urlscan.io logo urlscan.io
SecurityTrails logo

secure.actblue.com Open in urlscan Pro
151.101.64.174  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://click.act.democrats.org/ss/c/wehEm_vu1NBVXOKYSqOxTOi34aJoCJC1EivM7Ih953y53vruDbttYwoBwoSIb7JRt1AgdXYHDNHyCl6QBvnqdTmuPAJ...
Effective URL: https://secure.actblue.com/donate/em-jb-oct-elect-dems-2022?refcode=em_20221021_jb_actives1_rtb_evg_fr_res-whs-nd&link_id=6...
Submission: On October 24 via manual from FR — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 29 IPs in 4 countries across 22 domains to perform 91 HTTP transactions. The main IP is 151.101.64.174, located in United States and belongs to FASTLY, US. The main domain is secure.actblue.com. The Cisco Umbrella rank of the primary domain is 65956.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2022 Q3 on September 20th 2022. Valid for: a year.
This is the only time secure.actblue.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
8 151.101.64.174 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
2 52.217.196.185 16509 (AMAZON-02)
1 2600:1901:0:b... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2600:1901:0:7... 15169 (GOOGLE)
1 108.138.1.193 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 172.217.18.2 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
12 151.101.193.21 54113 (FASTLY)
4 2a00:1450:401... 15169 (GOOGLE)
1 3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 108.138.7.60 16509 (AMAZON-02)
2 2a03:2880:f02... 32934 (FACEBOOK)
2 192.229.221.25 15133 (EDGECAST)
2 151.101.65.35 54113 (FASTLY)
5 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f12... 32934 (FACEBOOK)
15 2a00:1450:400... 15169 (GOOGLE)
6 151.101.129.35 54113 (FASTLY)
1 2 64.4.245.84 17012 (PAYPAL)
1 34.96.67.224 396982 (GOOGLE-CL...)
1 34.102.232.42 396982 (GOOGLE-CL...)
1 35.190.25.25 ()
91 29
1    2606:4700::6810:4a28 (United States)

ASN13335 (CLOUDFLARENET, US)
click.act.democrats.org
8    151.101.64.174 (United States)

ASN54113 (FASTLY, US)
secure.actblue.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    52.217.196.185 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
actblue-indigo-uploads.s3.amazonaws.com
1    2600:1901:0:bc29:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
cdn.mxpnl.com
1    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    2600:1901:0:7a0b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
sessions.bugsnag.com
1    108.138.1.193 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-193.fra56.r.cloudfront.net
www.datadoghq-browser-agent.com
3    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
2    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net
www.googleadservices.com
3    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
12    151.101.193.21 (United States)

ASN54113 (FASTLY, US)
www.paypal.com
4    2a00:1450:4010:c0f::5c (Lappeenranta, Finland)

ASN15169 (GOOGLE, US)
pay.google.com
3    2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.fr
1    108.138.7.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-60.fra56.r.cloudfront.net
zgen2d20.micpn.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    192.229.221.25 (United States)

ASN15133 (EDGECAST, US)
www.paypalobjects.com
2    151.101.65.35 (United States)

ASN54113 (FASTLY, US)
t.paypal.com
5    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
15    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
play.google.com
6    151.101.129.35 (United States)

ASN54113 (FASTLY, US)
c.paypal.com
c6.paypal.com
2    64.4.245.84 (United States)

ASN17012 (PAYPAL, US)
b.stats.paypal.com
dub.stats.paypal.com
1    34.96.67.224 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 224.67.96.34.bc.googleusercontent.com
cdn.sift.com
1    34.102.232.42 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 42.232.102.34.bc.googleusercontent.com
hexagon-analytics.com
1    35.190.25.25 (None, )

ASN- ()
api-js.mixpanel.com
Apex Domain
Subdomains		 Transfer
22 google.com
pay.google.com — Cisco Umbrella Rank: 2985
www.google.com — Cisco Umbrella Rank: 2
play.google.com — Cisco Umbrella Rank: 27
397 KB
22 paypal.com
www.paypal.com — Cisco Umbrella Rank: 2528
t.paypal.com — Cisco Umbrella Rank: 3306
c.paypal.com — Cisco Umbrella Rank: 5901
b.stats.paypal.com — Cisco Umbrella Rank: 5131
dub.stats.paypal.com — Cisco Umbrella Rank: 23350
c6.paypal.com — Cisco Umbrella Rank: 6763
402 KB
8 actblue.com
secure.actblue.com — Cisco Umbrella Rank: 65956
517 KB
6 gstatic.com
fonts.gstatic.com
www.gstatic.com
119 KB
4 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
2 KB
4 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 278
www.google-analytics.com — Cisco Umbrella Rank: 32
40 KB
4 bugsnag.com
sessions.bugsnag.com — Cisco Umbrella Rank: 778
175 B
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
253 B
3 google.fr
www.google.fr — Cisco Umbrella Rank: 15283
675 B
3 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 131
32 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 61
176 KB
2 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2248
33 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 151
111 KB
2 amazonaws.com
actblue-indigo-uploads.s3.amazonaws.com — Cisco Umbrella Rank: 183919
549 KB
1 mixpanel.com
api-js.mixpanel.com
372 B
1 hexagon-analytics.com
hexagon-analytics.com — Cisco Umbrella Rank: 5254
297 B
1 sift.com
cdn.sift.com — Cisco Umbrella Rank: 12530
20 KB
1 micpn.com
zgen2d20.micpn.com — Cisco Umbrella Rank: 848214
15 KB
1 datadoghq-browser-agent.com
www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 2394
12 KB
1 mxpnl.com
cdn.mxpnl.com — Cisco Umbrella Rank: 3123
18 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 44
967 B
1 democrats.org
click.act.democrats.org — Cisco Umbrella Rank: 104528
842 B
91 22
Domain Requested by
15 play.google.com www.gstatic.com
12 www.paypal.com secure.actblue.com
www.paypal.com
www.datadoghq-browser-agent.com
www.paypalobjects.com
8 secure.actblue.com secure.actblue.com
5 c.paypal.com www.paypal.com
c.paypal.com
5 www.gstatic.com secure.actblue.com
pay.google.com
www.gstatic.com
4 pay.google.com secure.actblue.com
pay.google.com
www.gstatic.com
4 sessions.bugsnag.com secure.actblue.com
www.datadoghq-browser-agent.com
3 www.facebook.com secure.actblue.com
3 www.google.fr secure.actblue.com
3 www.google.com 1 redirects secure.actblue.com
3 www.google-analytics.com www.googletagmanager.com
www.datadoghq-browser-agent.com
www.gstatic.com
3 www.googleadservices.com www.googletagmanager.com
www.googleadservices.com
3 www.googletagmanager.com secure.actblue.com
www.googletagmanager.com
2 t.paypal.com secure.actblue.com
2 www.paypalobjects.com www.paypal.com
www.paypalobjects.com
2 connect.facebook.net secure.actblue.com
connect.facebook.net
2 googleads.g.doubleclick.net 1 redirects www.googleadservices.com
2 stats.g.doubleclick.net secure.actblue.com
www.datadoghq-browser-agent.com
2 actblue-indigo-uploads.s3.amazonaws.com secure.actblue.com
1 api-js.mixpanel.com www.datadoghq-browser-agent.com
1 hexagon-analytics.com
1 c6.paypal.com
1 cdn.sift.com secure.actblue.com
1 dub.stats.paypal.com www.paypal.com
1 b.stats.paypal.com 1 redirects
1 zgen2d20.micpn.com secure.actblue.com
1 ssl.google-analytics.com 1 redirects
1 www.datadoghq-browser-agent.com secure.actblue.com
1 fonts.gstatic.com fonts.googleapis.com
1 cdn.mxpnl.com secure.actblue.com
1 fonts.googleapis.com secure.actblue.com
1 click.act.democrats.org 1 redirects
91 32

This site contains links to these domains. Also see Links.

Domain
democrats.org
Subject Issuer Validity Valid
secure.actblue.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-09-20 -
2023-10-22		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.s3.amazonaws.com
Amazon		 2021-12-15 -
2022-12-03		 a year crt.sh
*.mxpnl.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2022-07-11 -
2023-07-28		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.bugsnag.com
Sectigo RSA Domain Validation Secure Server CA		 2022-04-26 -
2023-04-26		 a year crt.sh
*.datadoghq-browser-agent.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-17 -
2023-02-18		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2022-04-12 -
2023-04-12		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.google.fr
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.micpn.com
Amazon		 2022-02-17 -
2023-03-18		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-08-02 -
2022-10-31		 3 months crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2022-03-04 -
2022-11-23		 9 months crt.sh
*.sift.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-07 -
2023-01-20		 a year crt.sh
*.hexagon-analytics.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-04		 a year crt.sh
*.mixpanel.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-28 -
2023-04-28		 a year crt.sh

This page contains 11 frames:

Primary Page: https://secure.actblue.com/donate/em-jb-oct-elect-dems-2022?refcode=em_20221021_jb_actives1_rtb_evg_fr_res-whs-nd&link_id=6&can_id=3acb8d3b12b129f92658263ae45829a8&source=email-2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-a&email_referrer=email_1709269&email_subject=2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-assign-2021_donor-contains_tag-if-2022_donor-im-counting-on-grassroots-donors-like-you-to-chip-in-again-before-next-months-midterm-elections-elsif-2021_donor-or-2020_donor-im-counting-on-past-donors-like-you-to-make-your-first-donation-of-the-year-before-next-months-midterm-elections-else-if-youve-been-waiting-on-the-sidelines-looking-for-the-best-time-to-donate-this-is-it-endif&refcodeEmailReferrer=email_1709269
Frame ID: FEFC430F3793A65657F078A909364B57
Requests: 41 HTTP requests in this frame

Frame: https://secure.actblue.com/pages/em-jb-oct-elect-dems-2022/tracking_code?t=landing&refcode=em_20221021_jb_actives1_rtb_evg_fr_res-whs-nd&link_id=6&can_id=3acb8d3b12b129f92658263ae45829a8&source=email-2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-a&email_referrer=email_1709269&email_subject=2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-assign-2021_donor-contains_tag-if-2022_donor-im-counting-on-grassroots-donors-like-you-to-chip-in-again-before-next-months-midterm-elections-elsif-2021_donor-or-2020_donor-im-counting-on-past-donors-like-you-to-make-your-first-donation-of-the-year-before-next-months-midterm-elections-else-if-youve-been-waiting-on-the-sidelines-looking-for-the-best-time-to-donate-this-is-it-endif&refcodeEmailReferrer=email_1709269&auth_token=null
Frame ID: 9419EED85B04FCEA310700BB54D542E5
Requests: 6 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=44&style.menuPlacement=below&sdkVersion=5.0.335&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UmZW5hYmxlLWZ1bmRpbmc9dmVubW8iLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9mbWdpY3pibHBhZ211bHhpc2F1Z2VianVpb21iamsifX0&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&sdkCorrelationID=03351b5501575&storageID=uid_bc26a2c3ca_mti6nty6ndg&sessionID=uid_581e3af33a_mti6nty6ndg&buttonSessionID=uid_74d7656ee6_mti6nty6ndg&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&enableFunding.0=venmo&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Frame ID: A2D66A3F7A4B95C5D4BFA58922B5C041
Requests: 6 HTTP requests in this frame

Frame: data://truncated
Frame ID: 452704CAAC77F569274C100D33EC3ED9
Requests: 1 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fsecure.actblue.com&mid=
Frame ID: 66E72D13C2558A72F65164E5CBC36DA8
Requests: 16 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: F798113486A3F474FDB6006551B9BC0B
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 9466DDFA296885C03F4CDFA4C2C55B6D
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: FA3D2B9A3370BD728A5134E3E70F68B7
Requests: 1 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: 67C6CC1A4387E9103604EBDA7AF956B7
Requests: 5 HTTP requests in this frame

Frame: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_581e3af33a_mti6nty6ndg&s=SMART_PAYMENT_BUTTONS
Frame ID: 3DE91FBA4723477A1F894502C280E9B3
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 45F72A70DC7398F058E0869BD2189E76
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Democratic National Committee (DNC) — Donate via ActBlue

Page URL History Show full URLs

  1. https://click.act.democrats.org/ss/c/wehEm_vu1NBVXOKYSqOxTOi34aJoCJC1EivM7Ih953y53vruDbttYwoBwoSIb7JRt1AgdXY... HTTP 302
    https://secure.actblue.com/donate/em-jb-oct-elect-dems-2022?refcode=em_20221021_jb_actives1_rtb_evg_fr_... Page URL

Detected technologies

Overall confidence: 75%
Detected patterns
Overall confidence: 100%
Detected patterns
  • pay\.google\.com/([a-z/]+)/pay\.js
Overall confidence: 100%
Detected patterns
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.sift(?:science)?\.com/s\.js

Page Statistics

91
Requests

97 %
HTTPS

57 %
IPv6

22
Domains

32
Subdomains

29
IPs

4
Countries

2445 kB
Transfer

6425 kB
Size

32
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.act.democrats.org/ss/c/wehEm_vu1NBVXOKYSqOxTOi34aJoCJC1EivM7Ih953y53vruDbttYwoBwoSIb7JRt1AgdXYHDNHyCl6QBvnqdTmuPAJQIk5RH_nQKsleBcGgV2RdOXcwkcO52zoKRxF5OqgIrWuZrvEoBI4ooP76fMAgfKYCHo2lcU54EqaLCOFykWsvj5yLPO9BJ3WgmJ3IcLssCUpkOvybZXkPno3vqBOuOt5Co10yLY5DwE6jkDFqlUevSfnXjulukS4SdEz83lWD9hWLamJlcIFrYd0ZUXWPibcy8SpXdFzmrg1p52lcUHtsOI9t2VsXaPCs4YXnYlnaDjr8s6wcTCHf-b86mh-RKQbvVZzsQUfa5R3bM6VCT5fVoDsRp3ZFIHpLqsiGCvsUCSnweenBRrO6VvQSIO-In4pULLJRtYSdh34brWUJw5i2l0FQ_Zo8Scn_Xu9UbiHefdfAb-FHWh6RlUFEZT2yluEeE_h8b4N21Rb6q9fdmv-J697l-IWo6FRiGlM4oUjx6vyquh-1bqO7z6fRg9TuHmeamj5WG7Vg6xxABO1jtCkHw-Gqk3FKhd2vGxiqanJ-wI6LyAkGL5qMf3YOjxeqd36SXQjHNDl3DTCifVs8mv7Us_IfDS68ZLoUiMNlIuhZgVxD1wu7CSB0bNzK32cAdDgoq3E10FUETPPWgdH0nwM3NA3EtjR6TAe3GgdhK5vKU93A17ZOrxA-DxRPOVrHtYZIuZSsDdBDTKvO9R-L3lxxoEp1txxXPaMzI-0OS6nZnszH35sg6YDDVtva4A6o7a5q2gsVSkfSc-fz1-wcNtYIhcQu9BezbJDbmeYmN0Zc9ik-WPNESU2BOonGAR7S2pMl_5RNyaNNwwpK6Bh70gI_zsEv3nIoMcF96liEpMO69rTxfZtbERGSTBFUDfKMtoWS-r-3YhB1nBsV-Pi9eW2wFzH__GU7TakAY4jWSQ6VMtOPXj6Mp3a2J_RrWs7zVNDwZDQUmvSx0gHzEUPmnASKm2tcc_t0ScLD2GVp-C-VJFKMvj1rT8gpWfxLZWTI7rIXvotRlqLQuKDPZu1mNHMmmSeigWybpQrKx6QRn4Pxtp0OiPd8RdAfLcoJd7znXwLRNDZezc0VyzAh9PIl0zPEEM2NzlEcUBL0yEO2bqR2fqObCIS1_rKylzQ2lwed0RasTSOv_IpZzruBp51Xxuu-4isJJbVI_XLlej8D0lpjPuJnHJTeAGoVY7ajw1-vKhIUtSHSjXsCIr7YbeMW151RYGZ8jxEOs1_eDDkEWsgPMOqNeICkATugemIGUW3aQO-JE-nCHcpRUGOXxCaWl7HrTX24kldgdB2AbsrLiMxx5KRZ2ryT8CFyuFIBNA/3qh/2TlKeCRUR7Wfr1WuIGwEuw/h6/tmJwZl-ea7H-0NfGscSwg_aUY3eD0EZAKeoGU494NEU HTTP 302
    https://secure.actblue.com/donate/em-jb-oct-elect-dems-2022?refcode=em_20221021_jb_actives1_rtb_evg_fr_res-whs-nd&link_id=6&can_id=3acb8d3b12b129f92658263ae45829a8&source=email-2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-a&email_referrer=email_1709269&email_subject=2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-assign-2021_donor-contains_tag-if-2022_donor-im-counting-on-grassroots-donors-like-you-to-chip-in-again-before-next-months-midterm-elections-elsif-2021_donor-or-2020_donor-im-counting-on-past-donors-like-you-to-make-your-first-donation-of-the-year-before-next-months-midterm-elections-else-if-youve-been-waiting-on-the-sidelines-looking-for-the-best-time-to-donate-this-is-it-endif&refcodeEmailReferrer=email_1709269 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.6.1&utms=1&utmn=1150297605&utmhn=secure.actblue.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=ActBlue&utmhid=1940856042&utmr=-&utmp=%2Fdonate%2Fem-jb-oct-elect-dems-2022%3Frefcode%3Dem_20221021_jb_actives1_rtb_evg_fr_res-whs-nd%26link_id%3D6%26can_id%3D3acb8d3b12b129f92658263ae45829a8%26source%3Demail-2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-a%26email_referrer%3Demail_1709269%26email_subject%3D2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-assign-2021_donor-contains_tag-if-2022_donor-im-counting-on-grassroots-donors-like-you-to-chip-in-again-before-next-months-midterm-elections-elsif-2021_donor-or-2020_donor-im-counting-on-past-donors-like-you-to-make-your-first-donation-of-the-year-before-next-months-midterm-elections-else-if-youve-been-waiting-on-the-sidelines-looking-for-the-best-time-to-donate-this-is-it-endif%26refcodeEmailReferrer%3Demail_1709269&utmht=1666616208375&utmac=UA-159696-1&utmcc=__utma%3D88171332.340882672.1666616208.1666616208.1666616208.1%3B%2B__utmz%3D88171332.1666616208.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=903533237&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-159696-1&cid=340882672.1666616208&jid=903533237&_v=5.6.1&z=1150297605
Request Chain 25
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/745767271/?random=849237072&cv=9&fst=1666616208556&num=1&label=sBrwCPCVnJsBEOeCzuMC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaj0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fem-jb-oct-elect-dems-2022%3Frefcode%3Dem_20221021_jb_actives1_rtb_evg_fr_res-whs-nd%26link_id%3D6%26can_id%3D3acb8d3b12b129f92658263ae45829a8%26source%3Demail-2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-a%26email_referrer%3Demail_1709269%26email_subject%3D2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-cont&tiba=ActBlue&auid=241053688.1666616208&gtm_ee=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=kItWY4iNJ8_KmLAP04eY2AQ&sscte=1&crd=&pscrd=Ek5DaEVJOE9fWW1nWVFyOWF1cl9mWTE3ZUVBUklsQU5na0dPUXMxZHA1aUE5UUY4d2dQdzBsMEg1dUh3QVliSlhtTXVDTzlxQWNfTmtoa1EaWENoRUk4T19ZbWdZUTl0YnFtNFhGMWFPdkFSSXRBQlNTcHpFYmQ4RUwwak5jTkZ3NFgybkNDQUNrWEpYQTBSQ0tDUVFwOU91S1ZWM2RVMWViS3ZsRkJpNjk HTTP 302
  • https://www.google.com/pagead/1p-conversion/745767271/?random=849237072&cv=9&fst=1666616208556&num=1&label=sBrwCPCVnJsBEOeCzuMC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaj0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fem-jb-oct-elect-dems-2022%3Frefcode%3Dem_20221021_jb_actives1_rtb_evg_fr_res-whs-nd%26link_id%3D6%26can_id%3D3acb8d3b12b129f92658263ae45829a8%26source%3Demail-2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-a%26email_referrer%3Demail_1709269%26email_subject%3D2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-cont&tiba=ActBlue&auid=241053688.1666616208&gtm_ee=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOE9fWW1nWVFyOWF1cl9mWTE3ZUVBUklsQU5na0dPUXMxZHA1aUE5UUY4d2dQdzBsMEg1dUh3QVliSlhtTXVDTzlxQWNfTmtoa1EaWENoRUk4T19ZbWdZUTl0YnFtNFhGMWFPdkFSSXRBQlNTcHpFYmQ4RUwwak5jTkZ3NFgybkNDQUNrWEpYQTBSQ0tDUVFwOU91S1ZWM2RVMWViS3ZsRkJpNjk&is_vtc=1&ocp_id=kItWY4iNJ8_KmLAP04eY2AQ&cid=CAQSKQDq26N9y2M0t4z3rllX1ZqtOVfQ-rAP4cD5rp-h8f3aUnmHsitZkQYNIBM&random=3706331263&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.fr/pagead/1p-conversion/745767271/?random=849237072&cv=9&fst=1666616208556&num=1&label=sBrwCPCVnJsBEOeCzuMC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaj0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fem-jb-oct-elect-dems-2022%3Frefcode%3Dem_20221021_jb_actives1_rtb_evg_fr_res-whs-nd%26link_id%3D6%26can_id%3D3acb8d3b12b129f92658263ae45829a8%26source%3Demail-2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-a%26email_referrer%3Demail_1709269%26email_subject%3D2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-cont&tiba=ActBlue&auid=241053688.1666616208&gtm_ee=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOE9fWW1nWVFyOWF1cl9mWTE3ZUVBUklsQU5na0dPUXMxZHA1aUE5UUY4d2dQdzBsMEg1dUh3QVliSlhtTXVDTzlxQWNfTmtoa1EaWENoRUk4T19ZbWdZUTl0YnFtNFhGMWFPdkFSSXRBQlNTcHpFYmQ4RUwwak5jTkZ3NFgybkNDQUNrWEpYQTBSQ0tDUVFwOU91S1ZWM2RVMWViS3ZsRkJpNjk&is_vtc=1&ocp_id=kItWY4iNJ8_KmLAP04eY2AQ&cid=CAQSKQDq26N9y2M0t4z3rllX1ZqtOVfQ-rAP4cD5rp-h8f3aUnmHsitZkQYNIBM&random=3706331263&resp=GooglemKTybQhCsO&ipr=y&prhg=0&ezwbk=AZuM4hAtmy1JJuJajJS9NKZYgXT2BsrFhsOifsvuL7VMDR6UjNidPO2NxZB5c9vsvUTNoPor3TGFjvLCljrEV95twsxm
Request Chain 79
  • https://b.stats.paypal.com/v2/counter.cgi?p=uid_581e3af33a_mti6nty6ndg&s=SMART_PAYMENT_BUTTONS HTTP 302
  • https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_581e3af33a_mti6nty6ndg&s=SMART_PAYMENT_BUTTONS

91 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request em-jb-oct-elect-dems-2022
secure.actblue.com/donate/
Redirect Chain
  • https://click.act.democrats.org/ss/c/wehEm_vu1NBVXOKYSqOxTOi34aJoCJC1EivM7Ih953y53vruDbttYwoBwoSIb7JRt1AgdXYHDNHyCl6QBvnqdTmuPAJQIk5RH_nQKsleBcGgV2RdOXcwkcO52zoKRxF5OqgIrWuZrvEoBI4ooP76fMAgfKYCHo2l...
  • https://secure.actblue.com/donate/em-jb-oct-elect-dems-2022?refcode=em_20221021_jb_actives1_rtb_evg_fr_res-whs-nd&link_id=6&can_id=3acb8d3b12b129f92658263ae45829a8&source=email-2022_donor-contains_...
52 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.actblue.com/donate/em-jb-oct-elect-dems-2022?refcode=em_20221021_jb_actives1_rtb_evg_fr_res-whs-nd&link_id=6&can_id=3acb8d3b12b129f92658263ae45829a8&source=email-2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-a&email_referrer=email_1709269&email_subject=2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-assign-2021_donor-contains_tag-if-2022_donor-im-counting-on-grassroots-donors-like-you-to-chip-in-again-before-next-months-midterm-elections-elsif-2021_donor-or-2020_donor-im-counting-on-past-donors-like-you-to-make-your-first-donation-of-the-year-before-next-months-midterm-elections-else-if-youve-been-waiting-on-the-sidelines-looking-for-the-best-time-to-donate-this-is-it-endif&refcodeEmailReferrer=email_1709269
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.64.174 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
40925b88fa6d8bd6e302920c15c28946d64f68f23c5b516734eb9ea40780e3a9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri /system/csp_reports
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
147696
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-length
12397
content-security-policy
frame-ancestors 'none'; report-uri /system/csp_reports
content-type
text/html; charset=utf-8
date
Mon, 24 Oct 2022 12:56:47 GMT
etag
W/"d0cc-2iaM1foF8B/RtAHebsekbVPvEd0"
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 vegur, 1.1 varnish, 1.1 varnish
x-form-app
kittens! [Server: node: us]
x-frame-options
sameorigin
x-robots-tag
noindex, nofollow
x-start
2022-10-24 12:56:47.958
x-xss-protection
1; mode=block

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
75f2dfdf98aad64e-CDG
content-type
text/html; charset=utf-8
date
Mon, 24 Oct 2022 12:56:47 GMT
location
https://secure.actblue.com/donate/em-jb-oct-elect-dems-2022?refcode=em_20221021_jb_actives1_rtb_evg_fr_res-whs-nd&link_id=6&can_id=3acb8d3b12b129f92658263ae45829a8&source=email-2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-a&email_referrer=email_1709269&email_subject=2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-assign-2021_donor-contains_tag-if-2022_donor-im-counting-on-grassroots-donors-like-you-to-chip-in-again-before-next-months-midterm-elections-elsif-2021_donor-or-2020_donor-im-counting-on-past-donors-like-you-to-make-your-first-donation-of-the-year-before-next-months-midterm-elections-else-if-youve-been-waiting-on-the-sidelines-looking-for-the-best-time-to-donate-this-is-it-endif&refcodeEmailReferrer=email_1709269
server
cloudflare
x-robots-tag
noindex, nofollow
css2
fonts.googleapis.com/ 		1 KB
967 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Libre+Franklin:wght@500&display=swap
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/donate/em-jb-oct-elect-dems-2022?refcode=em_20221021_jb_actives1_rtb_evg_fr_res-whs-nd&link_id=6&can_id=3acb8d3b12b129f92658263ae45829a8&source=email-2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-a&email_referrer=email_1709269&email_subject=2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-assign-2021_donor-contains_tag-if-2022_donor-im-counting-on-grassroots-donors-like-you-to-chip-in-again-before-next-months-midterm-elections-elsif-2021_donor-or-2020_donor-im-counting-on-past-donors-like-you-to-make-your-first-donation-of-the-year-before-next-months-midterm-elections-else-if-youve-been-waiting-on-the-sidelines-looking-for-the-best-time-to-donate-this-is-it-endif&refcodeEmailReferrer=email_1709269
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
727b7896a52f1720b15b197937d581304db4f6400f709a355aee32faa531d936
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 24 Oct 2022 12:56:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 24 Oct 2022 12:21:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 24 Oct 2022 12:56:48 GMT
c17a2e61b982965b66c6.css
secure.actblue.com/cf/assets/app-css/ 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.actblue.com/cf/assets/app-css/c17a2e61b982965b66c6.css?form_app=us
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/donate/em-jb-oct-elect-dems-2022?refcode=em_20221021_jb_actives1_rtb_evg_fr_res-whs-nd&link_id=6&can_id=3acb8d3b12b129f92658263ae45829a8&source=email-2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-a&email_referrer=email_1709269&email_subject=2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-assign-2021_donor-contains_tag-if-2022_donor-im-counting-on-grassroots-donors-like-you-to-chip-in-again-before-next-months-midterm-elections-elsif-2021_donor-or-2020_donor-im-counting-on-past-donors-like-you-to-make-your-first-donation-of-the-year-before-next-months-midterm-elections-else-if-youve-been-waiting-on-the-sidelines-looking-for-the-best-time-to-donate-this-is-it-endif&refcodeEmailReferrer=email_1709269
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.64.174 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
29f6723688a4d4dfa023755fe5ce31ab8b9302eda17a34f2e9e4364a95b3a97a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://secure.actblue.com/donate/em-jb-oct-elect-dems-2022?refcode=em_20221021_jb_actives1_rtb_evg_fr_res-whs-nd&link_id=6&can_id=3acb8d3b12b129f92658263ae45829a8&source=email-2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-a&email_referrer=email_1709269&email_subject=2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-assign-2021_donor-contains_tag-if-2022_donor-im-counting-on-grassroots-donors-like-you-to-chip-in-again-before-next-months-midterm-elections-elsif-2021_donor-or-2020_donor-im-counting-on-past-donors-like-you-to-make-your-first-donation-of-the-year-before-next-months-midterm-elections-else-if-youve-been-waiting-on-the-sidelines-looking-for-the-best-time-to-donate-this-is-it-endif&refcodeEmailReferrer=email_1709269
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 12:56:47 GMT
via
1.1 vegur, 1.1 varnish, 1.1 varnish
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sat, 22 Oct 2022 19:47:54 GMT
age
147704
etag
W/"552a-184013cd210"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
x-start
2022-10-24 12:56:47.994
cache-control
max-age=31557600, must-revalidate
accept-ranges
bytes
content-length
5074
x-xss-protection
1; mode=block
actblue.js
secure.actblue.com/cf/assets/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.actblue.com/cf/assets/actblue.js
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/donate/em-jb-oct-elect-dems-2022?refcode=em_20221021_jb_actives1_rtb_evg_fr_res-whs-nd&link_id=6&can_id=3acb8d3b12b129f92658263ae45829a8&source=email-2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-a&email_referrer=email_1709269&email_subject=2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-assign-2021_donor-contains_tag-if-2022_donor-im-counting-on-grassroots-donors-like-you-to-chip-in-again-before-next-months-midterm-elections-elsif-2021_donor-or-2020_donor-im-counting-on-past-donors-like-you-to-make-your-first-donation-of-the-year-before-next-months-midterm-elections-else-if-youve-been-waiting-on-the-sidelines-looking-for-the-best-time-to-donate-this-is-it-endif&refcodeEmailReferrer=email_1709269
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.64.174 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b30136e41af0cb6a31fe3e5ea66e0b57ce11a46b57ef58d6cc31c8c9a1a8d279
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://secure.actblue.com/donate/em-jb-oct-elect-dems-2022?refcode=em_20221021_jb_actives1_rtb_evg_fr_res-whs-nd&link_id=6&can_id=3acb8d3b12b129f92658263ae45829a8&source=email-2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-a&email_referrer=email_1709269&email_subject=2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-assign-2021_donor-contains_tag-if-2022_donor-im-counting-on-grassroots-donors-like-you-to-chip-in-again-before-next-months-midterm-elections-elsif-2021_donor-or-2020_donor-im-counting-on-past-donors-like-you-to-make-your-first-donation-of-the-year-before-next-months-midterm-elections-else-if-youve-been-waiting-on-the-sidelines-looking-for-the-best-time-to-donate-this-is-it-endif&refcodeEmailReferrer=email_1709269
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 12:56:47 GMT
via
1.1 vegur, 1.1 varnish, 1.1 varnish
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sat, 22 Oct 2022 19:46:14 GMT
age
147704
etag
W/"73ca-184013b4b70"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-start
2022-10-24 12:56:47.994
cache-control
max-age=600, must-revalidate
accept-ranges
bytes
content-length
9342
x-xss-protection
1; mode=block
33430695-16dd-4b12-89bd-520fbbcaff2b-D_Logo_navy.svg
actblue-indigo-uploads.s3.amazonaws.com/uploads/list-editor/fa4efb9b-3379-4443-ade6-1c497d1141c9-brandings/123727/header/image_url/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://actblue-indigo-uploads.s3.amazonaws.com/uploads/list-editor/fa4efb9b-3379-4443-ade6-1c497d1141c9-brandings/123727/header/image_url/33430695-16dd-4b12-89bd-520fbbcaff2b-D_Logo_navy.svg
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/donate/em-jb-oct-elect-dems-2022?refcode=em_20221021_jb_actives1_rtb_evg_fr_res-whs-nd&link_id=6&can_id=3acb8d3b12b129f92658263ae45829a8&source=email-2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-a&email_referrer=email_1709269&email_subject=2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-assign-2021_donor-contains_tag-if-2022_donor-im-counting-on-grassroots-donors-like-you-to-chip-in-again-before-next-months-midterm-elections-elsif-2021_donor-or-2020_donor-im-counting-on-past-donors-like-you-to-make-your-first-donation-of-the-year-before-next-months-midterm-elections-else-if-youve-been-waiting-on-the-sidelines-looking-for-the-best-time-to-donate-this-is-it-endif&refcodeEmailReferrer=email_1709269
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.196.185 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
f384f5b5702aff302d21279abd721dad9cc382f412773c5df92fab9ea3ace8a9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Mon, 24 Oct 2022 12:56:49 GMT
Last-Modified
Fri, 18 Feb 2022 21:38:02 GMT
Server
AmazonS3
x-amz-request-id
0EAMKA6NVN6HPW7A
ETag
"f104c53dafbf0ddd81388ecd5e582772"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
3680
x-amz-id-2
0iWCo74fY6VQ3cJe+9piX4d/jan/HvYoI7+ketc7896RUPhz3j6ETPei5tH/Aqes4DW7QI2RHFE=
c17a2e61b982965b66c6.js
secure.actblue.com/cf/assets/app/ 		2 MB
472 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.actblue.com/cf/assets/app/c17a2e61b982965b66c6.js?form_app=us
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/donate/em-jb-oct-elect-dems-2022?refcode=em_20221021_jb_actives1_rtb_evg_fr_res-whs-nd&link_id=6&can_id=3acb8d3b12b129f92658263ae45829a8&source=email-2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-a&email_referrer=email_1709269&email_subject=2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-assign-2021_donor-contains_tag-if-2022_donor-im-counting-on-grassroots-donors-like-you-to-chip-in-again-before-next-months-midterm-elections-elsif-2021_donor-or-2020_donor-im-counting-on-past-donors-like-you-to-make-your-first-donation-of-the-year-before-next-months-midterm-elections-else-if-youve-been-waiting-on-the-sidelines-looking-for-the-best-time-to-donate-this-is-it-endif&refcodeEmailReferrer=email_1709269
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.64.174 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b4f76242aa7ba0f7171c615197feaa071fbb074584b1a8a25ba11f1cfb520d16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://secure.actblue.com/donate/em-jb-oct-elect-dems-2022?refcode=em_20221021_jb_actives1_rtb_evg_fr_res-whs-nd&link_id=6&can_id=3acb8d3b12b129f92658263ae45829a8&source=email-2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-a&email_referrer=email_1709269&email_subject=2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-assign-2021_donor-contains_tag-if-2022_donor-im-counting-on-grassroots-donors-like-you-to-chip-in-again-before-next-months-midterm-elections-elsif-2021_donor-or-2020_donor-im-counting-on-past-donors-like-you-to-make-your-first-donation-of-the-year-before-next-months-midterm-elections-else-if-youve-been-waiting-on-the-sidelines-looking-for-the-best-time-to-donate-this-is-it-endif&refcodeEmailReferrer=email_1709269
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 12:56:48 GMT
via
1.1 vegur, 1.1 varnish, 1.1 varnish
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sat, 22 Oct 2022 19:47:54 GMT
age
147704
etag
W/"195370-184013cd210"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-start
2022-10-24 12:56:48.022
cache-control
max-age=31557600, must-revalidate
accept-ranges
bytes
content-length
483152
x-xss-protection
1; mode=block
mixpanel-2-latest.min.js
cdn.mxpnl.com/libs/ 		50 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/donate/em-jb-oct-elect-dems-2022?refcode=em_20221021_jb_actives1_rtb_evg_fr_res-whs-nd&link_id=6&can_id=3acb8d3b12b129f92658263ae45829a8&source=email-2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-a&email_referrer=email_1709269&email_subject=2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-assign-2021_donor-contains_tag-if-2022_donor-im-counting-on-grassroots-donors-like-you-to-chip-in-again-before-next-months-midterm-elections-elsif-2021_donor-or-2020_donor-im-counting-on-past-donors-like-you-to-make-your-first-donation-of-the-year-before-next-months-midterm-elections-else-if-youve-been-waiting-on-the-sidelines-looking-for-the-best-time-to-donate-this-is-it-endif&refcodeEmailReferrer=email_1709269
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:bc29:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
da7a511c69cdf1e0f950a29019d09854b8919bc154bb95fe5d5ec580ed2f0997

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 12:52:45 GMT
content-encoding
gzip
age
243
x-guploader-uploadid
ADPycdtr3XMn5pTQaNrNhYDTlXw_TgyWSFbxA5Lpzf5N__QOMmx9Z22lnzHYQNDrGHZS-CEE1eJeFzJnIsC3HkuIQu06D-sdb5d4
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17435
last-modified
Thu, 17 Feb 2022 20:21:50 GMT
server
UploadServer
etag
"caa762087e9d75cecc34b5d6626cb7b9"
vary
Accept-Encoding
x-goog-generation
1645129310876382
x-goog-hash
crc32c=PPVzJA==, md5=yqdiCH6ddc7MNLXWYmy3uQ==
access-control-allow-origin
*
content-type
text/javascript
cache-control
public,max-age=600
x-goog-stored-content-length
17435
accept-ranges
bytes
expires
Mon, 24 Oct 2022 13:02:45 GMT
8279006a-6cc7-44c6-932c-36f33505bcd6-background1.png
actblue-indigo-uploads.s3.amazonaws.com/uploads/list-editor/0e953996-997e-4a96-822b-1e6cee392a86-brandings/123727/document_body/background_image_url/ 		545 KB
545 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://actblue-indigo-uploads.s3.amazonaws.com/uploads/list-editor/0e953996-997e-4a96-822b-1e6cee392a86-brandings/123727/document_body/background_image_url/8279006a-6cc7-44c6-932c-36f33505bcd6-background1.png
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/donate/em-jb-oct-elect-dems-2022?refcode=em_20221021_jb_actives1_rtb_evg_fr_res-whs-nd&link_id=6&can_id=3acb8d3b12b129f92658263ae45829a8&source=email-2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-a&email_referrer=email_1709269&email_subject=2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-assign-2021_donor-contains_tag-if-2022_donor-im-counting-on-grassroots-donors-like-you-to-chip-in-again-before-next-months-midterm-elections-elsif-2021_donor-or-2020_donor-im-counting-on-past-donors-like-you-to-make-your-first-donation-of-the-year-before-next-months-midterm-elections-else-if-youve-been-waiting-on-the-sidelines-looking-for-the-best-time-to-donate-this-is-it-endif&refcodeEmailReferrer=email_1709269
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.196.185 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
d20f67e754753b9de3e1e3c7f113a78631eef21189dd122a96268335c986753d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Mon, 24 Oct 2022 12:56:49 GMT
Last-Modified
Wed, 07 Apr 2021 18:28:24 GMT
Server
AmazonS3
x-amz-request-id
0EAYPVGYVWFDTZ3A
ETag
"b48b68f83e5b39ab3bc5f4b853939b4b"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
557807
x-amz-id-2
1wFdjuIGSrKstIXB3WGD2wQ6E8gGPonxXHjGgrlRYiOs57IZmCQLM13TaKKLhSZDNHijVKRnc2M=
jizOREVItHgc8qDIbSTKq4XkRg8T88bjFuXOnduhHMWkANDJ.woff2
fonts.gstatic.com/s/librefranklin/v13/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/librefranklin/v13/jizOREVItHgc8qDIbSTKq4XkRg8T88bjFuXOnduhHMWkANDJ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Libre+Franklin:wght@500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
305d14d65c715c5c749c862bd7cb67c3444efc2ce7f3cf436c05f1737f086ad4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://secure.actblue.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 23:25:18 GMT
x-content-type-options
nosniff
age
567090
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14176
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:54:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Oct 2023 23:25:18 GMT
/
sessions.bugsnag.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method
POST
Origin
https://secure.actblue.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers
Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods
POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 24 Oct 2022 12:56:48 GMT
via
1.1 google
/
sessions.bugsnag.com/ 		21 B
140 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/c17a2e61b982965b66c6.js?form_app=us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version
1
Referer
https://secure.actblue.com/
Bugsnag-Sent-At
2022-10-24T12:56:48.151Z
accept-language
fr-FR,fr;q=0.9
Bugsnag-Api-Key
04c1a9de88bb73e22614162ba813a0b9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Mon, 24 Oct 2022 12:56:48 GMT
via
1.1 google
bugsnag-session-uuid
6efc24a0-a421-4f60-935f-4c43beee15e5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
content-type
application/json
datadog-logs.js
www.datadoghq-browser-agent.com/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.datadoghq-browser-agent.com/datadog-logs.js
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/c17a2e61b982965b66c6.js?form_app=us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.193 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-193.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
912bc848d461e328a48863196601323b69ed445926c856f23a426efe674e67eb

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 12:56:29 GMT
content-encoding
br
via
1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
last-modified
Tue, 27 Jul 2021 15:01:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
20
etag
W/"9eb57181f3149e3310d96317ef9188ac"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=14400, s-maxage=60
timing-allow-origin
*
x-amz-cf-id
u2dDu5xGJXclNZfbcfpJf_Dp9vVTHhGgeNq_ZwPKRawKJl1VurUNww==
js
www.googletagmanager.com/gtag/ 		192 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-745767271
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/c17a2e61b982965b66c6.js?form_app=us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b2fe1fe1e570e4a76c82a6e02970a47b56728cf042b2fbe34547ca0117715d41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 12:56:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70286
x-xss-protection
0
last-modified
Mon, 24 Oct 2022 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 24 Oct 2022 12:56:48 GMT
auth_token
secure.actblue.com/api/cf/ 		104 B
530 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://secure.actblue.com/api/cf/auth_token
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/c17a2e61b982965b66c6.js?form_app=us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.64.174 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
caac9a6bc092636852e6be87ed8b625e9e5fbcbb194e3a817441d9ddf9ac2dc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://secure.actblue.com/donate/em-jb-oct-elect-dems-2022?refcode=em_20221021_jb_actives1_rtb_evg_fr_res-whs-nd&link_id=6&can_id=3acb8d3b12b129f92658263ae45829a8&source=email-2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-a&email_referrer=email_1709269&email_subject=2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-assign-2021_donor-contains_tag-if-2022_donor-im-counting-on-grassroots-donors-like-you-to-chip-in-again-before-next-months-midterm-elections-elsif-2021_donor-or-2020_donor-im-counting-on-past-donors-like-you-to-make-your-first-donation-of-the-year-before-next-months-midterm-elections-else-if-youve-been-waiting-on-the-sidelines-looking-for-the-best-time-to-donate-this-is-it-endif&refcodeEmailReferrer=email_1709269
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 12:56:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 varnish
x-permitted-cross-domain-policies
none
status
200 OK
x-start
2022-10-24 12:56:48.267
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
etag
W/"caac9a6bc092636852e6be87ed8b625e"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept, Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
private, no-store
accept-ranges
bytes
tracking_code
secure.actblue.com/pages/em-jb-oct-elect-dems-2022/ Frame 9419 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.actblue.com/pages/em-jb-oct-elect-dems-2022/tracking_code?t=landing&refcode=em_20221021_jb_actives1_rtb_evg_fr_res-whs-nd&link_id=6&can_id=3acb8d3b12b129f92658263ae45829a8&source=email-2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-a&email_referrer=email_1709269&email_subject=2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-assign-2021_donor-contains_tag-if-2022_donor-im-counting-on-grassroots-donors-like-you-to-chip-in-again-before-next-months-midterm-elections-elsif-2021_donor-or-2020_donor-im-counting-on-past-donors-like-you-to-make-your-first-donation-of-the-year-before-next-months-midterm-elections-else-if-youve-been-waiting-on-the-sidelines-looking-for-the-best-time-to-donate-this-is-it-endif&refcodeEmailReferrer=email_1709269&auth_token=null
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/c17a2e61b982965b66c6.js?form_app=us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.64.174 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
33c86e8166977b2fe508467d0223c1663b8689dd20e1a8bc6bcec04aa63b89a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.actblue.com/donate/em-jb-oct-elect-dems-2022?refcode=em_20221021_jb_actives1_rtb_evg_fr_res-whs-nd&link_id=6&can_id=3acb8d3b12b129f92658263ae45829a8&source=email-2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-a&email_referrer=email_1709269&email_subject=2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-assign-2021_donor-contains_tag-if-2022_donor-im-counting-on-grassroots-donors-like-you-to-chip-in-again-before-next-months-midterm-elections-elsif-2021_donor-or-2020_donor-im-counting-on-past-donors-like-you-to-make-your-first-donation-of-the-year-before-next-months-midterm-elections-else-if-youve-been-waiting-on-the-sidelines-looking-for-the-best-time-to-donate-this-is-it-endif&refcodeEmailReferrer=email_1709269
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
0
cache-control
no-store
content-encoding
gzip
content-length
1033
content-type
text/html; charset=utf-8
date
Mon, 24 Oct 2022 12:56:48 GMT
etag
W/"33c86e8166977b2fe508467d0223c166"
referrer-policy
strict-origin-when-cross-origin
status
200 OK
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 varnish
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
ALLOWALL
x-permitted-cross-domain-policies
none
x-robots-tag
noindex, nofollow
x-start
2022-10-24 12:56:48.316
x-xss-protection
1; mode=block
ga.js
secure.actblue.com/cf/static/ 		40 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.actblue.com/cf/static/ga.js
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/donate/em-jb-oct-elect-dems-2022?refcode=em_20221021_jb_actives1_rtb_evg_fr_res-whs-nd&link_id=6&can_id=3acb8d3b12b129f92658263ae45829a8&source=email-2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-a&email_referrer=email_1709269&email_subject=2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-assign-2021_donor-contains_tag-if-2022_donor-im-counting-on-grassroots-donors-like-you-to-chip-in-again-before-next-months-midterm-elections-elsif-2021_donor-or-2020_donor-im-counting-on-past-donors-like-you-to-make-your-first-donation-of-the-year-before-next-months-midterm-elections-else-if-youve-been-waiting-on-the-sidelines-looking-for-the-best-time-to-donate-this-is-it-endif&refcodeEmailReferrer=email_1709269
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.64.174 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
653e7cf0591c3856565188ac0fe9b6baa746f318b2cd4f205ac4e08a76edf338
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://secure.actblue.com/donate/em-jb-oct-elect-dems-2022?refcode=em_20221021_jb_actives1_rtb_evg_fr_res-whs-nd&link_id=6&can_id=3acb8d3b12b129f92658263ae45829a8&source=email-2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-a&email_referrer=email_1709269&email_subject=2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-assign-2021_donor-contains_tag-if-2022_donor-im-counting-on-grassroots-donors-like-you-to-chip-in-again-before-next-months-midterm-elections-elsif-2021_donor-or-2020_donor-im-counting-on-past-donors-like-you-to-make-your-first-donation-of-the-year-before-next-months-midterm-elections-else-if-youve-been-waiting-on-the-sidelines-looking-for-the-best-time-to-donate-this-is-it-endif&refcodeEmailReferrer=email_1709269
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 12:56:48 GMT
via
1.1 vegur, 1.1 varnish, 1.1 varnish
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sat, 22 Oct 2022 19:43:37 GMT
age
147704
etag
W/"9fe9-1840138e628"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-start
2022-10-24 12:56:48.348
cache-control
max-age=31557600, must-revalidate
accept-ranges
bytes
content-length
16100
x-xss-protection
1; mode=block
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.6.1&utms=1&utmn=1150297605&utmhn=secure.actblue.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=A...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-159696-1&cid=340882672.1666616208&jid=903533237&_v=5.6.1&z=1150297605
35 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-159696-1&cid=340882672.1666616208&jid=903533237&_v=5.6.1&z=1150297605
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/donate/em-jb-oct-elect-dems-2022?refcode=em_20221021_jb_actives1_rtb_evg_fr_res-whs-nd&link_id=6&can_id=3acb8d3b12b129f92658263ae45829a8&source=email-2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-a&email_referrer=email_1709269&email_subject=2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-assign-2021_donor-contains_tag-if-2022_donor-im-counting-on-grassroots-donors-like-you-to-chip-in-again-before-next-months-midterm-elections-elsif-2021_donor-or-2020_donor-im-counting-on-past-donors-like-you-to-make-your-first-donation-of-the-year-before-next-months-midterm-elections-else-if-youve-been-waiting-on-the-sidelines-looking-for-the-best-time-to-donate-this-is-it-endif&refcodeEmailReferrer=email_1709269
Protocol
H2
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 24 Oct 2022 12:56:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 24 Oct 2022 12:56:48 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/html; charset=UTF-8
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-159696-1&cid=340882672.1666616208&jid=903533237&_v=5.6.1&z=1150297605
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
367
expires
Fri, 01 Jan 1990 00:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-745767271
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
8c1f103985ca72fdbd172c878fef875d9e50327c2baac26ce1b80d4a4fbf15e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 12:56:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15176
x-xss-protection
0
server
cafe
etag
444338200384796413
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 24 Oct 2022 12:56:48 GMT
js
www.googletagmanager.com/gtag/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-70251-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-745767271
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2300a1cd3e81dc9c218a75452bbd1dbd27de5914748644960908deb9c5e61636
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 12:56:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43593
x-xss-protection
0
last-modified
Mon, 24 Oct 2022 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 24 Oct 2022 12:56:48 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-70251-1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 24 Oct 2022 11:15:57 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
6051
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Mon, 24 Oct 2022 13:15:57 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/745767271/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/745767271/?random=1666616208554&cv=9&fst=1666616208554&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaj0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fem-jb-oct-elect-dems-2022%3Frefcode%3Dem_20221021_jb_actives1_rtb_evg_fr_res-whs-nd%26link_id%3D6%26can_id%3D3acb8d3b12b129f92658263ae45829a8%26source%3Demail-2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-a%26email_referrer%3Demail_1709269%26email_subject%3D2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-cont&tiba=ActBlue&auid=241053688.1666616208&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5008be6d70ddadf7cf59c80ba173e4dd1b218bd232cab9cd6e3d771434cedbec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 12:56:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1203
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/745767271/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/745767271/?random=1666616208556&cv=9&fst=1666616208556&num=1&label=sBrwCPCVnJsBEOeCzuMC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaj0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fem-jb-oct-elect-dems-2022%3Frefcode%3Dem_20221021_jb_actives1_rtb_evg_fr_res-whs-nd%26link_id%3D6%26can_id%3D3acb8d3b12b129f92658263ae45829a8%26source%3Demail-2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-a%26email_referrer%3Demail_1709269%26email_subject%3D2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-cont&tiba=ActBlue&auid=241053688.1666616208&gtm_ee=1&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
18c5ea307249bf7030a2128de818b1706319b1bc333b8e2ff8649c65b1ece255
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 12:56:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1535
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
sessions.bugsnag.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method
POST
Origin
https://secure.actblue.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers
Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods
POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 24 Oct 2022 12:56:48 GMT
via
1.1 google
/
sessions.bugsnag.com/ 		21 B
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version
1
Referer
https://secure.actblue.com/
Bugsnag-Sent-At
2022-10-24T12:56:48.606Z
accept-language
fr-FR,fr;q=0.9
Bugsnag-Api-Key
04c1a9de88bb73e22614162ba813a0b9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Mon, 24 Oct 2022 12:56:48 GMT
via
1.1 google
bugsnag-session-uuid
b4a2b993-eda9-466b-ac18-b3dab45f5eb1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
content-type
application/json
js
www.paypal.com/sdk/ 		301 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?client-id=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&locale=en_US&disable-funding=credit,card&intent=capture&commit=false&enable-funding=venmo
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/c17a2e61b982965b66c6.js?form_app=us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c54abf000170f14a52ebd2b453c1251188951d93c475a1f82d52094cda4e3b67
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-pPLewDGJ8ZsCyNAhlebnfT+YVbgteFvy5EDeqMjWCWRLpIB7' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-pPLewDGJ8ZsCyNAhlebnfT+YVbgteFvy5EDeqMjWCWRLpIB7' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-pPLewDGJ8ZsCyNAhlebnfT+YVbgteFvy5EDeqMjWCWRLpIB7' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-pPLewDGJ8ZsCyNAhlebnfT+YVbgteFvy5EDeqMjWCWRLpIB7' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 24 Oct 2022 12:56:48 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
5872
x-cache
MISS, HIT
p3p
true
paypal-debug-id
f90412834e62c
server-timing
"traceparent;desc="00-0000000000000000000f90412834e62c-f24c88791c63c266-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
90279
x-xss-protection
1; mode=block
x-served-by
cache-lhr7346-LHR, cache-cdg20758-CDG
traceparent
00-0000000000000000000f90412834e62c-32647a5e259a28e0-01
x-timer
S1666616209.725735,VS0,VE31
etag
W/"160a7-6PpAURP9lfIF76vnzArhNzll9Ek"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600, s-maxage=10800
accept-ranges
bytes
x-cache-hits
0, 1
pay.js
pay.google.com/gp/p/js/ 		102 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/js/pay.js
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/c17a2e61b982965b66c6.js?form_app=us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4010:c0f::5c Lappeenranta, Finland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2f7fd72d7b53a6c582d8d7d139e813eeeacba5f8dadd49c7c677c5b8dc9d1ede
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-D9jq82qpXxm0twybDtrXAQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 12:56:48 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-D9jq82qpXxm0twybDtrXAQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 24 Oct 2022 12:56:48 GMT
/
www.google.fr/pagead/1p-conversion/745767271/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/745767271/?random=849237072&cv=9&fst=1666616208556&num=1&label=sBrwCPCVnJsBEOeCzuMC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200...
  • https://www.google.com/pagead/1p-conversion/745767271/?random=849237072&cv=9&fst=1666616208556&num=1&label=sBrwCPCVnJsBEOeCzuMC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u...
  • https://www.google.fr/pagead/1p-conversion/745767271/?random=849237072&cv=9&fst=1666616208556&num=1&label=sBrwCPCVnJsBEOeCzuMC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.fr/pagead/1p-conversion/745767271/?random=849237072&cv=9&fst=1666616208556&num=1&label=sBrwCPCVnJsBEOeCzuMC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaj0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fem-jb-oct-elect-dems-2022%3Frefcode%3Dem_20221021_jb_actives1_rtb_evg_fr_res-whs-nd%26link_id%3D6%26can_id%3D3acb8d3b12b129f92658263ae45829a8%26source%3Demail-2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-a%26email_referrer%3Demail_1709269%26email_subject%3D2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-cont&tiba=ActBlue&auid=241053688.1666616208&gtm_ee=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOE9fWW1nWVFyOWF1cl9mWTE3ZUVBUklsQU5na0dPUXMxZHA1aUE5UUY4d2dQdzBsMEg1dUh3QVliSlhtTXVDTzlxQWNfTmtoa1EaWENoRUk4T19ZbWdZUTl0YnFtNFhGMWFPdkFSSXRBQlNTcHpFYmQ4RUwwak5jTkZ3NFgybkNDQUNrWEpYQTBSQ0tDUVFwOU91S1ZWM2RVMWViS3ZsRkJpNjk&is_vtc=1&ocp_id=kItWY4iNJ8_KmLAP04eY2AQ&cid=CAQSKQDq26N9y2M0t4z3rllX1ZqtOVfQ-rAP4cD5rp-h8f3aUnmHsitZkQYNIBM&random=3706331263&resp=GooglemKTybQhCsO&ipr=y&prhg=0&ezwbk=AZuM4hAtmy1JJuJajJS9NKZYgXT2BsrFhsOifsvuL7VMDR6UjNidPO2NxZB5c9vsvUTNoPor3TGFjvLCljrEV95twsxm
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/donate/em-jb-oct-elect-dems-2022?refcode=em_20221021_jb_actives1_rtb_evg_fr_res-whs-nd&link_id=6&can_id=3acb8d3b12b129f92658263ae45829a8&source=email-2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-a&email_referrer=email_1709269&email_subject=2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-assign-2021_donor-contains_tag-if-2022_donor-im-counting-on-grassroots-donors-like-you-to-chip-in-again-before-next-months-midterm-elections-elsif-2021_donor-or-2020_donor-im-counting-on-past-donors-like-you-to-make-your-first-donation-of-the-year-before-next-months-midterm-elections-else-if-youve-been-waiting-on-the-sidelines-looking-for-the-best-time-to-donate-this-is-it-endif&refcodeEmailReferrer=email_1709269
Protocol
H3
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 12:56:49 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 24 Oct 2022 12:56:48 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.fr/pagead/1p-conversion/745767271/?random=849237072&cv=9&fst=1666616208556&num=1&label=sBrwCPCVnJsBEOeCzuMC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaj0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fem-jb-oct-elect-dems-2022%3Frefcode%3Dem_20221021_jb_actives1_rtb_evg_fr_res-whs-nd%26link_id%3D6%26can_id%3D3acb8d3b12b129f92658263ae45829a8%26source%3Demail-2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-a%26email_referrer%3Demail_1709269%26email_subject%3D2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-cont&tiba=ActBlue&auid=241053688.1666616208&gtm_ee=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOE9fWW1nWVFyOWF1cl9mWTE3ZUVBUklsQU5na0dPUXMxZHA1aUE5UUY4d2dQdzBsMEg1dUh3QVliSlhtTXVDTzlxQWNfTmtoa1EaWENoRUk4T19ZbWdZUTl0YnFtNFhGMWFPdkFSSXRBQlNTcHpFYmQ4RUwwak5jTkZ3NFgybkNDQUNrWEpYQTBSQ0tDUVFwOU91S1ZWM2RVMWViS3ZsRkJpNjk&is_vtc=1&ocp_id=kItWY4iNJ8_KmLAP04eY2AQ&cid=CAQSKQDq26N9y2M0t4z3rllX1ZqtOVfQ-rAP4cD5rp-h8f3aUnmHsitZkQYNIBM&random=3706331263&resp=GooglemKTybQhCsO&ipr=y&prhg=0&ezwbk=AZuM4hAtmy1JJuJajJS9NKZYgXT2BsrFhsOifsvuL7VMDR6UjNidPO2NxZB5c9vsvUTNoPor3TGFjvLCljrEV95twsxm
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1940856042&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fem-jb-oct-elect-dems-2022&ul=en-us&de=UTF-8&dt=Democratic%20National%20Committee%20(DNC)%20%E2%80%94%20Donate%20via%20ActBlue&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=88171332.340882672.1666616208.1666616208.1666616208.1&_utmz=88171332.1666616208.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1666616208713&_u=YQBCAUABAAAAACgAI~&jid=1727889292&gjid=684452334&cid=340882672.1666616208&tid=UA-70251-1&_gid=972951277.1666616209&_r=1&gtm=2ouaj0&z=1270612080
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.actblue.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 12:56:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secure.actblue.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/745767271/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/745767271/?random=1666616208554&cv=9&fst=1666612800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaj0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fem-jb-oct-elect-dems-2022%3Frefcode%3Dem_20221021_jb_actives1_rtb_evg_fr_res-whs-nd%26link_id%3D6%26can_id%3D3acb8d3b12b129f92658263ae45829a8%26source%3Demail-2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-a%26email_referrer%3Demail_1709269%26email_subject%3D2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-cont&tiba=ActBlue&async=1&fmt=3&is_vtc=1&random=3513531935&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/donate/em-jb-oct-elect-dems-2022?refcode=em_20221021_jb_actives1_rtb_evg_fr_res-whs-nd&link_id=6&can_id=3acb8d3b12b129f92658263ae45829a8&source=email-2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-a&email_referrer=email_1709269&email_subject=2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-assign-2021_donor-contains_tag-if-2022_donor-im-counting-on-grassroots-donors-like-you-to-chip-in-again-before-next-months-midterm-elections-elsif-2021_donor-or-2020_donor-im-counting-on-past-donors-like-you-to-make-your-first-donation-of-the-year-before-next-months-midterm-elections-else-if-youve-been-waiting-on-the-sidelines-looking-for-the-best-time-to-donate-this-is-it-endif&refcodeEmailReferrer=email_1709269
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 12:56:48 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.fr/pagead/1p-user-list/745767271/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.fr/pagead/1p-user-list/745767271/?random=1666616208554&cv=9&fst=1666612800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaj0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fem-jb-oct-elect-dems-2022%3Frefcode%3Dem_20221021_jb_actives1_rtb_evg_fr_res-whs-nd%26link_id%3D6%26can_id%3D3acb8d3b12b129f92658263ae45829a8%26source%3Demail-2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-a%26email_referrer%3Demail_1709269%26email_subject%3D2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-cont&tiba=ActBlue&async=1&fmt=3&is_vtc=1&random=3513531935&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/donate/em-jb-oct-elect-dems-2022?refcode=em_20221021_jb_actives1_rtb_evg_fr_res-whs-nd&link_id=6&can_id=3acb8d3b12b129f92658263ae45829a8&source=email-2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-a&email_referrer=email_1709269&email_subject=2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-assign-2021_donor-contains_tag-if-2022_donor-im-counting-on-grassroots-donors-like-you-to-chip-in-again-before-next-months-midterm-elections-elsif-2021_donor-or-2020_donor-im-counting-on-past-donors-like-you-to-make-your-first-donation-of-the-year-before-next-months-midterm-elections-else-if-youve-been-waiting-on-the-sidelines-looking-for-the-best-time-to-donate-this-is-it-endif&refcodeEmailReferrer=email_1709269
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 12:56:48 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ Frame 9419 		176 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-745767271
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/pages/em-jb-oct-elect-dems-2022/tracking_code?t=landing&refcode=em_20221021_jb_actives1_rtb_evg_fr_res-whs-nd&link_id=6&can_id=3acb8d3b12b129f92658263ae45829a8&source=email-2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-a&email_referrer=email_1709269&email_subject=2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-assign-2021_donor-contains_tag-if-2022_donor-im-counting-on-grassroots-donors-like-you-to-chip-in-again-before-next-months-midterm-elections-elsif-2021_donor-or-2020_donor-im-counting-on-past-donors-like-you-to-make-your-first-donation-of-the-year-before-next-months-midterm-elections-else-if-youve-been-waiting-on-the-sidelines-looking-for-the-best-time-to-donate-this-is-it-endif&refcodeEmailReferrer=email_1709269&auth_token=null
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
296556b2cbec343b1eb03977cfef6b843c43d946495b5182bfadce93a84d2b02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 12:56:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65253
x-xss-protection
0
last-modified
Mon, 24 Oct 2022 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 24 Oct 2022 12:56:48 GMT
1.js
zgen2d20.micpn.com/p/js/ Frame 9419 		42 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zgen2d20.micpn.com/p/js/1.js
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/pages/em-jb-oct-elect-dems-2022/tracking_code?t=landing&refcode=em_20221021_jb_actives1_rtb_evg_fr_res-whs-nd&link_id=6&can_id=3acb8d3b12b129f92658263ae45829a8&source=email-2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-a&email_referrer=email_1709269&email_subject=2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-assign-2021_donor-contains_tag-if-2022_donor-im-counting-on-grassroots-donors-like-you-to-chip-in-again-before-next-months-midterm-elections-elsif-2021_donor-or-2020_donor-im-counting-on-past-donors-like-you-to-make-your-first-donation-of-the-year-before-next-months-midterm-elections-else-if-youve-been-waiting-on-the-sidelines-looking-for-the-best-time-to-donate-this-is-it-endif&refcodeEmailReferrer=email_1709269&auth_token=null
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-60.fra56.r.cloudfront.net
Software
/
Resource Hash
e119452cd10c92e4175f715d8f8397b4adf0e0e3d96d1b97a69219daecb96c54

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 12:56:24 GMT
content-encoding
gzip
via
1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
23
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
p3p
policyref="https://movableink.com/w3c/p3p.xml", CP="DEVa PSAa PSDa IVAa IVDa OUR IND DSP NON COR NAV UNI"
cache-control
no-cache max-age=0
timing-allow-origin
https://secure.actblue.com
x-amz-cf-id
yYGaq6Q0J2zGxPPoxS4Yn1O6yKSrKH51fOGEkUv4ZHZWR2AZ4M9haQ==
x-uuid
232feacc-6e90-470e-b64c-cc2675bddd3a
expires
Thu, 01 Dec 1994 16:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ Frame 9419 		102 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/pages/em-jb-oct-elect-dems-2022/tracking_code?t=landing&refcode=em_20221021_jb_actives1_rtb_evg_fr_res-whs-nd&link_id=6&can_id=3acb8d3b12b129f92658263ae45829a8&source=email-2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-a&email_referrer=email_1709269&email_subject=2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-assign-2021_donor-contains_tag-if-2022_donor-im-counting-on-grassroots-donors-like-you-to-chip-in-again-before-next-months-midterm-elections-elsif-2021_donor-or-2020_donor-im-counting-on-past-donors-like-you-to-make-your-first-donation-of-the-year-before-next-months-midterm-elections-else-if-youve-been-waiting-on-the-sidelines-looking-for-the-best-time-to-donate-this-is-it-endif&refcodeEmailReferrer=email_1709269&auth_token=null
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f8486cf55c57486f26236be045e02ada380d1ee0378008375cf54295c23954c8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 24 Oct 2022 12:56:48 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27027
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
8qgQJxs4YAwCp4v6mLGv16EWj9cBkWJGBkogNUkfQX9mNm4dqzfhwOFgeyUKT+xEqBf1UG8vPDqOcvZ2z1xd+Q==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ Frame 9419 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-745767271
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
8c1f103985ca72fdbd172c878fef875d9e50327c2baac26ce1b80d4a4fbf15e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 12:56:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15176
x-xss-protection
0
server
cafe
etag
444338200384796413
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 24 Oct 2022 12:56:48 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-70251-1&cid=340882672.1666616208&jid=1727889292&gjid=684452334&_gid=972951277.1666616209&_u=YQBCAUAAAAAAACgAI~&z=1833805382
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.actblue.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 24 Oct 2022 12:56:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secure.actblue.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
pptm.js
www.paypal.com/tagmanager/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=secure.actblue.com&t=xo&v=5.0.335&source=payments_sdk&client_id=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&vault=false
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&locale=en_US&disable-funding=credit,card&intent=capture&commit=false&enable-funding=venmo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bc4bd86bf0831aaa554198fd888d7d6edd94480c155877c1176f2e57e410a276
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-pYaSpLHMHXNK7dNuPPF539XQdLc9AlW4hCQqWMtvcXP39Y1i' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-pYaSpLHMHXNK7dNuPPF539XQdLc9AlW4hCQqWMtvcXP39Y1i' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 24 Oct 2022 12:56:48 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
44656
x-cache
HIT, HIT
paypal-debug-id
f3153921a35d2
server-timing
"traceparent;desc="00-0000000000000000000f3153921a35d2-1af9dc4171a0acea-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
4742
x-xss-protection
1; mode=block
x-served-by
cache-lhr7339-LHR, cache-cdg20758-CDG
traceparent
00-0000000000000000000f3153921a35d2-94137ec563d5f0fd-01
x-timer
S1666616209.839249,VS0,VE3
etag
W/"3536-QTh4lzpIsy/WN6D+sSIiEEvEAKU"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600
accept-ranges
bytes
x-cache-hits
45, 1
buttons
www.paypal.com/smart/ Frame A2D6 		411 KB
165 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=44&style.menuPlacement=below&sdkVersion=5.0.335&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UmZW5hYmxlLWZ1bmRpbmc9dmVubW8iLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9mbWdpY3pibHBhZ211bHhpc2F1Z2VianVpb21iamsifX0&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&sdkCorrelationID=03351b5501575&storageID=uid_bc26a2c3ca_mti6nty6ndg&sessionID=uid_581e3af33a_mti6nty6ndg&buttonSessionID=uid_74d7656ee6_mti6nty6ndg&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&enableFunding.0=venmo&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&locale=en_US&disable-funding=credit,card&intent=capture&commit=false&enable-funding=venmo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
95349c125d8ed36af81e9633df1504d529fce1d8c66090fb342a86be8bb43c9d
Security Headers
Name Value
Content-Security-Policy form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.actblue.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
none
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-disposition
inline
content-encoding
br
content-security-policy
form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html; charset=utf-8
date
Mon, 24 Oct 2022 12:56:49 GMT
dc
ccg11-origin-www-1.paypal.com
etag
W/W/"66acf-3/aWck98Vv6tR4fi5eif26+sfJY"
p3p
true
paypal-debug-id
f92396136a4de
server-timing
"traceparent;desc="00-0000000000000000000f92396136a4de-72ece8cf83f86880-01"";content-encoding;desc="br",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f92396136a4de-bed1add51d24e0f6-01
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-content-type-options
nosniff
x-csrf-jwt
__blank__
x-served-by
cache-lhr7323-LHR, cache-cdg20758-CDG
x-timer
S1666616209.891610,VS0,VE339
x-xss-protection
1; mode=block
truncated
/ Frame 4527 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-70251-1&cid=340882672.1666616208&jid=1727889292&_u=YQBCAUAAAAAAACgAI~&z=765607888
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/donate/em-jb-oct-elect-dems-2022?refcode=em_20221021_jb_actives1_rtb_evg_fr_res-whs-nd&link_id=6&can_id=3acb8d3b12b129f92658263ae45829a8&source=email-2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-a&email_referrer=email_1709269&email_subject=2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-assign-2021_donor-contains_tag-if-2022_donor-im-counting-on-grassroots-donors-like-you-to-chip-in-again-before-next-months-midterm-elections-elsif-2021_donor-or-2020_donor-im-counting-on-past-donors-like-you-to-make-your-first-donation-of-the-year-before-next-months-midterm-elections-else-if-youve-been-waiting-on-the-sidelines-looking-for-the-best-time-to-donate-this-is-it-endif&refcodeEmailReferrer=email_1709269
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 12:56:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.fr/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.fr/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-70251-1&cid=340882672.1666616208&jid=1727889292&_u=YQBCAUAAAAAAACgAI~&z=765607888
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/donate/em-jb-oct-elect-dems-2022?refcode=em_20221021_jb_actives1_rtb_evg_fr_res-whs-nd&link_id=6&can_id=3acb8d3b12b129f92658263ae45829a8&source=email-2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-a&email_referrer=email_1709269&email_subject=2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-assign-2021_donor-contains_tag-if-2022_donor-im-counting-on-grassroots-donors-like-you-to-chip-in-again-before-next-months-midterm-elections-elsif-2021_donor-or-2020_donor-im-counting-on-past-donors-like-you-to-make-your-first-donation-of-the-year-before-next-months-midterm-elections-else-if-youve-been-waiting-on-the-sidelines-looking-for-the-best-time-to-donate-this-is-it-endif&refcodeEmailReferrer=email_1709269
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 12:56:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
368391443763157
connect.facebook.net/signals/config/ Frame 9419 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/368391443763157?v=2.9.87&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3610c57d7aec6165d2f31ed999e04fb3524c633c8d2c13cf00c703ea0df95c22
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 24 Oct 2022 12:56:49 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
81cRpeg1suRX6yfJ/wtyocBveDqadd/WTsGbunx6XRvTg7krq8RxcxGujyK5pyHNxpL80VL+IVQ6A1DcBWZtyg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
muse.js
www.paypalobjects.com/muse/ 		55 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/muse.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=secure.actblue.com&t=xo&v=5.0.335&source=payments_sdk&client_id=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&vault=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (paa/6F2E) /
Resource Hash
64b32d14f993564fe182a5690410f7d4aa2ace59934eac09d7dcf03a68ec7566
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 12:56:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
4e0430d0bc72b
dc
ccg11-origin-www-1.paypal.com
content-length
16464
last-modified
Tue, 03 May 2022 17:28:29 GMT
server
ECAcc (paa/6F2E)
traceparent
00-00000000000000000004e0430d0bc72b-8ff259635d34bb58-01
etag
"6271663d-da91"
vary
Accept-Encoding
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Mon, 24 Oct 2022 13:56:49 GMT
ts
t.paypal.com/ 		42 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3ANGJ83G9Z8QXZ8-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3ANGJ83G9Z8QXZ8-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=fe4dca86-323c-4442-b2a6-6bd13ac56ad7&fltp=analytics&mrid=NGJ83G9Z8QXZ8&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Democratic%20National%20Committee%20(DNC)%20%E2%80%94%20Donate%20via%20ActBlue&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1666616208920&g=0&completeurl=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fem-jb-oct-elect-dems-2022%3Frefcode%3Dem_20221021_jb_actives1_rtb_evg_fr_res-whs-nd%26link_id%3D6%26can_id%3D3acb8d3b12b129f92658263ae45829a8%26source%3Demail-2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-a%26email_referrer%3Demail_1709269%26email_subject%3D2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-assign-2021_donor-contains_tag-if-2022_donor-im-counting-on-grassroots-donors-like-you-to-chip-in-again-before-next-months-midterm-elections-elsif-2021_donor-or-2020_donor-im-counting-on-past-donors-like-you-to-make-your-first-donation-of-the-year-before-next-months-midterm-elections-else-if-youve-been-waiting-on-the-sidelines-looking-for-the-best-time-to-donate-this-is-it-endif%26refcodeEmailReferrer%3Demail_1709269
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/donate/em-jb-oct-elect-dems-2022?refcode=em_20221021_jb_actives1_rtb_evg_fr_res-whs-nd&link_id=6&can_id=3acb8d3b12b129f92658263ae45829a8&source=email-2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-a&email_referrer=email_1709269&email_subject=2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-assign-2021_donor-contains_tag-if-2022_donor-im-counting-on-grassroots-donors-like-you-to-chip-in-again-before-next-months-midterm-elections-elsif-2021_donor-or-2020_donor-im-counting-on-past-donors-like-you-to-make-your-first-donation-of-the-year-before-next-months-midterm-elections-else-if-youve-been-waiting-on-the-sidelines-looking-for-the-best-time-to-donate-this-is-it-endif&refcodeEmailReferrer=email_1709269
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Mon, 24 Oct 2022 12:56:49 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
b6f76a9da589f
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
content-length
42
x-served-by
cache-lhr7374-LHR, cache-cdg20770-CDG
pragma
no-cache
traceparent
00-0000000000000000000b6f76a9da589f-2d6b00dbd9c49f91-01
x-timer
S1666616209.989274,VS0,VE178
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 24 Oct 2022 12:56:49 GMT
logger
www.paypal.com/xoplatform/logger/api/ 		1016 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1fa691b902475382cfc838ba2030e1e2a6028418351c3fd2b6d86790552181e8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://secure.actblue.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
content-type
application/json

Response headers

date
Mon, 24 Oct 2022 12:56:49 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cache
MISS, MISS
paypal-debug-id
f9239616976d7
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-lhr7370-LHR, cache-cdg20763-CDG
traceparent
00-0000000000000000000f9239616976d7-1b2520b5a7d4cb6f-01
x-timer
S1666616209.275781,VS0,VE187
etag
W/W/"3f8-GcXoMDnEVPImPKARqurNj3ek+0M"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://secure.actblue.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
none
x-cache-hits
0, 0
logger
www.paypal.com/xoplatform/logger/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://secure.actblue.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://secure.actblue.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Mon, 24 Oct 2022 12:56:49 GMT
dc
ccg11-origin-www-1.paypal.com
paypal-debug-id
f923961d3c0e3
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f923961d3c0e3-b4861c6c6ea9aabd-01
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-content-type-options
nosniff
x-served-by
cache-lhr7344-LHR, cache-cdg20763-CDG
x-timer
S1666616209.980708,VS0,VE258
payframe
pay.google.com/gp/p/ui/ Frame 66E7 		18 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fsecure.actblue.com&mid=
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4010:c0f::5c Lappeenranta, Finland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a245bcab70c93a979011c727ad9d639b99ddbf8e7cf660a13cb4a0ce5a7f3f92
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-5Sbb8TOFBXs_3nHtMK3qPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.actblue.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=3600
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-5Sbb8TOFBXs_3nHtMK3qPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-site
date
Mon, 24 Oct 2022 12:56:49 GMT
expires
Mon, 24 Oct 2022 12:56:49 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
dark_gpay.svg
www.gstatic.com/instantbuy/svg/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/instantbuy/svg/dark_gpay.svg
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/donate/em-jb-oct-elect-dems-2022?refcode=em_20221021_jb_actives1_rtb_evg_fr_res-whs-nd&link_id=6&can_id=3acb8d3b12b129f92658263ae45829a8&source=email-2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-a&email_referrer=email_1709269&email_subject=2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-assign-2021_donor-contains_tag-if-2022_donor-im-counting-on-grassroots-donors-like-you-to-chip-in-again-before-next-months-midterm-elections-elsif-2021_donor-or-2020_donor-im-counting-on-past-donors-like-you-to-make-your-first-donation-of-the-year-before-next-months-midterm-elections-else-if-youve-been-waiting-on-the-sidelines-looking-for-the-best-time-to-donate-this-is-it-endif&refcodeEmailReferrer=email_1709269
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f383d270511912b2da11555947cb3e6012e6375cb5f0d90493c25f6048169073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 12:29:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
260867
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
928
x-xss-protection
0
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/svg+xml
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 21 Oct 2023 12:29:02 GMT
index.html
www.paypalobjects.com/muse/analytics/ Frame F798 		54 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/analytics/index.html
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (paa/6F26) /
Resource Hash
8ae3400104c7b0db11e9fe317236e68a26afba6580192041e87038ceff4db638
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.actblue.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
cache-control
s-maxage=31536000, public,max-age=3600
content-encoding
gzip
content-length
16791
content-type
text/html
date
Mon, 24 Oct 2022 12:56:49 GMT
dc
ccg11-origin-www-1.paypal.com
etag
"6271663d-d994"
expires
Mon, 24 Oct 2022 13:56:49 GMT
last-modified
Tue, 03 May 2022 17:28:29 GMT
paypal-debug-id
a680809e8ff09
server
ECAcc (paa/6F26)
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
traceparent
00-0000000000000000000a680809e8ff09-f5d9798071b18b7c-01
vary
Accept-Encoding
x-cache
HIT
x-content-type-options
nosniff
ts
t.paypal.com/ 		42 B
487 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3ANGJ83G9Z8QXZ8-1&page=muse%3Aoffer%3A%3A%3ANGJ83G9Z8QXZ8-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=fe4dca86-323c-4442-b2a6-6bd13ac56ad7&es=visitorInfoFlowStarted&mrid=NGJ83G9Z8QXZ8&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Democratic%20National%20Committee%20(DNC)%20%E2%80%94%20Donate%20via%20ActBlue&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1666616209086&g=0&completeurl=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fem-jb-oct-elect-dems-2022%3Frefcode%3Dem_20221021_jb_actives1_rtb_evg_fr_res-whs-nd%26link_id%3D6%26can_id%3D3acb8d3b12b129f92658263ae45829a8%26source%3Demail-2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-a%26email_referrer%3Demail_1709269%26email_subject%3D2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-assign-2021_donor-contains_tag-if-2022_donor-im-counting-on-grassroots-donors-like-you-to-chip-in-again-before-next-months-midterm-elections-elsif-2021_donor-or-2020_donor-im-counting-on-past-donors-like-you-to-make-your-first-donation-of-the-year-before-next-months-midterm-elections-else-if-youve-been-waiting-on-the-sidelines-looking-for-the-best-time-to-donate-this-is-it-endif%26refcodeEmailReferrer%3Demail_1709269
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/donate/em-jb-oct-elect-dems-2022?refcode=em_20221021_jb_actives1_rtb_evg_fr_res-whs-nd&link_id=6&can_id=3acb8d3b12b129f92658263ae45829a8&source=email-2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-a&email_referrer=email_1709269&email_subject=2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-assign-2021_donor-contains_tag-if-2022_donor-im-counting-on-grassroots-donors-like-you-to-chip-in-again-before-next-months-midterm-elections-elsif-2021_donor-or-2020_donor-im-counting-on-past-donors-like-you-to-make-your-first-donation-of-the-year-before-next-months-midterm-elections-else-if-youve-been-waiting-on-the-sidelines-looking-for-the-best-time-to-donate-this-is-it-endif&refcodeEmailReferrer=email_1709269
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Mon, 24 Oct 2022 12:56:49 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
8f261b7f5989a
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
content-length
42
x-served-by
cache-lhr7379-LHR, cache-cdg20770-CDG
pragma
no-cache
traceparent
00-00000000000000000008f261b7f5989a-267fceeb7e94c759-01
x-timer
S1666616209.091240,VS0,VE186
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 24 Oct 2022 12:56:49 GMT
graphql
www.paypal.com/targeting/ Frame F798 		435 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/targeting/graphql
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8feebb2c0558efb24c113703c59c03ae2328ed03ab3895d483f18ce4f38576cb
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-ki9jJKJMp1BTwFmzHWsf64QfW7w+vaePU9YaIq5nTXXrjn0t' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypalobjects.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-ki9jJKJMp1BTwFmzHWsf64QfW7w+vaePU9YaIq5nTXXrjn0t' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via
1.1 varnish, 1.1 varnish
content-encoding
br
date
Mon, 24 Oct 2022 12:56:49 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
paypal-debug-id
f923961169103
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
x-served-by
cache-lhr7333-LHR, cache-cdg20758-CDG
traceparent
00-0000000000000000000f923961169103-09ff4a8b4ac2c5c1-01
x-timer
S1666616209.298875,VS0,VE254
etag
W/W/"1b3-jVhuiZpq9TmNCKMPn0Y6x3T2yVk"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypalobjects.com
access-control-expose-headers
Paypal-Debug-Id
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
none
x-cache-hits
0, 0
graphql
www.paypal.com/targeting/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/targeting/graphql
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.paypalobjects.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.paypalobjects.com
access-control-expose-headers
Paypal-Debug-Id
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Mon, 24 Oct 2022 12:56:49 GMT
dc
ccg11-origin-www-1.paypal.com
paypal-debug-id
f923961ddc2e8
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f923961ddc2e8-77945b56f1b4c52d-01
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-served-by
cache-lhr7373-LHR, cache-cdg20763-CDG
x-timer
S1666616209.096734,VS0,VE182
js
www.paypal.com/sdk/ Frame A2D6 		301 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?client-id=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&locale=en_US&disable-funding=credit,card&intent=capture&commit=false&enable-funding=venmo
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=44&style.menuPlacement=below&sdkVersion=5.0.335&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UmZW5hYmxlLWZ1bmRpbmc9dmVubW8iLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9mbWdpY3pibHBhZ211bHhpc2F1Z2VianVpb21iamsifX0&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&sdkCorrelationID=03351b5501575&storageID=uid_bc26a2c3ca_mti6nty6ndg&sessionID=uid_581e3af33a_mti6nty6ndg&buttonSessionID=uid_74d7656ee6_mti6nty6ndg&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&enableFunding.0=venmo&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c54abf000170f14a52ebd2b453c1251188951d93c475a1f82d52094cda4e3b67
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-pPLewDGJ8ZsCyNAhlebnfT+YVbgteFvy5EDeqMjWCWRLpIB7' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-pPLewDGJ8ZsCyNAhlebnfT+YVbgteFvy5EDeqMjWCWRLpIB7' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.paypal.com/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=44&style.menuPlacement=below&sdkVersion=5.0.335&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UmZW5hYmxlLWZ1bmRpbmc9dmVubW8iLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9mbWdpY3pibHBhZ211bHhpc2F1Z2VianVpb21iamsifX0&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&sdkCorrelationID=03351b5501575&storageID=uid_bc26a2c3ca_mti6nty6ndg&sessionID=uid_581e3af33a_mti6nty6ndg&buttonSessionID=uid_74d7656ee6_mti6nty6ndg&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&enableFunding.0=venmo&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-pPLewDGJ8ZsCyNAhlebnfT+YVbgteFvy5EDeqMjWCWRLpIB7' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-pPLewDGJ8ZsCyNAhlebnfT+YVbgteFvy5EDeqMjWCWRLpIB7' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 24 Oct 2022 12:56:49 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
5873
x-cache
MISS, HIT
p3p
true
paypal-debug-id
f90412834e62c
server-timing
"traceparent;desc="00-0000000000000000000f90412834e62c-f24c88791c63c266-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
90279
x-xss-protection
1; mode=block
x-served-by
cache-lhr7346-LHR, cache-cdg20758-CDG
traceparent
00-0000000000000000000f90412834e62c-32647a5e259a28e0-01
x-timer
S1666616209.264522,VS0,VE2
etag
W/"160a7-6PpAURP9lfIF76vnzArhNzll9Ek"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600, s-maxage=10800
accept-ranges
bytes
x-cache-hits
0, 2
truncated
/ Frame A2D6 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 66E7 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/donate/em-jb-oct-elect-dems-2022?refcode=em_20221021_jb_actives1_rtb_evg_fr_res-whs-nd&link_id=6&can_id=3acb8d3b12b129f92658263ae45829a8&source=email-2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-a&email_referrer=email_1709269&email_subject=2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-assign-2021_donor-contains_tag-if-2022_donor-im-counting-on-grassroots-donors-like-you-to-chip-in-again-before-next-months-midterm-elections-elsif-2021_donor-or-2020_donor-im-counting-on-past-donors-like-you-to-make-your-first-donation-of-the-year-before-next-months-midterm-elections-else-if-youve-been-waiting-on-the-sidelines-looking-for-the-best-time-to-donate-this-is-it-endif&refcodeEmailReferrer=email_1709269
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4010:c0f::5c Lappeenranta, Finland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fsecure.actblue.com&mid=
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 24 Oct 2022 12:56:49 GMT
referrer-policy
no-referrer
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1608
content-type
text/html; charset=UTF-8
m=_b,_tp,_r
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.TeEPJU2x9Xs.es5.O/am=DwAC/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfr... Frame 66E7 		153 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.TeEPJU2x9Xs.es5.O/am=DwAC/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfriMWzjKm6LLK9PRzPG2TQLEwl_EKg/m=_b,_tp,_r
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fsecure.actblue.com&mid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd455bb29049e592d4a73cf54657f76af92d67ce1d7adb84ff15c786bbd4e4bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 16:37:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
245953
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55280
x-xss-protection
0
last-modified
Fri, 21 Oct 2022 09:23:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sat, 21 Oct 2023 16:37:36 GMT
/
www.facebook.com/tr/ Frame 9466 		0
204 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/pages/em-jb-oct-elect-dems-2022/tracking_code?t=landing&refcode=em_20221021_jb_actives1_rtb_evg_fr_res-whs-nd&link_id=6&can_id=3acb8d3b12b129f92658263ae45829a8&source=email-2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-a&email_referrer=email_1709269&email_subject=2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-assign-2021_donor-contains_tag-if-2022_donor-im-counting-on-grassroots-donors-like-you-to-chip-in-again-before-next-months-midterm-elections-elsif-2021_donor-or-2020_donor-im-counting-on-past-donors-like-you-to-make-your-first-donation-of-the-year-before-next-months-midterm-elections-else-if-youve-been-waiting-on-the-sidelines-looking-for-the-best-time-to-donate-this-is-it-endif&refcodeEmailReferrer=email_1709269&auth_token=null
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://secure.actblue.com
Referer
https://secure.actblue.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://secure.actblue.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Mon, 24 Oct 2022 12:56:49 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
/
www.facebook.com/tr/ Frame FA3D 		0
31 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/pages/em-jb-oct-elect-dems-2022/tracking_code?t=landing&refcode=em_20221021_jb_actives1_rtb_evg_fr_res-whs-nd&link_id=6&can_id=3acb8d3b12b129f92658263ae45829a8&source=email-2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-a&email_referrer=email_1709269&email_subject=2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-assign-2021_donor-contains_tag-if-2022_donor-im-counting-on-grassroots-donors-like-you-to-chip-in-again-before-next-months-midterm-elections-elsif-2021_donor-or-2020_donor-im-counting-on-past-donors-like-you-to-make-your-first-donation-of-the-year-before-next-months-midterm-elections-else-if-youve-been-waiting-on-the-sidelines-looking-for-the-best-time-to-donate-this-is-it-endif&refcodeEmailReferrer=email_1709269&auth_token=null
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://secure.actblue.com
Referer
https://secure.actblue.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://secure.actblue.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Mon, 24 Oct 2022 12:56:49 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.TeEPJU2x9Xs.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.6ZY... Frame 66E7 		78 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.TeEPJU2x9Xs.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.6ZYNytcqJrc.L.B1.O/am=DwAC/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrhlGiAx9Ey66L6-WwB6FqpjDrpIPA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.TeEPJU2x9Xs.es5.O/am=DwAC/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfriMWzjKm6LLK9PRzPG2TQLEwl_EKg/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
357ea6dabdc1d023971771b2f338c3bc6dbee39b65d2eded82b33299f344d6d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 16:37:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
245952
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29076
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 00:26:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sat, 21 Oct 2023 16:37:37 GMT
analytics.js
www.google-analytics.com/ Frame 66E7 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.TeEPJU2x9Xs.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.6ZYNytcqJrc.L.B1.O/am=DwAC/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrhlGiAx9Ey66L6-WwB6FqpjDrpIPA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 24 Oct 2022 11:15:57 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
6052
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Mon, 24 Oct 2022 13:15:57 GMT
pay
pay.google.com/gp/p/ui/ Frame 66E7 		1 MB
354 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/pay
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.TeEPJU2x9Xs.es5.O/am=DwAC/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfriMWzjKm6LLK9PRzPG2TQLEwl_EKg/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4010:c0f::5c Lappeenranta, Finland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0d8d653d9db91ffae17fb3b4a7d604d7983f56e3362f0aac41041fba9a9259f9
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-KeuG42BMg8ins4cxFmxlTg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 12:56:49 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-KeuG42BMg8ins4cxFmxlTg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
unsafe-none
server
ESF
x-frame-options
DENY
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
cache-control
private, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 24 Oct 2022 12:56:49 GMT
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.TeEPJU2x9Xs.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.6ZY... Frame 66E7 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.TeEPJU2x9Xs.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.6ZYNytcqJrc.L.B1.O/am=DwAC/d=1/exm=Das5Le,IZT63,PrPYRd,Ru0Pgb,ZyYHPb,_b,_r,_tp,hc6Ubd,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrhlGiAx9Ey66L6-WwB6FqpjDrpIPA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.TeEPJU2x9Xs.es5.O/am=DwAC/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfriMWzjKm6LLK9PRzPG2TQLEwl_EKg/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9382557b8c16a92e8eff597d39bf28794a79f350868a83e7706c0948cc5063e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 16:37:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
245952
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7413
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 00:26:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sat, 21 Oct 2023 16:37:37 GMT
m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.TeEPJU2x9Xs.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.6ZY... Frame 66E7 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.TeEPJU2x9Xs.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.6ZYNytcqJrc.L.B1.O/am=DwAC/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,Ru0Pgb,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,hc6Ubd,hhhU8,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrhlGiAx9Ey66L6-WwB6FqpjDrpIPA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.TeEPJU2x9Xs.es5.O/am=DwAC/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfriMWzjKm6LLK9PRzPG2TQLEwl_EKg/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6af0745b22cc96d8617d1fe9960cce21c6fa5cd11191d58ea8a4285833d045a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 16:37:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
245952
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14000
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 00:26:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sat, 21 Oct 2023 16:37:37 GMT
log
play.google.com/ Frame 66E7 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.TeEPJU2x9Xs.es5.O/am=DwAC/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfriMWzjKm6LLK9PRzPG2TQLEwl_EKg/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Mon, 24 Oct 2022 12:56:49 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 24 Oct 2022 12:56:49 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Mon, 24 Oct 2022 12:56:49 GMT
expires
Mon, 24 Oct 2022 12:56:49 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 66E7 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.TeEPJU2x9Xs.es5.O/am=DwAC/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfriMWzjKm6LLK9PRzPG2TQLEwl_EKg/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Mon, 24 Oct 2022 12:56:49 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 24 Oct 2022 12:56:49 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Mon, 24 Oct 2022 12:56:49 GMT
expires
Mon, 24 Oct 2022 12:56:49 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 66E7 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.TeEPJU2x9Xs.es5.O/am=DwAC/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfriMWzjKm6LLK9PRzPG2TQLEwl_EKg/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Mon, 24 Oct 2022 12:56:49 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 24 Oct 2022 12:56:49 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Mon, 24 Oct 2022 12:56:49 GMT
expires
Mon, 24 Oct 2022 12:56:49 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 66E7 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.TeEPJU2x9Xs.es5.O/am=DwAC/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfriMWzjKm6LLK9PRzPG2TQLEwl_EKg/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Mon, 24 Oct 2022 12:56:49 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 24 Oct 2022 12:56:49 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Mon, 24 Oct 2022 12:56:49 GMT
expires
Mon, 24 Oct 2022 12:56:49 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 66E7 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.TeEPJU2x9Xs.es5.O/am=DwAC/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfriMWzjKm6LLK9PRzPG2TQLEwl_EKg/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Mon, 24 Oct 2022 12:56:49 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 24 Oct 2022 12:56:49 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Mon, 24 Oct 2022 12:56:49 GMT
expires
Mon, 24 Oct 2022 12:56:49 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 66E7 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.TeEPJU2x9Xs.es5.O/am=DwAC/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfriMWzjKm6LLK9PRzPG2TQLEwl_EKg/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Mon, 24 Oct 2022 12:56:49 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 24 Oct 2022 12:56:49 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Mon, 24 Oct 2022 12:56:49 GMT
expires
Mon, 24 Oct 2022 12:56:49 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 66E7 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.TeEPJU2x9Xs.es5.O/am=DwAC/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfriMWzjKm6LLK9PRzPG2TQLEwl_EKg/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Mon, 24 Oct 2022 12:56:49 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 24 Oct 2022 12:56:49 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Mon, 24 Oct 2022 12:56:49 GMT
expires
Mon, 24 Oct 2022 12:56:49 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 66E7 		131 B
671 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.TeEPJU2x9Xs.es5.O/am=DwAC/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfriMWzjKm6LLK9PRzPG2TQLEwl_EKg/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Mon, 24 Oct 2022 12:56:49 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 24 Oct 2022 12:56:49 GMT
fb.js
c.paypal.com/da/r/ Frame A2D6 		57 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/da/r/fb.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=44&style.menuPlacement=below&sdkVersion=5.0.335&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UmZW5hYmxlLWZ1bmRpbmc9dmVubW8iLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9mbWdpY3pibHBhZ211bHhpc2F1Z2VianVpb21iamsifX0&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&sdkCorrelationID=03351b5501575&storageID=uid_bc26a2c3ca_mti6nty6ndg&sessionID=uid_581e3af33a_mti6nty6ndg&buttonSessionID=uid_74d7656ee6_mti6nty6ndg&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&enableFunding.0=venmo&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e560d581ed6a8c168699938f8e85479245e1fc465c09ac8034acf5a1e3d72736
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-cache-hits
1, 1, 1405436
date
Mon, 24 Oct 2022 12:56:50 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
6449268
x-cache
HIT, HIT, HIT
paypal-debug-id
7a368cc6692de
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
20053
x-served-by
cache-sjc10054-SJC, cache-cdg20744-CDG, cache-cdg20782-CDG
last-modified
Tue, 09 Aug 2022 20:44:56 GMT
traceparent
00-00000000000000000007a368cc6692de-855db9bc9b6fdf14-01
x-timer
S1666616210.136517,VS0,VE2
etag
W/"62f2c748-e586"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=86400
access-control-allow-credentials
false
access-control-max-age
86400
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 25 Oct 2022 12:56:50 GMT
logger
www.paypal.com/xoplatform/logger/api/ Frame A2D6 		1021 B
2 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=44&style.menuPlacement=below&sdkVersion=5.0.335&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UmZW5hYmxlLWZ1bmRpbmc9dmVubW8iLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9mbWdpY3pibHBhZ211bHhpc2F1Z2VianVpb21iamsifX0&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&sdkCorrelationID=03351b5501575&storageID=uid_bc26a2c3ca_mti6nty6ndg&sessionID=uid_581e3af33a_mti6nty6ndg&buttonSessionID=uid_74d7656ee6_mti6nty6ndg&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&enableFunding.0=venmo&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
17b01625ec6f43ff5f38c675511c070cc6b452d8d2a9a31701ab62f647e929a3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=44&style.menuPlacement=below&sdkVersion=5.0.335&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UmZW5hYmxlLWZ1bmRpbmc9dmVubW8iLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9mbWdpY3pibHBhZ211bHhpc2F1Z2VianVpb21iamsifX0&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&sdkCorrelationID=03351b5501575&storageID=uid_bc26a2c3ca_mti6nty6ndg&sessionID=uid_581e3af33a_mti6nty6ndg&buttonSessionID=uid_74d7656ee6_mti6nty6ndg&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&enableFunding.0=venmo&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 24 Oct 2022 12:56:50 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cache
MISS, MISS
paypal-debug-id
f791322f675a3
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-lhr7343-LHR, cache-cdg20758-CDG
traceparent
00-0000000000000000000f791322f675a3-78eb27b15dab9c67-01
x-timer
S1666616210.145314,VS0,VE198
etag
W/W/"3fd-iftWyBE5e+QqLDb82gL+htZHSS4"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypal.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
none
x-cache-hits
0, 0
i
c.paypal.com/v1/r/d/ Frame 67C6 		160 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA
accept-ranges
none
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy-report-only
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html;charset=UTF-8
correlation-id
f5a18e5cd2a32
date
Mon, 24 Oct 2022 12:56:50 GMT
paypal-debug-id
f5a18e5cd2a32
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
*
traceparent
00-0000000000000000000f5a18e5cd2a32-9446da4e94a8832c-01
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-content-type-options
nosniff
x-served-by
cache-lhr7355-LHR, cache-cdg20782-CDG
x-timer
S1666616210.176051,VS0,VE170
x-xss-protection
1; mode=block
counter2.cgi
dub.stats.paypal.com/v2/ Frame 3DE9
Redirect Chain
  • https://b.stats.paypal.com/v2/counter.cgi?p=uid_581e3af33a_mti6nty6ndg&s=SMART_PAYMENT_BUTTONS
  • https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_581e3af33a_mti6nty6ndg&s=SMART_PAYMENT_BUTTONS
42 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_581e3af33a_mti6nty6ndg&s=SMART_PAYMENT_BUTTONS
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=44&style.menuPlacement=below&sdkVersion=5.0.335&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UmZW5hYmxlLWZ1bmRpbmc9dmVubW8iLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9mbWdpY3pibHBhZ211bHhpc2F1Z2VianVpb21iamsifX0&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&sdkCorrelationID=03351b5501575&storageID=uid_bc26a2c3ca_mti6nty6ndg&sessionID=uid_581e3af33a_mti6nty6ndg&buttonSessionID=uid_74d7656ee6_mti6nty6ndg&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&enableFunding.0=venmo&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Protocol
HTTP/1.1
Server
64.4.245.84 , United States, ASN17012 (PAYPAL, US),
Reverse DNS
Software
PayPal-B.Stats/1.0 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Mon, 24 Oct 2022 12:56:50 GMT
Server
PayPal-B.Stats/1.0
Connection
close
Content-Length
42
Content-Type
image/jpeg

Redirect headers

Location
https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_581e3af33a_mti6nty6ndg&s=SMART_PAYMENT_BUTTONS
Date
Mon, 24 Oct 2022 12:56:50 GMT
Server
PayPal-B.Stats/1.0
Connection
close
Content-Length
0
Content-Type
application/octet-stream
fb.js
c.paypal.com/da/r/ Frame 67C6 		57 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/da/r/fb.js
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e560d581ed6a8c168699938f8e85479245e1fc465c09ac8034acf5a1e3d72736
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-cache-hits
1, 1, 1405437
date
Mon, 24 Oct 2022 12:56:50 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
6449269
x-cache
HIT, HIT, HIT
paypal-debug-id
7a368cc6692de
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
20053
x-served-by
cache-sjc10054-SJC, cache-cdg20744-CDG, cache-cdg20782-CDG
last-modified
Tue, 09 Aug 2022 20:44:56 GMT
traceparent
00-00000000000000000007a368cc6692de-855db9bc9b6fdf14-01
x-timer
S1666616210.371700,VS0,VE2
etag
W/"62f2c748-e586"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=86400
access-control-allow-credentials
false
access-control-max-age
86400
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 25 Oct 2022 12:56:50 GMT
trackables
secure.actblue.com/ 		0
218 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://secure.actblue.com/trackables
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/c17a2e61b982965b66c6.js?form_app=us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.64.174 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.actblue.com/donate/em-jb-oct-elect-dems-2022?refcode=em_20221021_jb_actives1_rtb_evg_fr_res-whs-nd&link_id=6&can_id=3acb8d3b12b129f92658263ae45829a8&source=email-2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-a&email_referrer=email_1709269&email_subject=2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-assign-2021_donor-contains_tag-if-2022_donor-im-counting-on-grassroots-donors-like-you-to-chip-in-again-before-next-months-midterm-elections-elsif-2021_donor-or-2020_donor-im-counting-on-past-donors-like-you-to-make-your-first-donation-of-the-year-before-next-months-midterm-elections-else-if-youve-been-waiting-on-the-sidelines-looking-for-the-best-time-to-donate-this-is-it-endif&refcodeEmailReferrer=email_1709269
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Mon, 24 Oct 2022 12:56:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 varnish
x-permitted-cross-domain-policies
none
status
200 OK
x-start
2022-10-24 12:56:50.400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/html
cache-control
private, no-store
accept-ranges
bytes
s.js
cdn.sift.com/ 		61 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sift.com/s.js
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/donate/em-jb-oct-elect-dems-2022?refcode=em_20221021_jb_actives1_rtb_evg_fr_res-whs-nd&link_id=6&can_id=3acb8d3b12b129f92658263ae45829a8&source=email-2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-a&email_referrer=email_1709269&email_subject=2022_donor-contains_tag-assign-2022_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2020_donor-contains_tag-assign-2020_donor-contains_tag-2021_donor-contains_tag-assign-2021_donor-contains_tag-if-2022_donor-im-counting-on-grassroots-donors-like-you-to-chip-in-again-before-next-months-midterm-elections-elsif-2021_donor-or-2020_donor-im-counting-on-past-donors-like-you-to-make-your-first-donation-of-the-year-before-next-months-midterm-elections-else-if-youve-been-waiting-on-the-sidelines-looking-for-the-best-time-to-donate-this-is-it-endif&refcodeEmailReferrer=email_1709269
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.67.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
224.67.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
7921df86278b7fa9be0cbd78d9990071763ec4e9e88aaff2c3d466723090b8ae

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 13:01:23 GMT
content-encoding
gzip
age
86127
x-guploader-uploadid
ADPycdvzsvgd2AtiCqAOidWir6C1Q9qEkwULGSFdirEyX3eZpUvLV6bm-2yh3AjYcbA4su83WG4CenwCD9g7e0-Akv_-VeHJDcwP
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20452
last-modified
Thu, 09 Apr 2020 21:59:13 GMT
server
UploadServer
etag
"07cb8203158abb26b3c18318350e7b36"
vary
Accept-Encoding
x-goog-generation
1586469553682331
x-goog-hash
crc32c=fIrBTA==, md5=B8uCAxWKuyazwYMYNQ57Ng==
content-type
application/javascript
cache-control
public, max-age=86400
x-goog-stored-content-length
20452
accept-ranges
bytes
expires
Mon, 24 Oct 2022 13:01:23 GMT
p1
c.paypal.com/v1/r/d/b/ Frame 67C6 		125 B
834 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/b/p1
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5afbbe99dc0650d978f6e04a9654f939aa7bb3c2413c64f464e1a04ea7f9d9ce
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 24 Oct 2022 12:56:50 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id
5fe230ff6d9b
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
content-length
125
x-served-by
cache-lhr7331-LHR, cache-cdg20782-CDG
correlation-id
5fe230ff6d9b
traceparent
00-000000000000000000005fe230ff6d9b-846830a0e25ed9b6-01
content-type
application/json
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
0, 0
e
c.paypal.com/v1/r/d/b/ Frame 67C6 		0
238 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/b/e
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

x-served-by
cache-lhr7320-LHR, cache-cdg20782-CDG
date
Mon, 24 Oct 2022 12:56:50 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
correlation-id
7c17d9aef0ed9
via
1.1 varnish, 1.1 varnish
traceparent
00-00000000000000000007c17d9aef0ed9-d987692386d6225b-01
x-cache
MISS, MISS
paypal-debug-id
7c17d9aef0ed9
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
0, 0
p3
c6.paypal.com/v1/r/d/b/ Frame 67C6 		0
158 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c6.paypal.com/v1/r/d/b/p3?f=uid_581e3af33a_mti6nty6ndg&s=SMART_PAYMENT_BUTTONS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://c.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-served-by
cache-lhr7367-LHR, cache-cdg20782-CDG
date
Mon, 24 Oct 2022 12:56:50 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
correlation-id
1075552b4f7cd
via
1.1 varnish, 1.1 varnish
traceparent
00-00000000000000000001075552b4f7cd-560b1624a63ce3a8-01
x-timer
S1666616210.451299,VS0,VE176
x-cache
MISS, MISS
paypal-debug-id
1075552b4f7cd
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
accept-ranges
bytes
timing-allow-origin
*
content-length
0
x-cache-hits
0, 0
logger
www.paypal.com/xoplatform/logger/api/ Frame A2D6 		1014 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&locale=en_US&disable-funding=credit,card&intent=capture&commit=false&enable-funding=venmo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9cb327966833a0cb2120f87c8265f5179d8f973af197a19b3470ec1f129082c6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://www.paypal.com/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=44&style.menuPlacement=below&sdkVersion=5.0.335&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UmZW5hYmxlLWZ1bmRpbmc9dmVubW8iLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9mbWdpY3pibHBhZ211bHhpc2F1Z2VianVpb21iamsifX0&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&sdkCorrelationID=03351b5501575&storageID=uid_bc26a2c3ca_mti6nty6ndg&sessionID=uid_581e3af33a_mti6nty6ndg&buttonSessionID=uid_74d7656ee6_mti6nty6ndg&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&enableFunding.0=venmo&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
content-type
application/json

Response headers

date
Mon, 24 Oct 2022 12:56:50 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cache
MISS, MISS
paypal-debug-id
f7913227adc61
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-lhr7325-LHR, cache-cdg20758-CDG
traceparent
00-0000000000000000000f7913227adc61-9b7b56f5d25efa98-01
x-timer
S1666616210.467240,VS0,VE192
etag
W/W/"3f6-65IHrnnci3RslO+ivs+n8eM6F6U"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypal.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
none
x-cache-hits
0, 0
logger
www.paypal.com/xoplatform/logger/api/ 		1005 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0d745291e991b8858bb0ea062b95c1064854957967a1dcd07910ac777b321c66
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://secure.actblue.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
content-type
application/json

Response headers

date
Mon, 24 Oct 2022 12:56:50 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cache
MISS, MISS
paypal-debug-id
f629616c1465b
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-lhr7326-LHR, cache-cdg20763-CDG
traceparent
00-0000000000000000000f629616c1465b-43f1985e268d6a0d-01
x-timer
S1666616211.761921,VS0,VE177
etag
W/W/"3ed-kdvPkzFNSxJ8nexlGvVNTAeoR84"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://secure.actblue.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
none
x-cache-hits
0, 0
logger
www.paypal.com/xoplatform/logger/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://secure.actblue.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://secure.actblue.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Mon, 24 Oct 2022 12:56:50 GMT
dc
ccg11-origin-www-1.paypal.com
paypal-debug-id
f791322770681
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f791322770681-2fdfc833b25ff1e3-01
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-content-type-options
nosniff
x-served-by
cache-lhr7361-LHR, cache-cdg20763-CDG
x-timer
S1666616210.452338,VS0,VE289
242865.gif
hexagon-analytics.com/images/ 		43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hexagon-analytics.com/images/242865.gif?bk=19482a20cc&tm=36&r=393986408&v=105&cs=UTF-8&h=secure.actblue.com&l=en-US&S=6cb91e7c12f95fb2d58d69bd910d14c2&uu=0a7bc1b5979f80a107882c6f7d64934&t=Democratic%20National%20Committee%20(DNC)%20%E2%80%94%20Donate%20via%20ActBlue&u=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fem-jb-oct-elect-dems-2022%3Frefcode%3Dem_20221021_jb_actives1_rtb_evg_fr_res-whs-nd%26link_id%3D6%26can&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F106.0.5249.119%20Safari%2F537.36&nm=4&mh=fe407dda3b01b3e3c72476fe7bf9f870&np=3&ph=596d9e73a4a75c4ceee60ad7b54864b3&sh=1200&sw=1600&cd=24&p=Win32&to=0&d=0&ce=true&tp=0&ol=true&pr=Gecko&ps=20030107&vd=Google%20Inc.&vs=&hc=4&je=false&ss=true&ls=true&in=true&db=false&tl=false&tr=false&ts=false&tb=false&ab=false&cf=64d58bfddb44af6942e7931de5174ca7&z=z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.232.42 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
42.232.102.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 12:56:50 GMT
via
1.1 google
x-content-type-options
nosniff
server
nginx
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
www.facebook.com/tr/ Frame 45F7 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://secure.actblue.com
Referer
https://secure.actblue.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://secure.actblue.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Mon, 24 Oct 2022 12:56:50 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
/
api-js.mixpanel.com/track/ 		25 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-js.mixpanel.com/track/?verbose=1&ip=1&_=1666616213351
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.25.25 -, , ASN (),
Reverse DNS
Software
envoy /
Resource Hash
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains

Request headers

Referer
https://secure.actblue.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=604800; includeSubDomains
date
Mon, 24 Oct 2022 12:56:53 GMT
via
1.1 google
server
envoy
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://secure.actblue.com
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
19
access-control-allow-headers
X-Requested-With
content-length
25
alt-svc
clear

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| CF_CONFIG object| indigoListResponse object| preloadedState object| mixpanel object| actBlueConfig function| setImmediate function| clearImmediate object| actblue function| abConfigure object| webpackJsonp object| __core-js_shared__ object| core object| tracker function| PERSIST object| SafeDDLogs object| SafeMixpanel object| Bugsnag string| MODE function| gtag object| dataLayer object| _gaq object| DD_LOGS object| _gat object| gaGlobal object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO string| _user_id string| _session_id object| _sift object| gaplugins object| gaData object| __post_robot_11_0_0___uid_fmgiczblpagmulxisaugebjuiombjk object| paypal object| __zoid_10_1_0___uid_fmgiczblpagmulxisaugebjuiombjk object| paypalDDL string| PaypalOffersObject function| ppq object| denylistedDomainsHashedValueListForGpayButtonWithCardInfo object| whitelistedDomainsHashedValueListForGpayButtonWithCardInfo object| denylistedMerchentIdsHashedValueListForGpayButtonWithCardInfo object| google object| __post_robot_10_0_44__ object| PAYPAL function| __siftFlashCB undefined| Sift object| PluginDetect

32 Cookies

Domain/Path Name / Value
secure.actblue.com/cf/assets/app-css Name: skip_prefill_check
Value: true
secure.actblue.com/cf/assets/app Name: skip_prefill_check
Value: true
secure.actblue.com/cf/assets Name: skip_prefill_check
Value: true
secure.actblue.com/cf/static Name: skip_prefill_check
Value: true
secure.actblue.com/donate Name: skip_prefill_check
Value: true
.actblue.com/ Name: mp_1498bce7991dd9e45621a9bf2dbfa01b_mixpanel
Value: %7B%22distinct_id%22%3A%20%221840a112be01db-06b050d93d4e14-653f5251-1d4c00-1840a112be1d47%22%2C%22%24device_id%22%3A%20%221840a112be01db-06b050d93d4e14-653f5251-1d4c00-1840a112be1d47%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
secure.actblue.com/ Name: _dd_s
Value: logs=1&id=6e30a547-3064-471a-8383-7fd016b46507&created=1666616208359&expire=1666617108359
.actblue.com/ Name: __utma
Value: 88171332.340882672.1666616208.1666616208.1666616208.1
.actblue.com/ Name: __utmc
Value: 88171332
.actblue.com/ Name: __utmz
Value: 88171332.1666616208.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.actblue.com/ Name: __utmt
Value: 1
.actblue.com/ Name: __utmb
Value: 88171332.1.10.1666616208
.actblue.com/ Name: _gcl_au
Value: 1.1.241053688.1666616208
.secure.actblue.com/ Name: _session_id
Value: 2472588164d02106a083f814092b6f23
.actblue.com/ Name: _ga
Value: GA1.2.340882672.1666616208
.actblue.com/ Name: _gid
Value: GA1.2.972951277.1666616209
.actblue.com/ Name: _gat_gtag_UA_70251_1
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUkLCwUW-u3tLkNQWlT6qdqgq9jj1eRwKAbLJJBayBMKZulRDxAqyFBDSs2W
.google.com/ Name: NID
Value: 511=H3-A6cgEHH4BS96QRFvv5OfCeecM07yNgjKZaGus9Zh9yPtJKO8duM5vvYjtWNM8J8gZ7281MqdgQjGjC3BTLiA74rtJEeO6FfqL_AeRyJNkDCCkPCztqzoAddHiM8_Vi4SJpkuk2sSQIaWruA4xlhaLJTDPx5N5AWY4mipH9Q8
.paypal.com/ Name: l7_az
Value: dcg13.slc
.actblue.com/ Name: _fbp
Value: fb.1.1666616209367.1250260042
.paypal.com/ Name: enforce_policy
Value: gdpr_v2.1
.paypal.com/ Name: LANG
Value: fr_FR%3BFR
www.paypal.com/ Name: nsid
Value: s%3AWUYCSX_P0NEpcMu6zssuEUyu8_ulPn9h.QM8KNzWT3JxpSV96oP2E9W8jzi%2FNz1yYSuL%2FgDviySg
.paypalobjects.com/ Name: paypal-offers--cust
Value: null:null:null
.paypal.com/ Name: tsrce
Value: loggernodeweb
.paypal.com/ Name: ts
Value: vreXpYrS%3D1761310610%26vteXpYrS%3D1666618010%26vr%3D0a11333c1840ad009f1284b2fc0fbe1b%26vt%3D0a11333c1840ad009f1284b2fc0fbe1a%26vtyp%3Dnew
.paypal.com/ Name: ts_c
Value: vr%3D0a11333c1840ad009f1284b2fc0fbe1b%26vt%3D0a11333c1840ad009f1284b2fc0fbe1a
.actblue.com/ Name: __ssid
Value: 0a7bc1b5979f80a107882c6f7d64934
.c.paypal.com/ Name: sc_f
Value: YnliYLZivOrlpSGbNSGommv7vsMhs7r7hjUjh7vXI1fWSVER_pIMx4_tFldxuD5Rerjw1mDdJOq6F-CL4BODyZUzECvHdxg8ocKJqG
.paypal.com/ Name: KHcl0EuY7AKSMgfvHl7J5E7hPtK
Value: utCNguMtlmiwaFro8CreNZbHjKlxkBOqxP4_iqBi3C_eDUP2rSL7Tz64mD-gBSDKL_1il582kvuYcphb
.paypal.com/ Name: x-pp-s
Value: eyJ0IjoiMTY2NjYxNjIxMDU3OSIsImwiOiIwIiwibSI6IjAifQ

2 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'none'; report-uri /system/csp_reports
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

actblue-indigo-uploads.s3.amazonaws.com
api-js.mixpanel.com
b.stats.paypal.com
c.paypal.com
c6.paypal.com
cdn.mxpnl.com
cdn.sift.com
click.act.democrats.org
connect.facebook.net
dub.stats.paypal.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hexagon-analytics.com
pay.google.com
play.google.com
secure.actblue.com
sessions.bugsnag.com
ssl.google-analytics.com
stats.g.doubleclick.net
t.paypal.com
www.datadoghq-browser-agent.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.fr
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
zgen2d20.micpn.com
108.138.1.193
108.138.7.60
151.101.129.35
151.101.193.21
151.101.64.174
151.101.65.35
172.217.18.2
192.229.221.25
2600:1901:0:7a0b::
2600:1901:0:bc29::
2606:4700::6810:4a28
2a00:1450:4001:800::2004
2a00:1450:4001:802::2002
2a00:1450:4001:803::200e
2a00:1450:4001:806::2003
2a00:1450:4001:80b::2008
2a00:1450:4001:80b::200e
2a00:1450:4001:80f::2008
2a00:1450:4001:828::2003
2a00:1450:4001:830::2003
2a00:1450:4001:831::200a
2a00:1450:400c:c00::9a
2a00:1450:4010:c0f::5c
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.102.232.42
34.96.67.224
35.190.25.25
52.217.196.185
64.4.245.84
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0d745291e991b8858bb0ea062b95c1064854957967a1dcd07910ac777b321c66
0d8d653d9db91ffae17fb3b4a7d604d7983f56e3362f0aac41041fba9a9259f9
17b01625ec6f43ff5f38c675511c070cc6b452d8d2a9a31701ab62f647e929a3
18c5ea307249bf7030a2128de818b1706319b1bc333b8e2ff8649c65b1ece255
1fa691b902475382cfc838ba2030e1e2a6028418351c3fd2b6d86790552181e8
2300a1cd3e81dc9c218a75452bbd1dbd27de5914748644960908deb9c5e61636
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b
296556b2cbec343b1eb03977cfef6b843c43d946495b5182bfadce93a84d2b02
29f6723688a4d4dfa023755fe5ce31ab8b9302eda17a34f2e9e4364a95b3a97a
2f7fd72d7b53a6c582d8d7d139e813eeeacba5f8dadd49c7c677c5b8dc9d1ede
305d14d65c715c5c749c862bd7cb67c3444efc2ce7f3cf436c05f1737f086ad4
33c86e8166977b2fe508467d0223c1663b8689dd20e1a8bc6bcec04aa63b89a9
357ea6dabdc1d023971771b2f338c3bc6dbee39b65d2eded82b33299f344d6d2
3610c57d7aec6165d2f31ed999e04fb3524c633c8d2c13cf00c703ea0df95c22
40925b88fa6d8bd6e302920c15c28946d64f68f23c5b516734eb9ea40780e3a9
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
5008be6d70ddadf7cf59c80ba173e4dd1b218bd232cab9cd6e3d771434cedbec
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452
5afbbe99dc0650d978f6e04a9654f939aa7bb3c2413c64f464e1a04ea7f9d9ce
64b32d14f993564fe182a5690410f7d4aa2ace59934eac09d7dcf03a68ec7566
653e7cf0591c3856565188ac0fe9b6baa746f318b2cd4f205ac4e08a76edf338
6af0745b22cc96d8617d1fe9960cce21c6fa5cd11191d58ea8a4285833d045a4
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
727b7896a52f1720b15b197937d581304db4f6400f709a355aee32faa531d936
7921df86278b7fa9be0cbd78d9990071763ec4e9e88aaff2c3d466723090b8ae
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8ae3400104c7b0db11e9fe317236e68a26afba6580192041e87038ceff4db638
8c1f103985ca72fdbd172c878fef875d9e50327c2baac26ce1b80d4a4fbf15e5
8feebb2c0558efb24c113703c59c03ae2328ed03ab3895d483f18ce4f38576cb
912bc848d461e328a48863196601323b69ed445926c856f23a426efe674e67eb
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
95349c125d8ed36af81e9633df1504d529fce1d8c66090fb342a86be8bb43c9d
9cb327966833a0cb2120f87c8265f5179d8f973af197a19b3470ec1f129082c6
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a245bcab70c93a979011c727ad9d639b99ddbf8e7cf660a13cb4a0ce5a7f3f92
a9382557b8c16a92e8eff597d39bf28794a79f350868a83e7706c0948cc5063e
b2fe1fe1e570e4a76c82a6e02970a47b56728cf042b2fbe34547ca0117715d41
b30136e41af0cb6a31fe3e5ea66e0b57ce11a46b57ef58d6cc31c8c9a1a8d279
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4f76242aa7ba0f7171c615197feaa071fbb074584b1a8a25ba11f1cfb520d16
bc4bd86bf0831aaa554198fd888d7d6edd94480c155877c1176f2e57e410a276
c54abf000170f14a52ebd2b453c1251188951d93c475a1f82d52094cda4e3b67
caac9a6bc092636852e6be87ed8b625e9e5fbcbb194e3a817441d9ddf9ac2dc5
cd455bb29049e592d4a73cf54657f76af92d67ce1d7adb84ff15c786bbd4e4bc
d20f67e754753b9de3e1e3c7f113a78631eef21189dd122a96268335c986753d
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
da7a511c69cdf1e0f950a29019d09854b8919bc154bb95fe5d5ec580ed2f0997
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e119452cd10c92e4175f715d8f8397b4adf0e0e3d96d1b97a69219daecb96c54
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e560d581ed6a8c168699938f8e85479245e1fc465c09ac8034acf5a1e3d72736
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f383d270511912b2da11555947cb3e6012e6375cb5f0d90493c25f6048169073
f384f5b5702aff302d21279abd721dad9cc382f412773c5df92fab9ea3ace8a9
f8486cf55c57486f26236be045e02ada380d1ee0378008375cf54295c23954c8