Submitted URL: http://pull.xmr3.com/p/2417-323E/221622988/2166b8d0-22a2-485a-b9c4-f12e61a85685.html
Effective URL: https://guides.vote/candidate-quiz
Submission Tags: falconsandbox
Submission: On September 12 via api from US — Scanned from CA

Summary

This website contacted 10 IPs in 3 countries across 9 domains to perform 22 HTTP transactions. The main IP is 162.159.134.42, located in and belongs to CLOUDFLARENET, US. The main domain is guides.vote.
TLS certificate: Issued by WE1 on July 27th 2024. Valid for: 3 months.
This is the only time guides.vote was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 3 137.236.223.2 27495 (OPENTEXT-...)
7 162.159.134.42 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
4 6 2606:4700::68... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a03:2880:f01... 32934 (FACEBOOK)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
22 10
Apex Domain
Subdomains
Transfer
7 guides.vote
guides.vote
226 KB
6 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1314
21 KB
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 336
challenges.cloudflare.com — Cisco Umbrella Rank: 3877
53 KB
3 gstatic.com
fonts.gstatic.com
96 KB
3 xmr3.com
pull.xmr3.com
1 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
91 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
2 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
99 KB
22 9
Domain Requested by
7 guides.vote guides.vote
6 unpkg.com 4 redirects guides.vote
3 fonts.gstatic.com fonts.googleapis.com
3 challenges.cloudflare.com 1 redirects guides.vote
challenges.cloudflare.com
3 pull.xmr3.com 2 redirects
2 connect.facebook.net guides.vote
connect.facebook.net
2 fonts.googleapis.com guides.vote
1 www.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com guides.vote
1 cdnjs.cloudflare.com guides.vote
22 10

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
x.com
www.linkedin.com
ysa.org
Subject Issuer Validity Valid
pull.xmr3.com
Sectigo RSA Organization Validation Secure Server CA
2023-09-27 -
2024-10-27
a year crt.sh
guides.vote
WE1
2024-07-27 -
2024-10-25
3 months crt.sh
cdnjs.cloudflare.com
WE1
2024-07-31 -
2024-10-29
3 months crt.sh
upload.video.google.com
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
*.google-analytics.com
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-06-21 -
2024-09-19
3 months crt.sh
*.gstatic.com
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
challenges.cloudflare.com
WE1
2024-09-05 -
2024-12-04
3 months crt.sh

This page contains 2 frames:

Primary Page: https://guides.vote/candidate-quiz
Frame ID: 1BBB96253495F68F0EC696A8D6BEA838
Requests: 21 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/9xbbf/0x4AAAAAAAi2OrnZAXSTGPPD/auto/fbE/normal/auto/
Frame ID: 946DB39022D7599202A168DEACF30718
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Candidate Quiz - Guides.vote | Voters Guides

Page URL History Show full URLs

  1. http://pull.xmr3.com/p/2417-323E/221622988/2166b8d0-22a2-485a-b9c4-f12e61a85685.html HTTP 307
    https://pull.xmr3.com/p/2417-323E/221622988/2166b8d0-22a2-485a-b9c4-f12e61a85685.html HTTP 302
    https://pull.xmr3.com/cgi-bin/pull/DocPull/2417-323E/221622988/2166b8d0-22a2-485a-b9c4-f12e61a8568... HTTP 307
    http://pull.xmr3.com/p/2417-323E/221622988/2166b8d0-22a2-485a-b9c4-f12e61a85685.html HTTP 307
    https://pull.xmr3.com/p/2417-323E/221622988/2166b8d0-22a2-485a-b9c4-f12e61a85685.html HTTP 302
    https://pull.xmr3.com/cgi-bin/pull/DocPull/2417-323E/221622988/2166b8d0-22a2-485a-b9c4-f12e61a8568... Page URL
  2. https://guides.vote/candidate-quiz Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

22
Requests

86 %
HTTPS

80 %
IPv6

9
Domains

10
Subdomains

10
IPs

3
Countries

588 kB
Transfer

1811 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://pull.xmr3.com/p/2417-323E/221622988/2166b8d0-22a2-485a-b9c4-f12e61a85685.html HTTP 307
    https://pull.xmr3.com/p/2417-323E/221622988/2166b8d0-22a2-485a-b9c4-f12e61a85685.html HTTP 302
    https://pull.xmr3.com/cgi-bin/pull/DocPull/2417-323E/221622988/2166b8d0-22a2-485a-b9c4-f12e61a85685.html HTTP 307
    http://pull.xmr3.com/p/2417-323E/221622988/2166b8d0-22a2-485a-b9c4-f12e61a85685.html HTTP 307
    https://pull.xmr3.com/p/2417-323E/221622988/2166b8d0-22a2-485a-b9c4-f12e61a85685.html HTTP 302
    https://pull.xmr3.com/cgi-bin/pull/DocPull/2417-323E/221622988/2166b8d0-22a2-485a-b9c4-f12e61a85685.html Page URL
  2. https://guides.vote/candidate-quiz Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://pull.xmr3.com/p/2417-323E/221622988/2166b8d0-22a2-485a-b9c4-f12e61a85685.html HTTP 307
  • https://pull.xmr3.com/p/2417-323E/221622988/2166b8d0-22a2-485a-b9c4-f12e61a85685.html HTTP 302
  • https://pull.xmr3.com/cgi-bin/pull/DocPull/2417-323E/221622988/2166b8d0-22a2-485a-b9c4-f12e61a85685.html HTTP 307
  • http://pull.xmr3.com/p/2417-323E/221622988/2166b8d0-22a2-485a-b9c4-f12e61a85685.html HTTP 307
  • https://pull.xmr3.com/p/2417-323E/221622988/2166b8d0-22a2-485a-b9c4-f12e61a85685.html HTTP 302
  • https://pull.xmr3.com/cgi-bin/pull/DocPull/2417-323E/221622988/2166b8d0-22a2-485a-b9c4-f12e61a85685.html
Request Chain 5
  • https://unpkg.com/@popperjs/core@2 HTTP 302
  • https://unpkg.com/@popperjs/core@2.11.8 HTTP 302
  • https://unpkg.com/@popperjs/core@2.11.8/dist/umd/popper.min.js
Request Chain 6
  • https://unpkg.com/tippy.js@6 HTTP 302
  • https://unpkg.com/tippy.js@6.3.7 HTTP 302
  • https://unpkg.com/tippy.js@6.3.7/dist/tippy-bundle.umd.min.js
Request Chain 8
  • https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit&ver=5.2.0 HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/g/7cf142fb2c1f/api.js

22 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
2166b8d0-22a2-485a-b9c4-f12e61a85685.html
pull.xmr3.com/cgi-bin/pull/DocPull/2417-323E/221622988/
Redirect Chain
  • http://pull.xmr3.com/p/2417-323E/221622988/2166b8d0-22a2-485a-b9c4-f12e61a85685.html
  • https://pull.xmr3.com/p/2417-323E/221622988/2166b8d0-22a2-485a-b9c4-f12e61a85685.html
  • https://pull.xmr3.com/cgi-bin/pull/DocPull/2417-323E/221622988/2166b8d0-22a2-485a-b9c4-f12e61a85685.html
  • http://pull.xmr3.com/p/2417-323E/221622988/2166b8d0-22a2-485a-b9c4-f12e61a85685.html
  • https://pull.xmr3.com/p/2417-323E/221622988/2166b8d0-22a2-485a-b9c4-f12e61a85685.html
  • https://pull.xmr3.com/cgi-bin/pull/DocPull/2417-323E/221622988/2166b8d0-22a2-485a-b9c4-f12e61a85685.html
194 B
576 B
Document
General
Full URL
https://pull.xmr3.com/cgi-bin/pull/DocPull/2417-323E/221622988/2166b8d0-22a2-485a-b9c4-f12e61a85685.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.236.223.2 , Canada, ASN27495 (OPENTEXT-NA-US-1, CA),
Reverse DNS
pull.xmr3.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Connection
Keep-Alive
Content-Security-Policy
frame-ancestors 'self';
Content-Type
text/html; charset=UTF-8
Content-disposition
inline;filename=2166b8d0-22a2-485a-b9c4-f12e61a85685.html
Content-length
194
Date
Thu, 12 Sep 2024 14:18:25 GMT
Keep-Alive
timeout=5, max=99
Server
Apache
Strict-Transport-Security
max-age=31536000; includeSubDomains

Redirect headers

Connection
Keep-Alive
Content-Length
288
Content-Security-Policy
frame-ancestors 'self';
Content-Type
text/html; charset=iso-8859-1
Date
Thu, 12 Sep 2024 14:18:25 GMT
Keep-Alive
timeout=5, max=100
Location
https://pull.xmr3.com/cgi-bin/pull/DocPull/2417-323E/221622988/2166b8d0-22a2-485a-b9c4-f12e61a85685.html
Server
Apache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Primary Request candidate-quiz
guides.vote/
113 KB
19 KB
Document
General
Full URL
https://guides.vote/candidate-quiz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.134.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67d83d42713ec17ccbae2b28481144fa27e007be9fdfb62241e29b04b209c14e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://pull.xmr3.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
BYPASS
cf-ray
8c20880a5cec39ff-YYZ
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 12 Sep 2024 14:19:15 GMT
ki-cache-type
Edge
ki-cf-cache-status
BYPASS
ki-edge
v=20.2.8;mv=3.1.0
ki-origin
g1p
link
<https://guides.vote/wp-json/>; rel="https://api.w.org/", <https://guides.vote/wp-json/wp/v2/pages/3709>; rel="alternate"; type="application/json", <https://guides.vote/?p=3709>; rel=shortlink
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AC%2F2%2BE%2F7tjLBzJfXWInZqDN07KlKMy0msuqi%2FVFZveMl8X58TmLugmQHzv%2FWy6mfJWdNDHTg6K3q%2Bkp3vPG6Xrzey11lqF1kVBFn3i7PZPkIr4MRATEbvwbMZLcF"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-edge-location-klb
1
x-kinsta-cache
MISS
autoptimize_38a712e720f72c43307f791190505655.css
guides.vote/wp-content/cache/autoptimize/css/
366 KB
52 KB
Stylesheet
General
Full URL
https://guides.vote/wp-content/cache/autoptimize/css/autoptimize_38a712e720f72c43307f791190505655.css
Requested by
Host: guides.vote
URL: https://guides.vote/candidate-quiz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.134.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
241c039ace75b10b70bef22f7242c9da79ba4f4c939c912370f849ab16a1f1ef
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://guides.vote/candidate-quiz
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 12 Sep 2024 14:19:15 GMT
content-encoding
br
ki-cache-tag
f7d791de-6316-4989-b892-5800195342d9,eb7c6c0f0bcd960e50a01436dbc493cf17ec6cea01d663ee8978ec2da6733445
cf-cache-status
MISS
ki-edge
v=20.2.8;mv=3.1.0
x-content-type-options
nosniff
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cache-tag
f7d791de-6316-4989-b892-5800195342d9,eb7c6c0f0bcd960e50a01436dbc493cf17ec6cea01d663ee8978ec2da6733445
ki-origin
g1p
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 12 Sep 2024 14:19:15 GMT
server
cloudflare
etag
W/"66e2f863-5b9c5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xqe9WtaUZb09AjjoF5rFYDEBIlbx1kYbK0Wh2v%2F2RGJMCUcF%2Bd15uWV3B370X6PpxUt1WYAL4iXxl8XhDH2DPxMZvtEXj3LKa1xOz%2FCIMbV210oVhqrElkNfHjmR"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=2592000
ki-cache-type
CDN
cf-ray
8c20880d8fa239ff-YYZ
ki-cf-cache-status
SAVING
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.min.js
guides.vote/wp-includes/js/jquery/
86 KB
33 KB
Script
General
Full URL
https://guides.vote/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: guides.vote
URL: https://guides.vote/candidate-quiz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.134.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://guides.vote/candidate-quiz
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 12 Sep 2024 14:19:15 GMT
content-encoding
br
ki-cache-tag
f7d791de-6316-4989-b892-5800195342d9,b213af328756243c18adabd000d0d9dede52958cb121150d7e7409a99c488f98
cf-cache-status
HIT
ki-edge
v=20.2.8;mv=3.1.0
x-content-type-options
nosniff
age
7246
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
ki-origin
g1p
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 06 Jan 2024 00:33:16 GMT
server
cloudflare
etag
W/"65989fcc-15601"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ELmx76XSuI3f%2BRdmiXAX5Cs7MZtC2Tjjit0gF9zBXMlV59ETe%2FNW5V6ufjAWkcTGKJOL%2B3YFOD5Tr02DA%2F%2Bu5Fqg43UWET0iMmQ8VAFG2SDNa9SvbqntHao1rOET"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=2592000
ki-cache-type
CDN
cf-ray
8c20880d8fa639ff-YYZ
ki-cf-cache-status
HIT
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
html2canvas.min.js
cdnjs.cloudflare.com/ajax/libs/html2canvas/1.3.4/
192 KB
37 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/html2canvas/1.3.4/html2canvas.min.js?ver=2.1
Requested by
Host: guides.vote
URL: https://guides.vote/candidate-quiz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba893425305488e76a3dae637e7d078a8005b9c53d66131cb428f2120cfa0336
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://guides.vote/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 12 Sep 2024 14:19:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
83599
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
37253
last-modified
Wed, 29 Dec 2021 19:35:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"61ccb892-9185"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EeCCzN%2FRcyHcFyw4cglstftcE6YuhV055yjOZrrhKEEckC3cT%2FhOQtdsiIBfnKKH0BYBN4IQKxwXldGPmhtSO%2Fda%2FNIyYc06t9Xu%2B67dizrZhrHWAFnL2mYGA5AnEEoPMjxOTCWWXi1KjoB1f00c02am"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8c20880ecbe1abe8-YYZ
expires
Tue, 02 Sep 2025 14:19:15 GMT
css2
fonts.googleapis.com/
2 KB
918 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Cabin:wght@600;700&display=swap
Requested by
Host: guides.vote
URL: https://guides.vote/candidate-quiz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8cab2fb8e37545843a3fffc018c03bb8a2245cefb1266feb13d9a9607131d347
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://guides.vote/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 12 Sep 2024 14:19:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 12 Sep 2024 14:19:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 12 Sep 2024 14:19:15 GMT
popper.min.js
unpkg.com/@popperjs/core@2.11.8/dist/umd/
Redirect Chain
  • https://unpkg.com/@popperjs/core@2
  • https://unpkg.com/@popperjs/core@2.11.8
  • https://unpkg.com/@popperjs/core@2.11.8/dist/umd/popper.min.js
20 KB
9 KB
Script
General
Full URL
https://unpkg.com/@popperjs/core@2.11.8/dist/umd/popper.min.js
Requested by
Host: guides.vote
URL: https://guides.vote/candidate-quiz
Protocol
H2
Server
2606:4700::6811:f5cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c212f4b505a86352aed62b24a8f16f999f821ecbe6456c7f3c8a04bc87968782
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://guides.vote/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 12 Sep 2024 14:19:15 GMT
content-encoding
br
via
1.1 fly.io
cf-cache-status
HIT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
11731172
last-modified
Fri, 26 May 2023 17:27:16 GMT
fly-request-id
01HWNNXJ47GB6D4RAF3FY4XVJA-yyz
server
cloudflare
etag
"4e9a-hx1u8QcL02PqOQ4MjDhOR9zn84k"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8c20880fbdc4a1fc-YYZ

Redirect headers

date
Thu, 12 Sep 2024 14:19:15 GMT
content-encoding
br
via
1.1 fly.io
cf-cache-status
HIT
fly-request-id
01HWNNXHPBFK355XGX1BM5JK1G-yyz
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
11731173
server
cloudflare
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/@popperjs/core@2.11.8/dist/umd/popper.min.js
cache-control
public, max-age=31536000
cf-ray
8c20880f1d49a1fc-YYZ
tippy-bundle.umd.min.js
unpkg.com/tippy.js@6.3.7/dist/
Redirect Chain
  • https://unpkg.com/tippy.js@6
  • https://unpkg.com/tippy.js@6.3.7
  • https://unpkg.com/tippy.js@6.3.7/dist/tippy-bundle.umd.min.js
25 KB
12 KB
Script
General
Full URL
https://unpkg.com/tippy.js@6.3.7/dist/tippy-bundle.umd.min.js
Requested by
Host: guides.vote
URL: https://guides.vote/candidate-quiz
Protocol
H2
Server
2606:4700::6811:f5cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f0fe70eb26ccf28f6887a192e29d38dd7ef7c2f079a73304ad42ddc7bed37de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://guides.vote/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 12 Sep 2024 14:19:15 GMT
content-encoding
gzip
via
1.1 fly.io
cf-cache-status
HIT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
17003087
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HQRJ7GA31BGZ6GFMFMYW9095-yyz
server
cloudflare
etag
"6475-GJFZFDM34LwIzjC4uKWaXpNTNf4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8c20880f7d92a1fc-YYZ

Redirect headers

date
Thu, 12 Sep 2024 14:19:15 GMT
content-encoding
gzip
via
1.1 fly.io
cf-cache-status
HIT
fly-request-id
01HQRDF8K6W43T7NW6RKJ39H5R-yyz
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
17008075
server
cloudflare
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/tippy.js@6.3.7/dist/tippy-bundle.umd.min.js
cache-control
public, max-age=31536000
cf-ray
8c20880f2d4da1fc-YYZ
js
www.googletagmanager.com/gtag/
291 KB
99 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-50QYK1X677
Requested by
Host: guides.vote
URL: https://guides.vote/candidate-quiz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
085ef66ae83a86c1363130959e5a3762d596997717a2fcbddfd793df01093a19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://guides.vote/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 12 Sep 2024 14:19:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
101023
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 12 Sep 2024 14:19:16 GMT
api.js
challenges.cloudflare.com/turnstile/v0/g/7cf142fb2c1f/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit&ver=5.2.0
  • https://challenges.cloudflare.com/turnstile/v0/g/7cf142fb2c1f/api.js
45 KB
15 KB
Script
General
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/7cf142fb2c1f/api.js
Requested by
Host: guides.vote
URL: https://guides.vote/candidate-quiz
Protocol
H3
Server
2606:4700::6812:5f29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc9ca8b79b72a3bde8c8a0d5db84f0570b0a73b1b0e8fce1ae8470829933ae62

Request headers

Referer
https://guides.vote/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 12 Sep 2024 14:19:15 GMT
content-encoding
br
last-modified
Thu, 05 Sep 2024 16:35:58 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
cross-origin-resource-policy
cross-origin
cf-ray
8c20880f1f7838e5-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 12 Sep 2024 14:19:15 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-origin
*
location
/turnstile/v0/g/7cf142fb2c1f/api.js
cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=300, public
cross-origin-resource-policy
cross-origin
cf-ray
8c20880eaeffabf4-YYZ
alt-svc
h3=":443"; ma=86400
content-length
0
autoptimize_107914d3e34029daed65fb417caf3376.js
guides.vote/wp-content/cache/autoptimize/js/
190 KB
51 KB
Script
General
Full URL
https://guides.vote/wp-content/cache/autoptimize/js/autoptimize_107914d3e34029daed65fb417caf3376.js
Requested by
Host: guides.vote
URL: https://guides.vote/candidate-quiz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.134.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
031e8dec8b219e0e9cd54a3832ded29e116e9e5ac8d758f1ac1f2a088585c69d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://guides.vote/candidate-quiz
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 12 Sep 2024 14:19:16 GMT
content-encoding
br
ki-cache-tag
f7d791de-6316-4989-b892-5800195342d9,ee64e98e1d8014c19cdb1056dc967f75f93b6b7a166f098c564ce5ac9670cc63
cf-cache-status
MISS
ki-edge
v=20.2.8;mv=3.1.0
x-content-type-options
nosniff
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cache-tag
f7d791de-6316-4989-b892-5800195342d9,ee64e98e1d8014c19cdb1056dc967f75f93b6b7a166f098c564ce5ac9670cc63
ki-origin
g1p
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 12 Sep 2024 14:19:15 GMT
server
cloudflare
etag
W/"66e2f863-2f634"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4EBZAmrEKyr56rsOYV8ikhDxj%2F0MhMZCtVIil95BiBSUTk57VJxmDPhEGon4lNxiSrNB6WBu7OKXdOnlLcdqnLHY2UJ8tyMCa2fzLRCUYaiOqQR3DguTF5TJ7yfo"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=2592000
ki-cache-type
CDN
cf-ray
8c20881039daac25-YYZ
ki-cf-cache-status
SAVING
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
css2
fonts.googleapis.com/
7 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto+Slab:wght@100..900&family=Rubik:ital,wght@0,300..900;1,300..900&display=swap
Requested by
Host: guides.vote
URL: https://guides.vote/wp-content/cache/autoptimize/css/autoptimize_38a712e720f72c43307f791190505655.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c77cbebbfc0d3d64ac5d58992b6fb6a7e99fabb3a2b2bc07fa7a1dc5b7a54ca2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://guides.vote/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 12 Sep 2024 14:19:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 12 Sep 2024 14:19:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 12 Sep 2024 14:19:15 GMT
sdk.js
connect.facebook.net/en_US/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: guides.vote
URL: https://guides.vote/candidate-quiz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a2ac4950e27c7016fcd511c4562aa8f7a6bca8683f62564e4485878915d30d31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://guides.vote/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 12 Sep 2024 14:19:16 GMT
content-md5
68Cr6Q801H6GVggBNIpjOA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1688
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=70, rtx=0, c=23, mss=1232, tbw=5575, tp=10, tpl=0, uplat=0, ullat=-1
x-fb-debug
3Nd33TzBUuqYwD3Rr6bSQd6ktxhJR/U/hh7AnVJ81MJEvU8LqN49iqZN5UKvAyIl3IBdpz6TjasrcTS3ThPZuw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
e73964fe1505c6674fd606733453f9ec
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"73349d8494b8ecc564ad00977865a137"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
x-fb-optimizer
1
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Thu, 12 Sep 2024 14:23:42 GMT
vote-header-bg.jpg
guides.vote/wp-content/uploads/2022/03/
69 KB
70 KB
Image
General
Full URL
https://guides.vote/wp-content/uploads/2022/03/vote-header-bg.jpg
Requested by
Host: guides.vote
URL: https://guides.vote/candidate-quiz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.134.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6eeac097eb82ec1204ac0a855d205c5d9b05e66eaf1eba7b4e51684fe246625
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://guides.vote/candidate-quiz
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 12 Sep 2024 14:19:15 GMT
ki-cache-tag
f7d791de-6316-4989-b892-5800195342d9,593cf2cee8c8311b697ee164278930343d345b7e230306741255bee5e61e00f8
cf-cache-status
HIT
ki-edge
v=20.2.8;mv=3.1.0
x-content-type-options
nosniff
age
7246
cf-polished
origSize=70745
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
ki-origin
g1p
alt-svc
h3=":443"; ma=86400
content-length
70737
last-modified
Sun, 20 Mar 2022 16:30:39 GMT
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"623756af-11459"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YKMkqxr3hnmFP0ygAUahzrgT4k2MWt5qEXM6dWaRo3atBJJG1IXeVnNALLoQBmJ2QQ8Bb%2BKtSDo6cG9BaDopco3rGVs7YPO7HhCkzPn8OmX8ylI2TrH7UPGyP%2FLq"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=2592000
ki-cache-type
CDN
accept-ranges
bytes
cf-ray
8c2088106a0fac25-YYZ
ki-cf-cache-status
HIT
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2
fonts.gstatic.com/s/cabin/v27/
27 KB
28 KB
Font
General
Full URL
https://fonts.gstatic.com/s/cabin/v27/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Cabin:wght@600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dcb085ad0fca889c4a1b898ccc7458c5d586e5740e7b7bffe065ac6a5e247ada
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://guides.vote
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 11 Sep 2024 16:04:59 GMT
x-content-type-options
nosniff
age
80057
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28076
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:14:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 Sep 2025 16:04:59 GMT
BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v34/
34 KB
34 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Slab:wght@100..900&family=Rubik:ital,wght@0,300..900;1,300..900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a8e429611131e3fdc2018ec943a36100dbabb4aaa788c8dead6bdcf927917293
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://guides.vote
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 11 Sep 2024 16:49:56 GMT
x-content-type-options
nosniff
age
77360
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34328
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 01:54:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 Sep 2025 16:49:56 GMT
iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v28/
35 KB
35 KB
Font
General
Full URL
https://fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nBrXw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Slab:wght@100..900&family=Rubik:ital,wght@0,300..900;1,300..900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://guides.vote
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 11 Sep 2024 16:10:02 GMT
x-content-type-options
nosniff
age
79754
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35448
x-xss-protection
0
last-modified
Thu, 29 Jun 2023 16:14:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 Sep 2025 16:10:02 GMT
/
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/9xbbf/0x4AAAAAAAi2OrnZAXSTGPPD/auto/fbE/normal/auto/ Frame 946D
0
0
Document
General
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/9xbbf/0x4AAAAAAAi2OrnZAXSTGPPD/auto/fbE/normal/auto/
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit&ver=5.2.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:5f29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Referer
https://guides.vote/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8c2088134fcdb404-YYZ
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Thu, 12 Sep 2024 14:19:16 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
admin-ajax.php
guides.vote/wp-admin/
4 B
658 B
XHR
General
Full URL
https://guides.vote/wp-admin/admin-ajax.php?form_id=3&action=fluentform_step_form_get_data
Requested by
Host: guides.vote
URL: https://guides.vote/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.134.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://guides.vote/candidate-quiz
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 12 Sep 2024 14:19:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
ki-edge
v=20.2.8;mv=3.1.0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
ki-origin
g1p
x-kinsta-cache
BYPASS
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vRbLiNmKSBIWQJtkkl%2FsfShouiooK4hXuI3gQZs%2B07C4sO%2BWfhuMueOL%2F8YRASUWzkVvNtx4CgDys6%2FqTAFInX%2F6IiyMb1BK%2BVb9w2SY3MZydSPbjAWPTUUb6RIc"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, must-revalidate, max-age=0
ki-cache-type
None
cf-ray
8c2088124bc2ac25-YYZ
ki-cf-cache-status
BYPASS
x-robots-tag
noindex
x-edge-location-klb
1
expires
Wed, 11 Jan 1984 05:00:00 GMT
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-50QYK1X677&gtm=45je4990v869090120za200&_p=1726150755863&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=1687619378.1726150756&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1726150756&sct=1&seg=0&dl=https%3A%2F%2Fguides.vote%2Fcandidate-quiz&dr=https%3A%2F%2Fpull.xmr3.com%2F&dt=Candidate%20Quiz%20-%20Guides.vote%20%7C%20Voters%20Guides&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1670
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-50QYK1X677
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://guides.vote/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Sep 2024 14:19:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://guides.vote
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sdk.js
connect.facebook.net/en_US/
305 KB
89 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=305955f9b20e07f017687b0d7c6d782a
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3337afa106da9222c8a4d09643e1f51ef22e5e85034b796476b68cc65ad78f10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://guides.vote/
Origin
https://guides.vote
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 12 Sep 2024 14:19:17 GMT
content-md5
1FCmasKwezgL46Wc6exl9Q==
document-policy
force-load-at-top
x-fb-server-load
51
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
89218
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=21, rtx=0, c=14, mss=1392, tbw=2798, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug
UIPpO28kCHw0DKCxhqhQAKDc7umkTgV1nafwPdBEm8uHJ2dLKx+F4vfjwp1xweNXMUqL1ZFX9qsxBDVa6baQmw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
d3bcf877dbe9f745ad79c4980d42c94e
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"b4a37eb522bbcd9809b00cafcf27d16f"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
x-fb-optimizer
1
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Fri, 12 Sep 2025 12:42:02 GMT
favicon-32x32.png
guides.vote/wp-content/themes/guidesdotvote/assets/
555 B
1 KB
Other
General
Full URL
https://guides.vote/wp-content/themes/guidesdotvote/assets/favicon-32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.134.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7bd9f155d5db84f77cef03b79a02121c4c6f545064ee0608d26ff8f9eba77844
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://guides.vote/candidate-quiz
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 12 Sep 2024 14:19:17 GMT
ki-cache-tag
f7d791de-6316-4989-b892-5800195342d9,dc5f613a786a58f38d9096ffc273012ed8a16bea8c511c2cb69bb3ef3bdd3730
cf-cache-status
HIT
ki-edge
v=20.2.8;mv=3.1.0
x-content-type-options
nosniff
age
7247
cf-polished
origSize=901
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
ki-origin
g1p
alt-svc
h3=":443"; ma=86400
content-length
555
last-modified
Fri, 25 Mar 2022 20:50:48 GMT
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"623e2b28-385"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r4lTXxDxi1pMggW11P8lwq47Y%2BGSzSScE2GWFNvHHAinlzS0RKDUtV%2BiOjrUmgKOm%2BijpBd1Mphv2x48sn%2BaSk7xRyP7Jyv5qpmKfVrVZSwax8l4StSI6aF8qcfx"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=2592000
ki-cache-type
CDN
accept-ranges
bytes
cf-ray
8c20881939bdac25-YYZ
ki-cf-cache-status
HIT
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| jQuery object| guide_data function| html2canvas object| Popper function| tippy function| gtag object| dataLayer object| fluent_form_ff_form_instance_3_1 function| sfsi_processfurther object| fluentFormVars object| ffData object| sfsi_icon_ajax_object object| essb_settings object| turnstile function| showErrorSuc function| beForeLoad function| sfsi_make_popBox function| sfsi_stick_widget function| sfsi_float_widget function| sfsi_shuffle function| Shuffle function| sfsi_setCookie function| sfsfi_getCookie function| sfsi_hideFooter function| sfsihidemepopup object| initTop function| close_overlay function| sfsi_wechat_share function| sfsi_mobile_wechat_share function| sfsi_copy_text_parent_input function| sfsi_responsive_toggle function| createCookie function| sfsi_time_pop_up function| sfsi_social_pop_up function| sfsi_plugin_version function| sfsi_widget_set function| sfsi_pinterest_modal_images function| sfsi_pinterest_modal object| sfsi_functions_loaded function| sfsi_copyLink object| Modernizr function| Manipulator function| SFSI function| essb_ajax_subscribe object| essb function| essb_open_mailform function| essb_close_mailform function| essb_mailform_send function| essbasc_popup_show function| essbasc_popup_close function| fluentFormrecaptchaSuccessCallback function| ffValidationError object| ff_helper function| fluentFormApp function| essb_manualform_show function| essb_optin_locker_unlock object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| FB object| __buffer

2 Cookies

Domain/Path Name / Value
.guides.vote/ Name: _ga_50QYK1X677
Value: GS1.1.1726150756.1.0.1726150756.0.0.0
.guides.vote/ Name: _ga
Value: GA1.1.1687619378.1726150756

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
challenges.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
guides.vote
pull.xmr3.com
unpkg.com
www.google-analytics.com
www.googletagmanager.com
137.236.223.2
162.159.134.42
2606:4700::6811:180e
2606:4700::6811:f5cb
2606:4700::6812:5f29
2607:f8b0:4006:80e::200e
2607:f8b0:4006:81c::200a
2607:f8b0:4006:81d::2003
2607:f8b0:4006:824::2008
2a03:2880:f012:10c:face:b00c:0:3
031e8dec8b219e0e9cd54a3832ded29e116e9e5ac8d758f1ac1f2a088585c69d
085ef66ae83a86c1363130959e5a3762d596997717a2fcbddfd793df01093a19
241c039ace75b10b70bef22f7242c9da79ba4f4c939c912370f849ab16a1f1ef
3337afa106da9222c8a4d09643e1f51ef22e5e85034b796476b68cc65ad78f10
3f0fe70eb26ccf28f6887a192e29d38dd7ef7c2f079a73304ad42ddc7bed37de
47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445
67d83d42713ec17ccbae2b28481144fa27e007be9fdfb62241e29b04b209c14e
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
7bd9f155d5db84f77cef03b79a02121c4c6f545064ee0608d26ff8f9eba77844
8cab2fb8e37545843a3fffc018c03bb8a2245cefb1266feb13d9a9607131d347
a2ac4950e27c7016fcd511c4562aa8f7a6bca8683f62564e4485878915d30d31
a6eeac097eb82ec1204ac0a855d205c5d9b05e66eaf1eba7b4e51684fe246625
a8e429611131e3fdc2018ec943a36100dbabb4aaa788c8dead6bdcf927917293
ba893425305488e76a3dae637e7d078a8005b9c53d66131cb428f2120cfa0336
c212f4b505a86352aed62b24a8f16f999f821ecbe6456c7f3c8a04bc87968782
c77cbebbfc0d3d64ac5d58992b6fb6a7e99fabb3a2b2bc07fa7a1dc5b7a54ca2
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cc9ca8b79b72a3bde8c8a0d5db84f0570b0a73b1b0e8fce1ae8470829933ae62
dcb085ad0fca889c4a1b898ccc7458c5d586e5740e7b7bffe065ac6a5e247ada