secure.electionbuddy.com Open in urlscan Pro
3.98.35.78 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://secure.electionbuddy.com/DFLY-LY7K-36DH-4S39
Effective URL:
https://secure.electionbuddy.com/ballot/DFLY-LY7K-36DH-4S39
Submission: On April 19 via api (April 19th 2023, 4:36:47 pm UTC) from US — Scanned from CA

Summary HTTP 49 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 21 IPs in 3 countries across 17 domains to perform 49 HTTP transactions. The main IP is 3.98.35.78, located in Montreal, Canada and belongs to AMAZON-02, US. The main domain is secure.electionbuddy.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on February 27th 2023. Valid for: a year.

This is the only time secure.electionbuddy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 3	3.98.35.78 3.98.35.78	16509 (AMAZON-02) (AMAZON-02)
3	2607:f8b0:400... 2607:f8b0:4006:821::2008	15169 (GOOGLE) (GOOGLE)
6	2600:9000:21d... 2600:9000:21dd:b600:a:bda8:f140:21	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6812:1734	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	151.101.192.176 151.101.192.176	54113 (FASTLY) (FASTLY)
1	2607:f8b0:400... 2607:f8b0:4006:81c::200a	15169 (GOOGLE) (GOOGLE)
1	52.95.147.8 52.95.147.8	16509 (AMAZON-02) (AMAZON-02)
2	35.201.112.186 35.201.112.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:821::2003	15169 (GOOGLE) (GOOGLE)
1	142.251.41.2 142.251.41.2	15169 (GOOGLE) (GOOGLE)
5	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	2607:f8b0:400... 2607:f8b0:4006:81f::2002	15169 (GOOGLE) (GOOGLE)
2	216.24.57.253 216.24.57.253	397273 (RENDER) (RENDER)
3	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:38::181	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c1b::9d	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:822::2003	15169 (GOOGLE) (GOOGLE)
1 2	2607:f8b0:400... 2607:f8b0:4006:81c::2004	15169 (GOOGLE) (GOOGLE)
3	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
1	52.41.90.223 52.41.90.223	16509 (AMAZON-02) (AMAZON-02)
49	21

3 3.98.35.78 (Montreal, Canada) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-98-35-78.ca-central-1.compute.amazonaws.com

secure.electionbuddy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:821::2008 (New York, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:21dd:b600:a:bda8:f140:21 (United States)

ASN16509 (AMAZON-02, US)

d1uwtj227v01qd.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)

pro.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.192.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81c::200a (New York, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.95.147.8 (Montreal, Canada)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ca-central-1.amazonaws.com

electionbuddy.s3.ca-central-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.112.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:821::2003 (New York, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.41.2 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81f::2002 (New York, United States) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.24.57.253 (Sweden)

ASN397273 (RENDER, US)

grow.clearbitjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:38::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1b::9d (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:822::2003 (New York, United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81c::2004 (New York, United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.41.90.223 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-41-90-223.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	stripe.com js.stripe.com — Cisco Umbrella Rank: 2411 q.stripe.com — Cisco Umbrella Rank: 20152 m.stripe.com — Cisco Umbrella Rank: 2198	128 KB
6	cloudfront.net d1uwtj227v01qd.cloudfront.net	246 KB
5	bing.com bat.bing.com — Cisco Umbrella Rank: 519	13 KB
5	gstatic.com fonts.gstatic.com	100 KB
5	fullstory.com edge.fullstory.com — Cisco Umbrella Rank: 3131 rs.fullstory.com — Cisco Umbrella Rank: 3007	72 KB
3	google.ca www.google.ca — Cisco Umbrella Rank: 8003	626 B
3	google.com 1 redirects analytics.google.com — Cisco Umbrella Rank: 406 www.google.com — Cisco Umbrella Rank: 16	1 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 stats.g.doubleclick.net — Cisco Umbrella Rank: 166	3 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	212 KB
3	electionbuddy.com 2 redirects secure.electionbuddy.com	11 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 2669	17 KB
2	clearbitjs.com grow.clearbitjs.com — Cisco Umbrella Rank: 58579	1 KB
2	fontawesome.com pro.fontawesome.com — Cisco Umbrella Rank: 10344	166 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 187	2 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 91	260 B
1	amazonaws.com electionbuddy.s3.ca-central-1.amazonaws.com	32 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 119	1 KB
49	17

	Domain	Requested by
6	d1uwtj227v01qd.cloudfront.net	secure.electionbuddy.com d1uwtj227v01qd.cloudfront.net
5	bat.bing.com	www.googletagmanager.com bat.bing.com secure.electionbuddy.com
5	fonts.gstatic.com	fonts.googleapis.com
3	rs.fullstory.com	edge.fullstory.com
3	www.google.ca	secure.electionbuddy.com
3	q.stripe.com	secure.electionbuddy.com
3	js.stripe.com	secure.electionbuddy.com js.stripe.com
3	www.googletagmanager.com	secure.electionbuddy.com www.googletagmanager.com
3	secure.electionbuddy.com	2 redirects
2	www.google.com	1 redirects secure.electionbuddy.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	grow.clearbitjs.com	secure.electionbuddy.com
2	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
2	edge.fullstory.com	secure.electionbuddy.com edge.fullstory.com
2	pro.fontawesome.com	secure.electionbuddy.com pro.fontawesome.com
1	m.stripe.com	m.stripe.network
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.google-analytics.com	www.googletagmanager.com
1	electionbuddy.s3.ca-central-1.amazonaws.com	secure.electionbuddy.com
1	fonts.googleapis.com	secure.electionbuddy.com
49	22

This site contains links to these domains. Also see Links.

Domain
pmg.joynadmin.org
electionbuddy.com

Subject Issuer	Validity	Valid
secure.electionbuddy.com Amazon RSA 2048 M02	`2023-02-27` - `2024-03-27`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-22` - `2023-12-23`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-02-06` - `2023-05-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.s3.ca-central-1.amazonaws.com Amazon	`2022-09-21` - `2023-09-14`	a year	crt.sh
edge.fullstory.com GTS CA 1D4	`2023-03-31` - `2023-06-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
grow.clearbitjs.com R3	`2023-03-31` - `2023-06-29`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-14` - `2023-06-13`	4 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
rs.fullstory.com GTS CA 1D4	`2023-03-23` - `2023-06-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-28` - `2023-07-26`	4 months	crt.sh

This page contains 3 frames:

Primary Page: https://secure.electionbuddy.com/ballot/DFLY-LY7K-36DH-4S39
Frame ID: 077F63828C19BBEF44BBE4AB957F1677
Requests: 41 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: 4BB44C76654FEC8E5E87043CD7002887
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 0B1301DD071CF7A90CB3DEF0D428F4E8
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Online Voting Tool & Election Systems | ElectionBuddy

Page URL History Show full URLs

http://secure.electionbuddy.com/DFLY-LY7K-36DH-4S39 HTTP 301
https://secure.electionbuddy.com/DFLY-LY7K-36DH-4S39 HTTP 301
https://secure.electionbuddy.com/ballot/DFLY-LY7K-36DH-4S39 Page URL

Detected technologies

Stimulus (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-controller

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

49
Requests

98 %
HTTPS

57 %
IPv6

17
Domains

22
Subdomains

21
IPs

3
Countries

1005 kB
Transfer

3032 kB
Size

17
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://pmg.joynadmin.org/documents/1054/64308285a7bf924cc575dd12.pdf
Title: DOWNLOAD the 2019 version with recommended edits indicated:

Search URL Search Domain Scan URL

URL: https://electionbuddy.com/?utm_source=app&utm_medium=ballot&utm_campaign=voteId-250562
Title: ElectionBuddy Inc.

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://secure.electionbuddy.com/DFLY-LY7K-36DH-4S39 HTTP 301
https://secure.electionbuddy.com/DFLY-LY7K-36DH-4S39 HTTP 301
https://secure.electionbuddy.com/ballot/DFLY-LY7K-36DH-4S39 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/639009750/?random=253908717&cv=11&fst=1681922202472&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.electionbuddy.com%2Fballot%2FDFLY-LY7K-36DH-4S39&label=5D-yCLaPyL0DENaH2rAC&hn=www.googleadservices.com&frm=0&tiba=Online%20Voting%20Tool%20%26%20Election%20Systems%20%7C%20ElectionBuddy&value=0&auid=1674926262.1681922202&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=mhhAZO3sJY6tNam3oPgF&sscte=1&crd=&eitems=ChAI8KL-oQYQy5Srk46d1fwrEh0ALcxyxLJ_M7npledUCJu5rrLr4QSdtvvNtmD6jA&pscrd=Ek9DaEVJOEtMLW9RWVE0YlhFa1plamc5VEpBUkltQUNxU3hSeFFpckU5dDdTaGt0TEhuVlNvUXlyREJwMGl1MzhKaDVhbVJNeFR6dUVvak9ZGlpDaEVJOEtMLW9RWVE0NG4tdWFLc3dZM3FBUkl1QUZEVXBoV1Fqdm5Zdm9FOFRtYjFvWXl6LWtxbXVfMkJ0T05BVGw1b1lPVXdqOVhlSGlTMUk2RWw1ekJka2c HTTP 302
https://www.google.com/pagead/1p-conversion/639009750/?random=253908717&cv=11&fst=1681922202472&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.electionbuddy.com%2Fballot%2FDFLY-LY7K-36DH-4S39&label=5D-yCLaPyL0DENaH2rAC&hn=www.googleadservices.com&frm=0&tiba=Online%20Voting%20Tool%20%26%20Election%20Systems%20%7C%20ElectionBuddy&value=0&auid=1674926262.1681922202&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOEtMLW9RWVE0YlhFa1plamc5VEpBUkltQUNxU3hSeFFpckU5dDdTaGt0TEhuVlNvUXlyREJwMGl1MzhKaDVhbVJNeFR6dUVvak9ZGlpDaEVJOEtMLW9RWVE0NG4tdWFLc3dZM3FBUkl1QUZEVXBoV1Fqdm5Zdm9FOFRtYjFvWXl6LWtxbXVfMkJ0T05BVGw1b1lPVXdqOVhlSGlTMUk2RWw1ekJka2c&is_vtc=1&ocp_id=mhhAZO3sJY6tNam3oPgF&eitems=ChAI8KL-oQYQy5Srk46d1fwrEh0ALcxyxNNPlqrBnABlhVd10XeY-sGA0J5_JoHtfg&random=1916270608 HTTP 302
https://www.google.ca/pagead/1p-conversion/639009750/?random=253908717&cv=11&fst=1681922202472&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.electionbuddy.com%2Fballot%2FDFLY-LY7K-36DH-4S39&label=5D-yCLaPyL0DENaH2rAC&hn=www.googleadservices.com&frm=0&tiba=Online%20Voting%20Tool%20%26%20Election%20Systems%20%7C%20ElectionBuddy&value=0&auid=1674926262.1681922202&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOEtMLW9RWVE0YlhFa1plamc5VEpBUkltQUNxU3hSeFFpckU5dDdTaGt0TEhuVlNvUXlyREJwMGl1MzhKaDVhbVJNeFR6dUVvak9ZGlpDaEVJOEtMLW9RWVE0NG4tdWFLc3dZM3FBUkl1QUZEVXBoV1Fqdm5Zdm9FOFRtYjFvWXl6LWtxbXVfMkJ0T05BVGw1b1lPVXdqOVhlSGlTMUk2RWw1ekJka2c&is_vtc=1&ocp_id=mhhAZO3sJY6tNam3oPgF&eitems=ChAI8KL-oQYQy5Srk46d1fwrEh0ALcxyxNNPlqrBnABlhVd10XeY-sGA0J5_JoHtfg&random=1916270608&ipr=y&prhg=0

49 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request DFLY-LY7K-36DH-4S39 Show response
secure.electionbuddy.com/ballot/
Redirect Chain

http://secure.electionbuddy.com/DFLY-LY7K-36DH-4S39
https://secure.electionbuddy.com/DFLY-LY7K-36DH-4S39
https://secure.electionbuddy.com/ballot/DFLY-LY7K-36DH-4S39

49 KB
10 KB

1076ms
1076ms

Document
text/html

3.98.35.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.electionbuddy.com/ballot/DFLY-LY7K-36DH-4S39

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.98.35.78 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-98-35-78.ca-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

360950e3c8d1510c5dbd7c5faabd627afac064d4377efa1906a504936fa168f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-store
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 19 Apr 2023 16:36:42 GMT
etag: W/"360950e3c8d1510c5dbd7c5faabd627a"
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding Origin
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: 068e6106-f0a9-453d-968c-0e4775137267
x-runtime: 1.060282
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-cache
content-length: 125
content-type: text/html
date: Wed, 19 Apr 2023 16:36:40 GMT
location: https://secure.electionbuddy.com/ballot/DFLY-LY7K-36DH-4S39
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains
vary: Origin
x-request-id: 3e899cbe-e4fa-4732-874e-48ad31ed2fa3
x-runtime: 0.004133

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 135 KB
53 KB 108ms
61ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-37HC47X0HT

Requested by

Host: secure.electionbuddy.com
URL: https://secure.electionbuddy.com/ballot/DFLY-LY7K-36DH-4S39

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5b658d7432398a5e9e336c4780f077181acf5d9d0a96144712ccb3daf19fb8fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://secure.electionbuddy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 16:36:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53910
x-xss-protection: 0
last-modified: Wed, 19 Apr 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 19 Apr 2023 16:36:42 GMT

GET
H2 200 ballots-310a6de5aab38fe3f04a142a1672481bb7e369ca92795700c22f4b13a543ca8f.css
d1uwtj227v01qd.cloudfront.net/assets/ 167 KB
26 KB 79ms
18ms Stylesheet
text/css 2600:9000:21dd:b600:a:bda8:f140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1uwtj227v01qd.cloudfront.net/assets/ballots-310a6de5aab38fe3f04a142a1672481bb7e369ca92795700c22f4b13a543ca8f.css
Requested by: Host: secure.electionbuddy.com
URL: https://secure.electionbuddy.com/ballot/DFLY-LY7K-36DH-4S39
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21dd:b600:a:bda8:f140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: dff26a8ea0aba0efbc1393b7a0c2ba375757939f4a63e30bc946500948ea0983

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://secure.electionbuddy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 11:25:55 GMT
content-encoding: gzip
via: 1.1 17a3c2535aa705a7b5a80b78b876c79a.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: EWR53-C2
age: 1141847
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000, public
x-amz-cf-id: cVak0D1q9nPiL6L1-o3LRp9CmGPK3pVhW1ilk7ZZxadQYQfZxv2lhg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 all.css
pro.fontawesome.com/releases/v5.15.3/css/ 170 KB
32 KB 77ms
46ms Stylesheet
text/css 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.15.3/css/all.css
Requested by: Host: secure.electionbuddy.com
URL: https://secure.electionbuddy.com/ballot/DFLY-LY7K-36DH-4S39
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 839ce8e32e994f4fb4af526183b8f41ba67e47c7025746cc94e7e6a53d3d3453

Request headers

Referer: https://secure.electionbuddy.com/
Origin: https://secure.electionbuddy.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 16:36:42 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: HZM14HDNJEZTQHQM
age: 7269913
x-amz-id-2: im6vOKJFPBTEEi90/psw5NgesiSHZwwxKn0oEIbsFBmdHrsY6I9FRDWAbIbbPxyiWaV5w9lRxSg=
last-modified: Mon, 28 Jun 2021 17:21:37 GMT
server: cloudflare
etag: W/"a28e912c1a41becec7f68848d739d5c0"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: text/css
cache-control: max-age=31556926
cf-ray: 7ba691638ced33ee-YUL

GET
H2 200 ballots-ae93f70c9f0cbb93574fb6868e613f25b770d5416cf23ed37ff97be651191a03.js Show response
d1uwtj227v01qd.cloudfront.net/assets/ 138 KB
46 KB 102ms
42ms Script
application/javascript 2600:9000:21dd:b600:a:bda8:f140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1uwtj227v01qd.cloudfront.net/assets/ballots-ae93f70c9f0cbb93574fb6868e613f25b770d5416cf23ed37ff97be651191a03.js
Requested by: Host: secure.electionbuddy.com
URL: https://secure.electionbuddy.com/ballot/DFLY-LY7K-36DH-4S39
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21dd:b600:a:bda8:f140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: cf3808474586df8cfcd9ccabf320572d274e7ce181a0dcbda037d2f00bb84c37

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://secure.electionbuddy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 12:38:18 GMT
content-encoding: gzip
via: 1.1 17a3c2535aa705a7b5a80b78b876c79a.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: EWR53-C2
age: 1051104
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
x-amz-cf-id: 2frNhsxW0amfcRE9qIjvwntdsdUxdvfRvNNUZ-izgRzpxOqPXzhDoQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 select-20b85edb2d865d73ebc23d1cefe6f618fe3d56559c6d5de156f83c254fbb527c.js Show response
d1uwtj227v01qd.cloudfront.net/assets/ 72 KB
20 KB 103ms
42ms Script
application/javascript 2600:9000:21dd:b600:a:bda8:f140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1uwtj227v01qd.cloudfront.net/assets/select-20b85edb2d865d73ebc23d1cefe6f618fe3d56559c6d5de156f83c254fbb527c.js
Requested by: Host: secure.electionbuddy.com
URL: https://secure.electionbuddy.com/ballot/DFLY-LY7K-36DH-4S39
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21dd:b600:a:bda8:f140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: bba59d4955e5f7e03ccd5fcffdbcaa91cfdd63db4d362f4a7254149f7748f2ca

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://secure.electionbuddy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 09:12:10 GMT
content-encoding: gzip
via: 1.1 17a3c2535aa705a7b5a80b78b876c79a.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: EWR53-C2
age: 545072
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
x-amz-cf-id: N7SFbg82x31OsTUBVaV3WMy2mGnlNNAMfmWzZfjTlYzKJAUCQQkzyw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 application-d2318725e2bc43b7d701.js Show response
d1uwtj227v01qd.cloudfront.net/packs/js/ 690 KB
141 KB 80ms
19ms Script
application/javascript 2600:9000:21dd:b600:a:bda8:f140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1uwtj227v01qd.cloudfront.net/packs/js/application-d2318725e2bc43b7d701.js
Requested by: Host: secure.electionbuddy.com
URL: https://secure.electionbuddy.com/ballot/DFLY-LY7K-36DH-4S39
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21dd:b600:a:bda8:f140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: c403c017bd6bab7065911f6e4ac07595078c6a097c4d48fbc293b537a5df3e32

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://secure.electionbuddy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 19:26:00 GMT
content-encoding: br
via: 1.1 17a3c2535aa705a7b5a80b78b876c79a.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: EWR53-C2
age: 594642
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
x-amz-cf-id: 3BLvoR7-pdre-Q6qM2CTVHP7HeSYiYYXfOu4Jrsf_J8GLMs3d6g2xA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 / Show response
js.stripe.com/v3/ 462 KB
124 KB 67ms
17ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: secure.electionbuddy.com
URL: https://secure.electionbuddy.com/ballot/DFLY-LY7K-36DH-4S39

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

39cf8e171c2ecec8f81fb0d5dbfb190976a91d3a5ce2891555e8d6c748c571dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://secure.electionbuddy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 19 Apr 2023 16:36:42 GMT
via: 1.1 varnish
age: 53
x-cache: HIT
content-length: 126915
x-request-id: ad1479c8-1531-4cb6-8f01-c75522715579
x-served-by: cache-yyz4545-YYZ
last-modified: Tue, 18 Apr 2023 20:53:40 GMT
server: Fastly
etag: "4bcdf3e91d97eed1d410f602a801d8ea"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 15

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 84ms
39ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,400italic,700,700italic|Merriweather:400,400italic|Raleway:400,700

Requested by

Host: secure.electionbuddy.com
URL: https://secure.electionbuddy.com/ballot/DFLY-LY7K-36DH-4S39

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3323c68d12e3405015966fe2a17c1fef3da239cb48e4f8c37bab2f7fb1b7cd0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://secure.electionbuddy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 19 Apr 2023 16:36:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 19 Apr 2023 16:27:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 19 Apr 2023 16:36:42 GMT

GET
H/1.1 200
OK medium.png
electionbuddy.s3.ca-central-1.amazonaws.com/organizations/330653709019aac1fa61e0984dd5562745c8b519/ 32 KB
32 KB 83ms
34ms Image
image/png 52.95.147.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://electionbuddy.s3.ca-central-1.amazonaws.com/organizations/330653709019aac1fa61e0984dd5562745c8b519/medium.png?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIASLQ32FNEBOOYAJXH%2F20230419%2Fca-central-1%2Fs3%2Faws4_request&X-Amz-Date=20230419T163641Z&X-Amz-Expires=900&X-Amz-SignedHeaders=host&X-Amz-Signature=a74f47c3702d59b8344f70c21e11f48d2c0e3e1cb15850ab8d078771f4a2fa61
Requested by: Host: secure.electionbuddy.com
URL: https://secure.electionbuddy.com/ballot/DFLY-LY7K-36DH-4S39
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.147.8 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ca-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: db4c67b7dd7a9ce14d50ec73907ec82f7bf248835ba8faaf56c988be4f37ca22

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://secure.electionbuddy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 19 Apr 2023 16:36:43 GMT
x-amz-version-id: Bk2BbRQmDFP4CuWtSOGfmCNJsDTwDvCy
Last-Modified: Mon, 07 Feb 2022 20:44:04 GMT
Server: AmazonS3
x-amz-request-id: 501Y0MPAJCY28YWB
ETag: "1494856020d3938d7757d4cb25b78c80"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 32299
x-amz-id-2: irWChfNJEXb7naU8KQSPclFRSmBjIFvkr5Unkj1zdEFbsKKakHcVOqwoGkUCrUuxhIFyv7k7iuU=

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 238 KB
79 KB 51ms
50ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PMDVFCD

Requested by

Host: secure.electionbuddy.com
URL: https://secure.electionbuddy.com/ballot/DFLY-LY7K-36DH-4S39

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9a01d0489fcf18e9f0221cc568a4f2402dd9dc38e381ec0d1e32877c31f4741c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://secure.electionbuddy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 16:36:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80340
x-xss-protection: 0
last-modified: Wed, 19 Apr 2023 16:10:26 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 19 Apr 2023 16:36:42 GMT

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 245 KB
66 KB 228ms
12ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: secure.electionbuddy.com
URL: https://secure.electionbuddy.com/ballot/DFLY-LY7K-36DH-4S39
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0d28752a236cc8c5b7d31203acba05532fa226d5621a2f36559955624d6df08c

Request headers

Referer: https://secure.electionbuddy.com/
Origin: https://secure.electionbuddy.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 16:09:54 GMT
content-encoding: br
age: 1608
x-guploader-uploadid: ADPycdtWlThk9FCkXxt2DvGbVnRv0MArhioiEDfGa7IxvGqdLC74nJLFYKT513Vw3zrP2JsJnKLIN6WX7HE-wbTUcrpy_g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67265
last-modified: Wed, 12 Apr 2023 16:14:16 GMT
server: UploadServer
etag: "12079f08bea21f160ca85167932365d0"
vary: Accept-Encoding
x-goog-generation: 1681316056047714
x-goog-hash: crc32c=23gfpg==, md5=EgefCL6iHxYMqFFnkyNl0A==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 67265
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 19 Apr 2023 17:09:54 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
260 B 80ms
32ms Ping
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-37HC47X0HT&gtm=45je34c0&_p=934155884&cid=1535607938.1681922202&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1681922202&sct=1&seg=0&dl=https%3A%2F%2Fsecure.electionbuddy.com%2Fballot%2FDFLY-LY7K-36DH-4S39&dt=Online%20Voting%20Tool%20%26%20Election%20Systems%20%7C%20ElectionBuddy&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-37HC47X0HT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://secure.electionbuddy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Apr 2023 16:36:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.electionbuddy.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 logo-414116ad1df6de2ab12057c40c3ad0416e51bd70642c2b412440faabb32a5114.png
d1uwtj227v01qd.cloudfront.net/assets/ 13 KB
13 KB 19ms
19ms Image
image/png 2600:9000:21dd:b600:a:bda8:f140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1uwtj227v01qd.cloudfront.net/assets/logo-414116ad1df6de2ab12057c40c3ad0416e51bd70642c2b412440faabb32a5114.png
Requested by: Host: d1uwtj227v01qd.cloudfront.net
URL: https://d1uwtj227v01qd.cloudfront.net/assets/ballots-310a6de5aab38fe3f04a142a1672481bb7e369ca92795700c22f4b13a543ca8f.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21dd:b600:a:bda8:f140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 94be79db4bb68ce2268d47b6c2088ae2e0d3bd890706c8ccdd12212e444a849e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://d1uwtj227v01qd.cloudfront.net/assets/ballots-310a6de5aab38fe3f04a142a1672481bb7e369ca92795700c22f4b13a543ca8f.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:49:44 GMT
via: 1.1 17a3c2535aa705a7b5a80b78b876c79a.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: EWR53-C2
age: 4304818
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 12840
x-amz-cf-id: hzvbApZH78vvFKN5bij_oIlFt972zAsYnjSX4ImTzJT6CiwNjGfdvw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 dropdown_arrow-e7a6276bda2d651a206c418013c6c489fd3122d322467efbc0f1f0a77088eb77.svg
d1uwtj227v01qd.cloudfront.net/assets/ 221 B
588 B 18ms
18ms Image
image/svg+xml 2600:9000:21dd:b600:a:bda8:f140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1uwtj227v01qd.cloudfront.net/assets/dropdown_arrow-e7a6276bda2d651a206c418013c6c489fd3122d322467efbc0f1f0a77088eb77.svg
Requested by: Host: d1uwtj227v01qd.cloudfront.net
URL: https://d1uwtj227v01qd.cloudfront.net/assets/ballots-310a6de5aab38fe3f04a142a1672481bb7e369ca92795700c22f4b13a543ca8f.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21dd:b600:a:bda8:f140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6d13b7c358edcb5e7b5996915208631473bfdf66cc3a1aa2c3c4fecf319f4fbd

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://d1uwtj227v01qd.cloudfront.net/assets/ballots-310a6de5aab38fe3f04a142a1672481bb7e369ca92795700c22f4b13a543ca8f.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 19:10:06 GMT
via: 1.1 17a3c2535aa705a7b5a80b78b876c79a.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: EWR53-C2
age: 1718796
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 221
x-amz-cf-id: gp8bpMiPIs2lN54zAGKvbFbAcPNEop5Mvn3HUbCiWXq894NfTee0ZQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
24 KB 208ms
19ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400italic,700,700italic|Merriweather:400,400italic|Raleway:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://secure.electionbuddy.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 10:27:32 GMT
x-content-type-options: nosniff
age: 22150
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Apr 2024 10:27:32 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 226ms
37ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400italic,700,700italic|Merriweather:400,400italic|Raleway:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://secure.electionbuddy.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 16:39:43 GMT
x-content-type-options: nosniff
age: 259019
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 Apr 2024 16:39:43 GMT

GET
H2 200 S6u_w4BMUTPHjxsI5wq_Gwft.woff2
fonts.gstatic.com/s/lato/v23/ 24 KB
24 KB 236ms
47ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u_w4BMUTPHjxsI5wq_Gwft.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400italic,700,700italic|Merriweather:400,400italic|Raleway:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://secure.electionbuddy.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 18:07:16 GMT
x-content-type-options: nosniff
age: 253766
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24448
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:41:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 Apr 2024 18:07:16 GMT

GET
H2 200 S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v23/ 24 KB
24 KB 244ms
55ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400italic,700,700italic|Merriweather:400,400italic|Raleway:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://secure.electionbuddy.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 11:01:46 GMT
x-content-type-options: nosniff
age: 106496
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24408
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:50:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Apr 2024 11:01:46 GMT

GET
H2 200 fa-solid-900.woff2
pro.fontawesome.com/releases/v5.15.3/webfonts/ 134 KB
134 KB 33ms
32ms Font
font/woff2 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.15.3/webfonts/fa-solid-900.woff2
Requested by: Host: pro.fontawesome.com
URL: https://pro.fontawesome.com/releases/v5.15.3/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 943efdb4b38963df0653d778f233b55db3e19f44794e4ff944e33b8849dcdb3c

Request headers

Referer: https://pro.fontawesome.com/releases/v5.15.3/css/all.css
Origin: https://secure.electionbuddy.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 16:36:42 GMT
cf-cache-status: HIT
x-amz-request-id: QBSA196NFD8Z52NN
age: 523943
content-length: 136824
x-amz-id-2: Givllz1kGfJr4oluJ+1pCGovlrvTi2GurS8UyBZYxX01W3w2HG8b0CPD8VR6YKtN1sjjok03pJo=
last-modified: Mon, 28 Jun 2021 17:23:20 GMT
server: cloudflare
etag: "978b27ec5d8b81d2b15aa28aaaae1fcb"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7ba69165282533ee-YUL

GET
H2 200 S6uyw4BMUTPHjxAwXjeu.woff2
fonts.gstatic.com/s/lato/v23/ 5 KB
5 KB 224ms
44ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjxAwXjeu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400italic,700,700italic|Merriweather:400,400italic|Raleway:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c2fc265baaeba4f3f5b8c7285b93343aead25590f08be73d3056718b376c5d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://secure.electionbuddy.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 10:05:07 GMT
x-content-type-options: nosniff
age: 455495
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5472
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:50:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Apr 2024 10:05:07 GMT

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame 4BB4 200 B
787 B 17ms
16ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.electionbuddy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 9087498
cache-control: max-age=31536000
content-encoding: br
content-length: 122
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 19 Apr 2023 16:36:42 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Wed, 21 Dec 2022 18:20:45 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 168922
x-content-type-options: nosniff
x-request-id: 2134dbef-e2fe-4a43-b3eb-1324a0700574
x-served-by: cache-yyz4545-YYZ

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/639009750/ 3 KB
2 KB 159ms
41ms Script
text/javascript 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/639009750/?random=1681922202472&cv=11&fst=1681922202472&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.electionbuddy.com%2Fballot%2FDFLY-LY7K-36DH-4S39&label=5D-yCLaPyL0DENaH2rAC&hn=www.googleadservices.com&frm=0&tiba=Online%20Voting%20Tool%20%26%20Election%20Systems%20%7C%20ElectionBuddy&value=0&bttype=purchase&auid=1674926262.1681922202&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PMDVFCD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

cafe /

Resource Hash

5822a5289cd566a8deebdc8ec15813f10984a0b4ba1b74ec9b5add18451451d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://secure.electionbuddy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Apr 2023 16:36:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1634
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 149ms
35ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PMDVFCD

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f31ee3af19ca211e7694451db039e0c26674064890215d0175f39cb20f3346ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://secure.electionbuddy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 19 Apr 2023 16:36:42 GMT
last-modified: Thu, 13 Apr 2023 18:46:59 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7DBDCB300CCA4DCEB4F2083A2634CF81 Ref B: YMQ01EDGE0614 Ref C: 2023-04-19T16:36:42Z
etag: "8013f653386ed91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12030

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11146289892/ 3 KB
2 KB 345ms
232ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11146289892/?random=1681922202488&cv=11&fst=1681922202488&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.electionbuddy.com%2Fballot%2FDFLY-LY7K-36DH-4S39&hn=www.googleadservices.com&frm=0&tiba=Online%20Voting%20Tool%20%26%20Election%20Systems%20%7C%20ElectionBuddy&auid=1674926262.1681922202&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PMDVFCD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7413dbd61f57ca2eeae54b3efac291214fdf892422af1450f78803b431a2f4b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://secure.electionbuddy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Apr 2023 16:36:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1234
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.js Show response
grow.clearbitjs.com/api/ 2 KB
1 KB 221ms
111ms Script
text/javascript 216.24.57.253
RENDER

General

Check archive.org

Show headers Download Go to

Full URL

https://grow.clearbitjs.com/api/pixel.js?v=1681922202491

Requested by

Host: secure.electionbuddy.com
URL: https://secure.electionbuddy.com/ballot/DFLY-LY7K-36DH-4S39

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.24.57.253 , Sweden, ASN397273 (RENDER, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3b832350962ac3ba8a6f89d76e744fdbcdf37d5f810b8ff1fc8cb3dc8f964c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://secure.electionbuddy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 16:36:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
x-render-origin-server: Render
vary: Accept-Encoding
content-type: text/javascript
cf-ray: 7ba691665c7e43c2-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 235 KB
80 KB 42ms
41ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FKSSZ1SH00&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PMDVFCD

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7b0cc2909d48a9f5f5b8099118cb3bd4ca5c114effdd66793a5ccec3ceaa5b43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://secure.electionbuddy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 16:36:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82146
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 19 Apr 2023 16:36:42 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 4BB4 0
716 B 246ms
79ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: secure.electionbuddy.com
URL: https://secure.electionbuddy.com/ballot/DFLY-LY7K-36DH-4S39

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 19 Apr 2023 16:36:42 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1681922202837224
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1681922202836977
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 4BB4 0
715 B 247ms
81ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: secure.electionbuddy.com
URL: https://secure.electionbuddy.com/ballot/DFLY-LY7K-36DH-4S39

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 19 Apr 2023 16:36:42 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1681922202837865
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1681922202837072
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 4BB4 631 B
468 B 16ms
16ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 19 Apr 2023 16:36:42 GMT
via: 1.1 varnish
age: 13552301
x-cache: HIT
content-length: 332
x-request-id: b2207d26-1b6d-4f37-96a2-42e670f93a04
x-served-by: cache-yyz4545-YYZ
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
server: Fastly
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 133455

GET
H2 200 web Show response
edge.fullstory.com/s/settings/GC191/v1/ 4 KB
1 KB 41ms
41ms XHR
application/json 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/settings/GC191/v1/web
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 1e786d9fbfef3eb44718345ae117f1ee071ed4911e562d00064f10e824cd7c53

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://secure.electionbuddy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 16:36:42 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ADPycdtr5YEA4QccT_fdKTMGXM1QDKwP7OX5vQGViIGj8H4WQjqpYNt8-Wc9mJSzAtR27C8XVG5EDc0Tbwjk10kmXxt3Sw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1194
last-modified: Wed, 19 Apr 2023 16:27:23 GMT
server: UploadServer
etag: "8cecd6f1a73c3e683e21e3d0b851bd65"
x-goog-generation: 1681669643861440
x-goog-hash: crc32c=9BKcrA==, md5=jOzW8ac8Pmg+IePQuFG9ZQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=900,no-transform
x-goog-stored-content-length: 1194
accept-ranges: bytes
content-type: application/json
expires: Wed, 19 Apr 2023 16:51:42 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
260 B 80ms
32ms Ping
text/plain 2001:4860:4802:38::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-FKSSZ1SH00&gtm=45je34c0&_p=934155884&_gaz=1&cid=1535607938.1681922202&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1681922202&sct=1&seg=0&dl=https%3A%2F%2Fsecure.electionbuddy.com%2Fballot%2FDFLY-LY7K-36DH-4S39&dt=Online%20Voting%20Tool%20%26%20Election%20Systems%20%7C%20ElectionBuddy&en=page_view&_fv=1&_ss=1&ep.marketing_group=Other&ep.blog_group=Other
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FKSSZ1SH00&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://secure.electionbuddy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Apr 2023 16:36:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.electionbuddy.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
260 B 81ms
31ms Ping
text/plain 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-FKSSZ1SH00&cid=1535607938.1681922202&gtm=45je34c0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FKSSZ1SH00&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://secure.electionbuddy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Apr 2023 16:36:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.electionbuddy.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
408 B 96ms
47ms Image
image/gif 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-FKSSZ1SH00&cid=1535607938.1681922202&gtm=45je34c0&aip=1&z=1082751061

Requested by

Host: secure.electionbuddy.com
URL: https://secure.electionbuddy.com/ballot/DFLY-LY7K-36DH-4S39

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://secure.electionbuddy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Apr 2023 16:36:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 0B13 930 B
1 KB 17ms
16ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 103
cache-control: max-age=300, public
content-encoding: gzip
content-length: 527
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 19 Apr 2023 16:36:42 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 95
x-content-type-options: nosniff
x-request-id: 41baeb45-e3ab-4fe1-82c9-0ace71dedbc7
x-served-by: cache-yyz4545-YYZ
x-timer: S1681922203.759099,VS0,VE0

GET
H3

200

/
www.google.ca/pagead/1p-conversion/639009750/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/639009750/?random=253908717&cv=11&fst=1681922202472&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecur...
https://www.google.com/pagead/1p-conversion/639009750/?random=253908717&cv=11&fst=1681922202472&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.electionbuddy.com%2...
https://www.google.ca/pagead/1p-conversion/639009750/?random=253908717&cv=11&fst=1681922202472&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.electionbuddy.com%2F...

42 B
64 B

41ms
41ms

Image
image/gif

2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-conversion/639009750/?random=253908717&cv=11&fst=1681922202472&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.electionbuddy.com%2Fballot%2FDFLY-LY7K-36DH-4S39&label=5D-yCLaPyL0DENaH2rAC&hn=www.googleadservices.com&frm=0&tiba=Online%20Voting%20Tool%20%26%20Election%20Systems%20%7C%20ElectionBuddy&value=0&auid=1674926262.1681922202&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOEtMLW9RWVE0YlhFa1plamc5VEpBUkltQUNxU3hSeFFpckU5dDdTaGt0TEhuVlNvUXlyREJwMGl1MzhKaDVhbVJNeFR6dUVvak9ZGlpDaEVJOEtMLW9RWVE0NG4tdWFLc3dZM3FBUkl1QUZEVXBoV1Fqdm5Zdm9FOFRtYjFvWXl6LWtxbXVfMkJ0T05BVGw1b1lPVXdqOVhlSGlTMUk2RWw1ekJka2c&is_vtc=1&ocp_id=mhhAZO3sJY6tNam3oPgF&eitems=ChAI8KL-oQYQy5Srk46d1fwrEh0ALcxyxNNPlqrBnABlhVd10XeY-sGA0J5_JoHtfg&random=1916270608&ipr=y&prhg=0

Requested by

Host: secure.electionbuddy.com
URL: https://secure.electionbuddy.com/ballot/DFLY-LY7K-36DH-4S39

Protocol

Server

2607:f8b0:4006:822::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://secure.electionbuddy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Apr 2023 16:36:42 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 19 Apr 2023 16:36:42 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.ca/pagead/1p-conversion/639009750/?random=253908717&cv=11&fst=1681922202472&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.electionbuddy.com%2Fballot%2FDFLY-LY7K-36DH-4S39&label=5D-yCLaPyL0DENaH2rAC&hn=www.googleadservices.com&frm=0&tiba=Online%20Voting%20Tool%20%26%20Election%20Systems%20%7C%20ElectionBuddy&value=0&auid=1674926262.1681922202&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOEtMLW9RWVE0YlhFa1plamc5VEpBUkltQUNxU3hSeFFpckU5dDdTaGt0TEhuVlNvUXlyREJwMGl1MzhKaDVhbVJNeFR6dUVvak9ZGlpDaEVJOEtMLW9RWVE0NG4tdWFLc3dZM3FBUkl1QUZEVXBoV1Fqdm5Zdm9FOFRtYjFvWXl6LWtxbXVfMkJ0T05BVGw1b1lPVXdqOVhlSGlTMUk2RWw1ekJka2c&is_vtc=1&ocp_id=mhhAZO3sJY6tNam3oPgF&eitems=ChAI8KL-oQYQy5Srk46d1fwrEh0ALcxyxNNPlqrBnABlhVd10XeY-sGA0J5_JoHtfg&random=1916270608&ipr=y&prhg=0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 343038033.js Show response
bat.bing.com/p/action/ 0
119 B 68ms
67ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/343038033.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://secure.electionbuddy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Wed, 19 Apr 2023 16:36:42 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F0D3B057DDDD4F2A9B633AB957DB786D Ref B: YMQ01EDGE0614 Ref C: 2023-04-19T16:36:42Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
361 B 34ms
34ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=343038033&tm=gtm002&Ver=2&mid=1d7fdadf-4a05-4c1c-a473-33c26ff07b3e&sid=5ddc1660ded011eda96255fc8b2095db&vid=5ddc3f40ded011ed80482539af93607b&vids=1&msclkid=N&gtm_tag_source=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Online%20Voting%20Tool%20%26%20Election%20Systems%20%7C%20ElectionBuddy&kw=online%20voting%20software,%20online%20election%20software,%20online%20ballot%20service,%20online%20ballot%20software,%20online%20polling%20software,%20polling%20software,%20election%20software,%20email%20voting&p=https%3A%2F%2Fsecure.electionbuddy.com%2Fballot%2FDFLY-LY7K-36DH-4S39&r=&lt=1816&evt=pageLoad&sv=1&rn=784809

Requested by

Host: secure.electionbuddy.com
URL: https://secure.electionbuddy.com/ballot/DFLY-LY7K-36DH-4S39

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://secure.electionbuddy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 19 Apr 2023 16:36:42 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FD21DEAA9D4B46B08F572DB3059DAEDC Ref B: YMQ01EDGE0614 Ref C: 2023-04-19T16:36:42Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
231 B 39ms
39ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=343038033&tm=gtm002&Ver=2&mid=1d7fdadf-4a05-4c1c-a473-33c26ff07b3e&sid=5ddc1660ded011eda96255fc8b2095db&vid=5ddc3f40ded011ed80482539af93607b&vids=0&msclkid=N&gtm_tag_source=awct&tpp=1&ea=639009750%2F5D-yCLaPyL0DENaH2rAC&en=Y&p=https%3A%2F%2Fsecure.electionbuddy.com%2Fballot%2FDFLY-LY7K-36DH-4S39&sw=1600&sh=1200&sc=24&evt=custom&rn=150398

Requested by

Host: secure.electionbuddy.com
URL: https://secure.electionbuddy.com/ballot/DFLY-LY7K-36DH-4S39

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://secure.electionbuddy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 19 Apr 2023 16:36:42 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 500E9B026B61449F866BBB7ADC83DE8D Ref B: YMQ01EDGE0614 Ref C: 2023-04-19T16:36:42Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
232 B 37ms
37ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=343038033&tm=gtm002&Ver=2&mid=1d7fdadf-4a05-4c1c-a473-33c26ff07b3e&sid=5ddc1660ded011eda96255fc8b2095db&vid=5ddc3f40ded011ed80482539af93607b&vids=0&msclkid=N&gc=USD&gtm_tag_source=ga4&tpp=1&ea=utm&en=Y&p=https%3A%2F%2Fsecure.electionbuddy.com%2Fballot%2FDFLY-LY7K-36DH-4S39&sw=1600&sh=1200&sc=24&evt=custom&rn=546620

Requested by

Host: secure.electionbuddy.com
URL: https://secure.electionbuddy.com/ballot/DFLY-LY7K-36DH-4S39

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://secure.electionbuddy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 19 Apr 2023 16:36:42 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 434CD668B0AB46EC9D38196DC589E778 Ref B: YMQ01EDGE0614 Ref C: 2023-04-19T16:36:42Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 c.gif
grow.clearbitjs.com/api/ 35 B
98 B 114ms
113ms Image
image/gif 216.24.57.253
RENDER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://grow.clearbitjs.com/api/c.gif?r=https%3A%2F%2Fsecure.electionbuddy.com%2Fballot%2FDFLY-LY7K-36DH-4S39&c=direct

Requested by

Host: secure.electionbuddy.com
URL: https://secure.electionbuddy.com/ballot/DFLY-LY7K-36DH-4S39

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.24.57.253 , Sweden, ASN397273 (RENDER, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://secure.electionbuddy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 16:36:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-render-origin-server: Render
vary: Accept-Encoding
content-type: image/gif
cf-ray: 7ba691676da143c2-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 page Show response
rs.fullstory.com/rec/ 5 KB
2 KB 221ms
172ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/page
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 19c838d995c5007e8dff01a3fedb08171ddc0463c4c1c221cb0a3134f9baed37

Request headers

Referer: https://secure.electionbuddy.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 19 Apr 2023 16:36:42 GMT
content-encoding: gzip
via: 1.1 google
content-type: application/json; charset=utf-8
access-control-allow-origin: https://secure.electionbuddy.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1487

POST
H2 200 csp-report
q.stripe.com/ Frame 0B13 0
489 B 95ms
81ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: secure.electionbuddy.com
URL: https://secure.electionbuddy.com/ballot/DFLY-LY7K-36DH-4S39

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 19 Apr 2023 16:36:42 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1681922202837654
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1681922202837041
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 0B13 86 KB
16 KB 26ms
25ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Wed, 19 Apr 2023 16:36:42 GMT
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 varnish
age: 278
x-cache: HIT
content-length: 16031
x-request-id: 86044456-93e1-408a-aca8-42e1b512f628
x-served-by: cache-yyz4545-YYZ
server: Fastly
x-timer: S1681922203.801538,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 232

GET
H2 200 /
www.google.com/pagead/1p-user-list/11146289892/ 42 B
455 B 87ms
38ms Image
image/gif 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11146289892/?random=1681922202488&cv=11&fst=1681920000000&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.electionbuddy.com%2Fballot%2FDFLY-LY7K-36DH-4S39&frm=0&tiba=Online%20Voting%20Tool%20%26%20Election%20Systems%20%7C%20ElectionBuddy&fmt=3&is_vtc=1&random=3089740629&rmt_tld=0&ipr=y

Requested by

Host: secure.electionbuddy.com
URL: https://secure.electionbuddy.com/ballot/DFLY-LY7K-36DH-4S39

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://secure.electionbuddy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Apr 2023 16:36:42 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ca/pagead/1p-user-list/11146289892/ 42 B
154 B 45ms
43ms Image
image/gif 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/11146289892/?random=1681922202488&cv=11&fst=1681920000000&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.electionbuddy.com%2Fballot%2FDFLY-LY7K-36DH-4S39&frm=0&tiba=Online%20Voting%20Tool%20%26%20Election%20Systems%20%7C%20ElectionBuddy&fmt=3&is_vtc=1&random=3089740629&rmt_tld=1&ipr=y

Requested by

Host: secure.electionbuddy.com
URL: https://secure.electionbuddy.com/ballot/DFLY-LY7K-36DH-4S39

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://secure.electionbuddy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Apr 2023 16:36:42 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame 0B13 156 B
668 B 322ms
89ms XHR
application/json 52.41.90.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.41.90.223 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-41-90-223.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

e0bc10dff3c706118331e68fb62092cbb2bd01b06d354c65381656df7c77340a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 19 Apr 2023 16:36:43 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1681922203164118
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 5
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1681922203163618
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 integrations Show response
rs.fullstory.com/rec/ 3 KB
3 KB 45ms
44ms Script
text/javascript 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/integrations?OrgId=GC191
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: f2cd8c1f224de496524c3d6362250eae0c0b4d1d90e2f68ae1fb0ea67cf03138

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://secure.electionbuddy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 16:36:43 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/javascript; charset=utf-8

POST
H3 200 bundle Show response
rs.fullstory.com/rec/ 29 B
43 B 75ms
69ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle?OrgId=GC191&UserId=5625778823483392&SessionId=6262330197004288&PageId=8465862441349607690&Seq=1&PageStart=1681922202854&PrevBundleTime=0&LastActivity=4&IsNewSession=true
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 46b2462c45d693386267527106dfe792e8dfdbb08441c8599bfac2e9bb09064a

Request headers

Referer: https://secure.electionbuddy.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://secure.electionbuddy.com
date: Wed, 19 Apr 2023 16:36:43 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
content-type: application/json; charset=utf-8

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.electionbuddy.com/	1970-01-20 19:59:04	Name: utm_tags Value: f%2FpSFmIDuAmDT4SCYGlxySNihsbMWNTFVz0TXWNKD3tGL0GISY8Iw4D4siNRGpkLi8BQJpMJBnHOaYrPp4Y2J%2BOn0gg24VNH845RaAzgJ7IIdggVg%2BcPoiVdRVI8Es6PQUh2iwH4JRw%2FwtlB94asitzNuqWr%2BMfA1u45x3949DoYauy1Ml07SYp9tqETAGGldmwtAfD9yfx5rWfvMf%2F6198guiDXiKo0sSeZm7BQhSuGXT%2Fs%2FJc%3D--sQ%2BYeznnpUnTHZL8--HIwr2gmqlhBG9n4ZKcKp6g%3D%3D
secure.electionbuddy.com/	1969-12-31 23:59:59	Name: _electionbuddy_session Value: 03f013bc23d2a834c4359fb37fb2f9cc
.electionbuddy.com/	1970-01-20 20:48:02	Name: _ga_37HC47X0HT Value: GS1.1.1681922202.1.0.1681922202.0.0.0
.electionbuddy.com/	1970-01-20 20:48:02	Name: _ga Value: GA1.1.1535607938.1681922202
secure.electionbuddy.com/	1970-01-20 19:57:38	Name: timezone Value: UTC
.electionbuddy.com/	1970-01-20 13:21:38	Name: _gcl_au Value: 1.1.1674926262.1681922202
.grow.clearbitjs.com/	1970-01-20 11:12:04	Name: __cf_bm Value: aDYZoVG9_GxTQwyPFNXiQjL1DFJdpJ93K.IAzbmBwqs-1681922202-0-AaG4faWvCzv68g4zlK46jb3UPe6flXflegwi+0PmjTCTwgjHHYDEviSnw7tIz9umclEqoNOFNyZwray+q5hGRi8=
.electionbuddy.com/	1970-01-20 20:48:02	Name: _ga_FKSSZ1SH00 Value: GS1.1.1681922202.1.0.1681922202.60.0.0
.electionbuddy.com/	1970-01-20 11:13:28	Name: _uetsid Value: 5ddc1660ded011eda96255fc8b2095db
.electionbuddy.com/	1970-01-20 20:33:38	Name: _uetvid Value: 5ddc3f40ded011ed80482539af93607b
.bat.bing.com/	1970-01-20 11:22:07	Name: MR Value: 0
.bing.com/	1970-01-20 20:33:38	Name: MUID Value: 25DF60D82CD567080EBC72202DEE6689
.doubleclick.net/	1970-01-20 11:12:03	Name: test_cookie Value: CheckForPermission
.electionbuddy.com/	1970-01-20 19:57:38	Name: fs_uid Value: #GC191#5625778823483392:6262330197004288:::#0c868bfe#/1713458202
m.stripe.com/	1970-01-20 20:48:02	Name: m Value: 0b7175d6-fbd6-4c97-b404-a3dd46d6f2bd0503bc
.secure.electionbuddy.com/	1970-01-20 19:57:38	Name: __stripe_mid Value: d0fbbe19-3948-470c-b3ee-03f5216a82cd4f1d35
.secure.electionbuddy.com/	1970-01-20 11:12:04	Name: __stripe_sid Value: f6678624-2e98-4a76-b48c-7b622bd98220a1b5b3

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
bat.bing.com
d1uwtj227v01qd.cloudfront.net
edge.fullstory.com
electionbuddy.s3.ca-central-1.amazonaws.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
grow.clearbitjs.com
js.stripe.com
m.stripe.com
m.stripe.network
pro.fontawesome.com
q.stripe.com
rs.fullstory.com
secure.electionbuddy.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
142.251.41.2
151.101.192.176
2001:4860:4802:32::178
2001:4860:4802:38::181
216.24.57.253
2600:9000:21dd:b600:a:bda8:f140:21
2606:4700::6812:1734
2607:f8b0:4004:c1b::9d
2607:f8b0:4006:81c::2004
2607:f8b0:4006:81c::200a
2607:f8b0:4006:81f::2002
2607:f8b0:4006:821::2003
2607:f8b0:4006:821::2008
2607:f8b0:4006:822::2003
2620:1ec:c11::200
3.98.35.78
35.186.194.58
35.201.112.186
52.41.90.223
52.95.147.8
54.187.119.242
0d28752a236cc8c5b7d31203acba05532fa226d5621a2f36559955624d6df08c
19c838d995c5007e8dff01a3fedb08171ddc0463c4c1c221cb0a3134f9baed37
1c2fc265baaeba4f3f5b8c7285b93343aead25590f08be73d3056718b376c5d7
1e786d9fbfef3eb44718345ae117f1ee071ed4911e562d00064f10e824cd7c53
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
3323c68d12e3405015966fe2a17c1fef3da239cb48e4f8c37bab2f7fb1b7cd0b
360950e3c8d1510c5dbd7c5faabd627afac064d4377efa1906a504936fa168f3
39cf8e171c2ecec8f81fb0d5dbfb190976a91d3a5ce2891555e8d6c748c571dd
46b2462c45d693386267527106dfe792e8dfdbb08441c8599bfac2e9bb09064a
5822a5289cd566a8deebdc8ec15813f10984a0b4ba1b74ec9b5add18451451d9
5b658d7432398a5e9e336c4780f077181acf5d9d0a96144712ccb3daf19fb8fd
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550
6d13b7c358edcb5e7b5996915208631473bfdf66cc3a1aa2c3c4fecf319f4fbd
7413dbd61f57ca2eeae54b3efac291214fdf892422af1450f78803b431a2f4b2
7b0cc2909d48a9f5f5b8099118cb3bd4ca5c114effdd66793a5ccec3ceaa5b43
839ce8e32e994f4fb4af526183b8f41ba67e47c7025746cc94e7e6a53d3d3453
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
943efdb4b38963df0653d778f233b55db3e19f44794e4ff944e33b8849dcdb3c
94be79db4bb68ce2268d47b6c2088ae2e0d3bd890706c8ccdd12212e444a849e
9a01d0489fcf18e9f0221cc568a4f2402dd9dc38e381ec0d1e32877c31f4741c
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
bba59d4955e5f7e03ccd5fcffdbcaa91cfdd63db4d362f4a7254149f7748f2ca
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
c3b832350962ac3ba8a6f89d76e744fdbcdf37d5f810b8ff1fc8cb3dc8f964c6
c403c017bd6bab7065911f6e4ac07595078c6a097c4d48fbc293b537a5df3e32
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
cf3808474586df8cfcd9ccabf320572d274e7ce181a0dcbda037d2f00bb84c37
db4c67b7dd7a9ce14d50ec73907ec82f7bf248835ba8faaf56c988be4f37ca22
dff26a8ea0aba0efbc1393b7a0c2ba375757939f4a63e30bc946500948ea0983
e0bc10dff3c706118331e68fb62092cbb2bd01b06d354c65381656df7c77340a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f2cd8c1f224de496524c3d6362250eae0c0b4d1d90e2f68ae1fb0ea67cf03138
f31ee3af19ca211e7694451db039e0c26674064890215d0175f39cb20f3346ed
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

secure.electionbuddy.com Open in urlscan Pro 3.98.35.78 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

49 Requests

98 %HTTPS

57 %IPv6

17 Domains

22 Subdomains

21 IPs

3 Countries

1005 kBTransfer

3032 kBSize

17 Cookies

2 Outgoing links

Page URL History

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

secure.electionbuddy.com Open in urlscan Pro
3.98.35.78 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

98 %
HTTPS

57 %
IPv6

17
Domains

22
Subdomains

21
IPs

3
Countries

1005 kB
Transfer

3032 kB
Size

17
Cookies

49 HTTP transactions
0 data transactions