urlscan.io logo urlscan.io
SecurityTrails logo

secure.actblue.com Open in urlscan Pro
151.101.128.174  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://links.e.democraticgovernors.org/els/v2/2d-Es-D39XJz/UkkwKzNJQW9rRFVVeUdRWTFvQUM3UVJPeUR1d0U2NnlFbHgwSmZGU3grTktPYnBaVkh6NE1RYUwy...
Effective URL: https://secure.actblue.com/contribute/page/DA-digital-2024q1?refcode2=jtk12030&amount=12&recurring=1&sc=a23632021&refcode=a...
Submission: On March 03 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 3 countries across 10 domains to perform 54 HTTP transactions. The main IP is 151.101.128.174, located in United States and belongs to FASTLY, US. The main domain is secure.actblue.com. The Cisco Umbrella rank of the primary domain is 58379.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2023 Q2 on June 24th 2023. Valid for: a year.
This is the only time secure.actblue.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.32.27.50 16509 (AMAZON-02)
6 151.101.128.174 54113 (FASTLY)
3 54.231.137.113 16509 (AMAZON-02)
2 151.101.0.174 54113 (FASTLY)
4 2600:1901:0:7... 15169 (GOOGLE)
1 2a00:1450:401... 15169 (GOOGLE)
7 151.101.129.21 54113 (FASTLY)
3 2a00:1450:401... 15169 (GOOGLE)
5 192.229.221.25 15133 (EDGECAST)
2 151.101.129.35 54113 (FASTLY)
5 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
1 34.96.67.224 396982 (GOOGLE-CL...)
1 34.102.232.42 396982 (GOOGLE-CL...)
54 14
1    13.32.27.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-50.fra56.r.cloudfront.net
links.e.democraticgovernors.org
6    151.101.128.174 (United States)

ASN54113 (FASTLY, US)
secure.actblue.com
3    54.231.137.113 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
actblue-indigo-uploads.s3.amazonaws.com
2    151.101.0.174 (United States)

ASN54113 (FASTLY, US)
proxy-service.actblue.com
4    2600:1901:0:7a0b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
sessions.bugsnag.com
1    2a00:1450:4013:c1a::54 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
accounts.google.com
7    151.101.129.21 (United States)

ASN54113 (FASTLY, US)
www.paypal.com
3    2a00:1450:4013:c08::5c (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
pay.google.com
5    192.229.221.25 (United States)

ASN15133 (EDGECAST, US)
www.paypalobjects.com
2    151.101.129.35 (United States)

ASN54113 (FASTLY, US)
t.paypal.com
5    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
14    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
play.google.com
1    34.96.67.224 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 224.67.96.34.bc.googleusercontent.com
cdn.sift.com
1    34.102.232.42 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 42.232.102.34.bc.googleusercontent.com
hexagon-analytics.com
Apex Domain
Subdomains		 Transfer
18 google.com
accounts.google.com — Cisco Umbrella Rank: 20
pay.google.com — Cisco Umbrella Rank: 2753
play.google.com — Cisco Umbrella Rank: 33
504 KB
9 paypal.com
www.paypal.com — Cisco Umbrella Rank: 2952
t.paypal.com — Cisco Umbrella Rank: 3463
283 KB
8 actblue.com
secure.actblue.com — Cisco Umbrella Rank: 58379
proxy-service.actblue.com — Cisco Umbrella Rank: 100073
544 KB
5 gstatic.com
www.gstatic.com
103 KB
5 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2598
38 KB
4 bugsnag.com
sessions.bugsnag.com — Cisco Umbrella Rank: 844
166 B
3 amazonaws.com
actblue-indigo-uploads.s3.amazonaws.com — Cisco Umbrella Rank: 234810
649 KB
1 hexagon-analytics.com
hexagon-analytics.com — Cisco Umbrella Rank: 5596
288 B
1 sift.com
cdn.sift.com — Cisco Umbrella Rank: 14596
21 KB
1 democraticgovernors.org
links.e.democraticgovernors.org — Cisco Umbrella Rank: 419826
441 B
54 10
Domain Requested by
14 play.google.com www.gstatic.com
7 www.paypal.com secure.actblue.com
www.paypal.com
www.paypalobjects.com
6 secure.actblue.com secure.actblue.com
5 www.gstatic.com secure.actblue.com
pay.google.com
www.gstatic.com
5 www.paypalobjects.com secure.actblue.com
www.paypal.com
www.paypalobjects.com
4 sessions.bugsnag.com secure.actblue.com
3 pay.google.com secure.actblue.com
pay.google.com
www.gstatic.com
3 actblue-indigo-uploads.s3.amazonaws.com secure.actblue.com
2 t.paypal.com secure.actblue.com
2 proxy-service.actblue.com secure.actblue.com
1 hexagon-analytics.com
1 cdn.sift.com secure.actblue.com
1 accounts.google.com secure.actblue.com
1 links.e.democraticgovernors.org 1 redirects
54 14

This site contains no links.

Subject Issuer Validity Valid
secure.actblue.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-06-24 -
2024-07-25		 a year crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-07-03		 9 months crt.sh
proxy-service.actblue.com
R3		 2024-01-14 -
2024-04-13		 3 months crt.sh
*.bugsnag.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-19 -
2024-04-12		 a year crt.sh
accounts.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2024-02-08 -
2025-02-08		 a year crt.sh
*.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2023-09-21 -
2024-10-21		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.sift.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-05 -
2025-01-19		 a year crt.sh
*.hexagon-analytics.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-27 -
2024-11-03		 a year crt.sh

This page contains 5 frames:

Primary Page: https://secure.actblue.com/contribute/page/DA-digital-2024q1?refcode2=jtk12030&amount=12&recurring=1&sc=a23632021&refcode=a23632021&code=a23632021&firstname=&lastname=&email=verdacht@safeonweb.be&zip=&amounts=3,6,12,75,150,375&donor=N&abpage=DA&ask=3
Frame ID: 1E9B67CEDAD7F58B2BA00CBF1C608A46
Requests: 23 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=44&style.menuPlacement=below&allowBillingPayments=true&applePaySupport=false&buttonSessionID=uid_99a71947c1_mdu6ntc6mjc&buttonSize=large&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&clientMetadataID=uid_44b09693b5_mdu6ntc6mjc&commit=false&components.0=buttons&currency=USD&debug=false&disableFunding.0=credit&disableFunding.1=card&disableSetCookie=true&experiment.enableVenmo=false&flow=purchase&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwibWFlc3RybyI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGluZXJzIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJjdXAiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOmZhbHNlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6dHJ1ZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&intent=capture&locale.lang=en&locale.country=US&platform=desktop&renderedButtons.0=paypal&renderedButtons.1=sepa&sessionID=uid_44b09693b5_mdu6ntc6mjc&sdkCorrelationID=f51731710ae1c&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9keHR6cnRqYmRudnBuZGtpc3VyZmR2eG5lZ2h0bGwifX0&sdkVersion=5.0.425&storageID=uid_e0dc1ef639_mdu6ntc6mjc&supportedNativeBrowser=false&supportsPopups=true&vault=false
Frame ID: 73E9071FA6BE56FBD6424213FA1D0688
Requests: 5 HTTP requests in this frame

Frame: https://www.paypalobjects.com/js-sdk-logos/2.2.7/paypal-blue.svg
Frame ID: 4E7AEDB3163468D93DFB02546D8CDDCC
Requests: 2 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fsecure.actblue.com&mid=
Frame ID: 390CD87BEBA6C042D4BF94C100738D14
Requests: 13 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: 305FD5E55878E4DE315D9490B5847B70
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Democratic Action — Donate via ActBlue

Page URL History Show full URLs

  1. https://links.e.democraticgovernors.org/els/v2/2d-Es-D39XJz/UkkwKzNJQW9rRFVVeUdRWTFvQUM3UVJPeUR1d0U2NnlFbHgwSmZGU3gr... HTTP 302
    https://secure.actblue.com/contribute/page/DA-digital-2024q1?refcode2=jtk12030&amount=12&recurring=1&sc... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client
Overall confidence: 75%
Detected patterns
Overall confidence: 100%
Detected patterns
  • pay\.google\.com/([a-z/]+)/pay\.js
Overall confidence: 100%
Detected patterns
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • cdn\.sift(?:science)?\.com/s\.js

Page Statistics

54
Requests

100 %
HTTPS

36 %
IPv6

10
Domains

14
Subdomains

14
IPs

3
Countries

2143 kB
Transfer

5588 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://links.e.democraticgovernors.org/els/v2/2d-Es-D39XJz/UkkwKzNJQW9rRFVVeUdRWTFvQUM3UVJPeUR1d0U2NnlFbHgwSmZGU3grTktPYnBaVkh6NE1RYUwybG1FNlFmTm1vSFBkeks0VStnZjFCZllYMDZqS0RDamtua1daUHZlYUJqWjZwVFhNeVU9S0/YTBocjBLem9CL01zZlJTK0VVOWxGVFRGM2tVZlJqL3ZESHJROFdnZi9IVW9QbWR5YzVBa2hkcDFjZkNDOWU2dytCUVlHYTUxQU1rR0VyUERiWUg0Q2duenlLVHpCa0ZWRXc4aHZQdklnd2FkMmZDVXE1RjBtV3ZLaFdLbjdTbWl5QkZRODIwQ0o4NXBOV3dvNGFXempnOU11UzIreFZ1NFhJM2RMRy9Bd1NqYmhKbCsyNmtuaGZzNk1iSmZiUHdGcWwyMWtxbWhseVBWTm05MnRBUlZUREVHaVpOd1dsTWF5R3E4cy9EbkRBdkNOODZTc1FWZE92citzOG9zbXM0TjEySWNiRXB3akxYOEVwdEE1Q0Rab1EzZEY0eW9pM3NTRWdROWYyQjREWGdwZmo4QmRLWHk2K3laSUZjQ1ArdlRNS2RBSUkyVXhHWT0S1 HTTP 302
    https://secure.actblue.com/contribute/page/DA-digital-2024q1?refcode2=jtk12030&amount=12&recurring=1&sc=a23632021&refcode=a23632021&code=a23632021&firstname=&lastname=&email=verdacht@safeonweb.be&zip=&amounts=3,6,12,75,150,375&donor=N&abpage=DA&ask=3 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

54 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request DA-digital-2024q1
secure.actblue.com/contribute/page/
Redirect Chain
  • https://links.e.democraticgovernors.org/els/v2/2d-Es-D39XJz/UkkwKzNJQW9rRFVVeUdRWTFvQUM3UVJPeUR1d0U2NnlFbHgwSmZGU3grTktPYnBaVkh6NE1RYUwybG1FNlFmTm1vSFBkeks0VStnZjFCZllYMDZqS0RDamtua1daUHZlYUJqWjZwV...
  • https://secure.actblue.com/contribute/page/DA-digital-2024q1?refcode2=jtk12030&amount=12&recurring=1&sc=a23632021&refcode=a23632021&code=a23632021&firstname=&lastname=&email=verdacht@safeonweb.be&z...
62 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.actblue.com/contribute/page/DA-digital-2024q1?refcode2=jtk12030&amount=12&recurring=1&sc=a23632021&refcode=a23632021&code=a23632021&firstname=&lastname=&email=verdacht@safeonweb.be&zip=&amounts=3,6,12,75,150,375&donor=N&abpage=DA&ask=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.174 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
56803186dbc600a28b8eefd0c4dd8b04f7bf96886cb873c0aaac588107efc1ce
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri /system/csp_reports
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
36461
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-length
14039
content-security-policy
frame-ancestors 'none'; report-uri /system/csp_reports
content-type
text/html; charset=utf-8
date
Sun, 03 Mar 2024 05:57:26 GMT
etag
W/"f990-Td9daQ7Im8z5arEKkUErKSFoQLc"
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1709408985&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=fkW6bsOgSOU1KEyVlfqn7NEKk39IEzs05dk00kWsMDA%3D"}]}
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1709408985&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=fkW6bsOgSOU1KEyVlfqn7NEKk39IEzs05dk00kWsMDA%3D
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 vegur, 1.1 varnish, 1.1 varnish, 1.1 varnish
x-form-app
kittens! [Server: node: us]
x-frame-options
sameorigin
x-robots-tag
noindex, nofollow
x-start
2024-03-03 05:57:26.636
x-timer
S1709408985.098339,VS0,VE319

Redirect headers

content-language
de-DE
content-length
0
date
Sun, 03 Mar 2024 05:57:26 GMT
location
https://secure.actblue.com/contribute/page/DA-digital-2024q1?refcode2=jtk12030&amount=12&recurring=1&sc=a23632021&refcode=a23632021&code=a23632021&firstname=&lastname=&email=verdacht@safeonweb.be&zip=&amounts=3,6,12,75,150,375&donor=N&abpage=DA&ask=3
server
istio-envoy
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
x-amz-cf-id
umrALlAFrrq8uZ4Rsosq7uyRbQ2zGecneEOw9JXznz_edUEpYg-xBg==
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
5
44a3dcfab3a5e0d1fd41.css
secure.actblue.com/cf/assets/app-css/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.actblue.com/cf/assets/app-css/44a3dcfab3a5e0d1fd41.css?form_app=us
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/contribute/page/DA-digital-2024q1?refcode2=jtk12030&amount=12&recurring=1&sc=a23632021&refcode=a23632021&code=a23632021&firstname=&lastname=&email=verdacht@safeonweb.be&zip=&amounts=3,6,12,75,150,375&donor=N&abpage=DA&ask=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.174 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e7a17d448ce2deae2459d1ed87980c2f0f1cae0e5fb329f93d6fa953a9081c61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/contribute/page/DA-digital-2024q1?refcode2=jtk12030&amount=12&recurring=1&sc=a23632021&refcode=a23632021&code=a23632021&firstname=&lastname=&email=verdacht@safeonweb.be&zip=&amounts=3,6,12,75,150,375&donor=N&abpage=DA&ask=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 05:57:26 GMT
via
1.1 vegur, 1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding
gzip
strict-transport-security
max-age=31536000
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age
130644
x-start
2024-03-03 05:57:26.666
content-length
4667
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1709314802&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=SwSMuLkB0g%2FIDiBcgUnYx9sR9XA9nLZariFSsDsTnvA%3D
last-modified
Thu, 29 Feb 2024 22:07:31 GMT
x-timer
S1709314802.236864,VS0,VE43
etag
W/"4ede-18df6e888b8"
vary
Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1709314802&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=SwSMuLkB0g%2FIDiBcgUnYx9sR9XA9nLZariFSsDsTnvA%3D"}]}
content-type
text/css; charset=UTF-8
cache-control
max-age=31557600, must-revalidate
accept-ranges
bytes
actblue.js
secure.actblue.com/cf/assets/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.actblue.com/cf/assets/actblue.js
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/contribute/page/DA-digital-2024q1?refcode2=jtk12030&amount=12&recurring=1&sc=a23632021&refcode=a23632021&code=a23632021&firstname=&lastname=&email=verdacht@safeonweb.be&zip=&amounts=3,6,12,75,150,375&donor=N&abpage=DA&ask=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.174 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3daa447ce725debe3b8cd56b75b1cd99584f7770f4aa4d202bf07e3688b6b202
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/contribute/page/DA-digital-2024q1?refcode2=jtk12030&amount=12&recurring=1&sc=a23632021&refcode=a23632021&code=a23632021&firstname=&lastname=&email=verdacht@safeonweb.be&zip=&amounts=3,6,12,75,150,375&donor=N&abpage=DA&ask=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 05:57:26 GMT
via
1.1 vegur, 1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding
gzip
strict-transport-security
max-age=31536000
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age
127309
x-start
2024-03-03 05:57:26.666
content-length
9344
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1709318137&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=3P1YR6SfvDw8dn9rYcak4LlRLdN0oUKBtneB%2BYtQJBk%3D
last-modified
Thu, 29 Feb 2024 22:06:03 GMT
x-timer
S1709318137.192151,VS0,VE87
etag
W/"73ca-18df6e730f8"
vary
Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1709318137&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=3P1YR6SfvDw8dn9rYcak4LlRLdN0oUKBtneB%2BYtQJBk%3D"}]}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=600, must-revalidate
accept-ranges
bytes
de333171-72c4-4700-9ba0-10b36a9c524a-DGA-11797-banner-1-b-edit12.png
actblue-indigo-uploads.s3.amazonaws.com/uploads/list-editor/18aa276e-dbed-40ac-b610-e9d4449c8bfc-brandings/278558/header/mobile_image_url/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://actblue-indigo-uploads.s3.amazonaws.com/uploads/list-editor/18aa276e-dbed-40ac-b610-e9d4449c8bfc-brandings/278558/header/mobile_image_url/de333171-72c4-4700-9ba0-10b36a9c524a-DGA-11797-banner-1-b-edit12.png
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/contribute/page/DA-digital-2024q1?refcode2=jtk12030&amount=12&recurring=1&sc=a23632021&refcode=a23632021&code=a23632021&firstname=&lastname=&email=verdacht@safeonweb.be&zip=&amounts=3,6,12,75,150,375&donor=N&abpage=DA&ask=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.137.113 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
5a4eea9070a9a439e1eabbb8943ad2d154bb7733029502e5d5c31c399e94c43e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Sun, 03 Mar 2024 05:57:27 GMT
Last-Modified
Wed, 29 Nov 2023 17:35:04 GMT
Server
AmazonS3
x-amz-request-id
KCVNFQGV15204RK2
ETag
"11ce4cf45c872a86a421448d609e32df"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
17711
x-amz-id-2
Unnb+PDX5h7eIgVzGnCI0o2U2u0fPxd6b/iQOpl7Mt4IzW+EaxK8/Z3E9mVRKrKZzkL+yb2MQQU=
44a3dcfab3a5e0d1fd41.js
secure.actblue.com/cf/assets/app/ 		2 MB
496 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.actblue.com/cf/assets/app/44a3dcfab3a5e0d1fd41.js?form_app=us
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/contribute/page/DA-digital-2024q1?refcode2=jtk12030&amount=12&recurring=1&sc=a23632021&refcode=a23632021&code=a23632021&firstname=&lastname=&email=verdacht@safeonweb.be&zip=&amounts=3,6,12,75,150,375&donor=N&abpage=DA&ask=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.174 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
01be151e8b2400fa94badc23732da85de70d7ca9edc00a8ffcfc396d58ddacc9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/contribute/page/DA-digital-2024q1?refcode2=jtk12030&amount=12&recurring=1&sc=a23632021&refcode=a23632021&code=a23632021&firstname=&lastname=&email=verdacht@safeonweb.be&zip=&amounts=3,6,12,75,150,375&donor=N&abpage=DA&ask=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 05:57:26 GMT
via
1.1 vegur, 1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding
gzip
strict-transport-security
max-age=31536000
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age
127309
x-start
2024-03-03 05:57:26.666
content-length
507155
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1709318137&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=3P1YR6SfvDw8dn9rYcak4LlRLdN0oUKBtneB%2BYtQJBk%3D
last-modified
Thu, 29 Feb 2024 22:07:31 GMT
x-timer
S1709318137.978627,VS0,VE85
etag
W/"19dc5b-18df6e888b8"
vary
Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1709318137&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=3P1YR6SfvDw8dn9rYcak4LlRLdN0oUKBtneB%2BYtQJBk%3D"}]}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31557600, must-revalidate
accept-ranges
bytes
lib.min.js
proxy-service.actblue.com/ 		54 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://proxy-service.actblue.com/lib.min.js
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/contribute/page/DA-digital-2024q1?refcode2=jtk12030&amount=12&recurring=1&sc=a23632021&refcode=a23632021&code=a23632021&firstname=&lastname=&email=verdacht@safeonweb.be&zip=&amounts=3,6,12,75,150,375&donor=N&abpage=DA&ask=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.174 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7c690a6ebb2eef51e8ccc66161b02197c22f388f1fc23c89e0f5c7b70e1eac50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 05:57:26 GMT
content-encoding
gzip
via
1.1 varnish
age
546
x-guploader-uploadid
ABPtcPrdZtakbHe0rm7d4d49eR1HwL7-GZgbsjjIV5QbK9GSuZAZw1RkQLcaO5jjwr3NtvVqHk9wLb_MQw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
18490
last-modified
Tue, 06 Feb 2024 00:09:36 GMT
etag
"eb0675a8749ea5d76345796217db928f"
vary
Accept-Encoding
x-goog-generation
1707178176338436
x-goog-hash
crc32c=fWmQwA==, md5=6wZ1qHSepddjRXliF9uSjw==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=600
x-goog-stored-content-length
18490
content-type
text/javascript
accept-ranges
bytes
expires
Fri, 23 Feb 2024 05:02:37 GMT
0962e81a-5016-4afe-951c-b2fdd96dcbaa-DGA-11797-act-blue-21.png
actblue-indigo-uploads.s3.amazonaws.com/uploads/list-editor/c9596fdd-9d16-4075-995d-5eee801ebc17-brandings/278558/document_body/background_image_url/ 		613 KB
614 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://actblue-indigo-uploads.s3.amazonaws.com/uploads/list-editor/c9596fdd-9d16-4075-995d-5eee801ebc17-brandings/278558/document_body/background_image_url/0962e81a-5016-4afe-951c-b2fdd96dcbaa-DGA-11797-act-blue-21.png
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/contribute/page/DA-digital-2024q1?refcode2=jtk12030&amount=12&recurring=1&sc=a23632021&refcode=a23632021&code=a23632021&firstname=&lastname=&email=verdacht@safeonweb.be&zip=&amounts=3,6,12,75,150,375&donor=N&abpage=DA&ask=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.137.113 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
52c205a15d889f91c7e3fe5fd248b9ac597cc6b6b35554d82a2cb36f10fe704f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Sun, 03 Mar 2024 05:57:27 GMT
Last-Modified
Wed, 29 Nov 2023 15:24:26 GMT
Server
AmazonS3
x-amz-request-id
KCVVRTJXKA112JMG
ETag
"6c1e31503fd8a34d7222b8c4ca4edb68"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
627968
x-amz-id-2
7mlH3WxnWL+KA9TQnFc40C7qnVcrCnaT8PB2LEcRVMcsT52msQvnlerBIE93BuYiNzutuAA4uBQ=
/
sessions.bugsnag.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method
POST
Origin
https://secure.actblue.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-headers
Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods
POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sun, 03 Mar 2024 05:57:26 GMT
via
1.1 google
/
sessions.bugsnag.com/ 		21 B
131 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/44a3dcfab3a5e0d1fd41.js?form_app=us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version
1
Referer
https://secure.actblue.com/
Bugsnag-Sent-At
2024-03-03T05:57:26.807Z
accept-language
de-DE,de;q=0.9
Bugsnag-Api-Key
04c1a9de88bb73e22614162ba813a0b9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Sun, 03 Mar 2024 05:57:27 GMT
via
1.1 google
bugsnag-session-uuid
21858004-d49e-4f96-8b2d-1739c751dd2e
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
content-type
application/json
auth_token
secure.actblue.com/api/cf/ 		102 B
615 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://secure.actblue.com/api/cf/auth_token
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/44a3dcfab3a5e0d1fd41.js?form_app=us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.174 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f4b9f0a092e60ff233ac096c0cb4890ed784a2a1f8c4a2dbdbb635afdf275149
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/contribute/page/DA-digital-2024q1?refcode2=jtk12030&amount=12&recurring=1&sc=a23632021&refcode=a23632021&code=a23632021&firstname=&lastname=&email=verdacht@safeonweb.be&zip=&amounts=3,6,12,75,150,375&donor=N&abpage=DA&ask=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 05:57:27 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000
status
200 OK
x-start
2024-03-03 05:57:26.970
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
x-timer
S1709445447.985187,VS0,VE116
etag
W/"f4b9f0a092e60ff233ac096c0cb4890e"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept, Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
private, no-store
accept-ranges
bytes
884b5216-9ffc-4a7d-82f0-a51baa110bb7-DGA-11797-banner-1-b-edit12.png
actblue-indigo-uploads.s3.amazonaws.com/uploads/list-editor/db68ea9d-08a2-43c3-958d-b21cf1c1789e-brandings/278558/header/image_url/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://actblue-indigo-uploads.s3.amazonaws.com/uploads/list-editor/db68ea9d-08a2-43c3-958d-b21cf1c1789e-brandings/278558/header/image_url/884b5216-9ffc-4a7d-82f0-a51baa110bb7-DGA-11797-banner-1-b-edit12.png
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/contribute/page/DA-digital-2024q1?refcode2=jtk12030&amount=12&recurring=1&sc=a23632021&refcode=a23632021&code=a23632021&firstname=&lastname=&email=verdacht@safeonweb.be&zip=&amounts=3,6,12,75,150,375&donor=N&abpage=DA&ask=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.137.113 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
5a4eea9070a9a439e1eabbb8943ad2d154bb7733029502e5d5c31c399e94c43e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Sun, 03 Mar 2024 05:57:28 GMT
Last-Modified
Wed, 29 Nov 2023 17:35:01 GMT
Server
AmazonS3
x-amz-request-id
3W6G0FEKRQJ0K2HE
ETag
"11ce4cf45c872a86a421448d609e32df"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
17711
x-amz-id-2
ME8e2WNb9cJRAOTL5Oe5j246SQoGpPDDJCZ1vtnIdky6QNFlJo3stu+Dg60AGPeebTSf7bm8gBE=
client
accounts.google.com/gsi/ 		215 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/44a3dcfab3a5e0d1fd41.js?form_app=us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4013:c1a::54 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e2f48cf4e201400af4754c5eb9dce2b71e49af68fb40fe92d11fd1102d2194a5
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-YIS__wrAq-8yJpJoGoKOtw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 05:57:27 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-YIS__wrAq-8yJpJoGoKOtw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Sun, 03 Mar 2024 05:57:27 GMT
/
sessions.bugsnag.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method
POST
Origin
https://secure.actblue.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-headers
Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods
POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sun, 03 Mar 2024 05:57:27 GMT
via
1.1 google
/
sessions.bugsnag.com/ 		21 B
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/44a3dcfab3a5e0d1fd41.js?form_app=us
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version
1
Referer
https://secure.actblue.com/
Bugsnag-Sent-At
2024-03-03T05:57:27.157Z
accept-language
de-DE,de;q=0.9
Bugsnag-Api-Key
04c1a9de88bb73e22614162ba813a0b9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Sun, 03 Mar 2024 05:57:27 GMT
via
1.1 google
bugsnag-session-uuid
2218e84a-00b6-48cb-b83d-dcc866dbd16d
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
content-type
application/json
js
www.paypal.com/sdk/ 		298 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?client-id=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&locale=en_US&disable-funding=credit,card&intent=capture&commit=false
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/44a3dcfab3a5e0d1fd41.js?form_app=us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0fa9c44b489a3a5b9ddd7c0c397de1fe68c214039214ebb5b7ed63a185e7e4c3
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-mj8Ir/4hgaeNc0yayHWjg/d+iidzdVAKgVsTuZaunMZxemJL' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-mj8Ir/4hgaeNc0yayHWjg/d+iidzdVAKgVsTuZaunMZxemJL' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-mj8Ir/4hgaeNc0yayHWjg/d+iidzdVAKgVsTuZaunMZxemJL' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-mj8Ir/4hgaeNc0yayHWjg/d+iidzdVAKgVsTuZaunMZxemJL' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
disable-set-cookie
true
via
1.1 varnish, 1.1 varnish
date
Sun, 03 Mar 2024 05:57:27 GMT
age
7106
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT, MISS
p3p
true
paypal-debug-id
f69347948bbc3
server-timing
"traceparent;desc="00-0000000000000000000f69347948bbc3-82d362dd51ac3db5-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
81205
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230127-FRA, cache-fra-eddf8230127-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f69347948bbc3-c817266c5032d0ee-01
x-timer
S1709445447.288541,VS0,VE7
etag
W/"13d35-PRV8O5mnskENVMMW1hNjIpgpg48"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600, s-maxage=10800
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
1, 0
pay.js
pay.google.com/gp/p/js/ 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/js/pay.js
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/44a3dcfab3a5e0d1fd41.js?form_app=us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4013:c08::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9efb3c3c478916f95dd26b4d6c664a5ff18cbb3df8da939c88b55a5abf0fc81e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-aW-FAKHvlUeP8KzV9BcVPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 05:57:27 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-aW-FAKHvlUeP8KzV9BcVPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/gp/p/_/InstantbuyFrontendHttp/web-reports?context=eJzjKtDikmLw0JBiWF4qxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-Z4k48ZxJ885zp3ZeXTDxfXzJJALEGEG_38WAR85nOyrduOqsKEOuun84aCsRO6TNYg4DYp34GawwQC_FwHF80YT2bwIz3n1YzAgAG6zGj"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Sun, 03 Mar 2024 05:57:27 GMT
pptm.js
www.paypal.com/tagmanager/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=secure.actblue.com&t=xo&v=5.0.425&source=payments_sdk&client_id=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&disableSetCookie=true&vault=false
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&locale=en_US&disable-funding=credit,card&intent=capture&commit=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
eeceb7602352429df0b0609b512b80016ba4b784756c66d7186ed693355ff687
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-yhhGJ+x/iOYK98UsSw7KYnFBHdBOH30NqsXQGiOLqt5Z4ai1' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-yhhGJ+x/iOYK98UsSw7KYnFBHdBOH30NqsXQGiOLqt5Z4ai1' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 03 Mar 2024 05:57:27 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
28419
x-cache
HIT, MISS
paypal-debug-id
f6819208b7a25
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
4772
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230127-FRA, cache-fra-eddf8230127-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f6819208b7a25-c8c62b5052c8f2a6-01
x-timer
S1709445447.368447,VS0,VE5
etag
W/"3665-pGFB6UqIITy0rrWZD/Z0t8ftm0c"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=3600
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
1, 0
buttons
www.paypal.com/smart/ Frame 73E9 		432 KB
112 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=44&style.menuPlacement=below&allowBillingPayments=true&applePaySupport=false&buttonSessionID=uid_99a71947c1_mdu6ntc6mjc&buttonSize=large&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&clientMetadataID=uid_44b09693b5_mdu6ntc6mjc&commit=false&components.0=buttons&currency=USD&debug=false&disableFunding.0=credit&disableFunding.1=card&disableSetCookie=true&experiment.enableVenmo=false&flow=purchase&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwibWFlc3RybyI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGluZXJzIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJjdXAiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOmZhbHNlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6dHJ1ZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&intent=capture&locale.lang=en&locale.country=US&platform=desktop&renderedButtons.0=paypal&renderedButtons.1=sepa&sessionID=uid_44b09693b5_mdu6ntc6mjc&sdkCorrelationID=f51731710ae1c&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9keHR6cnRqYmRudnBuZGtpc3VyZmR2eG5lZ2h0bGwifX0&sdkVersion=5.0.425&storageID=uid_e0dc1ef639_mdu6ntc6mjc&supportedNativeBrowser=false&supportsPopups=true&vault=false
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&locale=en_US&disable-funding=credit,card&intent=capture&commit=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
44a90a91d10356b64e207f275b1f88731c597e85cc669ba59002e1dfb12fb392
Security Headers
Name Value
Content-Security-Policy form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.actblue.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-disposition
inline
content-encoding
gzip
content-security-policy
form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html; charset=utf-8
date
Sun, 03 Mar 2024 05:57:27 GMT
dc
ccg11-origin-www-1.paypal.com
etag
W/"6bf71-yPncP8JaCWPGwXOVu95eja5hF5Y"
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
p3p
true
paypal-debug-id
f300055beb13b
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
"traceparent;desc="00-0000000000000000000f300055beb13b-e06b0332f96548f2-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f300055beb13b-d6968c52929ccbf8-01
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-content-type-options
nosniff
x-csrf-jwt
__blank__
x-served-by
cache-fra-eddf8230127-FRA, cache-fra-eddf8230127-FRA
x-timer
S1709445447.454599,VS0,VE412
x-xss-protection
1; mode=block
paypal-blue.svg
www.paypalobjects.com/js-sdk-logos/2.2.7/ Frame 4E7A 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/js-sdk-logos/2.2.7/paypal-blue.svg
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/contribute/page/DA-digital-2024q1?refcode2=jtk12030&amount=12&recurring=1&sc=a23632021&refcode=a23632021&code=a23632021&amounts=3%2C6%2C12%2C75%2C150%2C375&donor=N&abpage=DA&ask=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CBA) /
Resource Hash
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 05:57:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
1867a673a7a0f
dc
ccg11-origin-www-1.paypal.com
content-length
1217
last-modified
Tue, 04 Apr 2023 21:46:19 GMT
server
ECAcc (frc/4CBA)
traceparent
00-00000000000000000001867a673a7a0f-f3dfb61d7baab926-01
etag
W/"642c9aab-cc2"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Sun, 03 Mar 2024 06:57:27 GMT
sepa-default.svg
www.paypalobjects.com/js-sdk-logos/2.2.7/ Frame 4E7A 		9 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/js-sdk-logos/2.2.7/sepa-default.svg
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/contribute/page/DA-digital-2024q1?refcode2=jtk12030&amount=12&recurring=1&sc=a23632021&refcode=a23632021&code=a23632021&amounts=3%2C6%2C12%2C75%2C150%2C375&donor=N&abpage=DA&ask=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CCC) /
Resource Hash
e0d38886fe77a4f965380f314f56745ee497d565a4918afb98fc0f8823de25b6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 05:57:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
ccadaf6ad818a
dc
ccg11-origin-www-1.paypal.com
content-length
3268
last-modified
Tue, 04 Apr 2023 21:46:19 GMT
server
ECAcc (frc/4CCC)
traceparent
00-0000000000000000000ccadaf6ad818a-2ed6971948ed8d3f-01
etag
W/"642c9aab-2204"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Sun, 03 Mar 2024 06:57:27 GMT
muse.js
www.paypalobjects.com/muse/ 		55 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/muse.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=secure.actblue.com&t=xo&v=5.0.425&source=payments_sdk&client_id=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&disableSetCookie=true&vault=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CA9) /
Resource Hash
20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 05:57:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
6df3dc98b7a23
dc
ccg11-origin-www-1.paypal.com
content-length
16488
last-modified
Fri, 01 Sep 2023 21:10:59 GMT
server
ECAcc (frc/4CA9)
traceparent
00-00000000000000000006df3dc98b7a23-3574b066c3ab050e-01
etag
"64f25363-daa8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Sun, 03 Mar 2024 06:57:27 GMT
ts
t.paypal.com/ 		42 B
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3ANGJ83G9Z8QXZ8-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3ANGJ83G9Z8QXZ8-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=fe4dca86-323c-4442-b2a6-6bd13ac56ad7&fltp=analytics&mrid=NGJ83G9Z8QXZ8&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Democratic%20Action%20%E2%80%94%20Donate%20via%20ActBlue&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1709445447467&g=-60&completeurl=https%3A%2F%2Fsecure.actblue.com%2Fcontribute%2Fpage%2FDA-digital-2024q1%3Frefcode2%3Djtk12030%26amount%3D12%26recurring%3D1%26sc%3Da23632021%26refcode%3Da23632021%26code%3Da23632021%26amounts%3D3%252C6%252C12%252C75%252C150%252C375%26donor%3DN%26abpage%3DDA%26ask%3D3&disableSetCookie=true
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/contribute/page/DA-digital-2024q1?refcode2=jtk12030&amount=12&recurring=1&sc=a23632021&refcode=a23632021&code=a23632021&amounts=3%2C6%2C12%2C75%2C150%2C375&donor=N&abpage=DA&ask=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-cache-hits
0
date
Sun, 03 Mar 2024 05:57:27 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
126efda1e71ba
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-fra-eddf8230083-FRA
pragma
no-cache
correlation-id
126efda1e71ba
traceparent
00-0000000000000000000126efda1e71ba-9a999ae707690f26-01
x-timer
S1709445448.546017,VS0,VE157
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 03 Mar 2024 05:57:27 GMT
payframe
pay.google.com/gp/p/ui/ Frame 390C 		19 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fsecure.actblue.com&mid=
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4013:c08::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5fd5ff50292c3713c3326145faadd2ad26f21e9880bc6ed9f3c1f4599a57ed9e
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-KqkEjUNCXayu4jDYYZ9b3w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.actblue.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-KqkEjUNCXayu4jDYYZ9b3w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-site
date
Sun, 03 Mar 2024 05:57:27 GMT
expires
Sun, 03 Mar 2024 05:57:27 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
reporting-endpoints
default="/gp/p/_/InstantbuyFrontendBuyflowPayframeUi/web-reports?context=eJzjKtDikmLw0JBiWF4qxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-Z4k48ZxJ885zp3ZeXTDxfXzJJALEGEG_38WAR85nOyrduOqsKEOuun84aCsRO6TNYg4DYp34GawwQC_FwHF80YT2bQMf3dYeZAAYgMXA"
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
dark_gpay.svg
www.gstatic.com/instantbuy/svg/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/instantbuy/svg/dark_gpay.svg
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/contribute/page/DA-digital-2024q1?refcode2=jtk12030&amount=12&recurring=1&sc=a23632021&refcode=a23632021&code=a23632021&amounts=3%2C6%2C12%2C75%2C150%2C375&donor=N&abpage=DA&ask=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f383d270511912b2da11555947cb3e6012e6375cb5f0d90493c25f6048169073
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/instantbuy-eng
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/instantbuy-eng
content-encoding
br
x-content-type-options
nosniff
date
Mon, 26 Feb 2024 16:07:57 GMT
age
481770
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
871
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="instantbuy-eng"
vary
Accept-Encoding
report-to
{"group":"instantbuy-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/instantbuy-eng"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 25 Feb 2025 16:07:57 GMT
index.html
www.paypalobjects.com/muse/analytics/ Frame 305F 		55 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/analytics/index.html
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CBF) /
Resource Hash
7247ab83a30fbd92bf8425aca87dbb9f3f44c1b7facc6f7fd80df157ea6b5e03
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.actblue.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
s-maxage=31536000, public,max-age=3600
content-encoding
gzip
content-length
16892
content-type
text/html
date
Sun, 03 Mar 2024 05:57:27 GMT
dc
ccg11-origin-www-1.paypal.com
etag
"64f25363-dacc"
expires
Sun, 03 Mar 2024 06:57:27 GMT
last-modified
Fri, 01 Sep 2023 21:10:59 GMT
paypal-debug-id
3a84894868b9e
server
ECAcc (frc/4CBF)
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
traceparent
00-00000000000000000003a84894868b9e-0613f9347f109e1a-01
vary
Accept-Encoding
x-cache
HIT
x-content-type-options
nosniff
noop.js
www.paypalobjects.com/muse/ Frame 305F 		18 B
211 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/noop.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (daa/7D8C) /
Resource Hash
0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paypalobjects.com/muse/analytics/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 05:57:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
paypal-debug-id
b4e5d7417a1b2
dc
ccg11-origin-www-1.paypal.com
content-length
18
last-modified
Sat, 13 Feb 2021 00:26:56 GMT
server
ECAcc (daa/7D8C)
traceparent
00-0000000000000000000b4e5d7417a1b2-a357944abb3437aa-01
etag
"60271cd0-12"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Sun, 03 Mar 2024 05:57:26 GMT
ts
t.paypal.com/ 		42 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3ANGJ83G9Z8QXZ8-1&page=muse%3Aoffer%3A%3A%3ANGJ83G9Z8QXZ8-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=fe4dca86-323c-4442-b2a6-6bd13ac56ad7&es=visitorInfoFlowStarted&mrid=NGJ83G9Z8QXZ8&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Democratic%20Action%20%E2%80%94%20Donate%20via%20ActBlue&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1709445447619&g=-60&completeurl=https%3A%2F%2Fsecure.actblue.com%2Fcontribute%2Fpage%2FDA-digital-2024q1%3Frefcode2%3Djtk12030%26amount%3D12%26recurring%3D1%26sc%3Da23632021%26refcode%3Da23632021%26code%3Da23632021%26amounts%3D3%252C6%252C12%252C75%252C150%252C375%26donor%3DN%26abpage%3DDA%26ask%3D3&disableSetCookie=true
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/contribute/page/DA-digital-2024q1?refcode2=jtk12030&amount=12&recurring=1&sc=a23632021&refcode=a23632021&code=a23632021&amounts=3%2C6%2C12%2C75%2C150%2C375&donor=N&abpage=DA&ask=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-cache-hits
0
date
Sun, 03 Mar 2024 05:57:27 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
0f173230558b9
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-fra-eddf8230083-FRA
pragma
no-cache
correlation-id
0f173230558b9
traceparent
00-00000000000000000000f173230558b9-5937c5d1b351d4b7-01
x-timer
S1709445448.628348,VS0,VE158
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 03 Mar 2024 05:57:27 GMT
m=_b,_tp
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.LsEu-EBbSCs.es5.O/am=gEEy/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame 390C 		159 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.LsEu-EBbSCs.es5.O/am=gEEy/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrg58fux-VGrBuYRzmkv6sN6KqvVhg/m=_b,_tp
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fsecure.actblue.com&mid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48861b8e230660534b9a8264c24529f52cd67d0bab9a3ccdf2c3f0f6b8a5bd2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 17:20:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
218240
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57745
x-xss-protection
0
last-modified
Thu, 29 Feb 2024 08:05:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 28 Feb 2025 17:20:07 GMT
m=Das5Le
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.LsEu-EBbSCs.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.gicXl1... Frame 390C 		75 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.LsEu-EBbSCs.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.gicXl1wwshw.L.B1.O/am=gEEy/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjnc7dFbP8RtFdlbt6uvTVnWb3uGg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.LsEu-EBbSCs.es5.O/am=gEEy/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrg58fux-VGrBuYRzmkv6sN6KqvVhg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5cc6b657ccde14a2122774ff293244c9e88eb49c8471b89726d1dc72583490df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 17:47:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
216569
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27673
x-xss-protection
0
last-modified
Thu, 29 Feb 2024 02:22:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 28 Feb 2025 17:47:58 GMT
graphql
www.paypal.com/targeting/ Frame 305F 		435 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/targeting/graphql?disableSetCookie=true
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9088e1b9c4abeed167870363fbeda2a5b1e140d4a5546f486239a64ff37648ec
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-9nSyYQ2rM04kekdkkFdwy1k9W60nYLdYp81bBGsk/nzyG0g6' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypalobjects.com/
disable-set-cookie
true
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-9nSyYQ2rM04kekdkkFdwy1k9W60nYLdYp81bBGsk/nzyG0g6' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Sun, 03 Mar 2024 05:57:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
paypal-debug-id
f99997426d9d8
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230127-FRA, cache-fra-eddf8230127-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f99997426d9d8-423135b24ae00ebd-01
x-timer
S1709445448.065556,VS0,VE237
etag
W/"1b3-XRsZnTpUZUWOvtnX85fZqLO57k0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypalobjects.com
access-control-expose-headers
Paypal-Debug-Id
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0
graphql
www.paypal.com/targeting/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/targeting/graphql?disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,disable-set-cookie
Access-Control-Request-Method
POST
Origin
https://www.paypalobjects.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type,disable-set-cookie
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.paypalobjects.com
access-control-expose-headers
Paypal-Debug-Id
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Sun, 03 Mar 2024 05:57:28 GMT
dc
ccg11-origin-www-1.paypal.com
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f999974a72181
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f999974a72181-ffef07c6c7967674-01
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-served-by
cache-fra-eddf8230097-FRA, cache-fra-eddf8230097-FRA
x-timer
S1709445448.861775,VS0,VE179
pay
pay.google.com/gp/p/ui/ Frame 390C 		1 MB
377 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/pay
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.LsEu-EBbSCs.es5.O/am=gEEy/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrg58fux-VGrBuYRzmkv6sN6KqvVhg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4013:c08::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
353c69a6c58e468c20c3f7b77f254072c68ced5a3322fddfe6f7c7cbbe41e3d9
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-QORvImfzIHVo24mkb5hbmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 05:57:27 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-QORvImfzIHVo24mkb5hbmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/gp/p/_/InstantbuyFrontendBuyflowPayUi/web-reports?context=eJzjKtDikmLw0JBiWF4qxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-Z4k48ZxJ885zp3ZeXTDxfXzJJALEGEG_38WAR85nOyrduOqsKEOuun84aCsRO6TNYg4DYp34GawwQC_FwHF80YT2bwIHbvcuZAQYuMVA"
x-ua-compatible
IE=edge
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
unsafe-none
server
ESF
x-frame-options
DENY
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
cache-control
private, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Sun, 03 Mar 2024 05:57:27 GMT
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.LsEu-EBbSCs.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.gicXl1... Frame 390C 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.LsEu-EBbSCs.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.gicXl1wwshw.L.B1.O/am=gEEy/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjnc7dFbP8RtFdlbt6uvTVnWb3uGg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.LsEu-EBbSCs.es5.O/am=gEEy/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrg58fux-VGrBuYRzmkv6sN6KqvVhg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9396d9ebcca3714c366bc70bc39a18a277f03a0d295b42305759a8221b8ba634
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 17:47:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
216568
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4168
x-xss-protection
0
last-modified
Thu, 29 Feb 2024 02:22:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 28 Feb 2025 17:47:59 GMT
m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.LsEu-EBbSCs.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.gicXl1... Frame 390C 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.LsEu-EBbSCs.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.gicXl1wwshw.L.B1.O/am=gEEy/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjnc7dFbP8RtFdlbt6uvTVnWb3uGg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.LsEu-EBbSCs.es5.O/am=gEEy/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrg58fux-VGrBuYRzmkv6sN6KqvVhg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc940c92a2fd51e4ccfece176627dcec28595649497715b85f4d3fd64bd40dcd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 17:47:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
216568
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14349
x-xss-protection
0
last-modified
Thu, 29 Feb 2024 02:22:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 28 Feb 2025 17:47:59 GMT
log
play.google.com/ Frame 390C 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.LsEu-EBbSCs.es5.O/am=gEEy/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrg58fux-VGrBuYRzmkv6sN6KqvVhg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sun, 03 Mar 2024 05:57:28 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 03 Mar 2024 05:57:28 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Sun, 03 Mar 2024 05:57:27 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 390C 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.LsEu-EBbSCs.es5.O/am=gEEy/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrg58fux-VGrBuYRzmkv6sN6KqvVhg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sun, 03 Mar 2024 05:57:28 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 03 Mar 2024 05:57:28 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Sun, 03 Mar 2024 05:57:27 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 390C 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.LsEu-EBbSCs.es5.O/am=gEEy/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrg58fux-VGrBuYRzmkv6sN6KqvVhg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sun, 03 Mar 2024 05:57:28 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 03 Mar 2024 05:57:28 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Sun, 03 Mar 2024 05:57:27 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 390C 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.LsEu-EBbSCs.es5.O/am=gEEy/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrg58fux-VGrBuYRzmkv6sN6KqvVhg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sun, 03 Mar 2024 05:57:28 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 03 Mar 2024 05:57:28 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Sun, 03 Mar 2024 05:57:27 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 390C 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.LsEu-EBbSCs.es5.O/am=gEEy/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrg58fux-VGrBuYRzmkv6sN6KqvVhg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sun, 03 Mar 2024 05:57:28 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 03 Mar 2024 05:57:28 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Sun, 03 Mar 2024 05:57:27 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Sun, 03 Mar 2024 05:57:27 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 390C 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.LsEu-EBbSCs.es5.O/am=gEEy/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrg58fux-VGrBuYRzmkv6sN6KqvVhg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sun, 03 Mar 2024 05:57:28 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 03 Mar 2024 05:57:28 GMT
log
play.google.com/ Frame 390C 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.LsEu-EBbSCs.es5.O/am=gEEy/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrg58fux-VGrBuYRzmkv6sN6KqvVhg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sun, 03 Mar 2024 05:57:28 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 03 Mar 2024 05:57:28 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Sun, 03 Mar 2024 05:57:27 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
truncated
/ Frame 73E9 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 73E9 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e0d38886fe77a4f965380f314f56745ee497d565a4918afb98fc0f8823de25b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type
image/svg+xml
js
www.paypal.com/sdk/ Frame 73E9 		298 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?client-id=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&locale=en_US&disable-funding=credit,card&intent=capture&commit=false
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=44&style.menuPlacement=below&allowBillingPayments=true&applePaySupport=false&buttonSessionID=uid_99a71947c1_mdu6ntc6mjc&buttonSize=large&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&clientMetadataID=uid_44b09693b5_mdu6ntc6mjc&commit=false&components.0=buttons&currency=USD&debug=false&disableFunding.0=credit&disableFunding.1=card&disableSetCookie=true&experiment.enableVenmo=false&flow=purchase&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwibWFlc3RybyI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGluZXJzIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJjdXAiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOmZhbHNlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6dHJ1ZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&intent=capture&locale.lang=en&locale.country=US&platform=desktop&renderedButtons.0=paypal&renderedButtons.1=sepa&sessionID=uid_44b09693b5_mdu6ntc6mjc&sdkCorrelationID=f51731710ae1c&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9keHR6cnRqYmRudnBuZGtpc3VyZmR2eG5lZ2h0bGwifX0&sdkVersion=5.0.425&storageID=uid_e0dc1ef639_mdu6ntc6mjc&supportedNativeBrowser=false&supportsPopups=true&vault=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0fa9c44b489a3a5b9ddd7c0c397de1fe68c214039214ebb5b7ed63a185e7e4c3
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-mj8Ir/4hgaeNc0yayHWjg/d+iidzdVAKgVsTuZaunMZxemJL' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-mj8Ir/4hgaeNc0yayHWjg/d+iidzdVAKgVsTuZaunMZxemJL' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paypal.com/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=44&style.menuPlacement=below&allowBillingPayments=true&applePaySupport=false&buttonSessionID=uid_99a71947c1_mdu6ntc6mjc&buttonSize=large&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&clientMetadataID=uid_44b09693b5_mdu6ntc6mjc&commit=false&components.0=buttons&currency=USD&debug=false&disableFunding.0=credit&disableFunding.1=card&disableSetCookie=true&experiment.enableVenmo=false&flow=purchase&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwibWFlc3RybyI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGluZXJzIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJjdXAiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOmZhbHNlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6dHJ1ZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&intent=capture&locale.lang=en&locale.country=US&platform=desktop&renderedButtons.0=paypal&renderedButtons.1=sepa&sessionID=uid_44b09693b5_mdu6ntc6mjc&sdkCorrelationID=f51731710ae1c&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9keHR6cnRqYmRudnBuZGtpc3VyZmR2eG5lZ2h0bGwifX0&sdkVersion=5.0.425&storageID=uid_e0dc1ef639_mdu6ntc6mjc&supportedNativeBrowser=false&supportsPopups=true&vault=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-mj8Ir/4hgaeNc0yayHWjg/d+iidzdVAKgVsTuZaunMZxemJL' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-mj8Ir/4hgaeNc0yayHWjg/d+iidzdVAKgVsTuZaunMZxemJL' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
disable-set-cookie
true
via
1.1 varnish, 1.1 varnish
date
Sun, 03 Mar 2024 05:57:27 GMT
age
7107
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT, MISS
p3p
true
paypal-debug-id
f69347948bbc3
server-timing
"traceparent;desc="00-0000000000000000000f69347948bbc3-82d362dd51ac3db5-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
81205
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230127-FRA, cache-fra-eddf8230127-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f69347948bbc3-c817266c5032d0ee-01
x-timer
S1709445448.927149,VS0,VE20
etag
W/"13d35-PRV8O5mnskENVMMW1hNjIpgpg48"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600, s-maxage=10800
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
2, 0
trackables
secure.actblue.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://secure.actblue.com/trackables
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/44a3dcfab3a5e0d1fd41.js?form_app=us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.174 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://secure.actblue.com/contribute/page/DA-digital-2024q1?refcode2=jtk12030&amount=12&recurring=1&sc=a23632021&refcode=a23632021&code=a23632021&amounts=3%2C6%2C12%2C75%2C150%2C375&donor=N&abpage=DA&ask=3
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Sun, 03 Mar 2024 05:57:28 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000
status
200 OK
x-start
2024-03-03 05:57:28.135
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
x-timer
S1709445448.150920,VS0,VE461
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/html
cache-control
private, no-store
accept-ranges
bytes
s.js
cdn.sift.com/ 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sift.com/s.js
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/contribute/page/DA-digital-2024q1?refcode2=jtk12030&amount=12&recurring=1&sc=a23632021&refcode=a23632021&code=a23632021&firstname=&lastname=&email=verdacht@safeonweb.be&zip=&amounts=3,6,12,75,150,375&donor=N&abpage=DA&ask=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.67.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
224.67.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
eeedc1abe03200da1b9ad6c8d55cfc0c7a5f8c47e492d5826f64f3e719eacb76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 18:30:47 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
2287601
x-guploader-uploadid
ABPtcPpC3XdxLrN26Bm5ZSE7rCIwXhRcMt1aNKZLEYKgZC7NFY2EtvQiu952KcWIc1OlW-kpzeQ50AB-Nw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20500
last-modified
Tue, 28 Feb 2023 22:39:30 GMT
server
UploadServer
etag
"476f50cbc514dd2a147e8856d7d6a2eb"
x-goog-generation
1677623970358201
x-goog-hash
crc32c=v7KhDA==, md5=R29Qy8UU3SoUfohW19ai6w==
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
no-transform
x-goog-stored-content-length
20500
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 04 Feb 2025 18:30:47 GMT
logger
www.paypal.com/xoplatform/logger/api/ Frame 73E9 		1021 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=44&style.menuPlacement=below&allowBillingPayments=true&applePaySupport=false&buttonSessionID=uid_99a71947c1_mdu6ntc6mjc&buttonSize=large&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&clientMetadataID=uid_44b09693b5_mdu6ntc6mjc&commit=false&components.0=buttons&currency=USD&debug=false&disableFunding.0=credit&disableFunding.1=card&disableSetCookie=true&experiment.enableVenmo=false&flow=purchase&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwibWFlc3RybyI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGluZXJzIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJjdXAiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOmZhbHNlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6dHJ1ZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&intent=capture&locale.lang=en&locale.country=US&platform=desktop&renderedButtons.0=paypal&renderedButtons.1=sepa&sessionID=uid_44b09693b5_mdu6ntc6mjc&sdkCorrelationID=f51731710ae1c&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9keHR6cnRqYmRudnBuZGtpc3VyZmR2eG5lZ2h0bGwifX0&sdkVersion=5.0.425&storageID=uid_e0dc1ef639_mdu6ntc6mjc&supportedNativeBrowser=false&supportsPopups=true&vault=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0424441b67625860c858856f951c70ff8d6aceca2fe0e9742309b94803406a8a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/smart/buttons?env=production&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=44&style.menuPlacement=below&allowBillingPayments=true&applePaySupport=false&buttonSessionID=uid_99a71947c1_mdu6ntc6mjc&buttonSize=large&clientID=AbHo6hBEDmCHulDhRMkCVk7FDed5zE1-mNo7SQvo_yxeLvGylM5mGh5IOjx0AV9sTHhHDjD4A443Dybb&clientMetadataID=uid_44b09693b5_mdu6ntc6mjc&commit=false&components.0=buttons&currency=USD&debug=false&disableFunding.0=credit&disableFunding.1=card&disableSetCookie=true&experiment.enableVenmo=false&flow=purchase&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwibWFlc3RybyI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGluZXJzIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJjdXAiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOmZhbHNlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6dHJ1ZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&intent=capture&locale.lang=en&locale.country=US&platform=desktop&renderedButtons.0=paypal&renderedButtons.1=sepa&sessionID=uid_44b09693b5_mdu6ntc6mjc&sdkCorrelationID=f51731710ae1c&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJIbzZoQkVEbUNIdWxEaFJNa0NWazdGRGVkNXpFMS1tTm83U1F2b195eGVMdkd5bE01bUdoNUlPangwQVY5c1RIaEhEakQ0QTQ0M0R5YmImbG9jYWxlPWVuX1VTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCZpbnRlbnQ9Y2FwdHVyZSZjb21taXQ9ZmFsc2UiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9keHR6cnRqYmRudnBuZGtpc3VyZmR2eG5lZ2h0bGwifX0&sdkVersion=5.0.425&storageID=uid_e0dc1ef639_mdu6ntc6mjc&supportedNativeBrowser=false&supportsPopups=true&vault=false
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 03 Mar 2024 05:57:28 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cache
MISS, MISS
paypal-debug-id
f99997479a7f4
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-fra-eddf8230127-FRA, cache-fra-eddf8230127-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f99997479a7f4-1d471c75bde2c073-01
x-timer
S1709445448.200188,VS0,VE216
etag
W/"3fd-Ie2TqNkrjbk9OivhINRFiQDenJA"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypal.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
none
x-cache-hits
0, 0
949298.gif
hexagon-analytics.com/images/ 		43 B
288 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hexagon-analytics.com/images/949298.gif?bk=19482a20cc&tm=42&r=300197970&v=106&cs=UTF-8&h=secure.actblue.com&l=en-US&S=e3ad8315875615d8f86049de42a4a4a9&uu=f62f5b837a996f606e8c1a5ed55f6fe&t=Democratic%20Action%20%E2%80%94%20Donate%20via%20ActBlue&u=https%3A%2F%2Fsecure.actblue.com%2Fcontribute%2Fpage%2FDA-digital-2024q1%3Frefcode2%3Djtk12030%26amount%3D12%26recurring%3D1%26sc&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F122.0.6261.94%20Safari%2F537.36&nm=4&mh=fe407dda3b01b3e3c72476fe7bf9f870&np=3&ph=596d9e73a4a75c4ceee60ad7b54864b3&sh=1200&sw=1600&cd=24&p=Win32&to=-60&d=60&ce=true&tp=0&ol=true&pr=Gecko&ps=20030107&vd=Google%20Inc.&vs=&hc=8&je=false&ss=true&ls=true&in=true&db=false&tl=false&tr=false&ts=false&tb=false&ab=false&cf=12cbadb82d688a3efa72109e23f43cfa&z=z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.232.42 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
42.232.102.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.actblue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Mar 2024 05:57:28 GMT
via
1.1 google
x-content-type-options
nosniff
server
nginx
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
proxy-service.actblue.com/track/ 		25 B
353 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://proxy-service.actblue.com/track/?verbose=1&ip=1&_=1709445452067
Requested by
Host: secure.actblue.com
URL: https://secure.actblue.com/cf/assets/app/44a3dcfab3a5e0d1fd41.js?form_app=us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.174 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains

Request headers

Referer
https://secure.actblue.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=604800; includeSubDomains
via
1.1 google, 1.1 varnish
date
Sun, 03 Mar 2024 05:57:32 GMT
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://secure.actblue.com
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
25
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
content-length
25

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| CF_CONFIG object| indigoListResponse object| preloadedState object| mixpanel object| actBlueConfig function| setImmediate function| clearImmediate object| actblue function| abConfigure object| webpackJsonp object| __core-js_shared__ object| core object| DD_LOGS object| tracker function| PERSIST object| SafeMixpanel object| Bugsnag string| MODE string| _user_id string| _session_id object| _sift object| default_gsi object| _F_toggles object| google object| closure_lm_619217 object| __post_robot_11_0_0___uid_dxtzrtjbdnvpndkisurfdvxneghtll object| paypal object| __zoid_10_3_3___uid_dxtzrtjbdnvpndkisurfdvxneghtll object| paypalDDL string| PaypalOffersObject function| ppq object| denylistedDomainsHashedValueListForGpayButtonWithCardInfo object| whitelistedDomainsHashedValueListForGpayButtonWithCardInfo object| denylistedMerchentIdsHashedValueListForGpayButtonWithCardInfo object| denylistedMerchantIdsHashedValueListForGpayButtonVariant string| dynamicGpayButtonVariant object| __post_robot_10_0_44__ object| PAYPAL function| __siftFlashCB undefined| Sift object| PluginDetect

13 Cookies

Domain/Path Name / Value
secure.actblue.com/cf/assets/app-css Name: skip_prefill_check
Value: true
secure.actblue.com/contribute/page Name: skip_prefill_check
Value: true
secure.actblue.com/cf/assets/app Name: skip_prefill_check
Value: true
secure.actblue.com/cf/assets Name: skip_prefill_check
Value: true
.actblue.com/ Name: mp_1498bce7991dd9e45621a9bf2dbfa01b_mixpanel
Value: %7B%22distinct_id%22%3A%20%22%24device%3A18e02e37d9c363-0f28cd5af313c2-14313374-1d4c00-18e02e37d9c363%22%2C%22%24device_id%22%3A%20%2218e02e37d9c363-0f28cd5af313c2-14313374-1d4c00-18e02e37d9c363%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22__mps%22%3A%20%7B%7D%2C%22__mpso%22%3A%20%7B%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D%2C%22__mpus%22%3A%20%7B%7D%2C%22__mpa%22%3A%20%7B%7D%2C%22__mpu%22%3A%20%7B%7D%2C%22__mpr%22%3A%20%5B%5D%2C%22__mpap%22%3A%20%5B%5D%7D
.secure.actblue.com/ Name: _session_id
Value: 7321bdb5e42ad21759f1dde0bc89c01b
.paypal.com/ Name: tsrce
Value: smartcomponentnodeweb
.paypal.com/ Name: l7_az
Value: dcg14.slc
.paypal.com/ Name: ts
Value: vreXpYrS%3D1804053447%26vteXpYrS%3D1709447247%26vr%3D02e37f7b18e0a5504039da27fe36d392%26vt%3D02e37f7b18e0a5504039da27fe36d391%26vtyp%3Dnew
.paypal.com/ Name: ts_c
Value: vr%3D02e37f7b18e0a5504039da27fe36d392%26vt%3D02e37f7b18e0a5504039da27fe36d391
.google.com/ Name: NID
Value: 512=eqSpzDr08dNq-lXSMeHE2z0fe28sKE9ZRknP73NRLbJT2s3U47T858MWWau5MwiLU2L_d-8RHnDKHZmMVgShfUv-t9HzNgHgb1G1gXdacJ326bjaJEz6wO-9S59csu3jhZUbav5Og3fncKAAn4unzA-6lALjUXSxfdDAD_dgt-U
.actblue.com/ Name: __ssid
Value: f62f5b837a996f606e8c1a5ed55f6fe
secure.actblue.com/ Name: _dd_s
Value: logs=1&id=49dc1225-6204-4022-817d-a1a44a0e1716&created=1709445446906&expire=1709446346906

33 Console Messages

Source Level URL
Text
other warning URL: https://secure.actblue.com/contribute/page/DA-digital-2024q1?refcode2=jtk12030&amount=12&recurring=1&sc=a23632021&refcode=a23632021&code=a23632021&amounts=3%2C6%2C12%2C75%2C150%2C375&donor=N&abpage=DA&ask=3
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.actblue.com/contribute/page/DA-digital-2024q1?refcode2=jtk12030&amount=12&recurring=1&sc=a23632021&refcode=a23632021&code=a23632021&amounts=3%2C6%2C12%2C75%2C150%2C375&donor=N&abpage=DA&ask=3
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.actblue.com/contribute/page/DA-digital-2024q1?refcode2=jtk12030&amount=12&recurring=1&sc=a23632021&refcode=a23632021&code=a23632021&amounts=3%2C6%2C12%2C75%2C150%2C375&donor=N&abpage=DA&ask=3
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.actblue.com/contribute/page/DA-digital-2024q1?refcode2=jtk12030&amount=12&recurring=1&sc=a23632021&refcode=a23632021&code=a23632021&amounts=3%2C6%2C12%2C75%2C150%2C375&donor=N&abpage=DA&ask=3
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.actblue.com/contribute/page/DA-digital-2024q1?refcode2=jtk12030&amount=12&recurring=1&sc=a23632021&refcode=a23632021&code=a23632021&amounts=3%2C6%2C12%2C75%2C150%2C375&donor=N&abpage=DA&ask=3
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.actblue.com/contribute/page/DA-digital-2024q1?refcode2=jtk12030&amount=12&recurring=1&sc=a23632021&refcode=a23632021&code=a23632021&amounts=3%2C6%2C12%2C75%2C150%2C375&donor=N&abpage=DA&ask=3
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.actblue.com/contribute/page/DA-digital-2024q1?refcode2=jtk12030&amount=12&recurring=1&sc=a23632021&refcode=a23632021&code=a23632021&amounts=3%2C6%2C12%2C75%2C150%2C375&donor=N&abpage=DA&ask=3
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.actblue.com/contribute/page/DA-digital-2024q1?refcode2=jtk12030&amount=12&recurring=1&sc=a23632021&refcode=a23632021&code=a23632021&amounts=3%2C6%2C12%2C75%2C150%2C375&donor=N&abpage=DA&ask=3
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.actblue.com/contribute/page/DA-digital-2024q1?refcode2=jtk12030&amount=12&recurring=1&sc=a23632021&refcode=a23632021&code=a23632021&amounts=3%2C6%2C12%2C75%2C150%2C375&donor=N&abpage=DA&ask=3
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.actblue.com/contribute/page/DA-digital-2024q1?refcode2=jtk12030&amount=12&recurring=1&sc=a23632021&refcode=a23632021&code=a23632021&amounts=3%2C6%2C12%2C75%2C150%2C375&donor=N&abpage=DA&ask=3
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.actblue.com/contribute/page/DA-digital-2024q1?refcode2=jtk12030&amount=12&recurring=1&sc=a23632021&refcode=a23632021&code=a23632021&amounts=3%2C6%2C12%2C75%2C150%2C375&donor=N&abpage=DA&ask=3
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.actblue.com/contribute/page/DA-digital-2024q1?refcode2=jtk12030&amount=12&recurring=1&sc=a23632021&refcode=a23632021&code=a23632021&amounts=3%2C6%2C12%2C75%2C150%2C375&donor=N&abpage=DA&ask=3
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.actblue.com/contribute/page/DA-digital-2024q1?refcode2=jtk12030&amount=12&recurring=1&sc=a23632021&refcode=a23632021&code=a23632021&amounts=3%2C6%2C12%2C75%2C150%2C375&donor=N&abpage=DA&ask=3
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.actblue.com/contribute/page/DA-digital-2024q1?refcode2=jtk12030&amount=12&recurring=1&sc=a23632021&refcode=a23632021&code=a23632021&amounts=3%2C6%2C12%2C75%2C150%2C375&donor=N&abpage=DA&ask=3
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.actblue.com/contribute/page/DA-digital-2024q1?refcode2=jtk12030&amount=12&recurring=1&sc=a23632021&refcode=a23632021&code=a23632021&amounts=3%2C6%2C12%2C75%2C150%2C375&donor=N&abpage=DA&ask=3
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.actblue.com/contribute/page/DA-digital-2024q1?refcode2=jtk12030&amount=12&recurring=1&sc=a23632021&refcode=a23632021&code=a23632021&amounts=3%2C6%2C12%2C75%2C150%2C375&donor=N&abpage=DA&ask=3
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.actblue.com/contribute/page/DA-digital-2024q1?refcode2=jtk12030&amount=12&recurring=1&sc=a23632021&refcode=a23632021&code=a23632021&amounts=3%2C6%2C12%2C75%2C150%2C375&donor=N&abpage=DA&ask=3
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.actblue.com/contribute/page/DA-digital-2024q1?refcode2=jtk12030&amount=12&recurring=1&sc=a23632021&refcode=a23632021&code=a23632021&amounts=3%2C6%2C12%2C75%2C150%2C375&donor=N&abpage=DA&ask=3
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.actblue.com/contribute/page/DA-digital-2024q1?refcode2=jtk12030&amount=12&recurring=1&sc=a23632021&refcode=a23632021&code=a23632021&amounts=3%2C6%2C12%2C75%2C150%2C375&donor=N&abpage=DA&ask=3
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.actblue.com/contribute/page/DA-digital-2024q1?refcode2=jtk12030&amount=12&recurring=1&sc=a23632021&refcode=a23632021&code=a23632021&amounts=3%2C6%2C12%2C75%2C150%2C375&donor=N&abpage=DA&ask=3
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.actblue.com/contribute/page/DA-digital-2024q1?refcode2=jtk12030&amount=12&recurring=1&sc=a23632021&refcode=a23632021&code=a23632021&amounts=3%2C6%2C12%2C75%2C150%2C375&donor=N&abpage=DA&ask=3
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.actblue.com/contribute/page/DA-digital-2024q1?refcode2=jtk12030&amount=12&recurring=1&sc=a23632021&refcode=a23632021&code=a23632021&amounts=3%2C6%2C12%2C75%2C150%2C375&donor=N&abpage=DA&ask=3
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.actblue.com/contribute/page/DA-digital-2024q1?refcode2=jtk12030&amount=12&recurring=1&sc=a23632021&refcode=a23632021&code=a23632021&amounts=3%2C6%2C12%2C75%2C150%2C375&donor=N&abpage=DA&ask=3
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.actblue.com/contribute/page/DA-digital-2024q1?refcode2=jtk12030&amount=12&recurring=1&sc=a23632021&refcode=a23632021&code=a23632021&amounts=3%2C6%2C12%2C75%2C150%2C375&donor=N&abpage=DA&ask=3
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.actblue.com/contribute/page/DA-digital-2024q1?refcode2=jtk12030&amount=12&recurring=1&sc=a23632021&refcode=a23632021&code=a23632021&amounts=3%2C6%2C12%2C75%2C150%2C375&donor=N&abpage=DA&ask=3
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.actblue.com/contribute/page/DA-digital-2024q1?refcode2=jtk12030&amount=12&recurring=1&sc=a23632021&refcode=a23632021&code=a23632021&amounts=3%2C6%2C12%2C75%2C150%2C375&donor=N&abpage=DA&ask=3
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.actblue.com/contribute/page/DA-digital-2024q1?refcode2=jtk12030&amount=12&recurring=1&sc=a23632021&refcode=a23632021&code=a23632021&amounts=3%2C6%2C12%2C75%2C150%2C375&donor=N&abpage=DA&ask=3
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.actblue.com/contribute/page/DA-digital-2024q1?refcode2=jtk12030&amount=12&recurring=1&sc=a23632021&refcode=a23632021&code=a23632021&amounts=3%2C6%2C12%2C75%2C150%2C375&donor=N&abpage=DA&ask=3
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.actblue.com/contribute/page/DA-digital-2024q1?refcode2=jtk12030&amount=12&recurring=1&sc=a23632021&refcode=a23632021&code=a23632021&amounts=3%2C6%2C12%2C75%2C150%2C375&donor=N&abpage=DA&ask=3
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.actblue.com/contribute/page/DA-digital-2024q1?refcode2=jtk12030&amount=12&recurring=1&sc=a23632021&refcode=a23632021&code=a23632021&amounts=3%2C6%2C12%2C75%2C150%2C375&donor=N&abpage=DA&ask=3
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.actblue.com/contribute/page/DA-digital-2024q1?refcode2=jtk12030&amount=12&recurring=1&sc=a23632021&refcode=a23632021&code=a23632021&amounts=3%2C6%2C12%2C75%2C150%2C375&donor=N&abpage=DA&ask=3
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.actblue.com/contribute/page/DA-digital-2024q1?refcode2=jtk12030&amount=12&recurring=1&sc=a23632021&refcode=a23632021&code=a23632021&amounts=3%2C6%2C12%2C75%2C150%2C375&donor=N&abpage=DA&ask=3
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.actblue.com/contribute/page/DA-digital-2024q1?refcode2=jtk12030&amount=12&recurring=1&sc=a23632021&refcode=a23632021&code=a23632021&amounts=3%2C6%2C12%2C75%2C150%2C375&donor=N&abpage=DA&ask=3
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'none'; report-uri /system/csp_reports
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
actblue-indigo-uploads.s3.amazonaws.com
cdn.sift.com
hexagon-analytics.com
links.e.democraticgovernors.org
pay.google.com
play.google.com
proxy-service.actblue.com
secure.actblue.com
sessions.bugsnag.com
t.paypal.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
13.32.27.50
151.101.0.174
151.101.128.174
151.101.129.21
151.101.129.35
192.229.221.25
2600:1901:0:7a0b::
2a00:1450:4001:80f::2003
2a00:1450:4001:82b::200e
2a00:1450:4013:c08::5c
2a00:1450:4013:c1a::54
34.102.232.42
34.96.67.224
54.231.137.113
01be151e8b2400fa94badc23732da85de70d7ca9edc00a8ffcfc396d58ddacc9
0424441b67625860c858856f951c70ff8d6aceca2fe0e9742309b94803406a8a
0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0fa9c44b489a3a5b9ddd7c0c397de1fe68c214039214ebb5b7ed63a185e7e4c3
20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b
353c69a6c58e468c20c3f7b77f254072c68ced5a3322fddfe6f7c7cbbe41e3d9
3daa447ce725debe3b8cd56b75b1cd99584f7770f4aa4d202bf07e3688b6b202
44a90a91d10356b64e207f275b1f88731c597e85cc669ba59002e1dfb12fb392
48861b8e230660534b9a8264c24529f52cd67d0bab9a3ccdf2c3f0f6b8a5bd2b
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
52c205a15d889f91c7e3fe5fd248b9ac597cc6b6b35554d82a2cb36f10fe704f
56803186dbc600a28b8eefd0c4dd8b04f7bf96886cb873c0aaac588107efc1ce
5a4eea9070a9a439e1eabbb8943ad2d154bb7733029502e5d5c31c399e94c43e
5cc6b657ccde14a2122774ff293244c9e88eb49c8471b89726d1dc72583490df
5fd5ff50292c3713c3326145faadd2ad26f21e9880bc6ed9f3c1f4599a57ed9e
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
7247ab83a30fbd92bf8425aca87dbb9f3f44c1b7facc6f7fd80df157ea6b5e03
7c690a6ebb2eef51e8ccc66161b02197c22f388f1fc23c89e0f5c7b70e1eac50
9088e1b9c4abeed167870363fbeda2a5b1e140d4a5546f486239a64ff37648ec
9396d9ebcca3714c366bc70bc39a18a277f03a0d295b42305759a8221b8ba634
9efb3c3c478916f95dd26b4d6c664a5ff18cbb3df8da939c88b55a5abf0fc81e
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
cc940c92a2fd51e4ccfece176627dcec28595649497715b85f4d3fd64bd40dcd
e0d38886fe77a4f965380f314f56745ee497d565a4918afb98fc0f8823de25b6
e2f48cf4e201400af4754c5eb9dce2b71e49af68fb40fe92d11fd1102d2194a5
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
e7a17d448ce2deae2459d1ed87980c2f0f1cae0e5fb329f93d6fa953a9081c61
eeceb7602352429df0b0609b512b80016ba4b784756c66d7186ed693355ff687
eeedc1abe03200da1b9ad6c8d55cfc0c7a5f8c47e492d5826f64f3e719eacb76
f383d270511912b2da11555947cb3e6012e6375cb5f0d90493c25f6048169073
f4b9f0a092e60ff233ac096c0cb4890ed784a2a1f8c4a2dbdbb635afdf275149