www.adems2021.vote Open in urlscan Pro
143.204.93.56 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://email.adems2021.vote/CL0/http:%2F%2Fwww.adems2021.vote%2Fad29/1/010101775aa2b71c-de8fde1f-c7f5-4fd8-ac7a-207ecf9cda53...
Effective URL:
https://www.adems2021.vote/ad29
Submission: On February 07 via manual (February 7th 2021, 12:36:38 pm UTC) from US

Summary HTTP 46 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 12 domains to perform 46 HTTP transactions. The main IP is 143.204.93.56, located in Seattle, United States and belongs to AMAZON-02, US. The main domain is www.adems2021.vote.
TLS certificate: Issued by Amazon on December 2nd 2020. Valid for: a year.

This is the only time www.adems2021.vote was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	44.239.162.32 44.239.162.32	16509 (AMAZON-02) (AMAZON-02)
1 7	143.204.93.56 143.204.93.56	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:7baf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
9 9	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
14	151.101.14.132 151.101.14.132	54113 (FASTLY) (FASTLY)
46	13

1 44.239.162.32 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-162-32.us-west-2.compute.amazonaws.com

email.adems2021.vote	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 143.204.93.56 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-93-56.fra50.r.cloudfront.net

www.adems2021.vote	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7baf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany) 9 redirects

ASN15169 (GOOGLE, US)

drive.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

doc-0g-28-docs.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
doc-08-7s-docs.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
doc-0c-5s-docs.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
doc-0g-10-docs.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

doc-0g-9s-docs.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
doc-0k-58-docs.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
doc-0s-74-docs.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
doc-04-4c-docs.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
doc-0g-bo-docs.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 151.101.14.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

b.basemaps.cartocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.basemaps.cartocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.basemaps.cartocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	cartocdn.com b.basemaps.cartocdn.com c.basemaps.cartocdn.com Failed a.basemaps.cartocdn.com Failed	132 KB
9	googleusercontent.com doc-0g-28-docs.googleusercontent.com doc-0g-9s-docs.googleusercontent.com doc-08-7s-docs.googleusercontent.com doc-0c-5s-docs.googleusercontent.com doc-0k-58-docs.googleusercontent.com doc-0s-74-docs.googleusercontent.com doc-04-4c-docs.googleusercontent.com doc-0g-10-docs.googleusercontent.com doc-0g-bo-docs.googleusercontent.com	7 MB
9	google.com 9 redirects drive.google.com	6 KB
8	adems2021.vote 2 redirects email.adems2021.vote www.adems2021.vote	298 KB
3	gstatic.com fonts.gstatic.com	39 KB
2	unpkg.com unpkg.com	42 KB
1	google-analytics.com www.google-analytics.com	344 B
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	13 KB
1	cloudflare.com cdnjs.cloudflare.com	7 KB
1	jquery.com code.jquery.com	24 KB
1	googletagmanager.com www.googletagmanager.com	52 KB
1	googleapis.com fonts.googleapis.com	1 KB
46	12

	Domain	Requested by
9	drive.google.com	9 redirects
7	www.adems2021.vote	1 redirects www.adems2021.vote
5	c.basemaps.cartocdn.com	www.adems2021.vote
5	b.basemaps.cartocdn.com	www.adems2021.vote
4	a.basemaps.cartocdn.com	www.adems2021.vote
3	fonts.gstatic.com	fonts.googleapis.com
2	unpkg.com	www.adems2021.vote
1	www.google-analytics.com	www.googletagmanager.com
1	doc-0g-bo-docs.googleusercontent.com	www.adems2021.vote
1	doc-0g-10-docs.googleusercontent.com	www.adems2021.vote
1	doc-04-4c-docs.googleusercontent.com	www.adems2021.vote
1	doc-0s-74-docs.googleusercontent.com	www.adems2021.vote
1	doc-0k-58-docs.googleusercontent.com	www.adems2021.vote
1	doc-0c-5s-docs.googleusercontent.com	www.adems2021.vote
1	doc-08-7s-docs.googleusercontent.com	www.adems2021.vote
1	doc-0g-9s-docs.googleusercontent.com	www.adems2021.vote
1	doc-0g-28-docs.googleusercontent.com	www.adems2021.vote
1	maxcdn.bootstrapcdn.com	www.adems2021.vote
1	cdnjs.cloudflare.com	www.adems2021.vote
1	code.jquery.com	www.adems2021.vote
1	www.googletagmanager.com	www.adems2021.vote
1	fonts.googleapis.com	www.adems2021.vote
1	email.adems2021.vote	1 redirects
46	23

This site contains links to these domains. Also see Links.

Domain
secure.actblue.com
leafletjs.com
openstreetmap.org
ourrevolution.com
rootsaction.org

Subject Issuer	Validity	Valid
adems2021.vote Amazon	`2020-12-02` - `2021-12-31`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-02` - `2021-08-02`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-22` - `2021-10-12`	a year	crt.sh
*.googleusercontent.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.basemaps.cartocdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-04-17` - `2021-04-16`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://www.adems2021.vote/ad29
Frame ID: EC8D37E7A0BF15AFC3DDE0E8A318F04D
Requests: 47 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://email.adems2021.vote/CL0/http:%2F%2Fwww.adems2021.vote%2Fad29/1/010101775aa2b71c-de8fde1f-c7f5-4f... HTTP 302
http://www.adems2021.vote/ad29 HTTP 301
https://www.adems2021.vote/ad29 Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

46
Requests

87 %
HTTPS

79 %
IPv6

12
Domains

23
Subdomains

13
IPs

3
Countries

7407 kB
Transfer

7901 kB
Size

2
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://secure.actblue.com/donate/california-democratic-party-progressive-caucus-pac-1
Title: Donate

Search URL Search Domain Scan URL

URL: https://leafletjs.com/
Title: Leaflet

Search URL Search Domain Scan URL

URL: https://openstreetmap.org/copyright
Title: OSM

Search URL Search Domain Scan URL

URL: https://ourrevolution.com/

Search URL Search Domain Scan URL

URL: https://rootsaction.org/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://email.adems2021.vote/CL0/http:%2F%2Fwww.adems2021.vote%2Fad29/1/010101775aa2b71c-de8fde1f-c7f5-4fd8-ac7a-207ecf9cda53-000000/68a_W2x_nYKPJYIZ_pxK1rEdJ-g9-LPhNdmD3Cu52kM=177 HTTP 302
http://www.adems2021.vote/ad29 HTTP 301
https://www.adems2021.vote/ad29 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://drive.google.com/uc?export=view&id=1Nw6LWhZTOx7NX6VAixkF96lLvZuWVvOa HTTP 302
https://doc-0g-28-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/h8ob9fkp0pi41asusif4a5dqensnct6i/1612701375000/03995782507978267373/*/1Nw6LWhZTOx7NX6VAixkF96lLvZuWVvOa?e=view

Request Chain 12

https://drive.google.com/uc?export=view&id=1_EFe-jlldRjfc4hsEp5OjZ3uR9s6OiFs HTTP 302
https://doc-0g-9s-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/55gtp4mon2203l5ovhg6eq1e8ks655p7/1612701375000/10465187299476585054/*/1_EFe-jlldRjfc4hsEp5OjZ3uR9s6OiFs?e=view

Request Chain 14

https://drive.google.com/uc?export=view&id=1HPDMKCkpIc3jr4ZgwHpBVp1VNgjKkae2 HTTP 302
https://doc-08-7s-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/oo4fv35skbtsohd347km85gtm2q51q54/1612701375000/00017783587367415170/*/1HPDMKCkpIc3jr4ZgwHpBVp1VNgjKkae2?e=view

Request Chain 15

https://drive.google.com/uc?export=view&id=1f1xU074twnoqDciANoKIZ-wLyska48MR HTTP 302
https://doc-0c-5s-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/lmoq1a7unqnm2nnrojanu11bp00a54uu/1612701375000/16669225861639965034/*/1f1xU074twnoqDciANoKIZ-wLyska48MR?e=view

Request Chain 16

https://drive.google.com/uc?export=view&id=1-02U1Vn51rSY69jXB9w-d__pVKuUjFjR HTTP 302
https://doc-0k-58-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/51ad2569t7rsum6uorl5l9rqklkmqobl/1612701375000/17276463617498242999/*/1-02U1Vn51rSY69jXB9w-d__pVKuUjFjR?e=view

Request Chain 17

https://drive.google.com/uc?export=view&id=1b9GrBe5hOarQJLunoqN2w4m_g_dDDRe- HTTP 302
https://doc-0s-74-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/lcarfrght67j2g15js2f01hipsht4ces/1612701375000/11269501100669391842/*/1b9GrBe5hOarQJLunoqN2w4m_g_dDDRe-?e=view

Request Chain 18

https://drive.google.com/uc?export=view&id=1biMajep1Dn6jt0Z0v548tDc6yWV3dMSg HTTP 302
https://doc-04-4c-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/dhp5ip6gqbj3092qbp6lllmpt0o1k942/1612701375000/00392329317454730202/*/1biMajep1Dn6jt0Z0v548tDc6yWV3dMSg?e=view

Request Chain 19

https://drive.google.com/uc?export=view&id=1DcImmKJgRjG73h7381MGQCkEXLR8IjCR HTTP 302
https://doc-0g-10-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/856m7qjvdta3vutr1oeaebce09jln1s2/1612701375000/06906721583205302484/*/1DcImmKJgRjG73h7381MGQCkEXLR8IjCR?e=view

Request Chain 20

https://drive.google.com/uc?export=view&id=1XM4-D1K_sHrGWuTgFbhZYzvO4L8oWPKU HTTP 302
https://doc-0g-bo-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/odf218ir468n05shs03urobk0bh8rvp1/1612701375000/14517811037590586247/*/1XM4-D1K_sHrGWuTgFbhZYzvO4L8oWPKU?e=view

46 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request ad29 Show response
www.adems2021.vote/
Redirect Chain

http://email.adems2021.vote/CL0/http:%2F%2Fwww.adems2021.vote%2Fad29/1/010101775aa2b71c-de8fde1f-c7f5-4fd8-ac7a-207ecf9cda53-000000/68a_W2x_nYKPJYIZ_pxK1rEdJ-g9-LPhNdmD3Cu52kM=177
http://www.adems2021.vote/ad29
https://www.adems2021.vote/ad29

59 KB
10 KB

3151ms
3073ms

Document
text/html

143.204.93.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.adems2021.vote/ad29
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.56 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-56.fra50.r.cloudfront.net
Software: /
Resource Hash: 2f08675199eb6fde03dbc60642e6a0f7e1eac2b0ef02847c4c6a6aa38bdb3e06

Request headers

:method: GET
:authority: www.adems2021.vote
:scheme: https
:path: /ad29
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
content-length: 10009
date: Sun, 07 Feb 2021 12:36:18 GMT
x-amzn-requestid: 8c340867-2005-43e1-ab85-f59068416896
content-encoding: gzip
x-amzn-remapped-content-length: 59999
x-amz-apigw-id: aX-97HeFPHcF7EQ=
x-amzn-trace-id: Root=1-601fdebf-5551c5bd5789a5fc3adc1a9a;Sampled=0
x-cache: Miss from cloudfront
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: f7hSAQ2zk7siqOy-wXqxkqCJ13pwZKzjHmucWozT4BYetjzr9DuV7Q==

Redirect headers

Server: CloudFront
Date: Sun, 07 Feb 2021 12:36:15 GMT
Content-Type: text/html
Content-Length: 183
Connection: keep-alive
Location: https://www.adems2021.vote/ad29
X-Cache: Redirect from cloudfront
Via: 1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: bIbk3_k0zNcMDq5_z412dY8FgfNEZZ3XxpkOiHtdQ4RPVHCH7yoDzg==

GET
H2 200 bootstrap.min.css
www.adems2021.vote/static/css/ 161 KB
24 KB 769ms
768ms Stylesheet
text/css 143.204.93.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.adems2021.vote/static/css/bootstrap.min.css
Requested by: Host: www.adems2021.vote
URL: https://www.adems2021.vote/ad29
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.56 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-56.fra50.r.cloudfront.net
Software: /
Resource Hash: ae62a9083efc3aa5f07570faed2d6a1decac8957322f358bcb28b4352fb2a183

Request headers

Referer: https://www.adems2021.vote/ad29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Feb 2021 12:36:18 GMT
content-encoding: gzip
etag: "1612064683.283238-164584-2502889826"
x-amzn-remapped-content-length: 164584
x-amzn-remapped-date: Sun, 07 Feb 2021 12:36:18 GMT
x-amz-cf-pop: FRA50-C1
x-amzn-requestid: 8ab21104-8d3c-4b3e-a32e-4b31ae0bf93d
x-cache: Miss from cloudfront
x-amz-apigw-id: aX--dHd6vHcFROQ=
content-length: 23730
last-modified: Sun, 31 Jan 2021 03:44:43 GMT
x-amzn-trace-id: Root=1-601fdec2-187702706c6bea1c38e0a014;Sampled=0
content-type: text/css; charset=utf-8
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: public, max-age=43200
accept-ranges: bytes
x-amz-cf-id: MaaNFUVD0VQjg5O1gHyZUtS0AGuY-rfuIZvIethdnGGhAmJOn9vJtg==
expires: Mon, 08 Feb 2021 00:36:18 GMT

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
1 KB 36ms
16ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Arvo&family=Montserrat:wght@400;600;900&display=swap

Requested by

Host: www.adems2021.vote
URL: https://www.adems2021.vote/ad29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5d9091e16d92d3fd21ffb6a875697875efd70e4ef7dc9c477e385b7ce8281969

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.adems2021.vote/ad29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 07 Feb 2021 12:36:18 GMT
server: ESF
date: Sun, 07 Feb 2021 12:36:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 07 Feb 2021 12:36:18 GMT

GET
H2 200 leaflet.css
unpkg.com/leaflet@1.6.0/dist/ 14 KB
3 KB 41ms
24ms Stylesheet
text/css 2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/leaflet@1.6.0/dist/leaflet.css

Requested by

Host: www.adems2021.vote
URL: https://www.adems2021.vote/ad29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4873060989924f8e92a321a0a38611ffd0252b5bdfddf7fce00abdc8ae2176a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.adems2021.vote/ad29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Feb 2021 12:36:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3746322
vary: Accept-Encoding
cf-request-id: 081e173f7a00002bcad8239000000001
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"37bc-eNGUkCb3bhCXe6sFt0PSpUCo4lU"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 49122a4dc94bc19c7d5718fee0f83fef
cache-control: public, max-age=31536000
cf-ray: 61dd27df2fe92bca-FRA

GET
H2 200 logo.svg
www.adems2021.vote/static/img/ 144 KB
110 KB 493ms
492ms Image
image/svg+xml 143.204.93.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.adems2021.vote/static/img/logo.svg
Requested by: Host: www.adems2021.vote
URL: https://www.adems2021.vote/ad29
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.56 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-56.fra50.r.cloudfront.net
Software: /
Resource Hash: 9313d60d623ec3e9511e038f2f916794c68308f3225e8a7d992b9cf7f9468ac4

Request headers

Referer: https://www.adems2021.vote/ad29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Feb 2021 12:36:18 GMT
content-encoding: gzip
etag: "1612064683.735977-147691-87625150"
x-amzn-remapped-content-length: 147691
x-amzn-remapped-date: Sun, 07 Feb 2021 12:36:18 GMT
x-amz-cf-pop: FRA50-C1
x-amzn-requestid: 42e3887a-1ab4-4208-aef6-e5c93d96f817
x-cache: Miss from cloudfront
x-amz-apigw-id: aX--aEuUPHcFy9w=
content-length: 111537
last-modified: Sun, 31 Jan 2021 03:44:43 GMT
x-amzn-trace-id: Root=1-601fdec2-749f615d4dc5b763537150bd;Sampled=0
content-type: image/svg+xml; charset=utf-8
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: public, max-age=43200
accept-ranges: bytes
x-amz-cf-id: VBE1IS7JAHY-fde5LsqHgwfbhH07NhVnQ3NQqxhun1YtX6nuVtq26w==
expires: Mon, 08 Feb 2021 00:36:18 GMT

GET
H2 200 our-revolution.png
www.adems2021.vote/static/img/ 89 KB
89 KB 726ms
725ms Image
image/png 143.204.93.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.adems2021.vote/static/img/our-revolution.png
Requested by: Host: www.adems2021.vote
URL: https://www.adems2021.vote/ad29
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.56 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-56.fra50.r.cloudfront.net
Software: /
Resource Hash: 4539e1806fa97305103d20cf35c33262ad8c7f99f7d99430914ae0241209d036

Request headers

Referer: https://www.adems2021.vote/ad29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Feb 2021 12:36:18 GMT
content-encoding: gzip
etag: "1612064683.2877429-90642-2790003164"
x-amzn-remapped-content-length: 90642
x-amzn-remapped-date: Sun, 07 Feb 2021 12:36:18 GMT
x-amz-cf-pop: FRA50-C1
x-amzn-requestid: 0408b4fc-b430-42ee-82b7-c85a4af2cb97
x-cache: Miss from cloudfront
x-amz-apigw-id: aX--dGtYPHcFWlQ=
content-length: 90141
last-modified: Sun, 31 Jan 2021 03:44:43 GMT
x-amzn-trace-id: Root=1-601fdec2-0757aa32731be7bc0e873870;Sampled=0
content-type: image/png
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: public, max-age=43200
accept-ranges: bytes
x-amz-cf-id: ouQ08ijnlGVaVYl67Bq7BF90oqXkG1xFK8NRmquS6yFdSU2REQIyEA==
expires: Mon, 08 Feb 2021 00:36:18 GMT

GET
H2 200 roots-action.png
www.adems2021.vote/static/img/ 64 KB
65 KB 761ms
760ms Image
image/png 143.204.93.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.adems2021.vote/static/img/roots-action.png
Requested by: Host: www.adems2021.vote
URL: https://www.adems2021.vote/ad29
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.56 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-56.fra50.r.cloudfront.net
Software: /
Resource Hash: f77884a3b576e541c8701c2f28fdc9c49d20f3f0831cabc7ffdfc65e90fd01b5

Request headers

Referer: https://www.adems2021.vote/ad29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Feb 2021 12:36:18 GMT
content-encoding: gzip
etag: "1612064683.2903879-65925-2181566692"
x-amzn-remapped-content-length: 65925
x-amzn-remapped-date: Sun, 07 Feb 2021 12:36:18 GMT
x-amz-cf-pop: FRA50-C1
x-amzn-requestid: 6db15941-e20c-4623-bb3b-b3e38c320d8e
x-cache: Miss from cloudfront
x-amz-apigw-id: aX--dGLWvHcFb4g=
content-length: 65508
last-modified: Sun, 31 Jan 2021 03:44:43 GMT
x-amzn-trace-id: Root=1-601fdec2-2164251849d003b670186943;Sampled=0
content-type: image/png
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: public, max-age=43200
accept-ranges: bytes
x-amz-cf-id: 8rCM4kHNfwz1Y5t6qb7rdaECrbK4YIw7T80NUE237ga9NkqfVE88lA==
expires: Mon, 08 Feb 2021 00:36:18 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 134 KB
52 KB 47ms
25ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CHLCXHJ5L7

Requested by

Host: www.adems2021.vote
URL: https://www.adems2021.vote/ad29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a2cade2fa16d057ed4aa195e7b3d1914920a7bea1096c6982be6355b8de71935

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.adems2021.vote/ad29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Feb 2021 12:36:18 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52705
x-xss-protection: 0
expires: Sun, 07 Feb 2021 12:36:18 GMT

GET
H2 200 jquery-3.2.1.slim.min.js Show response
code.jquery.com/ 68 KB
24 KB 28ms
10ms Script
application/javascript 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.slim.min.js
Requested by: Host: www.adems2021.vote
URL: https://www.adems2021.vote/ad29
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398

Request headers

Origin: https://www.adems2021.vote
Referer: https://www.adems2021.vote/ad29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Feb 2021 12:36:18 GMT
content-encoding: gzip
last-modified: Mon, 20 Mar 2017 19:01:15 GMT
server: nginx
etag: W/"58d026fb-10fdd"
vary: Accept-Encoding
x-hw: 1612701378.dop230.fr8.t,1612701378.cds210.fr8.hn,1612701378.cds257.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 23856

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/ 19 KB
7 KB 27ms
12ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js

Requested by

Host: www.adems2021.vote
URL: https://www.adems2021.vote/ad29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.adems2021.vote
Referer: https://www.adems2021.vote/ad29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Feb 2021 12:36:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3746327
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6157
cf-request-id: 081e173f7a000097ccc7ae3000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-4af4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zZMKx%2FE9bNlB2Ovey7RRNR5lbfoiADXpa%2BqUD7fD1XBUsHJrTtn8nJMJZEeDwkkj243uWg9dnM7x2jruiQ4d0gu56UsM0OVFYEk56W2FgExMPCbaAuUQJCwRgoCbFqxmlg%3D%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 61dd27df2a5097cc-FRA
expires: Fri, 28 Jan 2022 12:36:18 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ 48 KB
13 KB 26ms
8ms Script
text/javascript 2001:4de0:ac19::1:b:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

Requested by

Host: www.adems2021.vote
URL: https://www.adems2021.vote/ad29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.adems2021.vote
Referer: https://www.adems2021.vote/ad29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Feb 2021 12:36:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:33:52 GMT
etag: "1544639632"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 13105

GET
H2 200 leaflet.js Show response
unpkg.com/leaflet@1.6.0/dist/ 139 KB
39 KB 35ms
20ms Script
application/javascript 2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/leaflet@1.6.0/dist/leaflet.js

Requested by

Host: www.adems2021.vote
URL: https://www.adems2021.vote/ad29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cda11af090fd86b983db352266309382c9f441d8384f41ed2b19383346ccaca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.adems2021.vote/ad29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Feb 2021 12:36:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3746323
vary: Accept-Encoding
cf-request-id: 081e173f7a00002bcac0870000000001
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"22d09-HJo6tWuVO3o/u4lm8+IrxwxIyMk"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 217b73ba3a78f059f785f8ddd5c1fc04
cache-control: public, max-age=31536000
cf-ray: 61dd27df2fea2bca-FRA

GET
H2

200

1Nw6LWhZTOx7NX6VAixkF96lLvZuWVvOa
doc-0g-28-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/h8ob9fkp0pi41asusif4a5dqensnct6i/1612701375000/03995782507978267373/*/
Redirect Chain

https://drive.google.com/uc?export=view&id=1Nw6LWhZTOx7NX6VAixkF96lLvZuWVvOa
https://doc-0g-28-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/h8ob9fkp0pi41asusif4a5dqensnct6i/1612701375000/03995782507978267373/*/1Nw6LWhZTOx7NX6VAixkF96lLvZuWVvOa?e...

214 KB
214 KB

388ms
386ms

Image
image/jpeg

2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doc-0g-28-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/h8ob9fkp0pi41asusif4a5dqensnct6i/1612701375000/03995782507978267373/*/1Nw6LWhZTOx7NX6VAixkF96lLvZuWVvOa?e=view
Requested by: Host: www.adems2021.vote
URL: https://www.adems2021.vote/ad29
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 311f9fbabf46517bc775ada1fe90346be0577e2c9267eb4b72598e1231bdb406

Request headers

Referer: https://www.adems2021.vote/ad29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Feb 2021 12:36:19 GMT
access-control-allow-methods: GET,OPTIONS
server: UploadServer
access-control-allow-headers: Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, X-Goog-Sn-Metadata, X-Goog-Sn-PatientId, GData-Version, google-cloud-resource-prefix, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-Firebase-GMPID, X-Firebase-Auth-Token, X-Goog-Drive-Resource-Keys, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, X-Goog-Meeting-ABR, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Client-Data, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities
x-guploader-uploadid: ABg5-Uzva3hJh0QuUrKT0zosJplX6jNO8NOHwy4aIW6MyxnpJ48CCi-bMm3_NWg2buix33WDQd3ZAFn7r5mU7gRhwYtcQO25Pg
x-goog-hash: crc32c=XKAjgg==
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, max-age=0
access-control-allow-credentials: false
content-disposition: inline;filename="download - Glenn Glazer.jpg";filename*=UTF-8''download%20-%20Glenn%20Glazer.jpg
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 219108
expires: Sun, 07 Feb 2021 12:36:19 GMT

Redirect headers

pragma: no-cache
date: Sun, 07 Feb 2021 12:36:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
location: https://doc-0g-28-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/h8ob9fkp0pi41asusif4a5dqensnct6i/1612701375000/03995782507978267373/*/1Nw6LWhZTOx7NX6VAixkF96lLvZuWVvOa?e=view
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-nbzkUQngLtERM+bAygGu/w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1_EFe-jlldRjfc4hsEp5OjZ3uR9s6OiFs
doc-0g-9s-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/55gtp4mon2203l5ovhg6eq1e8ks655p7/1612701375000/10465187299476585054/*/
Redirect Chain

https://drive.google.com/uc?export=view&id=1_EFe-jlldRjfc4hsEp5OjZ3uR9s6OiFs
https://doc-0g-9s-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/55gtp4mon2203l5ovhg6eq1e8ks655p7/1612701375000/10465187299476585054/*/1_EFe-jlldRjfc4hsEp5OjZ3uR9s6OiFs?e...

882 KB
882 KB

446ms
444ms

Image
image/png

2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doc-0g-9s-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/55gtp4mon2203l5ovhg6eq1e8ks655p7/1612701375000/10465187299476585054/*/1_EFe-jlldRjfc4hsEp5OjZ3uR9s6OiFs?e=view
Requested by: Host: www.adems2021.vote
URL: https://www.adems2021.vote/ad29
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 135d2178c277fb6ea5dd3430b7d1105569c1bd569059b9ca6f1c30380f10c992

Request headers

Referer: https://www.adems2021.vote/ad29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Feb 2021 12:36:19 GMT
access-control-allow-methods: GET,OPTIONS
server: UploadServer
access-control-allow-headers: Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, X-Goog-Sn-Metadata, X-Goog-Sn-PatientId, GData-Version, google-cloud-resource-prefix, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-Firebase-GMPID, X-Firebase-Auth-Token, X-Goog-Drive-Resource-Keys, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, X-Goog-Meeting-ABR, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Client-Data, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities
x-guploader-uploadid: ABg5-UzCmSzAht-MrH16kqLGpIEkoZmFQtLQIk_B1bza_eFVeYEEkexayePQWNlC0P4F0aTbXgclmkjuXYvV8hHYAJw
x-goog-hash: crc32c=1V+7jw==
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=0
access-control-allow-credentials: false
content-disposition: inline;filename="Bitmap - Kyle Kelley.png";filename*=UTF-8''Bitmap%20-%20Kyle%20Kelley.png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 902774
expires: Sun, 07 Feb 2021 12:36:19 GMT

Redirect headers

pragma: no-cache
date: Sun, 07 Feb 2021 12:36:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
location: https://doc-0g-9s-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/55gtp4mon2203l5ovhg6eq1e8ks655p7/1612701375000/10465187299476585054/*/1_EFe-jlldRjfc4hsEp5OjZ3uR9s6OiFs?e=view
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-QB9azeiWLGpxddv0+IR2bQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 312
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 404 None
www.adems2021.vote/ 232 B
232 B 517ms
515ms Image
text/html 143.204.93.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.adems2021.vote/None
Requested by: Host: www.adems2021.vote
URL: https://www.adems2021.vote/ad29
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.56 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-56.fra50.r.cloudfront.net
Software: /
Resource Hash: 9177a352dcbf8875ebb2e22e682760d47faa4d77398add153dd7084e7568c5bc

Request headers

Referer: https://www.adems2021.vote/ad29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Feb 2021 12:36:19 GMT
content-encoding: gzip
x-amzn-remapped-content-length: 232
x-amz-cf-pop: FRA50-C1
x-amzn-requestid: c86f05c3-bb20-4264-b9a4-45e0458e7dc5
x-cache: Error from cloudfront
content-type: text/html
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
x-amzn-trace-id: Root=1-601fdec3-72993c3b6f63e20e417e1ba2;Sampled=0
x-amz-apigw-id: aX--kHmGPHcF7Ug=
content-length: 198
x-amz-cf-id: kW3bcRHPCK5jr4AgTvDWtAcRk-tsiwqzHEkbYuWv3HpfxjDflP881A==

GET
H2

200

1HPDMKCkpIc3jr4ZgwHpBVp1VNgjKkae2
doc-08-7s-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/oo4fv35skbtsohd347km85gtm2q51q54/1612701375000/00017783587367415170/*/
Redirect Chain

https://drive.google.com/uc?export=view&id=1HPDMKCkpIc3jr4ZgwHpBVp1VNgjKkae2
https://doc-08-7s-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/oo4fv35skbtsohd347km85gtm2q51q54/1612701375000/00017783587367415170/*/1HPDMKCkpIc3jr4ZgwHpBVp1VNgjKkae2?e...

27 KB
29 KB

294ms
273ms

Image
image/png

2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doc-08-7s-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/oo4fv35skbtsohd347km85gtm2q51q54/1612701375000/00017783587367415170/*/1HPDMKCkpIc3jr4ZgwHpBVp1VNgjKkae2?e=view
Requested by: Host: www.adems2021.vote
URL: https://www.adems2021.vote/ad29
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c87c3b55bd39c681c3261cab76cc1a2696164b6282158a89fc6c105106acc23e

Request headers

Referer: https://www.adems2021.vote/ad29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Feb 2021 12:36:19 GMT
access-control-allow-methods: GET,OPTIONS
server: UploadServer
access-control-allow-headers: Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, X-Goog-Sn-Metadata, X-Goog-Sn-PatientId, GData-Version, google-cloud-resource-prefix, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-Firebase-GMPID, X-Firebase-Auth-Token, X-Goog-Drive-Resource-Keys, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, X-Goog-Meeting-ABR, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Client-Data, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities
x-guploader-uploadid: ABg5-UxT_NZxkk40UscFKI-56ZqJfC_bNhy-lNI4FNBDmgpe6YiXZ857OFNRd4DRohzmuyD6-7yLSQYC9ebQ2ZuXfylYRUx-sw
x-goog-hash: crc32c=qJxZDA==
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=0
access-control-allow-credentials: false
content-disposition: inline;filename="arlene_haffa - Arlene Haffa.png";filename*=UTF-8''arlene_haffa%20-%20Arlene%20Haffa.png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27139
expires: Sun, 07 Feb 2021 12:36:19 GMT

Redirect headers

pragma: no-cache
date: Sun, 07 Feb 2021 12:36:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
location: https://doc-08-7s-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/oo4fv35skbtsohd347km85gtm2q51q54/1612701375000/00017783587367415170/*/1HPDMKCkpIc3jr4ZgwHpBVp1VNgjKkae2?e=view
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-TBF7vSJl1do/4s6YAWFaqw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 312
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1f1xU074twnoqDciANoKIZ-wLyska48MR
doc-0c-5s-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/lmoq1a7unqnm2nnrojanu11bp00a54uu/1612701375000/16669225861639965034/*/
Redirect Chain

https://drive.google.com/uc?export=view&id=1f1xU074twnoqDciANoKIZ-wLyska48MR
https://doc-0c-5s-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/lmoq1a7unqnm2nnrojanu11bp00a54uu/1612701375000/16669225861639965034/*/1f1xU074twnoqDciANoKIZ-wLyska48MR?e...

4 MB
4 MB

280ms
278ms

Image
image/jpeg

2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doc-0c-5s-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/lmoq1a7unqnm2nnrojanu11bp00a54uu/1612701375000/16669225861639965034/*/1f1xU074twnoqDciANoKIZ-wLyska48MR?e=view
Requested by: Host: www.adems2021.vote
URL: https://www.adems2021.vote/ad29
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b0a9f6e37a392ac68556ce3b6e53acd7df1e17606d6f30a50a05666c64b6ee32

Request headers

Referer: https://www.adems2021.vote/ad29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Feb 2021 12:36:19 GMT
access-control-allow-methods: GET,OPTIONS
server: UploadServer
access-control-allow-headers: Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, X-Goog-Sn-Metadata, X-Goog-Sn-PatientId, GData-Version, google-cloud-resource-prefix, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-Firebase-GMPID, X-Firebase-Auth-Token, X-Goog-Drive-Resource-Keys, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, X-Goog-Meeting-ABR, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Client-Data, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities
x-guploader-uploadid: ABg5-UwgPxgqeEpAhbiAoJwQCZ8ljYFtHkHY3Swqn0oFEzF-LF5nVegWugSTOBOU9XPturPvuul7zgzJlyceZfr2fpS9NDTc3A
x-goog-hash: crc32c=51EwgQ==
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, max-age=0
access-control-allow-credentials: false
content-disposition: inline;filename="cityHallClose up - Chris Krohn For City Council.jpg";filename*=UTF-8''cityHallClose%20up%20-%20Chris%20Krohn%20For%20City%20Council.jpg
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 07 Feb 2021 12:36:19 GMT

Redirect headers

pragma: no-cache
date: Sun, 07 Feb 2021 12:36:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
location: https://doc-0c-5s-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/lmoq1a7unqnm2nnrojanu11bp00a54uu/1612701375000/16669225861639965034/*/1f1xU074twnoqDciANoKIZ-wLyska48MR?e=view
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-z1kTCINJCoUZQIi9KF7NrA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1-02U1Vn51rSY69jXB9w-d__pVKuUjFjR
doc-0k-58-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/51ad2569t7rsum6uorl5l9rqklkmqobl/1612701375000/17276463617498242999/*/
Redirect Chain

https://drive.google.com/uc?export=view&id=1-02U1Vn51rSY69jXB9w-d__pVKuUjFjR
https://doc-0k-58-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/51ad2569t7rsum6uorl5l9rqklkmqobl/1612701375000/17276463617498242999/*/1-02U1Vn51rSY69jXB9w-d__pVKuUjFjR?e...

63 KB
64 KB

341ms
321ms

Image
image/jpeg

2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doc-0k-58-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/51ad2569t7rsum6uorl5l9rqklkmqobl/1612701375000/17276463617498242999/*/1-02U1Vn51rSY69jXB9w-d__pVKuUjFjR?e=view
Requested by: Host: www.adems2021.vote
URL: https://www.adems2021.vote/ad29
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 89f7b12de1a3e1c5b863a0db7767a79ec44cd3d6636c6ac3a7be4a69349f14fb

Request headers

Referer: https://www.adems2021.vote/ad29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Feb 2021 12:36:19 GMT
access-control-allow-methods: GET,OPTIONS
server: UploadServer
access-control-allow-headers: Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, X-Goog-Sn-Metadata, X-Goog-Sn-PatientId, GData-Version, google-cloud-resource-prefix, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-Firebase-GMPID, X-Firebase-Auth-Token, X-Goog-Drive-Resource-Keys, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, X-Goog-Meeting-ABR, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Client-Data, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities
x-guploader-uploadid: ABg5-UxA24LH1ofF3jnaPGqmWIIR3I5hXfc3NkVAed_la6VSku-uDt4fLj6V7JG1fUclKSPxchQB6jNRZ9DV9OIrJ1v_-SWsRQ
x-goog-hash: crc32c=70tAcQ==
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, max-age=0
access-control-allow-credentials: false
content-disposition: inline;filename="Rene' Post Office 2020 - AR BE.jpg";filename*=UTF-8''Rene%27%20Post%20Office%202020%20-%20AR%20BE.jpg
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64789
expires: Sun, 07 Feb 2021 12:36:19 GMT

Redirect headers

pragma: no-cache
date: Sun, 07 Feb 2021 12:36:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
location: https://doc-0k-58-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/51ad2569t7rsum6uorl5l9rqklkmqobl/1612701375000/17276463617498242999/*/1-02U1Vn51rSY69jXB9w-d__pVKuUjFjR?e=view
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-UrUrOet54OHGP8H8gxe+Xg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1b9GrBe5hOarQJLunoqN2w4m_g_dDDRe-
doc-0s-74-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/lcarfrght67j2g15js2f01hipsht4ces/1612701375000/11269501100669391842/*/
Redirect Chain

https://drive.google.com/uc?export=view&id=1b9GrBe5hOarQJLunoqN2w4m_g_dDDRe-
https://doc-0s-74-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/lcarfrght67j2g15js2f01hipsht4ces/1612701375000/11269501100669391842/*/1b9GrBe5hOarQJLunoqN2w4m_g_dDDRe-?e...

101 KB
102 KB

362ms
360ms

Image
image/jpeg

2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doc-0s-74-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/lcarfrght67j2g15js2f01hipsht4ces/1612701375000/11269501100669391842/*/1b9GrBe5hOarQJLunoqN2w4m_g_dDDRe-?e=view
Requested by: Host: www.adems2021.vote
URL: https://www.adems2021.vote/ad29
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 8decb436bbcff206f9d7011787405fd57273f6134bc9db599340b525ab743601

Request headers

Referer: https://www.adems2021.vote/ad29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Feb 2021 12:36:19 GMT
access-control-allow-methods: GET,OPTIONS
server: UploadServer
access-control-allow-headers: Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, X-Goog-Sn-Metadata, X-Goog-Sn-PatientId, GData-Version, google-cloud-resource-prefix, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-Firebase-GMPID, X-Firebase-Auth-Token, X-Goog-Drive-Resource-Keys, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, X-Goog-Meeting-ABR, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Client-Data, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities
x-guploader-uploadid: ABg5-Uzeut_zI2-_TjWnAchz7G4ERBF_fg2U3-3vB7oBrl4nhY_ikECnbidFfizYVNyDRGOi69-82cJErb_BRS9fCTFtlzhYcg
x-goog-hash: crc32c=eb3zHg==
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, max-age=0
access-control-allow-credentials: false
content-disposition: inline;filename="profheadshot - Tyller Williamson.jpg";filename*=UTF-8''profheadshot%20-%20Tyller%20Williamson.jpg
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103893
expires: Sun, 07 Feb 2021 12:36:19 GMT

Redirect headers

pragma: no-cache
date: Sun, 07 Feb 2021 12:36:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
location: https://doc-0s-74-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/lcarfrght67j2g15js2f01hipsht4ces/1612701375000/11269501100669391842/*/1b9GrBe5hOarQJLunoqN2w4m_g_dDDRe-?e=view
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-VPAWScmAZCDXXG1mOPX6bA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 312
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1biMajep1Dn6jt0Z0v548tDc6yWV3dMSg
doc-04-4c-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/dhp5ip6gqbj3092qbp6lllmpt0o1k942/1612701375000/00392329317454730202/*/
Redirect Chain

https://drive.google.com/uc?export=view&id=1biMajep1Dn6jt0Z0v548tDc6yWV3dMSg
https://doc-04-4c-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/dhp5ip6gqbj3092qbp6lllmpt0o1k942/1612701375000/00392329317454730202/*/1biMajep1Dn6jt0Z0v548tDc6yWV3dMSg?e...

95 KB
96 KB

408ms
407ms

Image
image/png

2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doc-04-4c-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/dhp5ip6gqbj3092qbp6lllmpt0o1k942/1612701375000/00392329317454730202/*/1biMajep1Dn6jt0Z0v548tDc6yWV3dMSg?e=view
Requested by: Host: www.adems2021.vote
URL: https://www.adems2021.vote/ad29
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7ca1c8eb38aebeda0d9a469e3a5ece2cf8b5c9a8eb2e86c27397265b8e847dc6

Request headers

Referer: https://www.adems2021.vote/ad29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Feb 2021 12:36:19 GMT
access-control-allow-methods: GET,OPTIONS
server: UploadServer
access-control-allow-headers: Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, X-Goog-Sn-Metadata, X-Goog-Sn-PatientId, GData-Version, google-cloud-resource-prefix, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-Firebase-GMPID, X-Firebase-Auth-Token, X-Goog-Drive-Resource-Keys, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, X-Goog-Meeting-ABR, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Client-Data, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities
x-guploader-uploadid: ABg5-Uxn3w7A8N4kSBojHTyVRTDgcaqUgr_cA-0MLPAPce_GMEiJjuoKsgF3IFpz8890CoCqP2MKUe7V7iqSNnIz4whkxSc65w
x-goog-hash: crc32c=YvJ2gQ==
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=0
access-control-allow-credentials: false
content-disposition: inline;filename="Screen Shot 2021-01-15 at 3.14.20 PM - Steph McGuinness.png";filename*=UTF-8''Screen%20Shot%202021-01-15%20at%203.14.20%20PM%20-%20Steph%20McGuinness.png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97620
expires: Sun, 07 Feb 2021 12:36:19 GMT

Redirect headers

pragma: no-cache
date: Sun, 07 Feb 2021 12:36:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
location: https://doc-04-4c-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/dhp5ip6gqbj3092qbp6lllmpt0o1k942/1612701375000/00392329317454730202/*/1biMajep1Dn6jt0Z0v548tDc6yWV3dMSg?e=view
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-Q7T1phGe2cbLUHNYQ0X/Tg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1DcImmKJgRjG73h7381MGQCkEXLR8IjCR
doc-0g-10-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/856m7qjvdta3vutr1oeaebce09jln1s2/1612701375000/06906721583205302484/*/
Redirect Chain

https://drive.google.com/uc?export=view&id=1DcImmKJgRjG73h7381MGQCkEXLR8IjCR
https://doc-0g-10-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/856m7qjvdta3vutr1oeaebce09jln1s2/1612701375000/06906721583205302484/*/1DcImmKJgRjG73h7381MGQCkEXLR8IjCR?e...

95 KB
95 KB

425ms
423ms

Image
image/jpeg

2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doc-0g-10-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/856m7qjvdta3vutr1oeaebce09jln1s2/1612701375000/06906721583205302484/*/1DcImmKJgRjG73h7381MGQCkEXLR8IjCR?e=view
Requested by: Host: www.adems2021.vote
URL: https://www.adems2021.vote/ad29
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7f184a2662d0344920f22808cc7de7872258aeb6c00bf334ecb2db7cc99d02ec

Request headers

Referer: https://www.adems2021.vote/ad29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Feb 2021 12:36:19 GMT
access-control-allow-methods: GET,OPTIONS
server: UploadServer
access-control-allow-headers: Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, X-Goog-Sn-Metadata, X-Goog-Sn-PatientId, GData-Version, google-cloud-resource-prefix, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-Firebase-GMPID, X-Firebase-Auth-Token, X-Goog-Drive-Resource-Keys, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, X-Goog-Meeting-ABR, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Client-Data, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities
x-guploader-uploadid: ABg5-UwkHNgHmh3v6HsdQNL1emmDTsrTr2GGuPECWrRZO6QMG61uqHgoE6nnTi1PoCZepKKMoQqU2I7Gl8aRFNxoMdI6Tr4g0w
x-goog-hash: crc32c=yX2Hiw==
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, max-age=0
access-control-allow-credentials: false
content-disposition: inline;filename="Ethan_Sanchez_AD29 - Ethan Sanchez.JPG";filename*=UTF-8''Ethan_Sanchez_AD29%20-%20Ethan%20Sanchez.JPG
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97173
expires: Sun, 07 Feb 2021 12:36:19 GMT

Redirect headers

pragma: no-cache
date: Sun, 07 Feb 2021 12:36:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
location: https://doc-0g-10-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/856m7qjvdta3vutr1oeaebce09jln1s2/1612701375000/06906721583205302484/*/1DcImmKJgRjG73h7381MGQCkEXLR8IjCR?e=view
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-8pi48UgQa3NPp8cNUqRYVA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1XM4-D1K_sHrGWuTgFbhZYzvO4L8oWPKU
doc-0g-bo-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/odf218ir468n05shs03urobk0bh8rvp1/1612701375000/14517811037590586247/*/
Redirect Chain

https://drive.google.com/uc?export=view&id=1XM4-D1K_sHrGWuTgFbhZYzvO4L8oWPKU
https://doc-0g-bo-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/odf218ir468n05shs03urobk0bh8rvp1/1612701375000/14517811037590586247/*/1XM4-D1K_sHrGWuTgFbhZYzvO4L8oWPKU?e...

762 KB
765 KB

216ms
215ms

Image
image/jpeg

2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doc-0g-bo-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/odf218ir468n05shs03urobk0bh8rvp1/1612701375000/14517811037590586247/*/1XM4-D1K_sHrGWuTgFbhZYzvO4L8oWPKU?e=view
Requested by: Host: www.adems2021.vote
URL: https://www.adems2021.vote/ad29
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 8632b37b07defdcefdc91fb94159cafd3703b982f0f9216b16f6ee577675c383

Request headers

Referer: https://www.adems2021.vote/ad29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Feb 2021 12:36:19 GMT
access-control-allow-methods: GET,OPTIONS
server: UploadServer
access-control-allow-headers: Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, X-Goog-Sn-Metadata, X-Goog-Sn-PatientId, GData-Version, google-cloud-resource-prefix, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-Firebase-GMPID, X-Firebase-Auth-Token, X-Goog-Drive-Resource-Keys, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, X-Goog-Meeting-ABR, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Client-Data, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities
x-guploader-uploadid: ABg5-UwfE0Mjm5dH8dS1bWzcilD-wGmCv_i4YVCSSp5KaYrpKTgdwGa6Z54mgtEp87QctU_1R_9YI8oZIRSj8k3nTmo
x-goog-hash: crc32c=Z8ynjw==
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, max-age=0
access-control-allow-credentials: false
content-disposition: inline;filename="IMG_0482 - Kate Daniels.jpeg";filename*=UTF-8''IMG_0482%20-%20Kate%20Daniels.jpeg
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 780707
expires: Sun, 07 Feb 2021 12:36:19 GMT

Redirect headers

pragma: no-cache
date: Sun, 07 Feb 2021 12:36:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
location: https://doc-0g-bo-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/odf218ir468n05shs03urobk0bh8rvp1/1612701375000/14517811037590586247/*/1XM4-D1K_sHrGWuTgFbhZYzvO4L8oWPKU?e=view
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-TnkP43D7toXQBMrxbv+2AA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v15/ 13 KB
13 KB 27ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Arvo&family=Montserrat:wght@400;600;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6de304c233a1b4d07424cb88ba16dc46fb015b3f659cdb2b2357e96af161082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.adems2021.vote
Referer: https://fonts.googleapis.com/css2?family=Arvo&family=Montserrat:wght@400;600;900&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 12:56:26 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:51 GMT
server: sffe
age: 257993
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13464
x-xss-protection: 0
expires: Fri, 04 Feb 2022 12:56:26 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v15/ 13 KB
13 KB 32ms
11ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Arvo&family=Montserrat:wght@400;600;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.adems2021.vote
Referer: https://fonts.googleapis.com/css2?family=Arvo&family=Montserrat:wght@400;600;900&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 17:21:22 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:14 GMT
server: sffe
age: 501297
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13708
x-xss-protection: 0
expires: Tue, 01 Feb 2022 17:21:22 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_epG3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v15/ 12 KB
12 KB 33ms
12ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_epG3gnD_vx3rCs.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Arvo&family=Montserrat:wght@400;600;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24d5585f2965f7d5080769a4286d580a98d722b18964b999ef6b87ba13c11f2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.adems2021.vote
Referer: https://fonts.googleapis.com/css2?family=Arvo&family=Montserrat:wght@400;600;900&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 04:25:45 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:14:10 GMT
server: sffe
age: 202234
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12504
x-xss-protection: 0
expires: Sat, 05 Feb 2022 04:25:45 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
344 B 33ms
14ms Other
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-CHLCXHJ5L7&gtm=2oe1r0&_p=1236103184&sr=1600x1200&ul=en-us&cid=1579455691.1612701379&_s=1&dl=https%3A%2F%2Fwww.adems2021.vote%2Fad29&dr=&dt=Assembly%20District%20%2329%20%2F%2F%20PDN%3A%20Progressive%20Delegates%20Network&sid=1612701379&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CHLCXHJ5L7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.adems2021.vote/ad29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 07 Feb 2021 12:36:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.adems2021.vote
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 24.png
b.basemaps.cartocdn.com/rastertiles/voyager_labels_under/6/10/ 14 KB
14 KB 206ms
121ms Image
image/png 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.basemaps.cartocdn.com/rastertiles/voyager_labels_under/6/10/24.png

Requested by

Host: www.adems2021.vote
URL: https://www.adems2021.vote/ad29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

84675c3358edc813ad3b03ed2dc1aaef1a7974d139df2d45ac5eedbd25f41f4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.adems2021.vote/ad29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
age: 277843
x-powered-by: Express
x-cache: HIT, MISS
content-length: 13886
etag: W/"363e-/fM1tTA0FRE9JJ/P2PKmNgauaRk"
x-served-by: cache-dca17777-DCA, cache-fra19171-FRA
last-modified: Wed, 28 Oct 2020 16:16:05 GMT
server: nginx
x-timer: S1612701379.429965,VS0,VE89
x-origin-server: bm-us-east-zzn6
date: Sun, 07 Feb 2021 12:36:19 GMT
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=15552000
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 1, 0

GET 24.png
c.basemaps.cartocdn.com/rastertiles/voyager_labels_under/6/11/ 0
0

GET
H2 200 25.png
c.basemaps.cartocdn.com/rastertiles/voyager_labels_under/6/10/ 6 KB
7 KB 117ms
32ms Image
image/png 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.basemaps.cartocdn.com/rastertiles/voyager_labels_under/6/10/25.png

Requested by

Host: www.adems2021.vote
URL: https://www.adems2021.vote/ad29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

f9e65d8b81f6f1dbceae19f6c73ad1b23e14fe16d4c5bde61247a49142ac6873

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.adems2021.vote/ad29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
age: 2247383
x-powered-by: Express
x-cache: HIT, HIT
content-length: 6414
etag: W/"190e-lv1scGdtn3ZuvCmf4Zc8HHaZm00"
x-served-by: cache-dca17721-DCA, cache-fra19167-FRA
last-modified: Wed, 28 Oct 2020 16:16:05 GMT
server: nginx
x-timer: S1612701379.428596,VS0,VE1
x-origin-server: bm-us-east-ts2f
date: Sun, 07 Feb 2021 12:36:19 GMT
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=15552000
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 1, 1

GET 25.png
a.basemaps.cartocdn.com/rastertiles/voyager_labels_under/6/11/ 0
0

GET 24.png
a.basemaps.cartocdn.com/rastertiles/voyager_labels_under/6/9/ 0
0

GET 24.png
a.basemaps.cartocdn.com/rastertiles/voyager_labels_under/6/12/ 0
0

GET 25.png
b.basemaps.cartocdn.com/rastertiles/voyager_labels_under/6/9/ 0
0

GET 25.png
b.basemaps.cartocdn.com/rastertiles/voyager_labels_under/6/12/ 0
0

GET
DATA 200
OK truncated
/ 26 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 199.png
c.basemaps.cartocdn.com/rastertiles/voyager_labels_under/9/82/ 14 KB
15 KB 36ms
33ms Image
image/png 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.basemaps.cartocdn.com/rastertiles/voyager_labels_under/9/82/199.png

Requested by

Host: www.adems2021.vote
URL: https://www.adems2021.vote/ad29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

49dec2ae92c036124b81ea36ab4c57117af643e1b9a354c797ed73bb7ecdf6e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.adems2021.vote/ad29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
age: 1146967
x-powered-by: Express
x-cache: HIT, HIT
content-length: 14724
etag: W/"3984-8UGgM0PjXcapkUaEUalMH0yGLqA"
x-served-by: cache-dca17720-DCA, cache-fra19167-FRA
last-modified: Wed, 28 Oct 2020 16:16:05 GMT
server: nginx
x-timer: S1612701380.615263,VS0,VE1
x-origin-server: bm-us-east-zzq9
date: Sun, 07 Feb 2021 12:36:19 GMT
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=15552000
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 199.png
a.basemaps.cartocdn.com/rastertiles/voyager_labels_under/9/83/ 15 KB
15 KB 35ms
32ms Image
image/png 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.basemaps.cartocdn.com/rastertiles/voyager_labels_under/9/83/199.png

Requested by

Host: www.adems2021.vote
URL: https://www.adems2021.vote/ad29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

2058020759479bdc2a116171068219e1c490093ff470ef0861784e091df9315d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.adems2021.vote/ad29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
age: 1140304
x-powered-by: Express
x-cache: HIT, HIT
content-length: 15149
etag: W/"3b2d-yKuO6fslFNpMUbL1q7Y9inXkLds"
x-served-by: cache-dca17766-DCA, cache-fra19168-FRA
last-modified: Wed, 28 Oct 2020 16:16:05 GMT
server: nginx
x-timer: S1612701380.615531,VS0,VE1
x-origin-server: bm-us-east-zzk4
date: Sun, 07 Feb 2021 12:36:19 GMT
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=15552000
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 198.png
b.basemaps.cartocdn.com/rastertiles/voyager_labels_under/9/82/ 26 KB
26 KB 36ms
34ms Image
image/png 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.basemaps.cartocdn.com/rastertiles/voyager_labels_under/9/82/198.png

Requested by

Host: www.adems2021.vote
URL: https://www.adems2021.vote/ad29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

ed72d61d281b8bdfc182d73207a8a05bfc32ba4e41ef240d9e474f0f2829e291

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.adems2021.vote/ad29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
age: 1474279
x-powered-by: Express
x-cache: HIT, HIT
content-length: 26639
etag: W/"680f-m1JcsYz1K9S9y7xCfELUGWvmzm4"
x-served-by: cache-dca17779-DCA, cache-fra19171-FRA
last-modified: Wed, 28 Oct 2020 16:16:05 GMT
server: nginx
x-timer: S1612701380.616277,VS0,VE1
x-origin-server: bm-us-east-zzn6
date: Sun, 07 Feb 2021 12:36:19 GMT
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=15552000
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 198.png
c.basemaps.cartocdn.com/rastertiles/voyager_labels_under/9/83/ 9 KB
9 KB 35ms
33ms Image
image/png 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.basemaps.cartocdn.com/rastertiles/voyager_labels_under/9/83/198.png

Requested by

Host: www.adems2021.vote
URL: https://www.adems2021.vote/ad29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

0528d094e38840f3a4a8652404e59aa40dbc46672ece717aa6541ba911077a80

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.adems2021.vote/ad29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
age: 1290784
x-powered-by: Express
x-cache: HIT, HIT
content-length: 9507
etag: W/"2523-Y2lPc8bTrJYLsbK3NQap5R5lmBk"
x-served-by: cache-dca17767-DCA, cache-fra19167-FRA
last-modified: Wed, 28 Oct 2020 16:16:05 GMT
server: nginx
x-timer: S1612701380.615321,VS0,VE1
x-origin-server: bm-us-east-zzq9
date: Sun, 07 Feb 2021 12:36:19 GMT
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=15552000
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 200.png
a.basemaps.cartocdn.com/rastertiles/voyager_labels_under/9/82/ 5 KB
6 KB 51ms
49ms Image
image/png 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.basemaps.cartocdn.com/rastertiles/voyager_labels_under/9/82/200.png

Requested by

Host: www.adems2021.vote
URL: https://www.adems2021.vote/ad29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

3d1c49594592819a5993d076536cbb27965fac15178c15b5fe75eb901955e093

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.adems2021.vote/ad29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
age: 1000386
x-powered-by: Express
x-cache: HIT, HIT
content-length: 5504
etag: W/"1580-GORWIZ0POYV5R9yNczjKaXWm7eI"
x-served-by: cache-dca17738-DCA, cache-fra19168-FRA
last-modified: Wed, 28 Oct 2020 16:16:05 GMT
server: nginx
x-timer: S1612701380.615695,VS0,VE1
x-origin-server: bm-us-east-zzkz
date: Sun, 07 Feb 2021 12:36:19 GMT
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=15552000
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 200.png
b.basemaps.cartocdn.com/rastertiles/voyager_labels_under/9/83/ 9 KB
9 KB 124ms
122ms Image
image/png 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.basemaps.cartocdn.com/rastertiles/voyager_labels_under/9/83/200.png

Requested by

Host: www.adems2021.vote
URL: https://www.adems2021.vote/ad29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

fff572c09d1640705e9cd6cb5bbb209260a045f1cd5d478cd51dba942f016354

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.adems2021.vote/ad29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
age: 340653
x-powered-by: Express
x-cache: HIT, MISS
content-length: 8869
etag: W/"22a5-SorRHAk4h2bgBcIwt3HzCWthspw"
x-served-by: cache-dca17776-DCA, cache-fra19171-FRA
last-modified: Wed, 28 Oct 2020 16:16:05 GMT
server: nginx
x-timer: S1612701380.616267,VS0,VE88
x-origin-server: bm-us-east-pm5z
date: Sun, 07 Feb 2021 12:36:19 GMT
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=15552000
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 8, 0

GET
H2 200 199.png
b.basemaps.cartocdn.com/rastertiles/voyager_labels_under/9/81/ 103 B
268 B 35ms
33ms Image
image/png 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.basemaps.cartocdn.com/rastertiles/voyager_labels_under/9/81/199.png

Requested by

Host: www.adems2021.vote
URL: https://www.adems2021.vote/ad29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

e62d600a8410345925294d5d8c565e36ef07e84a11598cb4531826df7b207ab4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.adems2021.vote/ad29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
age: 2118846
x-powered-by: Express
x-cache: HIT, HIT
content-length: 103
etag: W/"67-jmqcRpB7yxfjFb1M+gMTgsQfFOI"
x-served-by: cache-sin18026-SIN, cache-fra19171-FRA
last-modified: Wed, 28 Oct 2020 16:16:05 GMT
server: nginx
x-timer: S1612701380.616246,VS0,VE1
x-origin-server: bm-asia-southeast-zzmm
date: Sun, 07 Feb 2021 12:36:19 GMT
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=15552000
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 199.png
b.basemaps.cartocdn.com/rastertiles/voyager_labels_under/9/84/ 7 KB
8 KB 124ms
123ms Image
image/png 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.basemaps.cartocdn.com/rastertiles/voyager_labels_under/9/84/199.png

Requested by

Host: www.adems2021.vote
URL: https://www.adems2021.vote/ad29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

8a5a57c894c15e8fec77b9da0f1fe537ade37bca6837d11900c842437ece1af1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.adems2021.vote/ad29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
age: 247587
x-powered-by: Express
x-cache: HIT, MISS
content-length: 7446
etag: W/"1d16-sGP9LFSNL/9B4litWIUPC27lJMs"
x-served-by: cache-dca17764-DCA, cache-fra19171-FRA
last-modified: Wed, 28 Oct 2020 16:16:05 GMT
server: nginx
x-timer: S1612701380.616352,VS0,VE88
x-origin-server: bm-us-east-zws5
date: Sun, 07 Feb 2021 12:36:19 GMT
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=15552000
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 198.png
a.basemaps.cartocdn.com/rastertiles/voyager_labels_under/9/81/ 5 KB
5 KB 50ms
48ms Image
image/png 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.basemaps.cartocdn.com/rastertiles/voyager_labels_under/9/81/198.png

Requested by

Host: www.adems2021.vote
URL: https://www.adems2021.vote/ad29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

a1932c2d5ba78ad49b91f56c28de86d8e5afa252c16b1bcc2e5c51ce88fbba62

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.adems2021.vote/ad29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
age: 1638246
x-powered-by: Express
x-cache: HIT, HIT
content-length: 4954
etag: W/"135a-jaCrhxSIf6P4NzACQ5+pPQbC3ao"
x-served-by: cache-dca17763-DCA, cache-fra19168-FRA
last-modified: Wed, 28 Oct 2020 16:16:05 GMT
server: nginx
x-timer: S1612701380.615682,VS0,VE1
x-origin-server: bm-us-east-2t2j
date: Sun, 07 Feb 2021 12:36:19 GMT
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=15552000
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 198.png
a.basemaps.cartocdn.com/rastertiles/voyager_labels_under/9/84/ 10 KB
11 KB 55ms
53ms Image
image/png 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.basemaps.cartocdn.com/rastertiles/voyager_labels_under/9/84/198.png

Requested by

Host: www.adems2021.vote
URL: https://www.adems2021.vote/ad29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

8bcd770d86dbd7c77908f293b79a4df7b6f510e6b8b35340d3932068a61fff4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.adems2021.vote/ad29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
age: 247586
x-powered-by: Express
x-cache: HIT, HIT
content-length: 10690
etag: W/"29c2-mS0lvp9durtGZSzMZKbMnsScwNA"
x-served-by: cache-dca17732-DCA, cache-fra19168-FRA
last-modified: Wed, 28 Oct 2020 16:16:05 GMT
server: nginx
x-timer: S1612701380.615664,VS0,VE1
x-origin-server: bm-us-east-z0sn
date: Sun, 07 Feb 2021 12:36:19 GMT
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=15552000
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 200.png
c.basemaps.cartocdn.com/rastertiles/voyager_labels_under/9/81/ 103 B
250 B 47ms
46ms Image
image/png 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.basemaps.cartocdn.com/rastertiles/voyager_labels_under/9/81/200.png

Requested by

Host: www.adems2021.vote
URL: https://www.adems2021.vote/ad29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

e62d600a8410345925294d5d8c565e36ef07e84a11598cb4531826df7b207ab4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.adems2021.vote/ad29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
age: 1359554
x-powered-by: Express
x-cache: HIT, HIT
content-length: 103
etag: W/"67-jmqcRpB7yxfjFb1M+gMTgsQfFOI"
x-served-by: cache-dca17731-DCA, cache-fra19167-FRA
last-modified: Wed, 28 Oct 2020 16:16:05 GMT
server: nginx
x-timer: S1612701380.616861,VS0,VE1
x-origin-server: bm-us-east-zzk4
date: Sun, 07 Feb 2021 12:36:19 GMT
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=15552000
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 200.png
c.basemaps.cartocdn.com/rastertiles/voyager_labels_under/9/84/ 8 KB
8 KB 51ms
50ms Image
image/png 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.basemaps.cartocdn.com/rastertiles/voyager_labels_under/9/84/200.png

Requested by

Host: www.adems2021.vote
URL: https://www.adems2021.vote/ad29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

aca7e98ac56b9b91a54194e5d26b70d5641d0661aa582a64f1dadbd877a1683a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.adems2021.vote/ad29
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
age: 128701
x-powered-by: Express
x-cache: HIT, HIT
content-length: 7780
etag: W/"1e64-Ew7kQbUTYkuOK7HaAcM2mx6R1/E"
x-served-by: cache-dca17758-DCA, cache-fra19167-FRA
last-modified: Wed, 28 Oct 2020 16:16:05 GMT
server: nginx
x-timer: S1612701380.616848,VS0,VE1
x-origin-server: bm-us-east-xg6w
date: Sun, 07 Feb 2021 12:36:19 GMT
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=15552000
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 1, 1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: c.basemaps.cartocdn.com
URL: https://c.basemaps.cartocdn.com/rastertiles/voyager_labels_under/6/11/24.png

Domain: a.basemaps.cartocdn.com
URL: https://a.basemaps.cartocdn.com/rastertiles/voyager_labels_under/6/11/25.png

Domain: a.basemaps.cartocdn.com
URL: https://a.basemaps.cartocdn.com/rastertiles/voyager_labels_under/6/9/24.png

Domain: a.basemaps.cartocdn.com
URL: https://a.basemaps.cartocdn.com/rastertiles/voyager_labels_under/6/12/24.png

Domain: b.basemaps.cartocdn.com
URL: https://b.basemaps.cartocdn.com/rastertiles/voyager_labels_under/6/9/25.png

Domain: b.basemaps.cartocdn.com
URL: https://b.basemaps.cartocdn.com/rastertiles/voyager_labels_under/6/12/25.png

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.adems2021.vote/	1970-01-20 09:29:33	Name: _ga Value: GA1.1.1579455691.1612701379
			.adems2021.vote/	1970-01-20 09:29:33	Name: _ga_CHLCXHJ5L7 Value: GS1.1.1612701379.1.0.1612701379.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.basemaps.cartocdn.com
b.basemaps.cartocdn.com
c.basemaps.cartocdn.com
cdnjs.cloudflare.com
code.jquery.com
doc-04-4c-docs.googleusercontent.com
doc-08-7s-docs.googleusercontent.com
doc-0c-5s-docs.googleusercontent.com
doc-0g-10-docs.googleusercontent.com
doc-0g-28-docs.googleusercontent.com
doc-0g-9s-docs.googleusercontent.com
doc-0g-bo-docs.googleusercontent.com
doc-0k-58-docs.googleusercontent.com
doc-0s-74-docs.googleusercontent.com
drive.google.com
email.adems2021.vote
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
unpkg.com
www.adems2021.vote
www.google-analytics.com
www.googletagmanager.com
a.basemaps.cartocdn.com
b.basemaps.cartocdn.com
c.basemaps.cartocdn.com
143.204.93.56
151.101.14.132
2001:4de0:ac19::1:b:2b
2001:4de0:ac19::1:b:3a
2606:4700::6810:125e
2606:4700::6810:7baf
2a00:1450:4001:800::2008
2a00:1450:4001:801::2003
2a00:1450:4001:802::2001
2a00:1450:4001:808::2001
2a00:1450:4001:80f::200a
2a00:1450:4001:80f::200e
2a00:1450:4001:813::200e
44.239.162.32
0528d094e38840f3a4a8652404e59aa40dbc46672ece717aa6541ba911077a80
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
135d2178c277fb6ea5dd3430b7d1105569c1bd569059b9ca6f1c30380f10c992
2058020759479bdc2a116171068219e1c490093ff470ef0861784e091df9315d
24d5585f2965f7d5080769a4286d580a98d722b18964b999ef6b87ba13c11f2b
2f08675199eb6fde03dbc60642e6a0f7e1eac2b0ef02847c4c6a6aa38bdb3e06
311f9fbabf46517bc775ada1fe90346be0577e2c9267eb4b72598e1231bdb406
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3d1c49594592819a5993d076536cbb27965fac15178c15b5fe75eb901955e093
4539e1806fa97305103d20cf35c33262ad8c7f99f7d99430914ae0241209d036
4873060989924f8e92a321a0a38611ffd0252b5bdfddf7fce00abdc8ae2176a3
49dec2ae92c036124b81ea36ab4c57117af643e1b9a354c797ed73bb7ecdf6e9
5d9091e16d92d3fd21ffb6a875697875efd70e4ef7dc9c477e385b7ce8281969
7ca1c8eb38aebeda0d9a469e3a5ece2cf8b5c9a8eb2e86c27397265b8e847dc6
7cda11af090fd86b983db352266309382c9f441d8384f41ed2b19383346ccaca
7f184a2662d0344920f22808cc7de7872258aeb6c00bf334ecb2db7cc99d02ec
84675c3358edc813ad3b03ed2dc1aaef1a7974d139df2d45ac5eedbd25f41f4b
8632b37b07defdcefdc91fb94159cafd3703b982f0f9216b16f6ee577675c383
89f7b12de1a3e1c5b863a0db7767a79ec44cd3d6636c6ac3a7be4a69349f14fb
8a5a57c894c15e8fec77b9da0f1fe537ade37bca6837d11900c842437ece1af1
8bcd770d86dbd7c77908f293b79a4df7b6f510e6b8b35340d3932068a61fff4c
8decb436bbcff206f9d7011787405fd57273f6134bc9db599340b525ab743601
9177a352dcbf8875ebb2e22e682760d47faa4d77398add153dd7084e7568c5bc
9313d60d623ec3e9511e038f2f916794c68308f3225e8a7d992b9cf7f9468ac4
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
a1932c2d5ba78ad49b91f56c28de86d8e5afa252c16b1bcc2e5c51ce88fbba62
a2cade2fa16d057ed4aa195e7b3d1914920a7bea1096c6982be6355b8de71935
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
a6de304c233a1b4d07424cb88ba16dc46fb015b3f659cdb2b2357e96af161082
aca7e98ac56b9b91a54194e5d26b70d5641d0661aa582a64f1dadbd877a1683a
ae62a9083efc3aa5f07570faed2d6a1decac8957322f358bcb28b4352fb2a183
b0a9f6e37a392ac68556ce3b6e53acd7df1e17606d6f30a50a05666c64b6ee32
c87c3b55bd39c681c3261cab76cc1a2696164b6282158a89fc6c105106acc23e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e62d600a8410345925294d5d8c565e36ef07e84a11598cb4531826df7b207ab4
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
ed72d61d281b8bdfc182d73207a8a05bfc32ba4e41ef240d9e474f0f2829e291
f77884a3b576e541c8701c2f28fdc9c49d20f3f0831cabc7ffdfc65e90fd01b5
f9e65d8b81f6f1dbceae19f6c73ad1b23e14fe16d4c5bde61247a49142ac6873
fff572c09d1640705e9cd6cb5bbb209260a045f1cd5d478cd51dba942f016354

www.adems2021.vote Open in urlscan Pro 143.204.93.56 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

46 Requests

87 %HTTPS

79 %IPv6

12 Domains

23 Subdomains

13 IPs

3 Countries

7407 kBTransfer

7901 kBSize

2 Cookies

5 Outgoing links

Page URL History

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

www.adems2021.vote Open in urlscan Pro
143.204.93.56 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

87 %
HTTPS

79 %
IPv6

12
Domains

23
Subdomains

13
IPs

3
Countries

7407 kB
Transfer

7901 kB
Size

2
Cookies

46 HTTP transactions
1 data transactions