urlscan.io logo urlscan.io
SecurityTrails logo

secure.actblue.com Open in urlscan Pro
151.101.0.174  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://u1584542.ct.sendgrid.net/ss/c/wehEm_vu1NBVXOKYSqOxTOi34aJoCJC1EivM7Ih953z4l4el4U9iAHrPxd3d0OP-khyc6ACldVBNZGPi_V68HfWlR6O...
Effective URL: https://secure.actblue.com/donate/digitaladsfinalpush?refcode=&link_id=13&refcodeEmailReferrer=email_1289863&can_id=230e3af...
Submission: On September 14 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 13 domains to perform 36 HTTP transactions. The main IP is 151.101.0.174, located in United States and belongs to FASTLY, US. The main domain is secure.actblue.com.
TLS certificate: Issued by Sectigo RSA Extended Validation Secur... on October 22nd 2019. Valid for: 2 years.
This is the only time secure.actblue.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    167.89.115.54 (Herndon, United States)

ASN11377 (SENDGRID, US)
PTR: o16789115x54.outbound-mail.sendgrid.net
u1584542.ct.sendgrid.net
10    151.101.0.174 (United States)

ASN54113 (FASTLY, US)
secure.actblue.com
1    52.217.169.121 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
actblue-indigo-uploads.s3.amazonaws.com
1    2600:1901:0:bc29:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
cdn.mxpnl.com
4    2600:1901:0:7a0b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
sessions.bugsnag.com
1    13.32.159.211 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-159-211.cdg50.r.cloudfront.net
www.datadoghq-browser-agent.com
1    2a00:1450:4007:80e::2008 (Ireland)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    2a00:1450:400c:c00::9a (None, )

ASN- ()
stats.g.doubleclick.net
6    151.101.1.21 (None, )

ASN- ()
www.paypal.com
4    2a00:1450:400c:c04::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
pay.google.com
3    2a00:1450:4007:816::2003 (None, )

ASN- ()
www.gstatic.com
Domain Requested by
10 secure.actblue.com secure.actblue.com
6 www.paypal.com secure.actblue.com
www.paypal.com
4 pay.google.com secure.actblue.com
pay.google.com
www.gstatic.com
4 sessions.bugsnag.com secure.actblue.com
3 www.gstatic.com pay.google.com
www.gstatic.com
1 stats.g.doubleclick.net secure.actblue.com
1 ssl.google-analytics.com 1 redirects
1 www.datadoghq-browser-agent.com secure.actblue.com
1 cdn.mxpnl.com secure.actblue.com
1 actblue-indigo-uploads.s3.amazonaws.com secure.actblue.com
1 u1584542.ct.sendgrid.net 1 redirects
0 c.paypal.com Failed www.paypal.com
0 www.google-analytics.com Failed www.gstatic.com
0 t.paypal.com Failed secure.actblue.com
0 www.paypalobjects.com Failed www.paypal.com
0 api-js.mixpanel.com Failed www.datadoghq-browser-agent.com
36 16

This site contains no links.

Subject Issuer Validity Valid
secure.actblue.com
Sectigo RSA Extended Validation Secure Server CA		 2019-10-22 -
2021-10-21		 2 years crt.sh
*.s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2021-01-11 -
2022-02-11		 a year crt.sh
*.mxpnl.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-07-15 -
2022-07-28		 a year crt.sh
*.bugsnag.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-05 -
2022-05-05		 a year crt.sh
*.datadoghq-browser-agent.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-17 -
2022-03-17		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2021-07-07 -
2022-03-15		 8 months crt.sh
*.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://secure.actblue.com/donate/digitaladsfinalpush?refcode=&link_id=13&refcodeEmailReferrer=email_1289863&can_id=230e3af33b771992782e3e1bb7403544&source=email-re-make-sure-democratic-holdouts-constituents-see-these-ads&email_referrer=email_1289863&email_subject=re-make-sure-democratic-holdouts-constituents-see-these-ads
Frame ID: 9A107C7477D89288A5B2D4A60F9633CE
Requests: 22 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fsecure.actblue.com&mid=
Frame ID: 5542090EBAB34CE4B49FCC035E1B90F5
Requests: 7 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=44&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9keHR6cnRqYmRudnBuZGtpc3VyZmR2eG5lZ2h0bGwifX0&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&sdkCorrelationID=f356671c0fd93&storageID=uid_90b90a5910_mtc6mze6mja&sessionID=uid_5d084e12dc_mtc6mze6mja&buttonSessionID=uid_745c660cb4_mtc6mze6mja&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW40Ijp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH19fSwiY2FyZCI6eyJlbGlnaWJsZSI6ZmFsc2UsImJyYW5kZWQiOnRydWUsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJoaXBlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJlbG8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJqY2IiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9fX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOnRydWV9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&renderedButtons.1=sepa&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false
Frame ID: 4D4072A76A3BBB93ABC1A79D03FF62B5
Requests: 7 HTTP requests in this frame

Frame: data://truncated
Frame ID: D4C39F0CC9B0A06D2221E4D4F02EA183
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Coalition on Human Needs — Donate via AB Charities

Page URL History Show full URLs

  1. https://u1584542.ct.sendgrid.net/ss/c/wehEm_vu1NBVXOKYSqOxTOi34aJoCJC1EivM7Ih953z4l4el4U9iAHrPxd3d0OP-khyc6AC... HTTP 302
    https://secure.actblue.com/donate/digitaladsfinalpush?refcode=&link_id=13&refcodeEmailReferrer=email_12... Page URL

Detected technologies

Overall confidence: 75%
Detected patterns
Overall confidence: 100%
Detected patterns
  • pay\.google\.com/([a-z/]+)/pay\.js
Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns

Page Statistics

36
Requests

86 %
HTTPS

55 %
IPv6

13
Domains

16
Subdomains

10
IPs

3
Countries

1657 kB
Transfer

4804 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://u1584542.ct.sendgrid.net/ss/c/wehEm_vu1NBVXOKYSqOxTOi34aJoCJC1EivM7Ih953z4l4el4U9iAHrPxd3d0OP-khyc6ACldVBNZGPi_V68HfWlR6OBnMyA8DKcuubYTjC5SUun27LYzWmTbXxIjDh-Ldcirx2qJHGPGlqQUny1FMZ5cswJeGNaLR-fFIloWVGRQ_-UfyZfU1PW_qxtuRdwlvaIUBhwukEF_6rBrLfpCdT4dewFP2UiS2XXaySy6WHv49lndJ19l-eqDRqxGOns6OQoWorz4P3LZVnfLj9BSxRTLv7GtCMtEyav91jKB0fPX6Yqojdt1e9duPgw_I6q2Wpg67kk9nB_tGFKPyU3xYpeAhdd-5KTl2dChgsnovxENvfPz4z_OLT6OB3w54HnMMu-YoKqoMgLPUIenrDOowjVVmBJLMQnUnCLduMteIG9KlNIxuI6JsXYxs_AQ8Pv/3fb/18E_RWiJQE2ooZvbdFzaPg/h12/-bRhUfn1Tl1GuLO7vNPzXV79ufhqRB1QolS4safv4Ss HTTP 302
    https://secure.actblue.com/donate/digitaladsfinalpush?refcode=&link_id=13&refcodeEmailReferrer=email_1289863&can_id=230e3af33b771992782e3e1bb7403544&source=email-re-make-sure-democratic-holdouts-constituents-see-these-ads&email_referrer=email_1289863&email_subject=re-make-sure-democratic-holdouts-constituents-see-these-ads Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.6.1&utms=1&utmn=1692125312&utmhn=secure.actblue.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=ActBlue&utmhid=1850974290&utmr=-&utmp=%2Fdonate%2Fdigitaladsfinalpush%3Frefcode%3D%26link_id%3D13%26refcodeEmailReferrer%3Demail_1289863%26can_id%3D230e3af33b771992782e3e1bb7403544%26source%3Demail-re-make-sure-democratic-holdouts-constituents-see-these-ads%26email_referrer%3Demail_1289863%26email_subject%3Dre-make-sure-democratic-holdouts-constituents-see-these-ads&utmht=1631640670407&utmac=UA-159696-1&utmcc=__utma%3D88171332.640800434.1631640670.1631640670.1631640670.1%3B%2B__utmz%3D88171332.1631640670.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1256513311&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-159696-1&cid=640800434.1631640670&jid=1256513311&_v=5.6.1&z=1692125312

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request digitaladsfinalpush
secure.actblue.com/donate/
Redirect Chain
  • https://u1584542.ct.sendgrid.net/ss/c/wehEm_vu1NBVXOKYSqOxTOi34aJoCJC1EivM7Ih953z4l4el4U9iAHrPxd3d0OP-khyc6ACldVBNZGPi_V68HfWlR6OBnMyA8DKcuubYTjC5SUun27LYzWmTbXxIjDh-Ldcirx2qJHGPGlqQUny1FMZ5cswJeGN...
  • https://secure.actblue.com/donate/digitaladsfinalpush?refcode=&link_id=13&refcodeEmailReferrer=email_1289863&can_id=230e3af33b771992782e3e1bb7403544&source=email-re-make-sure-democratic-holdouts-co...
67 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.actblue.com/donate/digitaladsfinalpush?refcode=&link_id=13&refcodeEmailReferrer=email_1289863&can_id=230e3af33b771992782e3e1bb7403544&source=email-re-make-sure-democratic-holdouts-constituents-see-these-ads&email_referrer=email_1289863&email_subject=re-make-sure-democratic-holdouts-constituents-see-these-ads
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.174 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4b03e499dd87fd566f8f56724b0e2ab4e3a65eb44ad5ac1e8e3cdfa1fd526c6b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri /system/csp_reports
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
secure.actblue.com
:scheme
https
:path
/donate/digitaladsfinalpush?refcode=&link_id=13&refcodeEmailReferrer=email_1289863&can_id=230e3af33b771992782e3e1bb7403544&source=email-re-make-sure-democratic-holdouts-constituents-see-these-ads&email_referrer=email_1289863&email_subject=re-make-sure-democratic-holdouts-constituents-see-these-ads
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0
content-security-policy
frame-ancestors 'none'; report-uri /system/csp_reports
content-type
text/html; charset=utf-8
etag
W/"10d68-xoKQGAKwHhYDUmI1IjKmJQQftVU"
x-form-app
kittens! [Server: node: us]
x-frame-options
sameorigin
via
1.1 vegur, 1.1 varnish, 1.1 varnish
content-encoding
gzip
accept-ranges
bytes
date
Tue, 14 Sep 2021 17:31:09 GMT
age
3360
vary
Accept-Encoding
set-cookie
skip_prefill_check=true; Secure
x-robots-tag
noindex, nofollow
x-start
2021-09-14 17:31:09.996
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
content-length
18682

Redirect headers

Server
nginx
Date
Tue, 14 Sep 2021 17:30:59 GMT
Content-Type
text/html; charset=utf-8
Content-Length
371
Connection
keep-alive
Location
https://secure.actblue.com/donate/digitaladsfinalpush?refcode=&link_id=13&refcodeEmailReferrer=email_1289863&can_id=230e3af33b771992782e3e1bb7403544&source=email-re-make-sure-democratic-holdouts-constituents-see-these-ads&email_referrer=email_1289863&email_subject=re-make-sure-democratic-holdouts-constituents-see-these-ads
X-Robots-Tag
noindex, nofollow
8a85f61f096b0fca9a75.css
secure.actblue.com/cf/assets/app-css/ 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.actblue.com/cf/assets/app-css/8a85f61f096b0fca9a75.css?form_app=us
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/donate/digitaladsfinalpush?refcode=&link_id=13&refcodeEmailReferrer=email_1289863&can_id=230e3af33b771992782e3e1bb7403544&source=email-re-make-sure-democratic-holdouts-constituents-see-these-ads&email_referrer=email_1289863&email_subject=re-make-sure-democratic-holdouts-constituents-see-these-ads
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.174 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c0a876e22dd207a67ea508bf2a41c88b3f98dbc7ebc1fd335ccf427bf39aa4ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

:path
/cf/assets/app-css/8a85f61f096b0fca9a75.css?form_app=us
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
secure.actblue.com
referer
https://secure.actblue.com/donate/digitaladsfinalpush?refcode=&link_id=13&refcodeEmailReferrer=email_1289863&can_id=230e3af33b771992782e3e1bb7403544&source=email-re-make-sure-democratic-holdouts-constituents-see-these-ads&email_referrer=email_1289863&email_subject=re-make-sure-democratic-holdouts-constituents-see-these-ads
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/donate/digitaladsfinalpush?refcode=&link_id=13&refcodeEmailReferrer=email_1289863&can_id=230e3af33b771992782e3e1bb7403544&source=email-re-make-sure-democratic-holdouts-constituents-see-these-ads&email_referrer=email_1289863&email_subject=re-make-sure-democratic-holdouts-constituents-see-these-ads
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 17:31:10 GMT
via
1.1 vegur, 1.1 varnish, 1.1 varnish
last-modified
Tue, 14 Sep 2021 16:28:21 GMT
age
3408
etag
W/"5539-17be5234c88"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
x-start
2021-09-14 17:31:10.067
set-cookie
skip_prefill_check=true; Secure
cache-control
max-age=31557600, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-encoding
gzip
content-length
5073
x-xss-protection
1; mode=block
82bfb876-56d8-4097-a06a-00b4709a7e4b-CHNLogo.png
actblue-indigo-uploads.s3.amazonaws.com/uploads/list-editor/brandings/67707/header/image_url/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://actblue-indigo-uploads.s3.amazonaws.com/uploads/list-editor/brandings/67707/header/image_url/82bfb876-56d8-4097-a06a-00b4709a7e4b-CHNLogo.png
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/donate/digitaladsfinalpush?refcode=&link_id=13&refcodeEmailReferrer=email_1289863&can_id=230e3af33b771992782e3e1bb7403544&source=email-re-make-sure-democratic-holdouts-constituents-see-these-ads&email_referrer=email_1289863&email_subject=re-make-sure-democratic-holdouts-constituents-see-these-ads
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.169.121 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
6f5a08c8c6e98e8bdec93f86227ffee2d8781f4c0af130dfec0a7540d7dee75f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 14 Sep 2021 17:31:16 GMT
Last-Modified
Wed, 18 Mar 2020 18:49:03 GMT
Server
AmazonS3
x-amz-request-id
VEN1K0WN23WNS1RQ
ETag
"32f2a4adbb43b34d5301f58cb37e5345"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
27189
x-amz-id-2
xIS+T7TeDSoiz3TByxHQ9E+If58ZShL9CqeQVMoJKoHJvGBslNBU+RMOS5qRS2jzfD9AGdH1WJA=
vnLBfOAlRxMsmoql55rWieKDhej_lr39FwVhzUKZd7n0MHc0fobLR8QBWlJ9-f23db0ab
secure.actblue.com/x/object/actblue-cyanotypes/replaced_images/list/698630/ 		110 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.actblue.com/x/object/actblue-cyanotypes/replaced_images/list/698630/vnLBfOAlRxMsmoql55rWieKDhej_lr39FwVhzUKZd7n0MHc0fobLR8QBWlJ9-f23db0ab
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/donate/digitaladsfinalpush?refcode=&link_id=13&refcodeEmailReferrer=email_1289863&can_id=230e3af33b771992782e3e1bb7403544&source=email-re-make-sure-democratic-holdouts-constituents-see-these-ads&email_referrer=email_1289863&email_subject=re-make-sure-democratic-holdouts-constituents-see-these-ads
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.174 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a87434b50390b134f29f73c5878fe48224c07d451fe5a624a185099eb5409cfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

:path
/x/object/actblue-cyanotypes/replaced_images/list/698630/vnLBfOAlRxMsmoql55rWieKDhej_lr39FwVhzUKZd7n0MHc0fobLR8QBWlJ9-f23db0ab
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
secure.actblue.com
referer
https://secure.actblue.com/donate/digitaladsfinalpush?refcode=&link_id=13&refcodeEmailReferrer=email_1289863&can_id=230e3af33b771992782e3e1bb7403544&source=email-re-make-sure-democratic-holdouts-constituents-see-these-ads&email_referrer=email_1289863&email_subject=re-make-sure-democratic-holdouts-constituents-see-these-ads
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/donate/digitaladsfinalpush?refcode=&link_id=13&refcodeEmailReferrer=email_1289863&can_id=230e3af33b771992782e3e1bb7403544&source=email-re-make-sure-democratic-holdouts-constituents-see-these-ads&email_referrer=email_1289863&email_subject=re-make-sure-democratic-holdouts-constituents-see-these-ads
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
am7jbC8SrGYP49eXiqHiNfzKKkCMsXRP
via
1.1 varnish
etag
"c4a266e95e8b2f26769d195c78715de7"
age
154
x-start
2021-09-14 17:31:10.091
x-amz-replication-status
COMPLETED
content-disposition
attachment; filename="vnLBfOAlRxMsmoql55rWieKDhej_lr39FwVhzUKZd7n0MHc0fobLR8QBWlJ9SWE5A7hLvVyrJooFUf5KrNcsAxrtNd8QbBQ4OFJa_Rpohws1DLP70LSJ61s78_cKcSzAnFYG3xtd=s0"
content-length
112362
x-amz-id-2
4U2At8qNuupVSUCCAvW1v0aR63JicNq/1mppYelAtB0LIgwaYcmn02J98vzXVBn7vQ2FCyBD36g=
last-modified
Sun, 12 Sep 2021 18:18:47 GMT
date
Tue, 14 Sep 2021 17:31:10 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
71PH2Y6CQMN6MS02
x-xss-protection
1; mode=block
cache-control
max-age=2678405
accept-ranges
bytes
content-type
image/png
8a85f61f096b0fca9a75.js
secure.actblue.com/cf/assets/app/ 		2 MB
467 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.actblue.com/cf/assets/app/8a85f61f096b0fca9a75.js?form_app=us
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/donate/digitaladsfinalpush?refcode=&link_id=13&refcodeEmailReferrer=email_1289863&can_id=230e3af33b771992782e3e1bb7403544&source=email-re-make-sure-democratic-holdouts-constituents-see-these-ads&email_referrer=email_1289863&email_subject=re-make-sure-democratic-holdouts-constituents-see-these-ads
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.174 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8190a44121863e260b4e9f3f2025072964bf566240e96f67a0ee2505231c42b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

:path
/cf/assets/app/8a85f61f096b0fca9a75.js?form_app=us
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
secure.actblue.com
referer
https://secure.actblue.com/donate/digitaladsfinalpush?refcode=&link_id=13&refcodeEmailReferrer=email_1289863&can_id=230e3af33b771992782e3e1bb7403544&source=email-re-make-sure-democratic-holdouts-constituents-see-these-ads&email_referrer=email_1289863&email_subject=re-make-sure-democratic-holdouts-constituents-see-these-ads
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/donate/digitaladsfinalpush?refcode=&link_id=13&refcodeEmailReferrer=email_1289863&can_id=230e3af33b771992782e3e1bb7403544&source=email-re-make-sure-democratic-holdouts-constituents-see-these-ads&email_referrer=email_1289863&email_subject=re-make-sure-democratic-holdouts-constituents-see-these-ads
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 17:31:10 GMT
via
1.1 vegur, 1.1 varnish, 1.1 varnish
last-modified
Tue, 14 Sep 2021 16:28:21 GMT
age
3408
etag
W/"1a91da-17be5234c88"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-start
2021-09-14 17:31:10.087
set-cookie
skip_prefill_check=true; Secure
cache-control
max-age=31557600, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-encoding
gzip
content-length
477660
x-xss-protection
1; mode=block
mixpanel-2-latest.min.js
cdn.mxpnl.com/libs/ 		75 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/donate/digitaladsfinalpush?refcode=&link_id=13&refcodeEmailReferrer=email_1289863&can_id=230e3af33b771992782e3e1bb7403544&source=email-re-make-sure-democratic-holdouts-constituents-see-these-ads&email_referrer=email_1289863&email_subject=re-make-sure-democratic-holdouts-constituents-see-these-ads
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:bc29:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
07bf87548212f24057ba352fed5ec567dab724b44a7fc88ddc393cbc7706d033

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 17:26:17 GMT
content-encoding
gzip
age
298
x-guploader-uploadid
ADPycdsCrqYzqFUoDIKdpnHtDGBJPj3Hw-QYl7cKUrivXwTDeXbJ7Nb17wKWusVY2-VrTr9Q3k1_5JyAd39IecE7jLcVrPzesA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
25572
last-modified
Thu, 28 Jan 2021 18:21:54 GMT
server
UploadServer
etag
"765779983eed1c9fc2821b4507eea08b"
vary
Accept-Encoding
x-goog-hash
crc32c=kP//+g==, md5=dld5mD7tHJ/CghtFB+6giw==
x-goog-generation
1611858114590219
access-control-allow-origin
*
cache-control
public,max-age=600
x-goog-stored-content-length
25572
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 14 Sep 2021 17:36:17 GMT
digitaladsfinalpush
secure.actblue.com/donate/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.actblue.com/donate/digitaladsfinalpush?refcode=&link_id=13&refcodeEmailReferrer=email_1289863&can_id=230e3af33b771992782e3e1bb7403544&source=email-re-make-sure-democratic-holdouts-constituents-see-these-ads&email_referrer=email_1289863&email_subject=re-make-sure-democratic-holdouts-constituents-see-these-ads
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/donate/digitaladsfinalpush?refcode=&link_id=13&refcodeEmailReferrer=email_1289863&can_id=230e3af33b771992782e3e1bb7403544&source=email-re-make-sure-democratic-holdouts-constituents-see-these-ads&email_referrer=email_1289863&email_subject=re-make-sure-democratic-holdouts-constituents-see-these-ads
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.174 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri /system/csp_reports
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

:path
/donate/digitaladsfinalpush?refcode=&link_id=13&refcodeEmailReferrer=email_1289863&can_id=230e3af33b771992782e3e1bb7403544&source=email-re-make-sure-democratic-holdouts-constituents-see-these-ads&email_referrer=email_1289863&email_subject=re-make-sure-democratic-holdouts-constituents-see-these-ads
pragma
no-cache
cookie
skip_prefill_check=true
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
secure.actblue.com
referer
https://secure.actblue.com/donate/digitaladsfinalpush?refcode=&link_id=13&refcodeEmailReferrer=email_1289863&can_id=230e3af33b771992782e3e1bb7403544&source=email-re-make-sure-democratic-holdouts-constituents-see-these-ads&email_referrer=email_1289863&email_subject=re-make-sure-democratic-holdouts-constituents-see-these-ads
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/donate/digitaladsfinalpush?refcode=&link_id=13&refcodeEmailReferrer=email_1289863&can_id=230e3af33b771992782e3e1bb7403544&source=email-re-make-sure-democratic-holdouts-constituents-see-these-ads&email_referrer=email_1289863&email_subject=re-make-sure-democratic-holdouts-constituents-see-these-ads
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'none'; report-uri /system/csp_reports
via
1.1 vegur, 1.1 varnish, 1.1 varnish
etag
W/"10d68-xoKQGAKwHhYDUmI1IjKmJQQftVU"
age
3360
x-start
2021-09-14 17:31:10.092
content-encoding
gzip
vary
Accept-Encoding
content-length
18682
x-xss-protection
1; mode=block
x-frame-options
sameorigin
date
Tue, 14 Sep 2021 17:31:10 GMT
strict-transport-security
max-age=31536000
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, must-revalidate, max-age=0
set-cookie
skip_prefill_check=true; Secure
accept-ranges
bytes
x-robots-tag
noindex, nofollow
x-form-app
kittens! [Server: node: us]
/
sessions.bugsnag.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Protocol
H2
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Origin
https://secure.actblue.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-headers
Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods
POST
access-control-allow-origin
*
date
Tue, 14 Sep 2021 17:31:15 GMT
content-length
0
via
1.1 google
alt-svc
clear
digitaladsfinalpush
secure.actblue.com/donate/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.actblue.com/donate/digitaladsfinalpush?refcode=&link_id=13&refcodeEmailReferrer=email_1289863&can_id=230e3af33b771992782e3e1bb7403544&source=email-re-make-sure-democratic-holdouts-constituents-see-these-ads&email_referrer=email_1289863&email_subject=re-make-sure-democratic-holdouts-constituents-see-these-ads
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/donate/digitaladsfinalpush?refcode=&link_id=13&refcodeEmailReferrer=email_1289863&can_id=230e3af33b771992782e3e1bb7403544&source=email-re-make-sure-democratic-holdouts-constituents-see-these-ads&email_referrer=email_1289863&email_subject=re-make-sure-democratic-holdouts-constituents-see-these-ads
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.174 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri /system/csp_reports
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

:path
/donate/digitaladsfinalpush?refcode=&link_id=13&refcodeEmailReferrer=email_1289863&can_id=230e3af33b771992782e3e1bb7403544&source=email-re-make-sure-democratic-holdouts-constituents-see-these-ads&email_referrer=email_1289863&email_subject=re-make-sure-democratic-holdouts-constituents-see-these-ads
pragma
no-cache
cookie
skip_prefill_check=true
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
secure.actblue.com
referer
https://secure.actblue.com/donate/digitaladsfinalpush?refcode=&link_id=13&refcodeEmailReferrer=email_1289863&can_id=230e3af33b771992782e3e1bb7403544&source=email-re-make-sure-democratic-holdouts-constituents-see-these-ads&email_referrer=email_1289863&email_subject=re-make-sure-democratic-holdouts-constituents-see-these-ads
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/donate/digitaladsfinalpush?refcode=&link_id=13&refcodeEmailReferrer=email_1289863&can_id=230e3af33b771992782e3e1bb7403544&source=email-re-make-sure-democratic-holdouts-constituents-see-these-ads&email_referrer=email_1289863&email_subject=re-make-sure-democratic-holdouts-constituents-see-these-ads
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'none'; report-uri /system/csp_reports
via
1.1 vegur, 1.1 varnish, 1.1 varnish
etag
W/"10d68-xoKQGAKwHhYDUmI1IjKmJQQftVU"
age
3360
x-start
2021-09-14 17:31:10.219
content-encoding
gzip
vary
Accept-Encoding
content-length
18682
x-xss-protection
1; mode=block
x-frame-options
sameorigin
date
Tue, 14 Sep 2021 17:31:10 GMT
strict-transport-security
max-age=31536000
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, must-revalidate, max-age=0
set-cookie
skip_prefill_check=true; Secure
accept-ranges
bytes
x-robots-tag
noindex, nofollow
x-form-app
kittens! [Server: node: us]
/
sessions.bugsnag.com/ 		21 B
140 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/8a85f61f096b0fca9a75.js?form_app=us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version
1
Referer
https://secure.actblue.com/
Bugsnag-Sent-At
2021-09-14T17:31:10.230Z
Accept-Language
de-DE,de;q=0.9
Bugsnag-Api-Key
04c1a9de88bb73e22614162ba813a0b9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Tue, 14 Sep 2021 17:31:15 GMT
via
1.1 google
bugsnag-session-uuid
5bc24de3-ad71-4c2a-b92d-217f41ef0908
alt-svc
clear
content-length
21
content-type
application/json
datadog-logs.js
www.datadoghq-browser-agent.com/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.datadoghq-browser-agent.com/datadog-logs.js
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/8a85f61f096b0fca9a75.js?form_app=us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.159.211 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-159-211.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
912bc848d461e328a48863196601323b69ed445926c856f23a426efe674e67eb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 17:30:44 GMT
content-encoding
br
last-modified
Tue, 27 Jul 2021 15:01:20 GMT
server
AmazonS3
age
31
etag
W/"9eb57181f3149e3310d96317ef9188ac"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 fbfe4f7df377f4abad1b2d1f2570400f.cloudfront.net (CloudFront)
cache-control
max-age=14400, s-maxage=60
x-amz-cf-pop
CDG50-C2
x-amz-cf-id
MffTBHyL93SaF20lmlOJiFVZj9CbAFq3_fnP1SxY1BONrRQJhijajg==
auth_token
secure.actblue.com/api/cf/ 		104 B
504 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://secure.actblue.com/api/cf/auth_token
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/8a85f61f096b0fca9a75.js?form_app=us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.174 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
237ea4f3758fd224159a649153c5e8c20c85081f3886dffbc6df7d0cb5b0ca66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/api/cf/auth_token
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
secure.actblue.com
referer
https://secure.actblue.com/donate/digitaladsfinalpush?refcode=&link_id=13&refcodeEmailReferrer=email_1289863&can_id=230e3af33b771992782e3e1bb7403544&source=email-re-make-sure-democratic-holdouts-constituents-see-these-ads&email_referrer=email_1289863&email_subject=re-make-sure-democratic-holdouts-constituents-see-these-ads
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/donate/digitaladsfinalpush?refcode=&link_id=13&refcodeEmailReferrer=email_1289863&can_id=230e3af33b771992782e3e1bb7403544&source=email-re-make-sure-democratic-holdouts-constituents-see-these-ads&email_referrer=email_1289863&email_subject=re-make-sure-democratic-holdouts-constituents-see-these-ads
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 17:31:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
status
200 OK
strict-transport-security
max-age=31536000
content-length
130
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
x-start
2021-09-14 17:31:10.353
x-frame-options
SAMEORIGIN
etag
W/"237ea4f3758fd224159a649153c5e8c2"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/json; charset=utf-8
via
1.1 varnish
cache-control
no-cache, no-store
set-cookie
_session_id=58682f4d144eac6e07c2e49be80a9509; domain=secure.actblue.com; path=/; expires=Tue, 14 Sep 2021 18:31:10 GMT; secure; HttpOnly
accept-ranges
bytes
ga.js
secure.actblue.com/cf/static/ 		40 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.actblue.com/cf/static/ga.js
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/donate/digitaladsfinalpush?refcode=&link_id=13&refcodeEmailReferrer=email_1289863&can_id=230e3af33b771992782e3e1bb7403544&source=email-re-make-sure-democratic-holdouts-constituents-see-these-ads&email_referrer=email_1289863&email_subject=re-make-sure-democratic-holdouts-constituents-see-these-ads
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.174 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
653e7cf0591c3856565188ac0fe9b6baa746f318b2cd4f205ac4e08a76edf338
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

:path
/cf/static/ga.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
secure.actblue.com
referer
https://secure.actblue.com/donate/digitaladsfinalpush?refcode=&link_id=13&refcodeEmailReferrer=email_1289863&can_id=230e3af33b771992782e3e1bb7403544&source=email-re-make-sure-democratic-holdouts-constituents-see-these-ads&email_referrer=email_1289863&email_subject=re-make-sure-democratic-holdouts-constituents-see-these-ads
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/donate/digitaladsfinalpush?refcode=&link_id=13&refcodeEmailReferrer=email_1289863&can_id=230e3af33b771992782e3e1bb7403544&source=email-re-make-sure-democratic-holdouts-constituents-see-these-ads&email_referrer=email_1289863&email_subject=re-make-sure-democratic-holdouts-constituents-see-these-ads
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 17:31:10 GMT
via
1.1 vegur, 1.1 varnish, 1.1 varnish
last-modified
Tue, 14 Sep 2021 16:21:42 GMT
age
3408
etag
W/"9fe9-17be51d35f0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-start
2021-09-14 17:31:10.369
set-cookie
skip_prefill_check=true; Secure
cache-control
max-age=31557600, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-encoding
gzip
content-length
16100
x-xss-protection
1; mode=block
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.6.1&utms=1&utmn=1692125312&utmhn=secure.actblue.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=A...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-159696-1&cid=640800434.1631640670&jid=1256513311&_v=5.6.1&z=1692125312
35 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-159696-1&cid=640800434.1631640670&jid=1256513311&_v=5.6.1&z=1692125312
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/donate/digitaladsfinalpush?link_id=13&refcodeEmailReferrer=email_1289863&can_id=230e3af33b771992782e3e1bb7403544&source=email-re-make-sure-democratic-holdouts-constituents-see-these-ads&email_referrer=email_1289863&email_subject=re-make-sure-democratic-holdouts-constituents-see-these-ads
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 14 Sep 2021 17:31:20 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 14 Sep 2021 17:31:15 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-159696-1&cid=640800434.1631640670&jid=1256513311&_v=5.6.1&z=1692125312
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
368
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
sessions.bugsnag.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Protocol
H2
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Origin
https://secure.actblue.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-headers
Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods
POST
access-control-allow-origin
*
date
Tue, 14 Sep 2021 17:31:15 GMT
content-length
0
via
1.1 google
alt-svc
clear
/
sessions.bugsnag.com/ 		21 B
111 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/8a85f61f096b0fca9a75.js?form_app=us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version
1
Referer
https://secure.actblue.com/
Bugsnag-Sent-At
2021-09-14T17:31:10.606Z
Accept-Language
de-DE,de;q=0.9
Bugsnag-Api-Key
04c1a9de88bb73e22614162ba813a0b9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Tue, 14 Sep 2021 17:31:15 GMT
via
1.1 google
bugsnag-session-uuid
78a67995-d400-4fdc-bca8-eff51103a762
alt-svc
clear
content-length
21
content-type
application/json
digitaladsfinalpush
secure.actblue.com/donate/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.actblue.com/donate/digitaladsfinalpush?refcode=&link_id=13&refcodeEmailReferrer=email_1289863&can_id=230e3af33b771992782e3e1bb7403544&source=email-re-make-sure-democratic-holdouts-constituents-see-these-ads&email_referrer=email_1289863&email_subject=re-make-sure-democratic-holdouts-constituents-see-these-ads
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/donate/digitaladsfinalpush?link_id=13&refcodeEmailReferrer=email_1289863&can_id=230e3af33b771992782e3e1bb7403544&source=email-re-make-sure-democratic-holdouts-constituents-see-these-ads&email_referrer=email_1289863&email_subject=re-make-sure-democratic-holdouts-constituents-see-these-ads
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.174 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri /system/csp_reports
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

:path
/donate/digitaladsfinalpush?refcode=&link_id=13&refcodeEmailReferrer=email_1289863&can_id=230e3af33b771992782e3e1bb7403544&source=email-re-make-sure-democratic-holdouts-constituents-see-these-ads&email_referrer=email_1289863&email_subject=re-make-sure-democratic-holdouts-constituents-see-these-ads
pragma
no-cache
cookie
skip_prefill_check=true; __utma=88171332.640800434.1631640670.1631640670.1631640670.1; __utmc=88171332; __utmz=88171332.1631640670.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=88171332.1.10.1631640670; _session_id=58682f4d144eac6e07c2e49be80a9509
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
secure.actblue.com
referer
https://secure.actblue.com/donate/digitaladsfinalpush?link_id=13&refcodeEmailReferrer=email_1289863&can_id=230e3af33b771992782e3e1bb7403544&source=email-re-make-sure-democratic-holdouts-constituents-see-these-ads&email_referrer=email_1289863&email_subject=re-make-sure-democratic-holdouts-constituents-see-these-ads
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/donate/digitaladsfinalpush?link_id=13&refcodeEmailReferrer=email_1289863&can_id=230e3af33b771992782e3e1bb7403544&source=email-re-make-sure-democratic-holdouts-constituents-see-these-ads&email_referrer=email_1289863&email_subject=re-make-sure-democratic-holdouts-constituents-see-these-ads
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'none'; report-uri /system/csp_reports
via
1.1 vegur, 1.1 varnish, 1.1 varnish
etag
W/"10d68-xoKQGAKwHhYDUmI1IjKmJQQftVU"
age
3361
x-start
2021-09-14 17:31:10.625
content-encoding
gzip
vary
Accept-Encoding
content-length
18682
x-xss-protection
1; mode=block
x-frame-options
sameorigin
date
Tue, 14 Sep 2021 17:31:10 GMT
strict-transport-security
max-age=31536000
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, must-revalidate, max-age=0
set-cookie
skip_prefill_check=true; Secure
accept-ranges
bytes
x-robots-tag
noindex, nofollow
x-form-app
kittens! [Server: node: us]
payment_methods.svg
secure.actblue.com/cf/static/ 		12 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.actblue.com/cf/static/payment_methods.svg
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/donate/digitaladsfinalpush?link_id=13&refcodeEmailReferrer=email_1289863&can_id=230e3af33b771992782e3e1bb7403544&source=email-re-make-sure-democratic-holdouts-constituents-see-these-ads&email_referrer=email_1289863&email_subject=re-make-sure-democratic-holdouts-constituents-see-these-ads
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.174 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
99096f106b88e7ccc51d85cdb0004b3a46a0bbe089ed367ae69ef7c2f0be6d9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

:path
/cf/static/payment_methods.svg
pragma
no-cache
cookie
skip_prefill_check=true; __utma=88171332.640800434.1631640670.1631640670.1631640670.1; __utmc=88171332; __utmz=88171332.1631640670.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=88171332.1.10.1631640670; _session_id=58682f4d144eac6e07c2e49be80a9509
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
secure.actblue.com
referer
https://secure.actblue.com/donate/digitaladsfinalpush?link_id=13&refcodeEmailReferrer=email_1289863&can_id=230e3af33b771992782e3e1bb7403544&source=email-re-make-sure-democratic-holdouts-constituents-see-these-ads&email_referrer=email_1289863&email_subject=re-make-sure-democratic-holdouts-constituents-see-these-ads
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/donate/digitaladsfinalpush?link_id=13&refcodeEmailReferrer=email_1289863&can_id=230e3af33b771992782e3e1bb7403544&source=email-re-make-sure-democratic-holdouts-constituents-see-these-ads&email_referrer=email_1289863&email_subject=re-make-sure-democratic-holdouts-constituents-see-these-ads
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 17:31:10 GMT
via
1.1 vegur, 1.1 varnish, 1.1 varnish
last-modified
Tue, 14 Sep 2021 16:21:42 GMT
age
3409
etag
W/"2f05-17be51d35f0"
vary
Accept-Encoding
content-type
image/svg+xml
x-start
2021-09-14 17:31:10.685
set-cookie
skip_prefill_check=true; Secure
cache-control
max-age=31557600, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-encoding
gzip
content-length
4421
x-xss-protection
1; mode=block
js
www.paypal.com/sdk/ 		290 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?client-id=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&locale=en_US&disable-funding=credit,card&intent=capture&commit=false
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/8a85f61f096b0fca9a75.js?form_app=us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
9afa7beaff1985eeae544123a06fc5d6e0fd1ef9001122ee2d7fbaa802b1a5e3
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-jGjXiUX731aNvHrQi5LAX1ifzZKyXF/JA10l52PXusQxWG7i' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-jGjXiUX731aNvHrQi5LAX1ifzZKyXF/JA10l52PXusQxWG7i' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-jGjXiUX731aNvHrQi5LAX1ifzZKyXF/JA10l52PXusQxWG7i' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-jGjXiUX731aNvHrQi5LAX1ifzZKyXF/JA10l52PXusQxWG7i' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
age
3695
via
1.1 varnish
x-cache
HIT
p3p
true
paypal-debug-id
f268958c78863
dc
phx-origin-www-3.paypal.com
vary
Accept-Encoding
content-length
89139
x-xss-protection
1; mode=block
x-served-by
cache-hhn4043-HHN
x-timer
S1631640681.796630,VS0,VE3
x-frame-options
SAMEORIGIN
date
Tue, 14 Sep 2021 17:31:20 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Tue, 14 Sep 2021 17:29:45 GMT
cache-control
public, max-age=3600, s-maxage=10800
etag
W/"15c33-XqCf7Vc1EyGBWUPhiCR2bhZ9/MY"
accept-ranges
bytes
x-cache-hits
1
pay.js
pay.google.com/gp/p/js/ 		96 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/js/pay.js
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/8a85f61f096b0fca9a75.js?form_app=us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ba4df7bd75b4a90883b3de43680fe0c0055f1d248b3c4ecc267d16a5465e3e27
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ZfELt+sTMUvhu97PrVDL+A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-ZfELt+sTMUvhu97PrVDL+A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 17:31:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private, max-age=600
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-ZfELt+sTMUvhu97PrVDL+A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-ZfELt+sTMUvhu97PrVDL+A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Tue, 14 Sep 2021 17:31:15 GMT
payframe
pay.google.com/gp/p/ui/ Frame 5542 		17 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fsecure.actblue.com&mid=
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c6a7de5969479843f4bd8f360cc312ddb190a735c94f85cf3b9e4dc8262db3b0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7LdHxcKNnn7P/h/8DpHaYQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-7LdHxcKNnn7P/h/8DpHaYQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pay.google.com
:scheme
https
:path
/gp/p/ui/payframe?origin=https%3A%2F%2Fsecure.actblue.com&mid=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://secure.actblue.com/
accept-encoding
gzip, deflate, br
cookie
NID=511=SZpyZl_sT7zJ7U7xzE5CS4KYfrs12JSn1rVyLveJ2bl7Z68SuRhBSBVjhoP2ig8lE6PouGiiVkJTe8iytweCZRKaz7rBdkaFw5A7SMbEbIzc3dunjIaXQdAm1mqO0ZaHbGfctXonduFOOBPkW4jYRYFG5a1M5ilbWsC24QZ9N6o
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/

Response headers

content-type
text/html; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible
IE=edge
expires
Tue, 14 Sep 2021 17:31:16 GMT
date
Tue, 14 Sep 2021 17:31:16 GMT
cache-control
private, max-age=3600
strict-transport-security
max-age=31536000
cross-origin-opener-policy
same-origin
content-security-policy
script-src 'report-sample' 'nonce-7LdHxcKNnn7P/h/8DpHaYQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-7LdHxcKNnn7P/h/8DpHaYQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
cross-origin-resource-policy
same-site
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 5542 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/donate/digitaladsfinalpush?refcode=&link_id=13&refcodeEmailReferrer=email_1289863&can_id=230e3af33b771992782e3e1bb7403544&source=email-re-make-sure-democratic-holdouts-constituents-see-these-ads&email_referrer=email_1289863&email_subject=re-make-sure-democratic-holdouts-constituents-see-these-ads
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fsecure.actblue.com&mid=
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 14 Sep 2021 17:31:16 GMT
referrer-policy
no-referrer
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1608
content-type
text/html; charset=UTF-8
m=_b,_tp
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.KMltV6FO0oE.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMi... Frame 5542 		146 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.KMltV6FO0oE.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfriHBtBGoA3rqqd7wSd-UYSjLIlMXQ/m=_b,_tp
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fsecure.actblue.com&mid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:816::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
e745efc6686ea8c35e0a145112489e6afe317510cd57220005d1ac82eac3213b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 17:21:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
86985
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52225
x-xss-protection
0
last-modified
Fri, 10 Sep 2021 22:24:01 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 13 Sep 2022 17:21:36 GMT
/
api-js.mixpanel.com/track/ 		0
0
pptm.js
www.paypal.com/tagmanager/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=secure.actblue.com&t=xo&v=5.0.256&source=payments_sdk&client_id=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&vault=false
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&locale=en_US&disable-funding=credit,card&intent=capture&commit=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
4414f448c18de1e5eb1ea08b85760036036c56c52f846b047feeeaa9537ff557
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-euUp8AkXV3kGxxSuF1V9UkZdyvvtysa7oz/e+go5SXzAXHjy' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-euUp8AkXV3kGxxSuF1V9UkZdyvvtysa7oz/e+go5SXzAXHjy' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
age
2069
x-cache
HIT
paypal-debug-id
f7400286ae23c
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
4730
x-xss-protection
1; mode=block
x-served-by
cache-hhn4043-HHN
x-timer
S1631640681.845149,VS0,VE2
x-frame-options
SAMEORIGIN
date
Tue, 14 Sep 2021 17:31:20 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/x-javascript; charset=utf-8
via
1.1 varnish
cache-control
public, max-age=3600
etag
W/"34d0-zvUarWPDnM1gvrIDYv/yzAcNyRI"
accept-ranges
bytes
x-cache-hits
3
buttons
www.paypal.com/smart/ Frame 4D40 		284 KB
119 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=44&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9keHR6cnRqYmRudnBuZGtpc3VyZmR2eG5lZ2h0bGwifX0&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&sdkCorrelationID=f356671c0fd93&storageID=uid_90b90a5910_mtc6mze6mja&sessionID=uid_5d084e12dc_mtc6mze6mja&buttonSessionID=uid_745c660cb4_mtc6mze6mja&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW40Ijp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH19fSwiY2FyZCI6eyJlbGlnaWJsZSI6ZmFsc2UsImJyYW5kZWQiOnRydWUsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJoaXBlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJlbG8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJqY2IiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9fX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOnRydWV9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&renderedButtons.1=sepa&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&locale=en_US&disable-funding=credit,card&intent=capture&commit=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
2693ed1f33c12bac53a50d823e3e0e0325a7cc0d45c064b181a1327ef9e53263
Security Headers
Name Value
Content-Security-Policy form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.paypal.com
:scheme
https
:path
/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=44&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9keHR6cnRqYmRudnBuZGtpc3VyZmR2eG5lZ2h0bGwifX0&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&sdkCorrelationID=f356671c0fd93&storageID=uid_90b90a5910_mtc6mze6mja&sessionID=uid_5d084e12dc_mtc6mze6mja&buttonSessionID=uid_745c660cb4_mtc6mze6mja&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW40Ijp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH19fSwiY2FyZCI6eyJlbGlnaWJsZSI6ZmFsc2UsImJyYW5kZWQiOnRydWUsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJoaXBlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJlbG8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJqY2IiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9fX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOnRydWV9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&renderedButtons.1=sepa&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://secure.actblue.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
content-disposition
inline
content-security-policy
form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html; charset=utf-8
etag
W/"4707a-iuQlq3ArGr7gUI24QPO68AMoPrQ"
p3p
true
paypal-debug-id
f424394ccf918
set-cookie
tsrce=smartcomponentnodeweb; Domain=.paypal.com; Path=/; Expires=Fri, 17 Sep 2021 17:31:21 GMT; HttpOnly; Secure; SameSite=None l7_az=dcg15.slc; Path=/; Domain=paypal.com; Expires=Tue, 14 Sep 2021 18:01:21 GMT; HttpOnly; Secure; SameSite=None ts=vreXpYrS%3D1726335081%26vteXpYrS%3D1631642481%26vr%3De55cfa4617b0a280a4814546fe13fa40%26vt%3De55cfa4617b0a280a4814546fe13fa3f%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Fri, 13 Sep 2024 17:31:21 GMT; HttpOnly; Secure; SameSite=None ts_c=vr%3De55cfa4617b0a280a4814546fe13fa40%26vt%3De55cfa4617b0a280a4814546fe13fa3f; Path=/; Domain=paypal.com; Expires=Fri, 13 Sep 2024 17:31:21 GMT; Secure; SameSite=None x-cdn=0003; Domain=paypal.com; Path=/; Secure
x-content-type-options
nosniff
x-csrf-jwt
__blank__
x-xss-protection
1; mode=block
dc
phx-origin-www-2.paypal.com
accept-ranges
none
date
Tue, 14 Sep 2021 17:31:21 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-served-by
cache-hhn4043-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1631640681.918766,VS0,VE314
vary
Accept-Encoding
content-encoding
br
truncated
/ Frame D4C3 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame D4C3 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e0d38886fe77a4f965380f314f56745ee497d565a4918afb98fc0f8823de25b6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
muse.js
www.paypalobjects.com/muse/ 		0
0
ts
t.paypal.com/ 		0
0
m=byfTOb,lsjVmc,LEikZe
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.KMltV6FO0oE.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.Fvo... Frame 5542 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.KMltV6FO0oE.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.Fvod1TEPR3g.L.B1.O/am=AoA/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfriTfOfoBdo6lRg45w9CPbSOkpAy1Q/m=byfTOb,lsjVmc,LEikZe
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.KMltV6FO0oE.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfriHBtBGoA3rqqd7wSd-UYSjLIlMXQ/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:816::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
fa7a1f3245d9bf4f09b2bb6bb4f08e963e15fa73907e0d3d08bab0f4bab4371d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 17:21:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
86985
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13240
x-xss-protection
0
last-modified
Tue, 07 Sep 2021 22:32:14 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 13 Sep 2022 17:21:36 GMT
m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.KMltV6FO0oE.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.Fvo... Frame 5542 		72 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.KMltV6FO0oE.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.Fvod1TEPR3g.L.B1.O/am=AoA/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfriTfOfoBdo6lRg45w9CPbSOkpAy1Q/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.KMltV6FO0oE.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfriHBtBGoA3rqqd7wSd-UYSjLIlMXQ/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:816::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
0422928bc505021a60fd8eaf195e4dd1492772cc01add6360e10d3598a420b2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 17:21:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
86985
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26805
x-xss-protection
0
last-modified
Tue, 07 Sep 2021 22:32:14 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 13 Sep 2022 17:21:36 GMT
js
www.paypal.com/sdk/ Frame 4D40 		290 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?client-id=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&locale=en_US&disable-funding=credit,card&intent=capture&commit=false
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=44&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9keHR6cnRqYmRudnBuZGtpc3VyZmR2eG5lZ2h0bGwifX0&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&sdkCorrelationID=f356671c0fd93&storageID=uid_90b90a5910_mtc6mze6mja&sessionID=uid_5d084e12dc_mtc6mze6mja&buttonSessionID=uid_745c660cb4_mtc6mze6mja&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW40Ijp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH19fSwiY2FyZCI6eyJlbGlnaWJsZSI6ZmFsc2UsImJyYW5kZWQiOnRydWUsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJoaXBlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJlbG8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJqY2IiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9fX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOnRydWV9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&renderedButtons.1=sepa&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
9afa7beaff1985eeae544123a06fc5d6e0fd1ef9001122ee2d7fbaa802b1a5e3
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-jGjXiUX731aNvHrQi5LAX1ifzZKyXF/JA10l52PXusQxWG7i' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-jGjXiUX731aNvHrQi5LAX1ifzZKyXF/JA10l52PXusQxWG7i' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.paypal.com/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=44&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9keHR6cnRqYmRudnBuZGtpc3VyZmR2eG5lZ2h0bGwifX0&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&sdkCorrelationID=f356671c0fd93&storageID=uid_90b90a5910_mtc6mze6mja&sessionID=uid_5d084e12dc_mtc6mze6mja&buttonSessionID=uid_745c660cb4_mtc6mze6mja&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW40Ijp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH19fSwiY2FyZCI6eyJlbGlnaWJsZSI6ZmFsc2UsImJyYW5kZWQiOnRydWUsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJoaXBlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJlbG8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJqY2IiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9fX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOnRydWV9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&renderedButtons.1=sepa&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-jGjXiUX731aNvHrQi5LAX1ifzZKyXF/JA10l52PXusQxWG7i' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-jGjXiUX731aNvHrQi5LAX1ifzZKyXF/JA10l52PXusQxWG7i' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
age
3696
via
1.1 varnish
x-cache
HIT
p3p
true
paypal-debug-id
f268958c78863
dc
phx-origin-www-3.paypal.com
vary
Accept-Encoding
content-length
89139
x-xss-protection
1; mode=block
x-served-by
cache-hhn4043-HHN
x-timer
S1631640681.429022,VS0,VE2
x-frame-options
SAMEORIGIN
date
Tue, 14 Sep 2021 17:31:21 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Tue, 14 Sep 2021 17:29:45 GMT
cache-control
public, max-age=3600, s-maxage=10800
etag
W/"15c33-XqCf7Vc1EyGBWUPhiCR2bhZ9/MY"
accept-ranges
bytes
x-cache-hits
2
truncated
/ Frame 4D40 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 4D40 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e0d38886fe77a4f965380f314f56745ee497d565a4918afb98fc0f8823de25b6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
analytics.js
www.google-analytics.com/ Frame 5542 		0
0
pay
pay.google.com/gp/p/ui/ Frame 5542 		1 MB
344 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/pay
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.KMltV6FO0oE.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfriHBtBGoA3rqqd7wSd-UYSjLIlMXQ/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
eeea446d0505cde2c5aefd935b99e1e023637d2a8c780bdb6ecc3aaede6a8146
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-pdTb7lugJoS/oGEd/I7ycA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-pdTb7lugJoS/oGEd/I7ycA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
x-ua-compatible
IE=edge
server
ESF
cross-origin-opener-policy
unsafe-none
date
Tue, 14 Sep 2021 17:31:21 GMT
x-frame-options
DENY
content-type
text/html; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
private, max-age=3600
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-pdTb7lugJoS/oGEd/I7ycA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-pdTb7lugJoS/oGEd/I7ycA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
expires
Tue, 14 Sep 2021 17:31:21 GMT
fb.js
c.paypal.com/da/r/ Frame 4D40 		0
0
graphql
www.paypal.com/ Frame 4D40 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/graphql?GetNativeEligibility
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=44&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9keHR6cnRqYmRudnBuZGtpc3VyZmR2eG5lZ2h0bGwifX0&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&sdkCorrelationID=f356671c0fd93&storageID=uid_90b90a5910_mtc6mze6mja&sessionID=uid_5d084e12dc_mtc6mze6mja&buttonSessionID=uid_745c660cb4_mtc6mze6mja&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW40Ijp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH19fSwiY2FyZCI6eyJlbGlnaWJsZSI6ZmFsc2UsImJyYW5kZWQiOnRydWUsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJoaXBlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJlbG8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJqY2IiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9fX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOnRydWV9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&renderedButtons.1=sepa&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
76f5d16c41f17dcc9e230a99abfb36add13e0b73f57ec74ea1c161bb32c468f2
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-1qSmvTv1sMohIqkQyp8pGI1n53eJvIbnqSiIhF2chqikWg9N' 'self' 'unsafe-inline' 'unsafe-eval' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data: https://c.paypal.com; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com; form-action 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept
application/json
Referer
https://www.paypal.com/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=44&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9keHR6cnRqYmRudnBuZGtpc3VyZmR2eG5lZ2h0bGwifX0&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&sdkCorrelationID=f356671c0fd93&storageID=uid_90b90a5910_mtc6mze6mja&sessionID=uid_5d084e12dc_mtc6mze6mja&buttonSessionID=uid_745c660cb4_mtc6mze6mja&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW40Ijp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH19fSwiY2FyZCI6eyJlbGlnaWJsZSI6ZmFsc2UsImJyYW5kZWQiOnRydWUsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJoaXBlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJlbG8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJqY2IiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9fX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOnRydWV9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&renderedButtons.1=sepa&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false
Accept-Language
de-DE,de;q=0.9
x-app-name
smart-payment-buttons
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
application/json

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-1qSmvTv1sMohIqkQyp8pGI1n53eJvIbnqSiIhF2chqikWg9N' 'self' 'unsafe-inline' 'unsafe-eval' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data: https://c.paypal.com; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com; form-action 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
via
1.1 varnish
x-content-type-options
nosniff
x-cache
MISS
paypal-debug-id
f4013675d9019
date
Tue, 14 Sep 2021 17:31:22 GMT
dc
phx-origin-www-1.paypal.com
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-served-by
cache-hhn4043-HHN
x-timer
S1631640682.840610,VS0,VE370
x-frame-options
SAMEORIGIN
etag
W/"693-b6ZLZca81wDH5YoFejgCPdI+S4s"
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypal.com
content-encoding
br
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
none
x-cache-hits
0
logger
www.paypal.com/xoplatform/logger/api/ Frame 4D40 		866 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=44&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9keHR6cnRqYmRudnBuZGtpc3VyZmR2eG5lZ2h0bGwifX0&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&sdkCorrelationID=f356671c0fd93&storageID=uid_90b90a5910_mtc6mze6mja&sessionID=uid_5d084e12dc_mtc6mze6mja&buttonSessionID=uid_745c660cb4_mtc6mze6mja&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW40Ijp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH19fSwiY2FyZCI6eyJlbGlnaWJsZSI6ZmFsc2UsImJyYW5kZWQiOnRydWUsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJoaXBlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJlbG8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJqY2IiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9fX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOnRydWV9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&renderedButtons.1=sepa&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee8bce50834010b752cca612d66e28a9600c365ce28326197e838c60711220d1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=44&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9keHR6cnRqYmRudnBuZGtpc3VyZmR2eG5lZ2h0bGwifX0&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&sdkCorrelationID=f356671c0fd93&storageID=uid_90b90a5910_mtc6mze6mja&sessionID=uid_5d084e12dc_mtc6mze6mja&buttonSessionID=uid_745c660cb4_mtc6mze6mja&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW40Ijp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH19fSwiY2FyZCI6eyJlbGlnaWJsZSI6ZmFsc2UsImJyYW5kZWQiOnRydWUsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJoaXBlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJlbG8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJqY2IiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9fX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOnRydWV9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&renderedButtons.1=sepa&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 14 Sep 2021 17:31:22 GMT
via
1.1 varnish
x-content-type-options
nosniff
x-cache
MISS
paypal-debug-id
f401367a93d5d
strict-transport-security
max-age=63072000; includeSubDomains; preload
dc
phx-origin-www-2.paypal.com
x-served-by
cache-hhn4043-HHN
x-timer
S1631640682.900531,VS0,VE208
etag
W/"362-JghJgiEKa17FAyKnwcpr3tbDgEk"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypal.com
content-encoding
br
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
none
x-cache-hits
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api-js.mixpanel.com
URL
https://api-js.mixpanel.com/track/?verbose=1&ip=1&_=1631640680208
Domain
www.paypalobjects.com
URL
https://www.paypalobjects.com/muse/muse.js
Domain
t.paypal.com
URL
https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3ANGJ83G9Z8QXZ8-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3ANGJ83G9Z8QXZ8-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=fe4dca86-323c-4442-b2a6-6bd13ac56ad7&fltp=analytics&mrid=NGJ83G9Z8QXZ8&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Coalition%20on%20Human%20Needs%20%E2%80%94%20Donate%20via%20AB%20Charities&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1631640680924&g=0&completeurl=https%3A%2F%2Fsecure.actblue.com%2Fdonate%2Fdigitaladsfinalpush%3Flink_id%3D13%26refcodeEmailReferrer%3Demail_1289863%26can_id%3D230e3af33b771992782e3e1bb7403544%26source%3Demail-re-make-sure-democratic-holdouts-constituents-see-these-ads%26email_referrer%3Demail_1289863%26email_subject%3Dre-make-sure-democratic-holdouts-constituents-see-these-ads
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/analytics.js
Domain
c.paypal.com
URL
https://c.paypal.com/da/r/fb.js

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect boolean| originAgentCluster object| CF_CONFIG object| indigoListResponse object| preloadedState object| Bugsnag object| mixpanel object| webpackJsonp object| __core-js_shared__ object| core object| regeneratorRuntime object| tracker function| PERSIST object| SafeDDLogs object| SafeMixpanel string| MODE object| _gaq object| _gat object| gaGlobal string| _user_id string| _session_id object| _sift object| DD_LOGS object| a object| b object| c string| d object| denylistedDomainsHashedValueListForGpayButtonWithCardInfo object| whitelistedDomainsHashedValueListForGpayButtonWithCardInfo object| denylistedMerchentIdsHashedValueListForGpayButtonWithCardInfo object| google

13 Cookies

Domain/Path Name / Value
secure.actblue.com/cf/assets/app-css Name: skip_prefill_check
Value: true
secure.actblue.com/cf/assets/app Name: skip_prefill_check
Value: true
secure.actblue.com/cf/static Name: skip_prefill_check
Value: true
secure.actblue.com/donate Name: skip_prefill_check
Value: true
.actblue.com/ Name: __utma
Value: 88171332.640800434.1631640670.1631640670.1631640670.1
.actblue.com/ Name: __utmc
Value: 88171332
.actblue.com/ Name: __utmz
Value: 88171332.1631640670.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.actblue.com/ Name: __utmt
Value: 1
.actblue.com/ Name: __utmb
Value: 88171332.1.10.1631640670
.secure.actblue.com/ Name: _session_id
Value: 58682f4d144eac6e07c2e49be80a9509
.actblue.com/ Name: mp_1498bce7991dd9e45621a9bf2dbfa01b_mixpanel
Value: %7B%22distinct_id%22%3A%20%2217be55ce38a465-0a4045c4aef50f-c343365-1d4c00-17be55ce38b6e9%22%2C%22%24device_id%22%3A%20%2217be55ce38a465-0a4045c4aef50f-c343365-1d4c00-17be55ce38b6e9%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
secure.actblue.com/ Name: _dd_s
Value: logs=1&id=b1614664-d682-4a88-a687-d8504be51b44&created=1631640675458&expire=1631641575458
.google.com/ Name: NID
Value: 511=SZpyZl_sT7zJ7U7xzE5CS4KYfrs12JSn1rVyLveJ2bl7Z68SuRhBSBVjhoP2ig8lE6PouGiiVkJTe8iytweCZRKaz7rBdkaFw5A7SMbEbIzc3dunjIaXQdAm1mqO0ZaHbGfctXonduFOOBPkW4jYRYFG5a1M5ilbWsC24QZ9N6o

2 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'none'; report-uri /system/csp_reports
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

actblue-indigo-uploads.s3.amazonaws.com
api-js.mixpanel.com
c.paypal.com
cdn.mxpnl.com
pay.google.com
secure.actblue.com
sessions.bugsnag.com
ssl.google-analytics.com
stats.g.doubleclick.net
t.paypal.com
u1584542.ct.sendgrid.net
www.datadoghq-browser-agent.com
www.google-analytics.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
api-js.mixpanel.com
c.paypal.com
t.paypal.com
www.google-analytics.com
www.paypalobjects.com
13.32.159.211
151.101.0.174
151.101.1.21
167.89.115.54
2600:1901:0:7a0b::
2600:1901:0:bc29::
2a00:1450:4007:80e::2008
2a00:1450:4007:816::2003
2a00:1450:400c:c00::9a
2a00:1450:400c:c04::5c
52.217.169.121
0422928bc505021a60fd8eaf195e4dd1492772cc01add6360e10d3598a420b2c
07bf87548212f24057ba352fed5ec567dab724b44a7fc88ddc393cbc7706d033
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
237ea4f3758fd224159a649153c5e8c20c85081f3886dffbc6df7d0cb5b0ca66
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b
2693ed1f33c12bac53a50d823e3e0e0325a7cc0d45c064b181a1327ef9e53263
4414f448c18de1e5eb1ea08b85760036036c56c52f846b047feeeaa9537ff557
4b03e499dd87fd566f8f56724b0e2ab4e3a65eb44ad5ac1e8e3cdfa1fd526c6b
653e7cf0591c3856565188ac0fe9b6baa746f318b2cd4f205ac4e08a76edf338
6f5a08c8c6e98e8bdec93f86227ffee2d8781f4c0af130dfec0a7540d7dee75f
76f5d16c41f17dcc9e230a99abfb36add13e0b73f57ec74ea1c161bb32c468f2
8190a44121863e260b4e9f3f2025072964bf566240e96f67a0ee2505231c42b3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
912bc848d461e328a48863196601323b69ed445926c856f23a426efe674e67eb
99096f106b88e7ccc51d85cdb0004b3a46a0bbe089ed367ae69ef7c2f0be6d9e
9afa7beaff1985eeae544123a06fc5d6e0fd1ef9001122ee2d7fbaa802b1a5e3
a87434b50390b134f29f73c5878fe48224c07d451fe5a624a185099eb5409cfb
ba4df7bd75b4a90883b3de43680fe0c0055f1d248b3c4ecc267d16a5465e3e27
c0a876e22dd207a67ea508bf2a41c88b3f98dbc7ebc1fd335ccf427bf39aa4ec
c6a7de5969479843f4bd8f360cc312ddb190a735c94f85cf3b9e4dc8262db3b0
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
e0d38886fe77a4f965380f314f56745ee497d565a4918afb98fc0f8823de25b6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e745efc6686ea8c35e0a145112489e6afe317510cd57220005d1ac82eac3213b
ee8bce50834010b752cca612d66e28a9600c365ce28326197e838c60711220d1
eeea446d0505cde2c5aefd935b99e1e023637d2a8c780bdb6ecc3aaede6a8146
fa7a1f3245d9bf4f09b2bb6bb4f08e963e15fa73907e0d3d08bab0f4bab4371d