep 2020 04:00:22 GMT
server
nginx
etag
"5f4f18d6-5"
status
200
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
5
l
use.typekit.net/af/b45ee0/00000000000000003b9b137e/27/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/b45ee0/00000000000000003b9b137e/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/lak8drx.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
nginx /
Resource Hash
02036ae6de1e3505b9967e9430b8335e0fe9b569b530fb1a6782b9dab73b0209

Request headers

Origin
https://secure.actblue.com
Referer
https://use.typekit.net/lak8drx.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 25 Oct 2020 21:14:50 GMT
server
nginx
etag
"0d59496222b87382dc752e0c937b5e8d02a8359e"
status
200
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
13404
l
use.typekit.net/af/e41b92/00000000000000003b9b1378/27/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/e41b92/00000000000000003b9b1378/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/lak8drx.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
nginx /
Resource Hash
500ad9fee7bf73b9644f9d99e3716642c70e5130d80b75174b23baedac009ce6

Request headers

Origin
https://secure.actblue.com
Referer
https://use.typekit.net/lak8drx.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 25 Oct 2020 21:14:50 GMT
server
nginx
etag
"9401da25ba764ce4dc8cf54c311462d8c4b23bf2"
status
200
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
13228
l
use.typekit.net/af/5d404d/00000000000000003b9b137d/27/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/5d404d/00000000000000003b9b137d/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/lak8drx.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
nginx /
Resource Hash
439c27effb599dc5bac913c9c5a2d3738fd2b271c63b808f8704c6aedc315006

Request headers

Origin
https://secure.actblue.com
Referer
https://use.typekit.net/lak8drx.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 25 Oct 2020 21:14:50 GMT
server
nginx
etag
"befb46c45a8c37fc86828ce30d7f439964fcbfb7"
status
200
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
14784
payframe
pay.google.com/gp/p/ui/ Frame 2B0C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fsecure.actblue.com&mid=
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-xyV4P0l+7ijK72eS9Migvg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-xyV4P0l+7ijK72eS9Migvg' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pay.google.com
:scheme
https
:path
/gp/p/ui/payframe?origin=https%3A%2F%2Fsecure.actblue.com&mid=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://secure.actblue.com/donate/ms_harrison_fr_q42020_3x-match?refcode=MS_EM_FR_2020.10.25_B3_EOQ-3_X__F1_S1_C1__ALL_RS&amount=10&amounts=10,25,50,100,250
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=204=SCD6FNF2WnZtzXr6QgDwgl0gbjgzrIuaqZs72cZ92mvZvOB2-rvLz98_iL03oT_nfywojormA-PWZOwbE90C2zXKprZTXLQS1EJTN0xSAFDcGDQxQzJnT3Io5VuW-TDOa4MM9bjEXH6i4K22CyUp-auYAstoTr4uIr8ggD54_2I
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://secure.actblue.com/donate/ms_harrison_fr_q42020_3x-match?refcode=MS_EM_FR_2020.10.25_B3_EOQ-3_X__F1_S1_C1__ALL_RS&amount=10&amounts=10,25,50,100,250

Response headers

status
200
content-type
text/html; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible
IE=edge
expires
Sun, 25 Oct 2020 21:14:50 GMT
date
Sun, 25 Oct 2020 21:14:50 GMT
cache-control
private, max-age=3600
content-security-policy
script-src 'report-sample' 'nonce-xyV4P0l+7ijK72eS9Migvg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-xyV4P0l+7ijK72eS9Migvg' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pptm.js
www.paypal.com/tagmanager/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=secure.actblue.com&t=xo&v=5.0.180&source=payments_sdk&client_id=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&vault=false
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&locale=en_US&disable-funding=credit,card&intent=capture&commit=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
87463c42b9ad99de104b4cebac1501977fc9dfc4d42f002615b7fd861763f5d4
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-uaC1s5ptAKjVHdtnCHMi8Ni6Hvzgx3Q8WReRf596/RcrDVU+' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline'; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.actblue.com/donate/ms_harrison_fr_q42020_3x-match?refcode=MS_EM_FR_2020.10.25_B3_EOQ-3_X__F1_S1_C1__ALL_RS&amount=10&amounts=10,25,50,100,250
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-uaC1s5ptAKjVHdtnCHMi8Ni6Hvzgx3Q8WReRf596/RcrDVU+' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline'; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
age
5376
x-cache
HIT, HIT
status
200
paypal-debug-id
2d9c5654171b8
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
4860
x-xss-protection
1; mode=block
x-served-by
cache-lhr7364-LHR, cache-cph20643-CPH
x-timer
S1603660491.559528,VS0,VE2
x-frame-options
SAMEORIGIN
date
Sun, 25 Oct 2020 21:14:50 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/x-javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=3600
etag
W/"36f9-PhDawHq3bbFlZ7ID2DhTW7bWfps"
accept-ranges
bytes
x-cache-hits
6, 1
buttons
www.paypal.com/smart/ Frame 575A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=45&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UiLCJhdHRycyI6eyJkYXRhLXVpZCI6IjU2NjVkYjNlNGZfbWplNm10cTZudGEifX0&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&sessionID=61913ac73f_mje6mtq6nta&buttonSessionID=0952e6f5ac_mje6mtq6nta&enableBNPL=true&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsiZmxleCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlfX19LCJjYXJkIjp7ImVsaWdpYmxlIjpmYWxzZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19fSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ==&platform=desktop&flow=purchase&currency=USD&intent=capture&disableFunding.0=credit&disableFunding.1=card
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&locale=en_US&disable-funding=credit,card&intent=capture&commit=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.paypal.com
:scheme
https
:path
/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=45&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UiLCJhdHRycyI6eyJkYXRhLXVpZCI6IjU2NjVkYjNlNGZfbWplNm10cTZudGEifX0&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&sessionID=61913ac73f_mje6mtq6nta&buttonSessionID=0952e6f5ac_mje6mtq6nta&enableBNPL=true&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsiZmxleCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlfX19LCJjYXJkIjp7ImVsaWdpYmxlIjpmYWxzZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19fSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ==&platform=desktop&flow=purchase&currency=USD&intent=capture&disableFunding.0=credit&disableFunding.1=card
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://secure.actblue.com/donate/ms_harrison_fr_q42020_3x-match?refcode=MS_EM_FR_2020.10.25_B3_EOQ-3_X__F1_S1_C1__ALL_RS&amount=10&amounts=10,25,50,100,250
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://secure.actblue.com/donate/ms_harrison_fr_q42020_3x-match?refcode=MS_EM_FR_2020.10.25_B3_EOQ-3_X__F1_S1_C1__ALL_RS&amount=10&amounts=10,25,50,100,250

Response headers

status
200
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-disposition
inline
content-security-policy
form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html; charset=utf-8
etag
W/"3438e-jq4k34i+gfC4LOk7qOpMam7gtV4"
p3p
true
paypal-debug-id
91aa4d76a2e3a
set-cookie
tsrce=smartcomponentnodeweb; Domain=.paypal.com; Path=/; Expires=Wed, 28 Oct 2020 21:14:50 GMT; HttpOnly; Secure; SameSite=None l7_az=dcg14.slc; Path=/; Domain=paypal.com; Expires=Sun, 25 Oct 2020 21:44:50 GMT; HttpOnly; Secure; SameSite=None ts=vreXpYrS%3D1698268490%26vteXpYrS%3D1603662290%26vr%3D619d27d21750ad0059b3958bfe5b1cac%26vt%3D619d27d21750ad0059b3958bfe5b1cab%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Wed, 25 Oct 2023 21:14:50 GMT; HttpOnly; Secure; SameSite=None ts_c=vr%3D619d27d21750ad0059b3958bfe5b1cac%26vt%3D619d27d21750ad0059b3958bfe5b1cab; Path=/; Domain=paypal.com; Expires=Wed, 25 Oct 2023 21:14:50 GMT; Secure; SameSite=None x-cdn=fastly:CPH; Domain=paypal.com; Path=/; Secure
x-content-type-options
nosniff
x-csrf-jwt
__blank__
x-xss-protection
1; mode=block
dc
ccg11-origin-www-1.paypal.com
accept-ranges
bytes none
via
1.1 varnish 1.1 varnish
date
Sun, 25 Oct 2020 21:14:50 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-served-by
cache-lhr7368-LHR, cache-cph20643-CPH
x-cache
MISS, MISS
x-cache-hits
0, 0
x-timer
S1603660491.610913,VS0,VE276
vary
Accept-Encoding
content-encoding
br
truncated
/ Frame E912 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
logger
www.paypal.com/xoplatform/logger/api/ 		2 B
637 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://secure.actblue.com/donate/ms_harrison_fr_q42020_3x-match?refcode=MS_EM_FR_2020.10.25_B3_EOQ-3_X__F1_S1_C1__ALL_RS&amount=10&amounts=10,25,50,100,250
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type
application/json

Response headers

date
Sun, 25 Oct 2020 21:14:51 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-powered-by
Express
x-cache
MISS, MISS
status
200
paypal-debug-id
d995bad85f6e1
strict-transport-security
max-age=63072000; includeSubDomains; preload
dc
phx-origin-www-1.paypal.com
x-served-by
cache-lhr7368-LHR, cache-cph20648-CPH
x-timer
S1603660491.817678,VS0,VE207
etag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://secure.actblue.com
content-encoding
br
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
none
x-cache-hits
0, 0
logger
www.paypal.com/xoplatform/logger/api/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Protocol
H2
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://secure.actblue.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

status
200
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://secure.actblue.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-type
application/json; charset=utf-8
etag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
paypal-debug-id
578e43cdd5dc9
x-content-type-options
nosniff
x-powered-by
Express
dc
phx-origin-www-2.paypal.com
accept-ranges
none
via
1.1 varnish, 1.1 varnish
date
Sun, 25 Oct 2020 21:14:50 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-served-by
cache-lhr7323-LHR, cache-cph20648-CPH
x-cache
MISS, MISS
x-cache-hits
0, 0
x-timer
S1603660491.621402,VS0,VE176
vary
Accept-Encoding
content-encoding
br
muse.js
www.paypalobjects.com/muse/ 		66 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/muse.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=secure.actblue.com&t=xo&v=5.0.180&source=payments_sdk&client_id=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&vault=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.79.88.92 , United States, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-79-88-92.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c9dc1e8b49eb87c548ec7d2cac255a9500e596cd06735084e70b7c74d87f1bcc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.actblue.com/donate/ms_harrison_fr_q42020_3x-match?refcode=MS_EM_FR_2020.10.25_B3_EOQ-3_X__F1_S1_C1__ALL_RS&amount=10&amounts=10,25,50,100,250
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 25 Oct 2020 21:14:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
paypal-debug-id
a9f79952bd569
dc
slc-b-origin-www-2.paypal.com
vary
Accept-Encoding
content-length
17728
pragma
no-cache
last-modified
Thu, 01 Oct 2020 22:15:18 GMT
etag
"5f7654f6-10830"
strict-transport-security
max-age=31536000
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
expires
Sun, 25 Oct 2020 21:14:50 GMT
ts
t.paypal.com/ 		42 B
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3ANGJ83G9Z8QXZ8-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3ANGJ83G9Z8QXZ8-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=fe4dca86-323c-4442-b2a6-6bd13ac56ad7&fltp=analytics&mrid=NGJ83G9Z8QXZ8&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Jaime%20Harrison%20%E2%80%94%20Donate%20via%20ActBlue&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&rosetta_language=en-US&e=im&t=1603660490607&g=-60&completeurl=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fms_harrison_fr_q42020_3x-match%3Frefcode%3DMS_EM_FR_2020.10.25_B3_EOQ-3_X__F1_S1_C1__ALL_RS%26amount%3D10%26amounts%3D10%2C25%2C50%2C100%2C250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
akka-http/10.1.11 /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer
https://secure.actblue.com/donate/ms_harrison_fr_q42020_3x-match?refcode=MS_EM_FR_2020.10.25_B3_EOQ-3_X__F1_S1_C1__ALL_RS&amount=10&amounts=10,25,50,100,250
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 25 Oct 2020 21:14:50 GMT
via
1.1 varnish, 1.1 varnish
age
0
x-cache
MISS, MISS
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
status
200
http_x_pp_az_locator
slca.slc
x-cache-hits
0, 0
content-length
42
x-served-by
cache-lhr7365-LHR, cache-cph20633-CPH
pragma
no-cache
server
akka-http/10.1.11
x-timer
S1603660491.623318,VS0,VE176
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, no-transform
accept-ranges
bytes, bytes
expires
Sun, 25 Oct 2020 21:14:50 GMT
index.html
www.paypalobjects.com/muse/analytics/ Frame 8CE9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/analytics/index.html?frameId=63693506-a0c2-41fe-8f14-5bf5144b7da9&propertyId=NGJ83G9Z8QXZ8-1&flow=visitor-info&variant=analytics&mrid=NGJ83G9Z8QXZ8&isMobileEnabled=true&isDesktopEnabled=true&shouldCheckCountry=true&mobileVariant=analytics&mobileFlow=visitor-info
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.79.88.92 , United States, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-79-88-92.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
www.paypalobjects.com
:scheme
https
:path
/muse/analytics/index.html?frameId=63693506-a0c2-41fe-8f14-5bf5144b7da9&propertyId=NGJ83G9Z8QXZ8-1&flow=visitor-info&variant=analytics&mrid=NGJ83G9Z8QXZ8&isMobileEnabled=true&isDesktopEnabled=true&shouldCheckCountry=true&mobileVariant=analytics&mobileFlow=visitor-info
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://secure.actblue.com/donate/ms_harrison_fr_q42020_3x-match?refcode=MS_EM_FR_2020.10.25_B3_EOQ-3_X__F1_S1_C1__ALL_RS&amount=10&amounts=10,25,50,100,250
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://secure.actblue.com/donate/ms_harrison_fr_q42020_3x-match?refcode=MS_EM_FR_2020.10.25_B3_EOQ-3_X__F1_S1_C1__ALL_RS&amount=10&amounts=10,25,50,100,250

Response headers

status
200
accept-ranges
bytes
content-type
text/html
etag
"5f7654f5-474a4"
last-modified
Thu, 01 Oct 2020 22:15:17 GMT
paypal-debug-id
7e46707c46e88
dc
phx-origin-www-1.paypal.com
content-encoding
gzip
content-length
89663
expires
Sun, 25 Oct 2020 21:14:50 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Sun, 25 Oct 2020 21:14:50 GMT
vary
Accept-Encoding
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
ts
t.paypal.com/ 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3ANGJ83G9Z8QXZ8-1&page=muse%3Aoffer%3A%3A%3ANGJ83G9Z8QXZ8-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=fe4dca86-323c-4442-b2a6-6bd13ac56ad7&es=visitorInfoFlowStarted&mrid=NGJ83G9Z8QXZ8&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Jaime%20Harrison%20%E2%80%94%20Donate%20via%20ActBlue&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&rosetta_language=en-US&e=im&t=1603660490971&g=-60&completeurl=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fms_harrison_fr_q42020_3x-match%3Frefcode%3DMS_EM_FR_2020.10.25_B3_EOQ-3_X__F1_S1_C1__ALL_RS%26amount%3D10%26amounts%3D10%2C25%2C50%2C100%2C250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
akka-http/10.1.11 /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer
https://secure.actblue.com/donate/ms_harrison_fr_q42020_3x-match?refcode=MS_EM_FR_2020.10.25_B3_EOQ-3_X__F1_S1_C1__ALL_RS&amount=10&amounts=10,25,50,100,250
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 25 Oct 2020 21:14:51 GMT
via
1.1 varnish, 1.1 varnish
age
0, 0, 0
x-cache
MISS, MISS
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
status
200
http_x_pp_az_locator
slca.slc
x-cache-hits
0, 0
content-length
42
x-served-by
cache-lhr7351-LHR, cache-cph20633-CPH
pragma
no-cache
server
akka-http/10.1.11
x-timer
S1603660491.986938,VS0,VE162
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, no-transform
accept-ranges
bytes, bytes, bytes
expires
Sun, 25 Oct 2020 21:14:51 GMT
ts
t.paypal.com/ 		42 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3ANGJ83G9Z8QXZ8-1&page=muse%3Aoffer%3A%3A%3ANGJ83G9Z8QXZ8-1%3A%3AvisitorInfo%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=fe4dca86-323c-4442-b2a6-6bd13ac56ad7&es=visitorInfo&mrid=NGJ83G9Z8QXZ8&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Jaime%20Harrison%20%E2%80%94%20Donate%20via%20ActBlue&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&rosetta_language=en-US&e=im&t=1603660491847&g=-60&completeurl=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fms_harrison_fr_q42020_3x-match%3Frefcode%3DMS_EM_FR_2020.10.25_B3_EOQ-3_X__F1_S1_C1__ALL_RS%26amount%3D10%26amounts%3D10%2C25%2C50%2C100%2C250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
akka-http/10.1.11 /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer
https://secure.actblue.com/donate/ms_harrison_fr_q42020_3x-match?refcode=MS_EM_FR_2020.10.25_B3_EOQ-3_X__F1_S1_C1__ALL_RS&amount=10&amounts=10,25,50,100,250
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 25 Oct 2020 21:14:52 GMT
via
1.1 varnish, 1.1 varnish
age
0, 0, 0
x-cache
MISS, MISS
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
status
200
http_x_pp_az_locator
slca.slc
x-cache-hits
0, 0
content-length
42
x-served-by
cache-lhr7343-LHR, cache-cph20633-CPH
pragma
no-cache
server
akka-http/10.1.11
x-timer
S1603660492.860896,VS0,VE164
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, no-transform
accept-ranges
bytes, bytes, bytes
expires
Sun, 25 Oct 2020 21:14:51 GMT
/
api-js.mixpanel.com/track/ 		25 B
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-js.mixpanel.com/track/?verbose=1&ip=1&_=1603660494736
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.25.25 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
25.25.190.35.bc.googleusercontent.com
Software
envoy /
Resource Hash
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba

Request headers

Referer
https://secure.actblue.com/donate/ms_harrison_fr_q42020_3x-match?refcode=MS_EM_FR_2020.10.25_B3_EOQ-3_X__F1_S1_C1__ALL_RS&amount=10&amounts=10,25,50,100,250
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sun, 25 Oct 2020 21:14:54 GMT
via
1.1 google
server
envoy
access-control-allow-headers
X-Requested-With
status
200
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://secure.actblue.com
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
8
alt-svc
clear
content-length
25

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes object| CF_CONFIG object| indigoListResponse object| preloadedState object| Bugsnag object| mixpanel object| webpackJsonp object| __core-js_shared__ object| core object| scCGSHMRCache object| regeneratorRuntime object| tracker function| PERSIST object| SafeDDLogs object| SafeMixpanel object| _gaq object| _gat object| gaGlobal object| DD_LOGS string| MODE object| a object| b object| c string| d object| denylistedDomainsHashedValueListForGpayButtonWithCardInfo object| whitelistedDomainsHashedValueListForGpayButtonWithCardInfo object| google object| __post_robot_10_0_41__ object| paypal object| __zoid_9_0_62__ object| paypalDDL string| PaypalOffersObject function| ppq object| __postRobot__ object| __zalgopromise__ object| PAYPAL

9 Cookies

Domain/Path Name / Value
.actblue.com/ Name: __utmb
Value: 88171332.1.10.1603660490
.actblue.com/ Name: __utmt
Value: 1
secure.actblue.com/ Name: dd_cookie_test_d0e0c541-eb97-4463-9398-19cab83a5f73
Value: test
.actblue.com/ Name: mp_1498bce7991dd9e45621a9bf2dbfa01b_mixpanel
Value: %7B%22distinct_id%22%3A%20%22175619d24001cf-0a314331644bed-1b396256-1d4c00-175619d2401634%22%2C%22%24device_id%22%3A%20%22175619d24001cf-0a314331644bed-1b396256-1d4c00-175619d2401634%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.actblue.com/ Name: __utmz
Value: 88171332.1603660490.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.actblue.com/ Name: __utma
Value: 88171332.1103424628.1603660490.1603660490.1603660490.1
secure.actblue.com/ Name: _dd_s
Value: logs=1&id=d23f3953-5ad5-4d51-8b7e-301e0ac7611b&created=1603660489803&expire=1603661389803
.actblue.com/ Name: __utmc
Value: 88171332
secure.actblue.com/donate Name: skip_prefill_check
Value: true

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'none'; report-uri /system/csp_reports
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

actblue-indigo-uploads.s3.amazonaws.com
api-js.mixpanel.com
cdn.mxpnl.com
go.jaimeharrison.com
p.typekit.net
pay.google.com
secure.actblue.com
ssl.google-analytics.com
stats.g.doubleclick.net
t.paypal.com
use.typekit.net
www.datadoghq-browser-agent.com
www.paypal.com
www.paypalobjects.com
104.79.88.92
151.101.1.21
151.101.1.35
151.101.192.174
2600:1901:0:498c::
2a00:1450:4001:80b::2008
2a00:1450:400c:c00::5c
2a00:1450:400c:c08::9b
2a02:26f0:10c:5a4::19fd
2a02:26f0:6c00::210:ba0a
35.190.25.25
52.216.25.156
65.9.44.70
65.9.57.60
02036ae6de1e3505b9967e9430b8335e0fe9b569b530fb1a6782b9dab73b0209
13911220eda9e2fe0fa991692b852c67a33ce7d33d67e9c304d91b3da7f7a1e8
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b
2a939a02b4ac02f7a18feae461d502539e5049ed8664f3efbdb1fb8ff12f7cab
3b412d641286c99c442b24011638eab08b2d6dbbd777906a54eed18a33404084
4232e3c12b3860ed86f62ab38ee1a711ba7393218593d61cefa8100c28afdd6f
439c27effb599dc5bac913c9c5a2d3738fd2b271c63b808f8704c6aedc315006
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
500ad9fee7bf73b9644f9d99e3716642c70e5130d80b75174b23baedac009ce6
5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e
653e7cf0591c3856565188ac0fe9b6baa746f318b2cd4f205ac4e08a76edf338
6800268ccda19cc2692b8092046aa00ee0f6a75c1a5e57fe804a2acba12e69f8
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
71b1bcdffa788c6d0baa0a640fe9ae5f388499695dbb57b569d381eb67e81762
7d2baa3456ac18611168406269a4553dcceeb6a363edcb1ab1d89c39a209ab92
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87463c42b9ad99de104b4cebac1501977fc9dfc4d42f002615b7fd861763f5d4
b730c57cedc209d662cc54325e9def3e6750a8e068fca18aceb9bbb4accdc900
c0a876e22dd207a67ea508bf2a41c88b3f98dbc7ebc1fd335ccf427bf39aa4ec
c8d8d6089a5ae9dd8dfb1e5e77673f1225f07592a85bc01b7ad06f29960c4c43
c939f44262f5bb40c448cf1dc31c41fdae184d17810ea93df591f00d999077be
c9dc1e8b49eb87c548ec7d2cac255a9500e596cd06735084e70b7c74d87f1bcc
ce3f620e5b8d877113a0e828a508cc7d9dd8a44bfd521caef4537f4f68c161ed
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855