urlscan.io logo urlscan.io
SecurityTrails logo

secure.actblue.com Open in urlscan Pro
151.101.128.174  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://action.turnoutpac.org/go/41356?amount=5&amounts=5%2C25%2C50%2C100%2C250&t=4&akid=33834%2E5935949%2Eu59Tdt
Effective URL: https://secure.actblue.com/donate/ms_ptp_fr_q42021_sinema-letter?akid=33834.5935949.u59Tdt&amount=5&amounts=5%2C25%2C50%2C1...
Submission: On November 14 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 4 countries across 13 domains to perform 45 HTTP transactions. The main IP is 151.101.128.174, located in United States and belongs to FASTLY, US. The main domain is secure.actblue.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 5th 2021. Valid for: a year.
This is the only time secure.actblue.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    54.177.12.238 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-177-12-238.us-west-1.compute.amazonaws.com
action.turnoutpac.org
7    151.101.128.174 (United States)

ASN54113 (FASTLY, US)
secure.actblue.com
1    2600:1901:0:bc29:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
cdn.mxpnl.com
2    52.217.101.108 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
actblue-indigo-uploads.s3.amazonaws.com
4    2600:1901:0:7a0b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
sessions.bugsnag.com
1    13.32.59.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-59-64.fra60.r.cloudfront.net
www.datadoghq-browser-agent.com
1    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
8    151.101.129.21 (United States)

ASN54113 (FASTLY, US)
www.paypal.com
4    2a00:1450:400c:c0c::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
pay.google.com
3    151.101.2.133 (United States)

ASN54113 (FASTLY, US)
www.paypalobjects.com
2    151.101.193.35 (United States)

ASN54113 (FASTLY, US)
t.paypal.com
3    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
5    84.53.164.154 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a84-53-164-154.deploy.static.akamaitechnologies.com
c.paypal.com
2    64.4.245.84 (United States)

ASN17012 (PAYPAL, US)
b.stats.paypal.com
dub.stats.paypal.com
1    2a04:4e42:200::291 (United States)

ASN54113 (FASTLY, US)
c6.paypal.com
1    130.211.34.183 (None, )

ASN- ()
api-js.mixpanel.com
Domain Requested by
8 www.paypal.com secure.actblue.com
www.paypal.com
www.paypalobjects.com
7 secure.actblue.com secure.actblue.com
5 c.paypal.com www.paypal.com
c.paypal.com
4 pay.google.com secure.actblue.com
pay.google.com
www.gstatic.com
4 sessions.bugsnag.com secure.actblue.com
www.datadoghq-browser-agent.com
3 www.gstatic.com pay.google.com
www.gstatic.com
3 www.paypalobjects.com www.paypal.com
www.paypalobjects.com
2 t.paypal.com secure.actblue.com
2 actblue-indigo-uploads.s3.amazonaws.com secure.actblue.com
1 api-js.mixpanel.com www.datadoghq-browser-agent.com
1 c6.paypal.com secure.actblue.com
1 dub.stats.paypal.com www.paypal.com
1 b.stats.paypal.com 1 redirects
1 stats.g.doubleclick.net secure.actblue.com
1 ssl.google-analytics.com 1 redirects
1 www.datadoghq-browser-agent.com secure.actblue.com
1 cdn.mxpnl.com secure.actblue.com
1 action.turnoutpac.org 1 redirects
0 www.google-analytics.com Failed www.gstatic.com
45 19

This site contains no links.

Subject Issuer Validity Valid
secure.actblue.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-05 -
2022-10-05		 a year crt.sh
*.mxpnl.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-07-15 -
2022-07-28		 a year crt.sh
*.s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2021-01-11 -
2022-02-11		 a year crt.sh
*.bugsnag.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-05 -
2022-05-05		 a year crt.sh
*.datadoghq-browser-agent.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-17 -
2022-03-17		 a year crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2021-11-02 -
2022-03-15		 4 months crt.sh
*.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2021-09-21 -
2022-10-22		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
c.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2020-01-09 -
2022-01-13		 2 years crt.sh
*.mixpanel.com
GeoTrust RSA CA 2018		 2020-04-20 -
2022-04-21		 2 years crt.sh

This page contains 7 frames:

Primary Page: https://secure.actblue.com/donate/ms_ptp_fr_q42021_sinema-letter?akid=33834.5935949.u59Tdt&amount=5&amounts=5%2C25%2C50%2C100%2C250&rd=1&refcode=MS_EM_FR-LTR_2021.11.14_B2_Sinema-Pass-Biden-Agenda_X__F1_S1_C1__main-15_RS&refcode2=33834_5935949_u59Tdt&t=4
Frame ID: F247BC906ACC46DF4AD6132F478F4FDD
Requests: 21 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=44&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9keHR6cnRqYmRudnBuZGtpc3VyZmR2eG5lZ2h0bGwifX0&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&sdkCorrelationID=a03994ffc5974&storageID=uid_0bfedb1b8e_mtc6mzc6ndm&sessionID=uid_a41ccdaf9c_mtc6mzc6ndm&buttonSessionID=uid_3fa3f2deb2_mtc6mzc6ndm&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwibWVyY2hhbnRDb25maWdIYXNoIjoiOThjNjBhMjE5ZWJiMTRlMTMyNGMxNzc0ZThjNWE0ODcwMzUxNWYwOSIsInByb2R1Y3RzIjp7InBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1heGltYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&renderedButtons.1=sepa&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true
Frame ID: 2035B8ED67BF1325E53059B7D93A62E9
Requests: 7 HTTP requests in this frame

Frame: data://truncated
Frame ID: 041677DDC42C56522D93BA0D3444FAD9
Requests: 2 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fsecure.actblue.com&mid=
Frame ID: 32D531BF900EAF5EBDEE654EDE99B7F9
Requests: 7 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: C90FA9565A1414CA95933450B013CAE4
Requests: 3 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: 8F1A757FE708F35A72CAF0190E74681A
Requests: 5 HTTP requests in this frame

Frame: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_a41ccdaf9c_mtc6mzc6ndm&s=SMART_PAYMENT_BUTTONS
Frame ID: FBE67F0B1A14656F482BA3B0796F5D7C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Progressive Turnout Project — Donate via ActBlue

Page URL History Show full URLs

  1. https://action.turnoutpac.org/go/41356?amount=5&amounts=5%2C25%2C50%2C100%2C250&t=4&akid=33834%2E5935949%2... HTTP 302
    https://secure.actblue.com/donate/ms_ptp_fr_q42021_sinema-letter?akid=33834.5935949.u59Tdt&amount=5&amo... Page URL

Page Statistics

45
Requests

93 %
HTTPS

41 %
IPv6

13
Domains

19
Subdomains

16
IPs

4
Countries

1620 kB
Transfer

4825 kB
Size

26
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://action.turnoutpac.org/go/41356?amount=5&amounts=5%2C25%2C50%2C100%2C250&t=4&akid=33834%2E5935949%2Eu59Tdt HTTP 302
    https://secure.actblue.com/donate/ms_ptp_fr_q42021_sinema-letter?akid=33834.5935949.u59Tdt&amount=5&amounts=5%2C25%2C50%2C100%2C250&rd=1&refcode=MS_EM_FR-LTR_2021.11.14_B2_Sinema-Pass-Biden-Agenda_X__F1_S1_C1__main-15_RS&refcode2=33834_5935949_u59Tdt&t=4 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.6.1&utms=1&utmn=1828456349&utmhn=secure.actblue.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=ActBlue&utmhid=2099052481&utmr=-&utmp=%2Fdonate%2Fms_ptp_fr_q42021_sinema-letter%3Fakid%3D33834.5935949.u59Tdt%26amount%3D5%26amounts%3D5%25252C25%25252C50%25252C100%25252C250%26rd%3D1%26refcode%3DMS_EM_FR-LTR_2021.11.14_B2_Sinema-Pass-Biden-Agenda_X__F1_S1_C1__main-15_RS%26refcode2%3D33834_5935949_u59Tdt%26t%3D4&utmht=1636911462425&utmac=UA-159696-1&utmcc=__utma%3D88171332.1085851601.1636911462.1636911462.1636911462.1%3B%2B__utmz%3D88171332.1636911462.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1598936024&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-159696-1&cid=1085851601.1636911462&jid=1598936024&_v=5.6.1&z=1828456349
Request Chain 37
  • https://b.stats.paypal.com/v2/counter.cgi?p=uid_a41ccdaf9c_mtc6mzc6ndm&s=SMART_PAYMENT_BUTTONS HTTP 302
  • https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_a41ccdaf9c_mtc6mzc6ndm&s=SMART_PAYMENT_BUTTONS

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ms_ptp_fr_q42021_sinema-letter
secure.actblue.com/donate/
Redirect Chain
  • https://action.turnoutpac.org/go/41356?amount=5&amounts=5%2C25%2C50%2C100%2C250&t=4&akid=33834%2E5935949%2Eu59Tdt
  • https://secure.actblue.com/donate/ms_ptp_fr_q42021_sinema-letter?akid=33834.5935949.u59Tdt&amount=5&amounts=5%2C25%2C50%2C100%2C250&rd=1&refcode=MS_EM_FR-LTR_2021.11.14_B2_Sinema-Pass-Biden-Agenda_...
86 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.actblue.com/donate/ms_ptp_fr_q42021_sinema-letter?akid=33834.5935949.u59Tdt&amount=5&amounts=5%2C25%2C50%2C100%2C250&rd=1&refcode=MS_EM_FR-LTR_2021.11.14_B2_Sinema-Pass-Biden-Agenda_X__F1_S1_C1__main-15_RS&refcode2=33834_5935949_u59Tdt&t=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.174 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
29ef30ed3e4b3a033d5a36916a847efa7a5c442343b6fba435d54744cdefadaa
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri /system/csp_reports
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0
content-security-policy
frame-ancestors 'none'; report-uri /system/csp_reports
content-type
text/html; charset=utf-8
etag
W/"158d4-z3J51pXOY/tmLtwJLkOc+mLk6WI"
x-form-app
kittens! [Server: node: us]
x-frame-options
sameorigin
via
1.1 vegur, 1.1 varnish, 1.1 varnish
content-encoding
gzip
accept-ranges
bytes
date
Sun, 14 Nov 2021 17:37:42 GMT
age
17499
vary
Accept-Encoding
x-start
2021-11-14 17:37:42.140
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
content-length
22956

Redirect headers

date
Sun, 14 Nov 2021 17:37:42 GMT
content-type
text/html; charset=utf-8
content-length
0
location
https://secure.actblue.com/donate/ms_ptp_fr_q42021_sinema-letter?akid=33834.5935949.u59Tdt&amount=5&amounts=5%2C25%2C50%2C100%2C250&rd=1&refcode=MS_EM_FR-LTR_2021.11.14_B2_Sinema-Pass-Biden-Agenda_X__F1_S1_C1__main-15_RS&refcode2=33834_5935949_u59Tdt&t=4
server
openresty
vary
Cookie, Origin
8c798d2c0a655bdb6f81.css
secure.actblue.com/cf/assets/app-css/ 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.actblue.com/cf/assets/app-css/8c798d2c0a655bdb6f81.css?form_app=us
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/donate/ms_ptp_fr_q42021_sinema-letter?akid=33834.5935949.u59Tdt&amount=5&amounts=5%2C25%2C50%2C100%2C250&rd=1&refcode=MS_EM_FR-LTR_2021.11.14_B2_Sinema-Pass-Biden-Agenda_X__F1_S1_C1__main-15_RS&refcode2=33834_5935949_u59Tdt&t=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.174 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c0a876e22dd207a67ea508bf2a41c88b3f98dbc7ebc1fd335ccf427bf39aa4ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/donate/ms_ptp_fr_q42021_sinema-letter?akid=33834.5935949.u59Tdt&amount=5&amounts=5%2C25%2C50%2C100%2C250&rd=1&refcode=MS_EM_FR-LTR_2021.11.14_B2_Sinema-Pass-Biden-Agenda_X__F1_S1_C1__main-15_RS&refcode2=33834_5935949_u59Tdt&t=4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 17:37:42 GMT
via
1.1 vegur, 1.1 varnish, 1.1 varnish
last-modified
Wed, 10 Nov 2021 20:01:05 GMT
age
156633
etag
W/"5539-17d0b708be8"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
x-start
2021-11-14 17:37:42.182
cache-control
max-age=31557600, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-encoding
gzip
content-length
5073
x-xss-protection
1; mode=block
actblue.js
secure.actblue.com/cf/assets/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.actblue.com/cf/assets/actblue.js
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/donate/ms_ptp_fr_q42021_sinema-letter?akid=33834.5935949.u59Tdt&amount=5&amounts=5%2C25%2C50%2C100%2C250&rd=1&refcode=MS_EM_FR-LTR_2021.11.14_B2_Sinema-Pass-Biden-Agenda_X__F1_S1_C1__main-15_RS&refcode2=33834_5935949_u59Tdt&t=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.174 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f85fca6cb9ff779d4e6e93e79c98a9072f9de1f57f7a1e0da0a5dd9d4776bef0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/donate/ms_ptp_fr_q42021_sinema-letter?akid=33834.5935949.u59Tdt&amount=5&amounts=5%2C25%2C50%2C100%2C250&rd=1&refcode=MS_EM_FR-LTR_2021.11.14_B2_Sinema-Pass-Biden-Agenda_X__F1_S1_C1__main-15_RS&refcode2=33834_5935949_u59Tdt&t=4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 17:37:42 GMT
via
1.1 vegur, 1.1 varnish, 1.1 varnish
last-modified
Wed, 10 Nov 2021 19:59:24 GMT
age
156633
etag
W/"72e0-17d0b6f0160"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-start
2021-11-14 17:37:42.182
cache-control
max-age=600, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-encoding
gzip
content-length
9277
x-xss-protection
1; mode=block
8c798d2c0a655bdb6f81.js
secure.actblue.com/cf/assets/app/ 		2 MB
463 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.actblue.com/cf/assets/app/8c798d2c0a655bdb6f81.js?form_app=us
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/donate/ms_ptp_fr_q42021_sinema-letter?akid=33834.5935949.u59Tdt&amount=5&amounts=5%2C25%2C50%2C100%2C250&rd=1&refcode=MS_EM_FR-LTR_2021.11.14_B2_Sinema-Pass-Biden-Agenda_X__F1_S1_C1__main-15_RS&refcode2=33834_5935949_u59Tdt&t=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.174 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2f296e53be4eac867a029236bc702096dbcf439b2c8c326c5cc7fc920ae2aef1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/donate/ms_ptp_fr_q42021_sinema-letter?akid=33834.5935949.u59Tdt&amount=5&amounts=5%2C25%2C50%2C100%2C250&rd=1&refcode=MS_EM_FR-LTR_2021.11.14_B2_Sinema-Pass-Biden-Agenda_X__F1_S1_C1__main-15_RS&refcode2=33834_5935949_u59Tdt&t=4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 17:37:42 GMT
via
1.1 vegur, 1.1 varnish, 1.1 varnish
last-modified
Wed, 10 Nov 2021 20:01:05 GMT
age
156633
etag
W/"1a28c3-17d0b708be8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-start
2021-11-14 17:37:42.182
cache-control
max-age=31557600, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-encoding
gzip
content-length
473349
x-xss-protection
1; mode=block
mixpanel-2-latest.min.js
cdn.mxpnl.com/libs/ 		75 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/donate/ms_ptp_fr_q42021_sinema-letter?akid=33834.5935949.u59Tdt&amount=5&amounts=5%2C25%2C50%2C100%2C250&rd=1&refcode=MS_EM_FR-LTR_2021.11.14_B2_Sinema-Pass-Biden-Agenda_X__F1_S1_C1__main-15_RS&refcode2=33834_5935949_u59Tdt&t=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:bc29:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
d041681ad7b48ebd3e8eaf22937c7235b8c1ea0cf9069ec2fb88dcd42d3f9588

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 17:36:42 GMT
content-encoding
gzip
age
60
x-guploader-uploadid
ADPycdvir3N6KqursKXwnM6bFD7p-qDHNqgueCPRkWV4GgTEraqZuFz9lGSzNVMUEBZwYnREXQpSDfnyB3ijHN3P7HD9yxpaXw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
25483
last-modified
Wed, 10 Nov 2021 21:04:55 GMT
server
UploadServer
etag
"f20c9a45ed3fa844e488ab86bbf6023e"
vary
Accept-Encoding
x-goog-hash
crc32c=NzFvSw==, md5=8gyaRe0/qETkiKuGu/YCPg==
x-goog-generation
1636578295347622
access-control-allow-origin
*
cache-control
public,max-age=600
x-goog-stored-content-length
25483
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 14 Nov 2021 17:46:42 GMT
PTP_Wrapper_Capitol-Blue_20170920.jpg
actblue-indigo-uploads.s3.amazonaws.com/uploads/list-editor/brandings/12350/document_body/background_image_url/ 		127 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://actblue-indigo-uploads.s3.amazonaws.com/uploads/list-editor/brandings/12350/document_body/background_image_url/PTP_Wrapper_Capitol-Blue_20170920.jpg
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/donate/ms_ptp_fr_q42021_sinema-letter?akid=33834.5935949.u59Tdt&amount=5&amounts=5%2C25%2C50%2C100%2C250&rd=1&refcode=MS_EM_FR-LTR_2021.11.14_B2_Sinema-Pass-Biden-Agenda_X__F1_S1_C1__main-15_RS&refcode2=33834_5935949_u59Tdt&t=4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.101.108 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
c0ed069a787638601bc7c7958e33a7ea7369d11e60f4ea8fc59763bbaa28e63a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 17:37:43 GMT
Last-Modified
Mon, 20 May 2019 04:55:43 GMT
Server
AmazonS3
x-amz-request-id
143P72EAZ67F4YSG
ETag
"f2655284a57b18327c438735e31a46eb"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
130426
x-amz-id-2
aiSIdCzJAhN5TjlIb/biEI7NhuzEl2VPHuzjd0XSex4MwXKNlNLGCBYhx4m96MdoRb60hWm/ADU=
/
sessions.bugsnag.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Origin
https://secure.actblue.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-headers
Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods
POST
access-control-allow-origin
*
date
Sun, 14 Nov 2021 17:37:42 GMT
content-length
0
via
1.1 google
alt-svc
clear
/
sessions.bugsnag.com/ 		21 B
140 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/8c798d2c0a655bdb6f81.js?form_app=us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version
1
Referer
https://secure.actblue.com/
Bugsnag-Sent-At
2021-11-14T17:37:42.299Z
Accept-Language
de-DE,de;q=0.9
Bugsnag-Api-Key
04c1a9de88bb73e22614162ba813a0b9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Sun, 14 Nov 2021 17:37:42 GMT
via
1.1 google
bugsnag-session-uuid
089bd182-9742-449b-af06-1adc39932e50
alt-svc
clear
content-length
21
content-type
application/json
datadog-logs.js
www.datadoghq-browser-agent.com/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.datadoghq-browser-agent.com/datadog-logs.js
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/8c798d2c0a655bdb6f81.js?form_app=us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.59.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-59-64.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
912bc848d461e328a48863196601323b69ed445926c856f23a426efe674e67eb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 17:36:45 GMT
content-encoding
gzip
last-modified
Tue, 27 Jul 2021 15:01:20 GMT
server
AmazonS3
age
103
etag
W/"9eb57181f3149e3310d96317ef9188ac"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 4612dc3b414cf2057f542e94733d59bd.cloudfront.net (CloudFront)
cache-control
max-age=14400, s-maxage=60
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
DEDABdCbokyxEfbZ2nKuRFKUQQsyIHOQ5on2P50ae-Jjjk9wwu9KQQ==
auth_token
secure.actblue.com/api/cf/ 		104 B
546 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://secure.actblue.com/api/cf/auth_token
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/8c798d2c0a655bdb6f81.js?form_app=us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.174 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
17cfae24ba0c95e145cbce29f70149e7cbd8cb61a08c5fdc488b499390633d9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/donate/ms_ptp_fr_q42021_sinema-letter?akid=33834.5935949.u59Tdt&amount=5&amounts=5%2C25%2C50%2C100%2C250&rd=1&refcode=MS_EM_FR-LTR_2021.11.14_B2_Sinema-Pass-Biden-Agenda_X__F1_S1_C1__main-15_RS&refcode2=33834_5935949_u59Tdt&t=4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 17:37:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
status
200 OK
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
x-start
2021-11-14 17:37:42.368
x-frame-options
SAMEORIGIN
etag
W/"17cfae24ba0c95e145cbce29f70149e7"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/json; charset=utf-8
via
1.1 varnish
cache-control
private, no-store
accept-ranges
bytes
da6631e8-caec-4d3b-8d88-bac2862f3f8c-PTP_Logo_PrimaryMark-07.png
actblue-indigo-uploads.s3.amazonaws.com/uploads/list-editor/651104dc-7ef4-428c-93b3-98c6553ce80b-brandings/119323/header/image_url/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://actblue-indigo-uploads.s3.amazonaws.com/uploads/list-editor/651104dc-7ef4-428c-93b3-98c6553ce80b-brandings/119323/header/image_url/da6631e8-caec-4d3b-8d88-bac2862f3f8c-PTP_Logo_PrimaryMark-07.png
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/donate/ms_ptp_fr_q42021_sinema-letter?akid=33834.5935949.u59Tdt&amount=5&amounts=5%2C25%2C50%2C100%2C250&rd=1&refcode=MS_EM_FR-LTR_2021.11.14_B2_Sinema-Pass-Biden-Agenda_X__F1_S1_C1__main-15_RS&refcode2=33834_5935949_u59Tdt&t=4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.101.108 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
0a9cb64084bdf9f71e4760b56048e32e71998e452a1c082f9b8625bd95b048f1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 17:37:43 GMT
Last-Modified
Tue, 26 Oct 2021 17:11:10 GMT
Server
AmazonS3
x-amz-request-id
143WFR7E1TVVDKB6
ETag
"41009790dd7f48e901448fa61f0ac0a3"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
75724
x-amz-id-2
gmR//jlPWi3dMbEa9hsfrHEO18sZ/RJiQdRDV+QzN3a/tRFY/HWbq2ns6J5k3nWjrjLar+Y/428=
ga.js
secure.actblue.com/cf/static/ 		40 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.actblue.com/cf/static/ga.js
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/donate/ms_ptp_fr_q42021_sinema-letter?akid=33834.5935949.u59Tdt&amount=5&amounts=5%2C25%2C50%2C100%2C250&rd=1&refcode=MS_EM_FR-LTR_2021.11.14_B2_Sinema-Pass-Biden-Agenda_X__F1_S1_C1__main-15_RS&refcode2=33834_5935949_u59Tdt&t=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.174 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
653e7cf0591c3856565188ac0fe9b6baa746f318b2cd4f205ac4e08a76edf338
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/donate/ms_ptp_fr_q42021_sinema-letter?akid=33834.5935949.u59Tdt&amount=5&amounts=5%2C25%2C50%2C100%2C250&rd=1&refcode=MS_EM_FR-LTR_2021.11.14_B2_Sinema-Pass-Biden-Agenda_X__F1_S1_C1__main-15_RS&refcode2=33834_5935949_u59Tdt&t=4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 17:37:42 GMT
via
1.1 vegur, 1.1 varnish, 1.1 varnish
last-modified
Wed, 10 Nov 2021 19:57:02 GMT
age
156632
etag
W/"9fe9-17d0b6cd6b0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-start
2021-11-14 17:37:42.377
cache-control
max-age=31557600, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-encoding
gzip
content-length
16100
x-xss-protection
1; mode=block
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.6.1&utms=1&utmn=1828456349&utmhn=secure.actblue.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=A...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-159696-1&cid=1085851601.1636911462&jid=1598936024&_v=5.6.1&z=1828456349
35 B
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-159696-1&cid=1085851601.1636911462&jid=1598936024&_v=5.6.1&z=1828456349
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/donate/ms_ptp_fr_q42021_sinema-letter?akid=33834.5935949.u59Tdt&amount=5&amounts=5%2C25%2C50%2C100%2C250&rd=1&refcode=MS_EM_FR-LTR_2021.11.14_B2_Sinema-Pass-Biden-Agenda_X__F1_S1_C1__main-15_RS&refcode2=33834_5935949_u59Tdt&t=4
Protocol
H2
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 14 Nov 2021 17:37:43 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 14 Nov 2021 17:37:43 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-159696-1&cid=1085851601.1636911462&jid=1598936024&_v=5.6.1&z=1828456349
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
369
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
sessions.bugsnag.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Origin
https://secure.actblue.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-headers
Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods
POST
access-control-allow-origin
*
date
Sun, 14 Nov 2021 17:37:42 GMT
content-length
0
via
1.1 google
alt-svc
clear
/
sessions.bugsnag.com/ 		21 B
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version
1
Referer
https://secure.actblue.com/
Bugsnag-Sent-At
2021-11-14T17:37:42.882Z
Accept-Language
de-DE,de;q=0.9
Bugsnag-Api-Key
04c1a9de88bb73e22614162ba813a0b9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Sun, 14 Nov 2021 17:37:43 GMT
via
1.1 google
bugsnag-session-uuid
32b1fe18-a9e7-433c-a888-897325a70a84
alt-svc
clear
content-length
21
content-type
application/json
payment_methods.svg
secure.actblue.com/cf/static/ 		12 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.actblue.com/cf/static/payment_methods.svg
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/donate/ms_ptp_fr_q42021_sinema-letter?akid=33834.5935949.u59Tdt&amount=5&amounts=5%2C25%2C50%2C100%2C250&rd=1&refcode=MS_EM_FR-LTR_2021.11.14_B2_Sinema-Pass-Biden-Agenda_X__F1_S1_C1__main-15_RS&refcode2=33834_5935949_u59Tdt&t=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.174 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
99096f106b88e7ccc51d85cdb0004b3a46a0bbe089ed367ae69ef7c2f0be6d9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/donate/ms_ptp_fr_q42021_sinema-letter?akid=33834.5935949.u59Tdt&amount=5&amounts=5%2C25%2C50%2C100%2C250&rd=1&refcode=MS_EM_FR-LTR_2021.11.14_B2_Sinema-Pass-Biden-Agenda_X__F1_S1_C1__main-15_RS&refcode2=33834_5935949_u59Tdt&t=4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 17:37:42 GMT
via
1.1 vegur, 1.1 varnish, 1.1 varnish
last-modified
Wed, 10 Nov 2021 19:57:02 GMT
age
156631
etag
W/"2f05-17d0b6cd6b0"
vary
Accept-Encoding
content-type
image/svg+xml
x-start
2021-11-14 17:37:42.929
cache-control
max-age=31557600, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-encoding
gzip
content-length
4421
x-xss-protection
1; mode=block
js
www.paypal.com/sdk/ 		299 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?client-id=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&locale=en_US&disable-funding=credit,card&intent=capture&commit=false
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/8c798d2c0a655bdb6f81.js?form_app=us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ab847d1386069ab406a5fef736a761358a87273b12a6d6b5e80b949e7b3158a2
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-QZYDhcj8kVHNAhyWFnNFSDmPv1ltWJJq1hhKVZlBJqUULfwd' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-QZYDhcj8kVHNAhyWFnNFSDmPv1ltWJJq1hhKVZlBJqUULfwd' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-QZYDhcj8kVHNAhyWFnNFSDmPv1ltWJJq1hhKVZlBJqUULfwd' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-QZYDhcj8kVHNAhyWFnNFSDmPv1ltWJJq1hhKVZlBJqUULfwd' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
age
2304
via
1.1 varnish
x-cache
HIT
p3p
true
paypal-debug-id
f810113ea5f8d
server-timing
content-encoding;desc=gzip
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
91766
x-xss-protection
1; mode=block
x-served-by
cache-hhn4072-HHN
x-timer
S1636911463.987085,VS0,VE3
x-frame-options
SAMEORIGIN
date
Sun, 14 Nov 2021 17:37:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=10800
etag
W/"16676-N/oRh8qYqTnWOM2Dhw7OS67VZKQ"
accept-ranges
bytes
x-cache-hits
1
pay.js
pay.google.com/gp/p/js/ 		95 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/js/pay.js
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/8c798d2c0a655bdb6f81.js?form_app=us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2a6cdd76b5a6460f1bfab4619a56b1bbad0398792859100ad3f027510516d8a6
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-V+UkCafqzw0zLEo3ztXMKA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-V+UkCafqzw0zLEo3ztXMKA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 17:37:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
clear
x-xss-protection
0
server
ESF
cross-origin-opener-policy
same-origin; report-to="InstantbuyFrontendHttp"
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"InstantbuyFrontendHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendHttp/external"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=600
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-V+UkCafqzw0zLEo3ztXMKA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-V+UkCafqzw0zLEo3ztXMKA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport
expires
Sun, 14 Nov 2021 17:37:43 GMT
pptm.js
www.paypal.com/tagmanager/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=secure.actblue.com&t=xo&v=5.0.270&source=payments_sdk&client_id=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&vault=false
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&locale=en_US&disable-funding=credit,card&intent=capture&commit=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7d6fbe89e7424cb5067f919f876e4696c5d4e2bb0e71d773b3d95e28db715605
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-A1MzI5dUf8NFTzJgbixEbKdAYL7YWLtg7ecCCTxWYfMZrgSx' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-A1MzI5dUf8NFTzJgbixEbKdAYL7YWLtg7ecCCTxWYfMZrgSx' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
age
35270
x-cache
HIT
paypal-debug-id
f977549e6a960
server-timing
content-encoding;desc=gzip
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
4730
x-xss-protection
1; mode=block
x-served-by
cache-hhn4072-HHN
x-timer
S1636911463.028737,VS0,VE3
x-frame-options
SAMEORIGIN
date
Sun, 14 Nov 2021 17:37:43 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/x-javascript; charset=utf-8
via
1.1 varnish
cache-control
public, max-age=3600
etag
W/"34d0-uE8QiVsrJn3N3BJYq5iTx7hBLZ0"
accept-ranges
bytes
x-cache-hits
1
buttons
www.paypal.com/smart/ Frame 2035 		300 KB
126 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=44&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9keHR6cnRqYmRudnBuZGtpc3VyZmR2eG5lZ2h0bGwifX0&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&sdkCorrelationID=a03994ffc5974&storageID=uid_0bfedb1b8e_mtc6mzc6ndm&sessionID=uid_a41ccdaf9c_mtc6mzc6ndm&buttonSessionID=uid_3fa3f2deb2_mtc6mzc6ndm&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwibWVyY2hhbnRDb25maWdIYXNoIjoiOThjNjBhMjE5ZWJiMTRlMTMyNGMxNzc0ZThjNWE0ODcwMzUxNWYwOSIsInByb2R1Y3RzIjp7InBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1heGltYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&renderedButtons.1=sepa&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&locale=en_US&disable-funding=credit,card&intent=capture&commit=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c2bacef44f785d63cf211bed12f6f3a3c8997c75bcacaed69b87e845e41a9539
Security Headers
Name Value
Content-Security-Policy form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
content-disposition
inline
content-security-policy
form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html; charset=utf-8
etag
W/"4b096-BrLJAED6KlN27pIte3ezuSr/qwo"
p3p
true
paypal-debug-id
f8472988681ae
x-content-type-options
nosniff
x-csrf-jwt
__blank__
x-xss-protection
1; mode=block
dc
ccg11-origin-www-1.paypal.com
accept-ranges
none
date
Sun, 14 Nov 2021 17:37:43 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-served-by
cache-hhn4072-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1636911463.096718,VS0,VE330
vary
Accept-Encoding
content-encoding
br
truncated
/ Frame 0416 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 0416 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e0d38886fe77a4f965380f314f56745ee497d565a4918afb98fc0f8823de25b6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/svg+xml
muse.js
www.paypalobjects.com/muse/ 		55 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/muse.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=secure.actblue.com&t=xo&v=5.0.270&source=payments_sdk&client_id=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&vault=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
129737dfffcc16554dffd7d6dd3a57b6831c96a75d8acec4ea31709555115a53
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 17:37:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
paypal-debug-id
7e76a0d099cd6
dc
phx-origin-www-2.paypal.com
vary
Accept-Encoding
content-length
16424
x-served-by
cache-sjc10044-SJC, cache-hhn4054-HHN
last-modified
Thu, 19 Aug 2021 15:53:03 GMT
x-timer
S1636911463.134438,VS0,VE0
etag
W/"611e7e5f-da2c"
strict-transport-security
max-age=31557600
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
public,max-age=3600
accept-ranges
bytes
x-cache-hits
28045, 72
ts
t.paypal.com/ 		42 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3ANGJ83G9Z8QXZ8-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3ANGJ83G9Z8QXZ8-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=fe4dca86-323c-4442-b2a6-6bd13ac56ad7&fltp=analytics&mrid=NGJ83G9Z8QXZ8&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Progressive%20Turnout%20Project%20%E2%80%94%20Donate%20via%20ActBlue&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1636911463098&g=0&completeurl=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fms_ptp_fr_q42021_sinema-letter%3Fakid%3D33834.5935949.u59Tdt%26amount%3D5%26amounts%3D5%252C25%252C50%252C100%252C250%26rd%3D1%26refcode%3DMS_EM_FR-LTR_2021.11.14_B2_Sinema-Pass-Biden-Agenda_X__F1_S1_C1__main-15_RS%26refcode2%3D33834_5935949_u59Tdt%26t%3D4
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/donate/ms_ptp_fr_q42021_sinema-letter?akid=33834.5935949.u59Tdt&amount=5&amounts=5%2C25%2C50%2C100%2C250&rd=1&refcode=MS_EM_FR-LTR_2021.11.14_B2_Sinema-Pass-Biden-Agenda_X__F1_S1_C1__main-15_RS&refcode2=33834_5935949_u59Tdt&t=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 17:37:43 GMT
via
1.1 varnish
x-timer
S1636911463.140561,VS0,VE175
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
60706806257e5
expires
Sun, 14 Nov 2021 17:37:43 GMT
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-cache-hits
0
accept-ranges
bytes
content-type
image/gif
content-length
42
x-served-by
cache-hhn4026-HHN
payframe
pay.google.com/gp/p/ui/ Frame 32D5 		17 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fsecure.actblue.com&mid=
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b1a6fa6a2fd16122e577fdc6c364dea2aef0297f2a65d703f07a66b9f2b8ea64
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-CGTfX3abgj6OVTEIA+n6Tw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-CGTfX3abgj6OVTEIA+n6Tw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/

Response headers

content-type
text/html; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible
IE=edge
expires
Sun, 14 Nov 2021 17:37:43 GMT
date
Sun, 14 Nov 2021 17:37:43 GMT
cache-control
private, max-age=3600
strict-transport-security
max-age=31536000
cross-origin-resource-policy
same-site
cross-origin-opener-policy
same-origin; report-to="InstantbuyFrontendBuyflowPayframeUi"
report-to
{"group":"InstantbuyFrontendBuyflowPayframeUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayframeUi/external"}]}
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-CGTfX3abgj6OVTEIA+n6Tw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-CGTfX3abgj6OVTEIA+n6Tw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
clear
index.html
www.paypalobjects.com/muse/analytics/ Frame C90F 		54 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/analytics/index.html
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
12500d956b47de01bfe02a21db437ebbd7b462f54137f0a37b80992df7f5ce59
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/

Response headers

content-encoding
gzip
content-type
text/html
etag
W/"616f114f-d9ea"
last-modified
Tue, 19 Oct 2021 18:41:19 GMT
paypal-debug-id
e424b0eeae559
dc
ccg11-origin-www-1.paypal.com
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
date
Sun, 14 Nov 2021 17:37:43 GMT
x-served-by
cache-sjc10061-SJC, cache-hhn4054-HHN
x-cache
HIT, HIT
x-cache-hits
31830, 74
x-timer
S1636911463.153300,VS0,VE0
vary
Accept-Encoding
cache-control
public,max-age=3600
x-content-type-options
nosniff
strict-transport-security
max-age=31557600
content-length
16794
noop.js
www.paypalobjects.com/muse/ Frame C90F 		18 B
201 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/noop.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.paypalobjects.com/muse/analytics/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 17:37:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
paypal-debug-id
ef9c765e4af1c
x-cache-hits
31256, 46
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
38
x-served-by
cache-sjc10026-SJC, cache-hhn4054-HHN
last-modified
Sat, 13 Feb 2021 00:26:56 GMT
x-timer
S1636911463.197250,VS0,VE0
etag
"60271cd0-12"
strict-transport-security
max-age=31557600
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
public,max-age=3600
accept-ranges
bytes
x-client-location
DE
ts
t.paypal.com/ 		42 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3ANGJ83G9Z8QXZ8-1&page=muse%3Aoffer%3A%3A%3ANGJ83G9Z8QXZ8-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=fe4dca86-323c-4442-b2a6-6bd13ac56ad7&es=visitorInfoFlowStarted&mrid=NGJ83G9Z8QXZ8&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Progressive%20Turnout%20Project%20%E2%80%94%20Donate%20via%20ActBlue&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1636911463194&g=0&completeurl=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fms_ptp_fr_q42021_sinema-letter%3Fakid%3D33834.5935949.u59Tdt%26amount%3D5%26amounts%3D5%252C25%252C50%252C100%252C250%26rd%3D1%26refcode%3DMS_EM_FR-LTR_2021.11.14_B2_Sinema-Pass-Biden-Agenda_X__F1_S1_C1__main-15_RS%26refcode2%3D33834_5935949_u59Tdt%26t%3D4
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/donate/ms_ptp_fr_q42021_sinema-letter?akid=33834.5935949.u59Tdt&amount=5&amounts=5%2C25%2C50%2C100%2C250&rd=1&refcode=MS_EM_FR-LTR_2021.11.14_B2_Sinema-Pass-Biden-Agenda_X__F1_S1_C1__main-15_RS&refcode2=33834_5935949_u59Tdt&t=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 17:37:43 GMT
via
1.1 varnish
x-timer
S1636911463.201597,VS0,VE160
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
9f2ddd4bb3b51
expires
Sun, 14 Nov 2021 17:37:43 GMT
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-cache-hits
0
accept-ranges
bytes
content-type
image/gif
content-length
42
x-served-by
cache-hhn4026-HHN
graphql
www.paypal.com/targeting/ Frame C90F 		435 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/targeting/graphql
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
09a7ff9ae738a562ab38f48178f9ff7905e08b685c76680dc6b79c737254f410
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-UGyLpRhpEV/coz4cRLuzF3YtbbUNZTa08tzhBO5Ic7csxaAu' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypalobjects.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-UGyLpRhpEV/coz4cRLuzF3YtbbUNZTa08tzhBO5Ic7csxaAu' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via
1.1 varnish
vary
Accept-Encoding
x-cache
MISS
paypal-debug-id
f8472987a078f
date
Sun, 14 Nov 2021 17:37:43 GMT
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
x-served-by
cache-hhn4072-HHN
x-timer
S1636911463.417468,VS0,VE269
x-frame-options
SAMEORIGIN
etag
W/"1b3-r01onY644Zgz/3BfmKgpqut3E2k"
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypalobjects.com
content-encoding
br
access-control-expose-headers
Paypal-Debug-Id
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
none
x-cache-hits
0
graphql
www.paypal.com/targeting/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/targeting/graphql
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.paypalobjects.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.paypalobjects.com
access-control-expose-headers
Paypal-Debug-Id
cache-control
max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id
f847298e5bc72
dc
ccg11-origin-www-1.paypal.com
accept-ranges
bytes
date
Sun, 14 Nov 2021 17:37:43 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-served-by
cache-hhn4043-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1636911463.228967,VS0,VE176
cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 32D5 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/donate/ms_ptp_fr_q42021_sinema-letter?akid=33834.5935949.u59Tdt&amount=5&amounts=5%2C25%2C50%2C100%2C250&rd=1&refcode=MS_EM_FR-LTR_2021.11.14_B2_Sinema-Pass-Biden-Agenda_X__F1_S1_C1__main-15_RS&refcode2=33834_5935949_u59Tdt&t=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fsecure.actblue.com&mid=
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sun, 14 Nov 2021 17:37:43 GMT
referrer-policy
no-referrer
alt-svc
clear
content-length
1608
content-type
text/html; charset=UTF-8
m=_b,_tp
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.QSeeZLvOb9Q.es5.O/am=AgAB/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AM... Frame 32D5 		148 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.QSeeZLvOb9Q.es5.O/am=AgAB/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrgX68BmjTC6DCrmR088QWZA03oWEw/m=_b,_tp
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fsecure.actblue.com&mid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27873296fc74fcf7de331a0c0e3a7dc8bb8dbe8dedd7b73c3979e10a343caf00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 17:27:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
173390
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
52912
x-xss-protection
0
last-modified
Fri, 12 Nov 2021 05:24:19 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
expires
Sat, 12 Nov 2022 17:27:53 GMT
js
www.paypal.com/sdk/ Frame 2035 		299 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?client-id=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&locale=en_US&disable-funding=credit,card&intent=capture&commit=false
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=44&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9keHR6cnRqYmRudnBuZGtpc3VyZmR2eG5lZ2h0bGwifX0&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&sdkCorrelationID=a03994ffc5974&storageID=uid_0bfedb1b8e_mtc6mzc6ndm&sessionID=uid_a41ccdaf9c_mtc6mzc6ndm&buttonSessionID=uid_3fa3f2deb2_mtc6mzc6ndm&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwibWVyY2hhbnRDb25maWdIYXNoIjoiOThjNjBhMjE5ZWJiMTRlMTMyNGMxNzc0ZThjNWE0ODcwMzUxNWYwOSIsInByb2R1Y3RzIjp7InBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1heGltYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&renderedButtons.1=sepa&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ab847d1386069ab406a5fef736a761358a87273b12a6d6b5e80b949e7b3158a2
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-QZYDhcj8kVHNAhyWFnNFSDmPv1ltWJJq1hhKVZlBJqUULfwd' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-QZYDhcj8kVHNAhyWFnNFSDmPv1ltWJJq1hhKVZlBJqUULfwd' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.paypal.com/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=44&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9keHR6cnRqYmRudnBuZGtpc3VyZmR2eG5lZ2h0bGwifX0&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&sdkCorrelationID=a03994ffc5974&storageID=uid_0bfedb1b8e_mtc6mzc6ndm&sessionID=uid_a41ccdaf9c_mtc6mzc6ndm&buttonSessionID=uid_3fa3f2deb2_mtc6mzc6ndm&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwibWVyY2hhbnRDb25maWdIYXNoIjoiOThjNjBhMjE5ZWJiMTRlMTMyNGMxNzc0ZThjNWE0ODcwMzUxNWYwOSIsInByb2R1Y3RzIjp7InBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1heGltYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&renderedButtons.1=sepa&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-QZYDhcj8kVHNAhyWFnNFSDmPv1ltWJJq1hhKVZlBJqUULfwd' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-QZYDhcj8kVHNAhyWFnNFSDmPv1ltWJJq1hhKVZlBJqUULfwd' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
age
2305
via
1.1 varnish
x-cache
HIT
p3p
true
paypal-debug-id
f810113ea5f8d
server-timing
content-encoding;desc=gzip
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
91766
x-xss-protection
1; mode=block
x-served-by
cache-hhn4072-HHN
x-timer
S1636911464.583731,VS0,VE2
x-frame-options
SAMEORIGIN
date
Sun, 14 Nov 2021 17:37:43 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=10800
etag
W/"16676-N/oRh8qYqTnWOM2Dhw7OS67VZKQ"
accept-ranges
bytes
x-cache-hits
2
truncated
/ Frame 2035 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 2035 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e0d38886fe77a4f965380f314f56745ee497d565a4918afb98fc0f8823de25b6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/svg+xml
fb.js
c.paypal.com/da/r/ Frame 2035 		55 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/da/r/fb.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=44&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9keHR6cnRqYmRudnBuZGtpc3VyZmR2eG5lZ2h0bGwifX0&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&sdkCorrelationID=a03994ffc5974&storageID=uid_0bfedb1b8e_mtc6mzc6ndm&sessionID=uid_a41ccdaf9c_mtc6mzc6ndm&buttonSessionID=uid_3fa3f2deb2_mtc6mzc6ndm&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwibWVyY2hhbnRDb25maWdIYXNoIjoiOThjNjBhMjE5ZWJiMTRlMTMyNGMxNzc0ZThjNWE0ODcwMzUxNWYwOSIsInByb2R1Y3RzIjp7InBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1heGltYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&renderedButtons.1=sepa&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.53.164.154 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a84-53-164-154.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8ba56f6b8db4984684e70e96502fb1a4f4d436e22e147ad693f70e78c3921a41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
surrogate-control
max-age=31536000
paypal-debug-id
e5346b94d4fb3
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
19090
etag
W/"618e152e-db6d"
last-modified
Fri, 12 Nov 2021 07:18:06 GMT
date
Sun, 14 Nov 2021 17:37:44 GMT
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
access-control-allow-credentials
false
expires
Mon, 15 Nov 2021 17:37:44 GMT
logger
www.paypal.com/xoplatform/logger/api/ Frame 2035 		850 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=44&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9keHR6cnRqYmRudnBuZGtpc3VyZmR2eG5lZ2h0bGwifX0&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&sdkCorrelationID=a03994ffc5974&storageID=uid_0bfedb1b8e_mtc6mzc6ndm&sessionID=uid_a41ccdaf9c_mtc6mzc6ndm&buttonSessionID=uid_3fa3f2deb2_mtc6mzc6ndm&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwibWVyY2hhbnRDb25maWdIYXNoIjoiOThjNjBhMjE5ZWJiMTRlMTMyNGMxNzc0ZThjNWE0ODcwMzUxNWYwOSIsInByb2R1Y3RzIjp7InBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1heGltYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&renderedButtons.1=sepa&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
99a105a29a6cbd1bbb7789bde04ad8ccd27580cd39331e3540308a108915a0ce
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=44&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9keHR6cnRqYmRudnBuZGtpc3VyZmR2eG5lZ2h0bGwifX0&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&sdkCorrelationID=a03994ffc5974&storageID=uid_0bfedb1b8e_mtc6mzc6ndm&sessionID=uid_a41ccdaf9c_mtc6mzc6ndm&buttonSessionID=uid_3fa3f2deb2_mtc6mzc6ndm&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwibWVyY2hhbnRDb25maWdIYXNoIjoiOThjNjBhMjE5ZWJiMTRlMTMyNGMxNzc0ZThjNWE0ODcwMzUxNWYwOSIsInByb2R1Y3RzIjp7InBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1heGltYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&renderedButtons.1=sepa&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 14 Nov 2021 17:37:44 GMT
via
1.1 varnish
x-content-type-options
nosniff
x-cache
MISS
paypal-debug-id
f2743493bad47
strict-transport-security
max-age=63072000; includeSubDomains; preload
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-hhn4072-HHN
x-timer
S1636911464.124014,VS0,VE190
etag
W/"352-GnLhoPnzQGjxXJWHwkDys6TVRHw"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypal.com
content-encoding
br
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
none
x-cache-hits
0
i
c.paypal.com/v1/r/d/ Frame 8F1A 		160 B
920 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.53.164.154 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a84-53-164-154.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.paypal.com/

Response headers

correlation-id
402c37ac11291
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-length
160
content-security-policy-report-only
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html;charset=UTF-8
paypal-debug-id
402c37ac11291
x-content-type-options
nosniff
x-xss-protection
1; mode=block
date
Sun, 14 Nov 2021 17:37:44 GMT
counter2.cgi
dub.stats.paypal.com/v2/ Frame FBE6
Redirect Chain
  • https://b.stats.paypal.com/v2/counter.cgi?p=uid_a41ccdaf9c_mtc6mzc6ndm&s=SMART_PAYMENT_BUTTONS
  • https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_a41ccdaf9c_mtc6mzc6ndm&s=SMART_PAYMENT_BUTTONS
42 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_a41ccdaf9c_mtc6mzc6ndm&s=SMART_PAYMENT_BUTTONS
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=44&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9keHR6cnRqYmRudnBuZGtpc3VyZmR2eG5lZ2h0bGwifX0&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&sdkCorrelationID=a03994ffc5974&storageID=uid_0bfedb1b8e_mtc6mzc6ndm&sessionID=uid_a41ccdaf9c_mtc6mzc6ndm&buttonSessionID=uid_3fa3f2deb2_mtc6mzc6ndm&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwibWVyY2hhbnRDb25maWdIYXNoIjoiOThjNjBhMjE5ZWJiMTRlMTMyNGMxNzc0ZThjNWE0ODcwMzUxNWYwOSIsInByb2R1Y3RzIjp7InBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1heGltYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&renderedButtons.1=sepa&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true
Protocol
HTTP/1.1
Server
64.4.245.84 , United States, ASN17012 (PAYPAL, US),
Reverse DNS
Software
PayPal-B.Stats/1.0 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 17:37:44 GMT
Server
PayPal-B.Stats/1.0
Connection
close
Content-Length
42
Content-Type
image/jpeg

Redirect headers

Location
https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_a41ccdaf9c_mtc6mzc6ndm&s=SMART_PAYMENT_BUTTONS
Date
Sun, 14 Nov 2021 17:37:44 GMT
Server
PayPal-B.Stats/1.0
Connection
close
Content-Length
0
Content-Type
application/octet-stream
fb.js
c.paypal.com/da/r/ Frame 8F1A 		55 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/da/r/fb.js
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.53.164.154 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a84-53-164-154.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8ba56f6b8db4984684e70e96502fb1a4f4d436e22e147ad693f70e78c3921a41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
surrogate-control
max-age=31536000
paypal-debug-id
e5346b94d4fb3
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
19090
etag
W/"618e152e-db6d"
last-modified
Fri, 12 Nov 2021 07:18:06 GMT
date
Sun, 14 Nov 2021 17:37:44 GMT
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
access-control-allow-credentials
false
expires
Mon, 15 Nov 2021 17:37:44 GMT
p1
c.paypal.com/v1/r/d/b/ Frame 8F1A 		125 B
744 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/b/p1
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.53.164.154 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a84-53-164-154.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d420996886e3068968aacfee9a8396e5e96026a16c984f26f3e70f3864715ba5

Request headers

Referer
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

paypal-debug-id
773941e2c5e35
date
Sun, 14 Nov 2021 17:37:44 GMT
cache-control
max-age=0, no-cache, no-store, must-revalidate
correlation-id
773941e2c5e35
content-type
application/json
content-length
125
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
e
c.paypal.com/v1/r/d/b/ Frame 8F1A 		15 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/b/e
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.53.164.154 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a84-53-164-154.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d44c1f2a6531d774fda6e6eba865f1ba8aed10f372fe97f395895a8a1e1fa2a5

Request headers

Referer
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

paypal-debug-id
4a6019cdba7a9
date
Sun, 14 Nov 2021 17:37:44 GMT
cache-control
max-age=0, no-cache, no-store, must-revalidate
correlation-id
4a6019cdba7a9
content-length
15
content-type
application/json
p3
c6.paypal.com/v1/r/d/b/ Frame 8F1A 		0
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c6.paypal.com/v1/r/d/b/p3?f=uid_a41ccdaf9c_mtc6mzc6ndm&s=SMART_PAYMENT_BUTTONS
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/donate/ms_ptp_fr_q42021_sinema-letter?akid=33834.5935949.u59Tdt&amount=5&amounts=5%2C25%2C50%2C100%2C250&rd=1&refcode=MS_EM_FR-LTR_2021.11.14_B2_Sinema-Pass-Biden-Agenda_X__F1_S1_C1__main-15_RS&refcode2=33834_5935949_u59Tdt&t=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::291 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 17:37:44 GMT
via
1.1 varnish
correlation-id
4124ccf50d284
x-timer
S1636911464.418676,VS0,VE200
x-served-by
cache-hhn4065-HHN
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
paypal-debug-id
4124ccf50d284
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
0
x-cache-hits
0
logger
www.paypal.com/xoplatform/logger/api/ Frame 2035 		847 B
795 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&locale=en_US&disable-funding=credit,card&intent=capture&commit=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
579cddead8a32d7885393e9141f9e55d2b254bb567aa002d873a886909c2cae2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://www.paypal.com/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=44&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9keHR6cnRqYmRudnBuZGtpc3VyZmR2eG5lZ2h0bGwifX0&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&sdkCorrelationID=a03994ffc5974&storageID=uid_0bfedb1b8e_mtc6mzc6ndm&sessionID=uid_a41ccdaf9c_mtc6mzc6ndm&buttonSessionID=uid_3fa3f2deb2_mtc6mzc6ndm&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwibWVyY2hhbnRDb25maWdIYXNoIjoiOThjNjBhMjE5ZWJiMTRlMTMyNGMxNzc0ZThjNWE0ODcwMzUxNWYwOSIsInByb2R1Y3RzIjp7InBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1heGltYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&renderedButtons.1=sepa&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
content-type
application/json

Response headers

date
Sun, 14 Nov 2021 17:37:44 GMT
via
1.1 varnish
x-content-type-options
nosniff
x-cache
MISS
paypal-debug-id
f274349f387bc
strict-transport-security
max-age=63072000; includeSubDomains; preload
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-hhn4072-HHN
x-timer
S1636911464.416480,VS0,VE195
etag
W/"34f-NphQOFv8bgjveK7cI6P3GQ5UGF0"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypal.com
content-encoding
br
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
none
x-cache-hits
0
m=byfTOb,lsjVmc,LEikZe
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.QSeeZLvOb9Q.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.KuI... Frame 32D5 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.QSeeZLvOb9Q.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.KuIlsjPp1jU.L.B1.O/am=AgAB/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrj327ljlsYPxiDCQ6ar40fjrGFx4g/m=byfTOb,lsjVmc,LEikZe
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.QSeeZLvOb9Q.es5.O/am=AgAB/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrgX68BmjTC6DCrmR088QWZA03oWEw/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c022ffd6e0b2f9f0df2b649a37dc141fe2c9b979660c3fe33d2d6efc3eb7794
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 17:28:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
173333
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
13466
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 01:23:14 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
expires
Sat, 12 Nov 2022 17:28:53 GMT
m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.QSeeZLvOb9Q.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.KuI... Frame 32D5 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.QSeeZLvOb9Q.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.KuIlsjPp1jU.L.B1.O/am=AgAB/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrj327ljlsYPxiDCQ6ar40fjrGFx4g/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.QSeeZLvOb9Q.es5.O/am=AgAB/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrgX68BmjTC6DCrmR088QWZA03oWEw/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b9a4bc2f0f3c6dced7dea96969432e2b7f6317fa1039e72256ee8d7e79cdb6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 17:28:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
173333
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
27313
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 01:23:14 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
expires
Sat, 12 Nov 2022 17:28:53 GMT
/
api-js.mixpanel.com/track/ 		25 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-js.mixpanel.com/track/?verbose=1&ip=1&_=1636911467410
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.34.183 -, , ASN (),
Reverse DNS
Software
envoy /
Resource Hash
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains

Request headers

Referer
https://secure.actblue.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=604800; includeSubDomains
via
1.1 google
server
envoy
access-control-allow-headers
X-Requested-With
date
Sun, 14 Nov 2021 17:37:47 GMT
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://secure.actblue.com
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
11
alt-svc
clear
content-length
25
analytics.js
www.google-analytics.com/ Frame 32D5 		0
0
pay
pay.google.com/gp/p/ui/ Frame 32D5 		1 MB
335 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/pay
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.QSeeZLvOb9Q.es5.O/am=AgAB/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrgX68BmjTC6DCrmR088QWZA03oWEw/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
27802a9d870d78ed9e69991a171899f07932eb4d555acd3eeaf455e44c59827e
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-ZmERYZvvPjlIHOlv6dyfpQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-ZmERYZvvPjlIHOlv6dyfpQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
alt-svc
clear
x-xss-protection
0
x-ua-compatible
IE=edge
server
ESF
cross-origin-opener-policy
unsafe-none; report-to="InstantbuyFrontendBuyflowPayUi"
date
Sun, 14 Nov 2021 17:37:47 GMT
x-frame-options
DENY
report-to
{"group":"InstantbuyFrontendBuyflowPayUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayUi/external"}]}
content-type
text/html; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
private, max-age=3600
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-ZmERYZvvPjlIHOlv6dyfpQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-ZmERYZvvPjlIHOlv6dyfpQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
expires
Sun, 14 Nov 2021 17:37:47 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google-analytics.com
URL
https://www.google-analytics.com/analytics.js

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| CF_CONFIG object| indigoListResponse object| preloadedState object| Bugsnag object| mixpanel object| actBlueConfig function| setImmediate function| clearImmediate object| actblue function| abConfigure object| webpackJsonp object| __core-js_shared__ object| core object| regeneratorRuntime object| tracker function| PERSIST object| SafeDDLogs object| SafeMixpanel string| MODE object| _gaq object| DD_LOGS object| _gat object| gaGlobal string| _user_id string| _session_id object| _sift object| __post_robot_10_0_44___uid_dxtzrtjbdnvpndkisurfdvxneghtll object| paypal object| __zoid_9_0_82___uid_dxtzrtjbdnvpndkisurfdvxneghtll object| paypalDDL string| PaypalOffersObject function| ppq object| a object| b object| c string| d object| denylistedDomainsHashedValueListForGpayButtonWithCardInfo object| whitelistedDomainsHashedValueListForGpayButtonWithCardInfo object| denylistedMerchentIdsHashedValueListForGpayButtonWithCardInfo object| google object| __post_robot_10_0_44__ object| PAYPAL

26 Cookies

Domain/Path Name / Value
secure.actblue.com/cf/assets/app-css Name: skip_prefill_check
Value: true
secure.actblue.com/cf/assets/app Name: skip_prefill_check
Value: true
secure.actblue.com/cf/assets Name: skip_prefill_check
Value: true
secure.actblue.com/cf/static Name: skip_prefill_check
Value: true
secure.actblue.com/donate Name: skip_prefill_check
Value: true
.actblue.com/ Name: mp_1498bce7991dd9e45621a9bf2dbfa01b_mixpanel
Value: %7B%22distinct_id%22%3A%20%2217d1f86b80c7a0-085cb6d94c6208-57b193e-1d4c00-17d1f86b80df1c%22%2C%22%24device_id%22%3A%20%2217d1f86b80c7a0-085cb6d94c6208-57b193e-1d4c00-17d1f86b80df1c%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
secure.actblue.com/ Name: _dd_s
Value: logs=1&id=ddbaa87d-bce6-47c1-8f13-80ec4622f315&created=1636911462419&expire=1636912362419
.actblue.com/ Name: __utma
Value: 88171332.1085851601.1636911462.1636911462.1636911462.1
.actblue.com/ Name: __utmc
Value: 88171332
.actblue.com/ Name: __utmz
Value: 88171332.1636911462.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.actblue.com/ Name: __utmt
Value: 1
.actblue.com/ Name: __utmb
Value: 88171332.1.10.1636911462
.secure.actblue.com/ Name: _session_id
Value: 7e2060a58d5275b506cda073d896adc4
.google.com/ Name: NID
Value: 511=bhIslRce2HWgNnvXBOiUp1yW9HZNQYHt8HVXOj6LbnkdNOKpklZaKF3NFilr1O2aNtOlPngz8pY8De3ghKW1Atj5R5oCMvglZuBitFkq9Me-pLMEEyMLB82YicZuwljytC1gx08CE8pexnam5Xxfk0qZB7EZ9OmPJAnYHT-4tgM
.paypalobjects.com/ Name: paypal-offers--country
Value: DE
.paypal.com/ Name: l7_az
Value: dcg13.slc
.paypal.com/ Name: LANG
Value: de_DE%3BDE
.paypal.com/ Name: enforce_policy
Value: gdpr_v2.1
.paypal.com/ Name: x-pp-s
Value: eyJ0IjoiMTYzNjkxMTQ2MzU5NSIsImwiOiIwIiwibSI6IjAifQ
www.paypal.com/ Name: nsid
Value: s%3AHKuBaMZWI3hNxI4qdi60KdgntjoQyfPG.04zPIjVuCSZth%2BgKy3wc%2BBF4cnOWJhNeky8B3gO3wVs
.paypalobjects.com/ Name: paypal-offers--cust
Value: null:null:null
.paypal.com/ Name: tsrce
Value: loggernodeweb
.paypal.com/ Name: ts
Value: vreXpYrS%3D1731605864%26vteXpYrS%3D1636913264%26vr%3D1f86bf1b17d0a78062294f9efe7f9a0d%26vt%3D1f86bf1b17d0a78062294f9efe7f9a0c%26vtyp%3Dnew
.paypal.com/ Name: ts_c
Value: vr%3D1f86bf1b17d0a78062294f9efe7f9a0d%26vt%3D1f86bf1b17d0a78062294f9efe7f9a0c
.c.paypal.com/ Name: sc_f
Value: uENgaJ6SuZmVedUksPuBTrnO_FCG_WOQRvwXMaTrcDbZ2GW6K9YEqJpLJrLUTKclzzHAzCHTSg2XSd2fIZu64nVrxb-mbgcqeHqy8m
.paypal.com/ Name: KHcl0EuY7AKSMgfvHl7J5E7hPtK
Value: umrKZETM0xqX405Mqq7oqPetsKhrHuf30ZGVIpQ3kMksIjOTyws3UEsHV6yu6BKUDGMeoiEPu8OxlYVu

2 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'none'; report-uri /system/csp_reports
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

actblue-indigo-uploads.s3.amazonaws.com
action.turnoutpac.org
api-js.mixpanel.com
b.stats.paypal.com
c.paypal.com
c6.paypal.com
cdn.mxpnl.com
dub.stats.paypal.com
pay.google.com
secure.actblue.com
sessions.bugsnag.com
ssl.google-analytics.com
stats.g.doubleclick.net
t.paypal.com
www.datadoghq-browser-agent.com
www.google-analytics.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
www.google-analytics.com
13.32.59.64
130.211.34.183
151.101.128.174
151.101.129.21
151.101.193.35
151.101.2.133
2600:1901:0:7a0b::
2600:1901:0:bc29::
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2008
2a00:1450:400c:c07::9a
2a00:1450:400c:c0c::5c
2a04:4e42:200::291
52.217.101.108
54.177.12.238
64.4.245.84
84.53.164.154
0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154
09a7ff9ae738a562ab38f48178f9ff7905e08b685c76680dc6b79c737254f410
0a9cb64084bdf9f71e4760b56048e32e71998e452a1c082f9b8625bd95b048f1
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
12500d956b47de01bfe02a21db437ebbd7b462f54137f0a37b80992df7f5ce59
129737dfffcc16554dffd7d6dd3a57b6831c96a75d8acec4ea31709555115a53
17cfae24ba0c95e145cbce29f70149e7cbd8cb61a08c5fdc488b499390633d9b
1c022ffd6e0b2f9f0df2b649a37dc141fe2c9b979660c3fe33d2d6efc3eb7794
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b
27802a9d870d78ed9e69991a171899f07932eb4d555acd3eeaf455e44c59827e
27873296fc74fcf7de331a0c0e3a7dc8bb8dbe8dedd7b73c3979e10a343caf00
29ef30ed3e4b3a033d5a36916a847efa7a5c442343b6fba435d54744cdefadaa
2a6cdd76b5a6460f1bfab4619a56b1bbad0398792859100ad3f027510516d8a6
2f296e53be4eac867a029236bc702096dbcf439b2c8c326c5cc7fc920ae2aef1
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4b9a4bc2f0f3c6dced7dea96969432e2b7f6317fa1039e72256ee8d7e79cdb6a
579cddead8a32d7885393e9141f9e55d2b254bb567aa002d873a886909c2cae2
653e7cf0591c3856565188ac0fe9b6baa746f318b2cd4f205ac4e08a76edf338
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
7d6fbe89e7424cb5067f919f876e4696c5d4e2bb0e71d773b3d95e28db715605
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8ba56f6b8db4984684e70e96502fb1a4f4d436e22e147ad693f70e78c3921a41
912bc848d461e328a48863196601323b69ed445926c856f23a426efe674e67eb
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
99096f106b88e7ccc51d85cdb0004b3a46a0bbe089ed367ae69ef7c2f0be6d9e
99a105a29a6cbd1bbb7789bde04ad8ccd27580cd39331e3540308a108915a0ce
ab847d1386069ab406a5fef736a761358a87273b12a6d6b5e80b949e7b3158a2
b1a6fa6a2fd16122e577fdc6c364dea2aef0297f2a65d703f07a66b9f2b8ea64
c0a876e22dd207a67ea508bf2a41c88b3f98dbc7ebc1fd335ccf427bf39aa4ec
c0ed069a787638601bc7c7958e33a7ea7369d11e60f4ea8fc59763bbaa28e63a
c2bacef44f785d63cf211bed12f6f3a3c8997c75bcacaed69b87e845e41a9539
d041681ad7b48ebd3e8eaf22937c7235b8c1ea0cf9069ec2fb88dcd42d3f9588
d420996886e3068968aacfee9a8396e5e96026a16c984f26f3e70f3864715ba5
d44c1f2a6531d774fda6e6eba865f1ba8aed10f372fe97f395895a8a1e1fa2a5
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
e0d38886fe77a4f965380f314f56745ee497d565a4918afb98fc0f8823de25b6
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f85fca6cb9ff779d4e6e93e79c98a9072f9de1f57f7a1e0da0a5dd9d4776bef0