urlscan.io logo urlscan.io
SecurityTrails logo

www.voteftw.com Open in urlscan Pro
52.17.119.105  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://vftw-ga.com/A1P?utm_term=4J9HE
Effective URL: https://www.voteftw.com/register?utm_campaign=ga_w1_i1&utm_source=SMS&utm_term=4J9HE
Submission: On June 18 via manual from SE — Scanned from SE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 4 countries across 12 domains to perform 17 HTTP transactions. The main IP is 52.17.119.105, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is www.voteftw.com.
TLS certificate: Issued by R3 on May 31st 2024. Valid for: 3 months.
This is the only time www.voteftw.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 18.208.85.101 14618 (AMAZON-AES)
1 1 216.239.36.54 15169 (GOOGLE)
1 52.17.119.105 16509 (AMAZON-02)
3 172.64.153.29 13335 (CLOUDFLAR...)
2 216.58.206.42 15169 (GOOGLE)
1 142.250.185.168 15169 (GOOGLE)
2 104.18.1.241 13335 (CLOUDFLAR...)
1 52.222.232.144 16509 (AMAZON-02)
2 157.240.252.13 32934 (FACEBOOK)
2 172.217.18.3 15169 (GOOGLE)
1 216.239.32.36 15169 (GOOGLE)
2 157.240.252.35 32934 (FACEBOOK)
17 10
1    18.208.85.101 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-85-101.compute-1.amazonaws.com
vftw-ga.com
1    216.239.36.54 (United States)

ASN15169 (GOOGLE, US)
us-central1-keen-electron-367615.cloudfunctions.net
1    52.17.119.105 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-119-105.eu-west-1.compute.amazonaws.com
www.voteftw.com
3    172.64.153.29 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
cdn.prod.website-files.com
2    216.58.206.42 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f10.1e100.net
ajax.googleapis.com
fonts.googleapis.com
1    142.250.185.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f8.1e100.net
www.googletagmanager.com
2    104.18.1.241 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.voteamerica.com
www.voteamerica.com
1    52.222.232.144 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-232-144.fra56.r.cloudfront.net
d3e54v103j8qbb.cloudfront.net
2    157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net
connect.facebook.net
2    172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f3.1e100.net
fonts.gstatic.com
1    216.239.32.36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    157.240.252.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra3.facebook.com
www.facebook.com
Apex Domain
Subdomains		 Transfer
3 website-files.com
cdn.prod.website-files.com — Cisco Umbrella Rank: 9424
32 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
3 KB
2 gstatic.com
fonts.gstatic.com
66 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 205
71 KB
2 voteamerica.com
cdn.voteamerica.com
www.voteamerica.com
8 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 457
fonts.googleapis.com — Cisco Umbrella Rank: 77
7 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2347
245 B
1 cloudfront.net
d3e54v103j8qbb.cloudfront.net
30 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
102 KB
1 voteftw.com
www.voteftw.com
2 KB
1 cloudfunctions.net
us-central1-keen-electron-367615.cloudfunctions.net
266 B
1 vftw-ga.com
vftw-ga.com
404 B
17 12
Domain Requested by
3 cdn.prod.website-files.com www.voteftw.com
2 www.facebook.com www.voteftw.com
2 fonts.gstatic.com fonts.googleapis.com
2 connect.facebook.net www.voteftw.com
connect.facebook.net
1 region1.google-analytics.com www.googletagmanager.com
1 www.voteamerica.com cdn.voteamerica.com
1 fonts.googleapis.com ajax.googleapis.com
1 d3e54v103j8qbb.cloudfront.net www.voteftw.com
1 cdn.voteamerica.com www.voteftw.com
1 www.googletagmanager.com www.voteftw.com
1 ajax.googleapis.com www.voteftw.com
1 www.voteftw.com
1 us-central1-keen-electron-367615.cloudfunctions.net 1 redirects
1 vftw-ga.com 1 redirects
17 14

This site contains no links.

Subject Issuer Validity Valid
www.voteftw.com
R3		 2024-05-31 -
2024-08-29		 3 months crt.sh
prod.website-files.com
GTS CA 1P5		 2024-04-26 -
2024-07-25		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
*.google-analytics.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
voteamerica.com
WE1		 2024-06-08 -
2024-09-06		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-03-27 -
2024-06-25		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.voteftw.com/register?utm_campaign=ga_w1_i1&utm_source=SMS&utm_term=4J9HE
Frame ID: A76553DA201BFD0E4011387FF8E0163C
Requests: 16 HTTP requests in this frame

Frame: https://www.voteamerica.com/embed/verify/?edition=standard&embed_id=kksvsifdald&embed_page_url=https%3A%2F%2Fwww.voteftw.com%2Fregister%3Futm_campaign%3Dga_w1_i1%26utm_source%3DSMS%26utm_term%3D4J9HE&subscriber=movement-labs&utm_campaign=ga_w1_i1&utm_source=SMS&utm_term=4J9HE
Frame ID: B1DCD60CF4071A559677D63AD7D81249
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Register to Vote | VoteFTW

Page URL History Show full URLs

  1. http://vftw-ga.com/A1P?utm_term=4J9HE HTTP 307
    https://vftw-ga.com/A1P?utm_term=4J9HE HTTP 307
    https://us-central1-keen-electron-367615.cloudfunctions.net/redir?alias=A1P&utm_campaign=ga_w1_i1&utm_source=SMS&domain_group=vftw-ga.co... HTTP 302
    https://www.voteftw.com/register?utm_campaign=ga_w1_i1&utm_source=SMS&utm_term=4J9HE Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

100 %
HTTPS

0 %
IPv6

12
Domains

14
Subdomains

10
IPs

4
Countries

323 kB
Transfer

903 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://vftw-ga.com/A1P?utm_term=4J9HE HTTP 307
    https://vftw-ga.com/A1P?utm_term=4J9HE HTTP 307
    https://us-central1-keen-electron-367615.cloudfunctions.net/redir?alias=A1P&utm_campaign=ga_w1_i1&utm_source=SMS&domain_group=vftw-ga.com&domain_name_dest=https%3A//www.voteftw.com/register&utm_term=4J9HE HTTP 302
    https://www.voteftw.com/register?utm_campaign=ga_w1_i1&utm_source=SMS&utm_term=4J9HE Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request register
www.voteftw.com/
Redirect Chain
  • http://vftw-ga.com/A1P?utm_term=4J9HE
  • https://vftw-ga.com/A1P?utm_term=4J9HE
  • https://us-central1-keen-electron-367615.cloudfunctions.net/redir?alias=A1P&utm_campaign=ga_w1_i1&utm_source=SMS&domain_group=vftw-ga.com&domain_name_dest=https%3A//www.voteftw.com/register&utm_ter...
  • https://www.voteftw.com/register?utm_campaign=ga_w1_i1&utm_source=SMS&utm_term=4J9HE
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.voteftw.com/register?utm_campaign=ga_w1_i1&utm_source=SMS&utm_term=4J9HE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.17.119.105 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-119-105.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
66ae686a71e18f934d8627ab9e3b2397b15bbd05b0e0a5ec29fad6c0124c0ecb

Request headers

Accept-Language
se-SE,se;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
318970
content-encoding
gzip
content-length
1926
content-type
text/html
date
Tue, 18 Jun 2024 07:51:16 GMT
vary
Accept-Encoding,x-wf-forwarded-proto
x-cache
HIT, HIT
x-cache-hits
4, 0
x-cluster-name
eu-west-1-prod-hosting-red
x-lambda-id
47cd2608-ab8d-42f4-b091-e08a4e9c3d79
x-served-by
cache-iad-kjyo7100117-IAD, cache-dub4331-DUB
x-timer
S1718697076.259412,VS0,VE1

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
gzip
content-length
231
content-type
text/html; charset=utf-8
date
Tue, 18 Jun 2024 07:51:15 GMT
function-execution-id
pnar23az4n7r
location
https://www.voteftw.com/register?utm_campaign=ga_w1_i1&utm_source=SMS&utm_term=4J9HE
server
Google Frontend
x-cloud-trace-context
60e6c780a95d0bf4dc9810026d6369b5
voteftw.webflow.5b3c1e0d2.min.css
cdn.prod.website-files.com/63ea85a21bd746f642f38ec1/css/ 		39 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/63ea85a21bd746f642f38ec1/css/voteftw.webflow.5b3c1e0d2.min.css
Requested by
Host: www.voteftw.com
URL: https://www.voteftw.com/register?utm_campaign=ga_w1_i1&utm_source=SMS&utm_term=4J9HE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9daf188668c713b5788d7ee995ebc01016a07c887e597dcf7cfe3caff518ee75

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.voteftw.com/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 07:51:16 GMT
content-encoding
gzip
x-amz-version-id
nkdrK6h6JGcMbM6OYMeoPdJTgQXZgIZ0
cf-cache-status
HIT
x-amz-request-id
QT4C72QJCZHNWZV8
age
3233
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
10083
x-amz-id-2
IZy+HwE+B0U5ThcrBvPiU2vKGOmgocFrD/meP4duB5Q6N0ROOISmWAa/erUcLfsUUzjs9jAbwuM=
last-modified
Mon, 03 Jun 2024 21:45:26 GMT
server
cloudflare
etag
"68d9a4940532239e130d83e1b9b5ed62"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
cf-ray
8959b1778ad12d65-ARN
expires
Wed, 19 Jun 2024 07:21:16 GMT
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Requested by
Host: www.voteftw.com
URL: https://www.voteftw.com/register?utm_campaign=ga_w1_i1&utm_source=SMS&utm_term=4J9HE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f10.1e100.net
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.voteftw.com/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 07:50:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Jun 2025 07:50:58 GMT
js
www.googletagmanager.com/gtag/ 		305 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-6N2HN7XQYW
Requested by
Host: www.voteftw.com
URL: https://www.voteftw.com/register?utm_campaign=ga_w1_i1&utm_source=SMS&utm_term=4J9HE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
55ef53d69883d90c182a1eecf220b7bfd6bcf2a16bc8c5b1dd8f7182e0318477
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.voteftw.com/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 07:51:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
104048
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 18 Jun 2024 07:51:16 GMT
tools.js
cdn.voteamerica.com/embed/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.voteamerica.com/embed/tools.js
Requested by
Host: www.voteftw.com
URL: https://www.voteftw.com/register?utm_campaign=ga_w1_i1&utm_source=SMS&utm_term=4J9HE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
431987c572763ec3efdfc1e082400381fa39936ef7a24c82b31bf20cfd11a674

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.voteftw.com/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 07:51:16 GMT
x-amz-version-id
izZjTLmY8ynZimxFOMl25CJshrjBBTol
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
1S0WRB610ZWGJH5A
age
3231
alt-svc
h3=":443"; ma=86400
x-amz-id-2
yrp+rQ28SrKTyhVkhSTEXsCT3En/nkC0Uux+MnS5TkcT5X+GB8JWrvnm6wEFYquJERIV/BIe23Q=
last-modified
Thu, 09 May 2024 00:09:05 GMT
server
cloudflare
etag
W/"9e4a4b28d27ca9cbda119fe8d8d82c69"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300
cf-ray
8959b178ca5a82c5-ARN
expires
Tue, 18 Jun 2024 07:56:16 GMT
jquery-3.5.1.min.dc5e7f18c8.js
d3e54v103j8qbb.cloudfront.net/js/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=63ea85a21bd746f642f38ec1
Requested by
Host: www.voteftw.com
URL: https://www.voteftw.com/register?utm_campaign=ga_w1_i1&utm_source=SMS&utm_term=4J9HE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.232.144 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-232-144.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.voteftw.com/
Origin
https://www.voteftw.com
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 04:44:35 GMT
content-encoding
br
via
1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
age
11202
x-amz-cf-pop
FRA56-P4
x-cache
Hit from cloudfront
last-modified
Mon, 20 Jul 2020 17:53:02 GMT
server
AmazonS3
etag
W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=84600, must-revalidate
vary
Accept-Encoding
x-amz-cf-id
2MvJCtVcqgaSikhRrrRbVnx-js2MZtXEl2oAiQsrxN128BvBBgJhvg==
webflow.a3f8540d2.js
cdn.prod.website-files.com/63ea85a21bd746f642f38ec1/js/ 		52 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/63ea85a21bd746f642f38ec1/js/webflow.a3f8540d2.js
Requested by
Host: www.voteftw.com
URL: https://www.voteftw.com/register?utm_campaign=ga_w1_i1&utm_source=SMS&utm_term=4J9HE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8612251691b39e8b01b4436c9da3bd4e20803fe2a3207874a37de86741aa9f6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.voteftw.com/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 07:51:16 GMT
content-encoding
gzip
x-amz-version-id
tljHw9RjfAobHI3lbQCNOjUGg0hwSd9D
cf-cache-status
HIT
x-amz-request-id
QT46FWWR52JY1KEP
age
3233
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
19247
x-amz-id-2
YFPcSs6Qg7l8r4OeTelKiAYqpsubnJfHUZ8dil2KTrMV9cpQ9WWgR7XN6fxROxFDJ8yKFAPNkdX+ncdOH6u2ToVzbeBPmkJN+8d7f+foq6E=
last-modified
Mon, 03 Jun 2024 21:45:26 GMT
server
cloudflare
etag
"da7cc8e4f0d22373a55e713b0d40998a"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
cf-ray
8959b1778ad52d65-ARN
expires
Wed, 19 Jun 2024 07:21:16 GMT
css
fonts.googleapis.com/ 		30 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f10.1e100.net
Software
ESF /
Resource Hash
468b3e9ad7eb860239ed3e6eba32e2e0ff79ee9c2bbf132f18a4d9c0809716e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.voteftw.com/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 18 Jun 2024 07:51:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 18 Jun 2024 07:31:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 18 Jun 2024 07:51:16 GMT
fbevents.js
connect.facebook.net/en_US/ 		219 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.voteftw.com
URL: https://www.voteftw.com/register?utm_campaign=ga_w1_i1&utm_source=SMS&utm_term=4J9HE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.voteftw.com/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 18 Jun 2024 07:51:16 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58024
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=53, rtx=0, c=12, mss=1380, tbw=2773, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
0x0Xm/HXyZWyB3ZI5j6ZZpnhQ/xBVvxUKlYkhYD1Dhd0XJb23p+R+LhubtKKaZzXgnP6mjLloq4Lk1PolmWaKA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f3.1e100.net
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://www.voteftw.com
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:16:13 GMT
x-content-type-options
nosniff
age
394503
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Jun 2025 18:16:13 GMT
JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
fonts.gstatic.com/s/montserrat/v26/ 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f3.1e100.net
Software
sffe /
Resource Hash
92443d06835a28423649bca60e6d755e4a1bd09638443196d58e0dd1f06c827f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://www.voteftw.com
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 13:36:16 GMT
x-content-type-options
nosniff
age
411300
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34288
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:52:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Jun 2025 13:36:16 GMT
/
www.voteamerica.com/embed/verify/ Frame B1DC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.voteamerica.com/embed/verify/?edition=standard&embed_id=kksvsifdald&embed_page_url=https%3A%2F%2Fwww.voteftw.com%2Fregister%3Futm_campaign%3Dga_w1_i1%26utm_source%3DSMS%26utm_term%3D4J9HE&subscriber=movement-labs&utm_campaign=ga_w1_i1&utm_source=SMS&utm_term=4J9HE
Requested by
Host: cdn.voteamerica.com
URL: https://cdn.voteamerica.com/embed/tools.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; form-action 'self'; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.visualwebsiteoptimizer.com app.vwo.com https://www.googletagmanager.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://bat.bing.com; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
se-SE,se;q=0.9;q=0.9
Referer
https://www.voteftw.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8959b1798c6d0d52-ARN
content-encoding
gzip
content-security-policy
base-uri 'self'; form-action 'self'; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.visualwebsiteoptimizer.com app.vwo.com https://www.googletagmanager.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://bat.bing.com; worker-src 'self' blob:;
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
credentialless
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Tue, 18 Jun 2024 07:51:17 GMT
last-modified
Mon, 17 Jun 2024 23:14:19 GMT
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
permissions-policy
geolocation=(), accelerometer=(), autoplay=(), camera=(), display-capture=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), usb=()
referrer-policy
strict-origin-when-cross-origin
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1718697077&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=uPdpPmKYELSdoANVP0Bp6PY58I498p59JIjTROSlRYU%3D"}]}
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1718697077&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=uPdpPmKYELSdoANVP0Bp6PY58I498p59JIjTROSlRYU%3D
server
cloudflare
strict-transport-security
max-age=31536000; includeSubdomains
vary
Accept-Encoding
via
1.1 vegur
x-content-type-options
nosniff
1435503684006275
connect.facebook.net/signals/config/ 		60 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1435503684006275?v=2.9.158&r=stable&domain=www.voteftw.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
a696bcf41b265eec9bce0a52ec990ed0c454b0bbfbf4e61b5de65db5161a98aa
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.voteftw.com/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 18 Jun 2024 07:51:17 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=60, rtx=0, c=62, mss=1380, tbw=63549, tp=-1, tpl=-1, uplat=174, ullat=0
pragma
public
x-fb-debug
0wSarTdVBk5xs/T3nFJi5EAlIpfoDghqr6obQnfGrQGiHWDcOtEy/rJIwuCMxGImBHjSiTNoXmM/daOo4nqDRQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
245 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-6N2HN7XQYW&gtm=45je46c0v9103032232za200&_p=1718697076520&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&gdid=dZGVlNj&cid=1176682607.1718697077&ul=se-se&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718697076&sct=1&seg=0&dl=https%3A%2F%2Fwww.voteftw.com%2Fregister%3Futm_campaign%3Dga_w1_i1%26utm_source%3DSMS%26utm_term%3D4J9HE&dt=Register%20to%20Vote%20%7C%20VoteFTW&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1661&_z=sendBeacon
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6N2HN7XQYW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.voteftw.com/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 18 Jun 2024 07:51:17 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.voteftw.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1435503684006275&ev=PageView&dl=https%3A%2F%2Fwww.voteftw.com%2Fregister%3Futm_campaign%3Dga_w1_i1%26utm_source%3DSMS%26utm_term%3D4J9HE&rl=&if=false&ts=1718697077098&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718697077097.748570914289230880&ler=empty&cdl=API_unavailable&it=1718697076839&coo=false&rqm=GET
Requested by
Host: www.voteftw.com
URL: https://www.voteftw.com/register?utm_campaign=ga_w1_i1&utm_source=SMS&utm_term=4J9HE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.voteftw.com/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
GOOD; q=0.7, rtt=68, rtx=0, c=10, mss=1380, tbw=2821, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 18 Jun 2024 07:51:17 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1435503684006275&ev=PageView&dl=https%3A%2F%2Fwww.voteftw.com%2Fregister%3Futm_campaign%3Dga_w1_i1%26utm_source%3DSMS%26utm_term%3D4J9HE&rl=&if=false&ts=1718697077098&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718697077097.748570914289230880&ler=empty&cdl=API_unavailable&it=1718697076839&coo=false&rqm=FGET
Requested by
Host: www.voteftw.com
URL: https://www.voteftw.com/register?utm_campaign=ga_w1_i1&utm_source=SMS&utm_term=4J9HE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.voteftw.com/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x31760b57f27b67d9","source_keys":["1","2"]},{"key_piece":"0x251b02c8f15192f8","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Tue, 18 Jun 2024 07:51:17 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7381747737482281535", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=59, rtx=0, c=14, mss=1380, tbw=3134, tp=-1, tpl=-1, uplat=292, ullat=0
pragma
no-cache
x-fb-debug
r/nskQSg6bJBGoZ8vvoKUb4VDihWMk5NPia9I+IjzM5Am9wUsu6lz8bkK1O2ZcFPk4wvo4D2Zf/QiOVAy3WegQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7381747737482281535"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
63ebbeb35faeffc9dac50c1a_favicon.ico
cdn.prod.website-files.com/63ea85a21bd746f642f38ec1/ 		5 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/63ea85a21bd746f642f38ec1/63ebbeb35faeffc9dac50c1a_favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dd079d61f234a54844d7c5c65b8c2c367d71e081430142ad5a9959b98392069

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.voteftw.com/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 07:51:18 GMT
x-amz-version-id
FAwsdpqPZkPAZ9VuaugErpX__r8lHwB.
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
TAG80EKXAJPBS5HE
age
1499
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
ANxjv34h9gjBGplLhW5ssMbc6DB59n2wVC7ZwX19hQwaV6O4sahKQgBRnm+2SgML+UEae4ErBa8=
last-modified
Tue, 14 Feb 2023 17:02:44 GMT
server
cloudflare
etag
W/"5d758149ba7c503c6c867deff2a9dd10"
vary
Accept-Encoding
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8959b181783a2d65-ARN
expires
Wed, 18 Jun 2025 07:51:18 GMT

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage object| WebFont function| gtag object| dataLayer function| fbq function| _fbq function| $ function| jQuery function| tram object| Webflow object| VoteAmerica object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

3 Cookies

Domain/Path Name / Value
.voteftw.com/ Name: _ga
Value: GA1.1.1176682607.1718697077
.voteftw.com/ Name: _ga_6N2HN7XQYW
Value: GS1.1.1718697076.1.0.1718697076.0.0.0
.voteftw.com/ Name: _fbp
Value: fb.1.1718697077097.748570914289230880

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.prod.website-files.com
cdn.voteamerica.com
connect.facebook.net
d3e54v103j8qbb.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
region1.google-analytics.com
us-central1-keen-electron-367615.cloudfunctions.net
vftw-ga.com
www.facebook.com
www.googletagmanager.com
www.voteamerica.com
www.voteftw.com
104.18.1.241
142.250.185.168
157.240.252.13
157.240.252.35
172.217.18.3
172.64.153.29
18.208.85.101
216.239.32.36
216.239.36.54
216.58.206.42
52.17.119.105
52.222.232.144
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
431987c572763ec3efdfc1e082400381fa39936ef7a24c82b31bf20cfd11a674
468b3e9ad7eb860239ed3e6eba32e2e0ff79ee9c2bbf132f18a4d9c0809716e3
55ef53d69883d90c182a1eecf220b7bfd6bcf2a16bc8c5b1dd8f7182e0318477
66ae686a71e18f934d8627ab9e3b2397b15bbd05b0e0a5ec29fad6c0124c0ecb
6dd079d61f234a54844d7c5c65b8c2c367d71e081430142ad5a9959b98392069
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
92443d06835a28423649bca60e6d755e4a1bd09638443196d58e0dd1f06c827f
9daf188668c713b5788d7ee995ebc01016a07c887e597dcf7cfe3caff518ee75
a696bcf41b265eec9bce0a52ec990ed0c454b0bbfbf4e61b5de65db5161a98aa
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b8612251691b39e8b01b4436c9da3bd4e20803fe2a3207874a37de86741aa9f6
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d