urlscan.io logo urlscan.io
SecurityTrails logo

register.vote.org Open in urlscan Pro
104.20.137.64  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://afvfl.click/regi1
Effective URL: https://register.vote.org/?partner=898816&campaign=flvrscale
Submission: On September 20 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 5 countries across 10 domains to perform 18 HTTP transactions. The main IP is 104.20.137.64, located in United States and belongs to CLOUDFLARENET, US. The main domain is register.vote.org.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on July 12th 2018. Valid for: 2 years.
This is the only time register.vote.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    18.234.16.61 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-234-16-61.compute-1.amazonaws.com
afvfl.click
6    104.20.137.64 (United States)

ASN13335 (CLOUDFLARENET, US)
register.vote.org
1    23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)
use.fontawesome.com
1    2a04:4e42:400::729 (Ascension Island)

ASN54113 (FASTLY, US)
cdn.ravenjs.com
1    2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
2    162.247.242.21 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-9.nr-data.net
bam.nr-data.net
Domain Requested by
6 register.vote.org register.vote.org
2 bam.nr-data.net js-agent.newrelic.com
cdn.ravenjs.com
2 www.facebook.com register.vote.org
2 connect.facebook.net register.vote.org
connect.facebook.net
2 www.google-analytics.com register.vote.org
1 js-agent.newrelic.com register.vote.org
1 stats.g.doubleclick.net cdn.ravenjs.com
1 cdn.ravenjs.com register.vote.org
1 use.fontawesome.com register.vote.org
1 afvfl.click 1 redirects
18 10

This site contains links to these domains. Also see Links.

Domain
campaignlegal.org
www.overseasvotefoundation.org
www.vote.org
www.expeditedssl.com
Subject Issuer Validity Valid
*.vote.org
DigiCert SHA2 Secure Server CA		 2018-07-12 -
2020-10-14		 2 years crt.sh
*.fontawesome.com
DigiCert SHA2 Secure Server CA		 2019-10-28 -
2020-12-23		 a year crt.sh
osff.map.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-05-20 -
2020-12-18		 7 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-08-26 -
2020-11-18		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-09-11 -
2020-12-10		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-08-26 -
2020-11-18		 3 months crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-09-09 -
2021-05-07		 8 months crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA		 2020-02-05 -
2022-02-08		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://register.vote.org/?partner=898816&campaign=flvrscale
Frame ID: CA53CF699E8FCE4CC3C743971D2B5657
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://afvfl.click/regi1 HTTP 301
    https://register.vote.org/?partner=898816&campaign=flvrscale Page URL

Detected technologies

Overall confidence: 50%
Detected patterns
  • meta csrf-param /^authenticity_token$/i
Overall confidence: 50%
Detected patterns
  • meta csrf-param /^authenticity_token$/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href="https:\/\/use\.fontawesome\.com\/releases\/v([^>]+)\/css\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

18
Requests

100 %
HTTPS

55 %
IPv6

10
Domains

10
Subdomains

10
IPs

5
Countries

374 kB
Transfer

1247 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://afvfl.click/regi1 HTTP 301
    https://register.vote.org/?partner=898816&campaign=flvrscale Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
register.vote.org/
Redirect Chain
  • https://afvfl.click/regi1
  • https://register.vote.org/?partner=898816&campaign=flvrscale
29 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://register.vote.org/?partner=898816&campaign=flvrscale
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.137.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ab26751dd2eeb6245a405ffea43a7f3906eae0b1150e283a19248de970b5f54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
register.vote.org
:scheme
https
:path
/?partner=898816&campaign=flvrscale
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Sun, 20 Sep 2020 23:37:23 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d823d114733e88fc91bd1d61ee286ca1f1600645043; expires=Tue, 20-Oct-20 23:37:23 GMT; path=/; domain=.vote.org; HttpOnly; SameSite=Lax; Secure _apollo_session=bXAwbTVjWFl1NE5lNi9FNVZ6YmNwdU8xci9KNi9Gc21CSUFOSnRHenRZRmhKR0hXMGNtVm9hK0ZHeTN2eXc5TUxRZEZmZEsyZDB0c0RmRnFHeno4QndPOGZ5NTJ4Z2V2TXlFTzhDY0lNNHBOaFd4MHRtUktCajIvTzlLWUJtb1U5ZTE0WVFhUGV6S25FSDBuT1M0OVdRPT0tLUpHeUlLTjFmZGpsV2dZOUtNMlVjanc9PQ%3D%3D--8319490b0fe37aa8dab767cb8dd9d48717808dc9; path=/; secure; HttpOnly; SameSite=None
x-xss-protection
1; mode=block
x-content-type-options
nosniff
cache-control
no-cache, no-store
pragma
no-cache
strict-transport-security
max-age=31536000
x-request-id
d1938b10-151b-4221-9d45-dfe72e674281
x-runtime
0.019256
vary
Accept-Encoding
via
1.1 vegur
cf-cache-status
DYNAMIC
cf-request-id
054f7a2bc400001e89f038c200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5d5f5fbfa8e01e89-AMS
content-encoding
gzip

Redirect headers

Server
nginx
Date
Sun, 20 Sep 2020 23:37:23 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
0
Connection
keep-alive
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Location
https://register.vote.org/?partner=898816&campaign=flvrscale
all.css
use.fontawesome.com/releases/v5.1.0/css/ 		45 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.1.0/css/all.css
Requested by
Host: register.vote.org
URL: https://register.vote.org/?partner=898816&campaign=flvrscale
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550

Request headers

Origin
https://register.vote.org
Referer
https://register.vote.org/?partner=898816&campaign=flvrscale
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Sep 2020 23:37:23 GMT
content-encoding
gzip
last-modified
Wed, 20 Jun 2018 20:19:16 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"826c57385f3d35cfed5478ba7b1f5c03"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
application-363d2785c1b6ec6aed674580c1f6438a.css
register.vote.org/assets/ 		96 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://register.vote.org/assets/application-363d2785c1b6ec6aed674580c1f6438a.css
Requested by
Host: register.vote.org
URL: https://register.vote.org/?partner=898816&campaign=flvrscale
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.137.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ae095f7d9f1da06a04dfe80ece00c569465728401f8d9759312cbfb7a67550d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://register.vote.org/?partner=898816&campaign=flvrscale
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Sep 2020 23:37:23 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
4711
status
200
content-length
16961
cf-request-id
054f7a2c7400001e89f0394200000001
last-modified
Wed, 16 Sep 2020 19:03:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
text/css
via
1.1 vegur
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
5d5f5fc0ba511e89-AMS
application-6984873f4a32f40918ce7fe9a57f7c5f.js
register.vote.org/assets/ 		283 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://register.vote.org/assets/application-6984873f4a32f40918ce7fe9a57f7c5f.js
Requested by
Host: register.vote.org
URL: https://register.vote.org/?partner=898816&campaign=flvrscale
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.137.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bbc2e50ba2fcbfe8112c113798016d5ffcbabfea4fbe94ea7c517f586edc12b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://register.vote.org/?partner=898816&campaign=flvrscale
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Sep 2020 23:37:23 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
4711
status
200
content-length
90243
cf-request-id
054f7a2c7400001e89f0395200000001
last-modified
Wed, 16 Sep 2020 19:03:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
application/javascript
via
1.1 vegur
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
5d5f5fc0ba521e89-AMS
raven.min.js
cdn.ravenjs.com/2.3.0/ 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ravenjs.com/2.3.0/raven.min.js
Requested by
Host: register.vote.org
URL: https://register.vote.org/?partner=898816&campaign=flvrscale
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::729 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
f960668adb17efe3bc9f1598d4808f7f20a819facbe943d9e13381524569b1c8

Request headers

Referer
https://register.vote.org/?partner=898816&campaign=flvrscale
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Sep 2020 23:37:23 GMT
content-encoding
gzip
last-modified
Mon, 28 Mar 2016 20:27:42 GMT
server
Fastly
age
76810
etag
"b1a4764b257f6df8d5d41a87f335efa9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
8500
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: register.vote.org
URL: https://register.vote.org/?partner=898816&campaign=flvrscale
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://register.vote.org/?partner=898816&campaign=flvrscale
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Sep 2020 01:50:37 GMT
server
Golfe2
age
1303
date
Sun, 20 Sep 2020 23:15:40 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18650
expires
Mon, 21 Sep 2020 01:15:40 GMT
fbevents.js
connect.facebook.net/en_US/ 		135 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: register.vote.org
URL: https://register.vote.org/?partner=898816&campaign=flvrscale
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
097afea517679d2e0b986d77cb3fe7808026882b52ca074a050e03e7a4a6996b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://register.vote.org/?partner=898816&campaign=flvrscale
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
34302
x-xss-protection
0
pragma
public
x-fb-debug
S3eE4nzQKs1kp8hxOR9hYXB2fpkWGGr03YRxj5m/YSOSPGBfNiXLTem5ZKRLE1Xa+3Dz1CyEsEZQNPYCfW0VNA==
x-fb-trip-id
1460883810
x-frame-options
DENY
date
Sun, 20 Sep 2020 23:37:23 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
ClearSans-Regular-webfont-48e496351eb70d276515136a1ae9dada.woff2
register.vote.org/assets/clearsans/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://register.vote.org/assets/clearsans/ClearSans-Regular-webfont-48e496351eb70d276515136a1ae9dada.woff2
Requested by
Host: register.vote.org
URL: https://register.vote.org/assets/application-363d2785c1b6ec6aed674580c1f6438a.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.137.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11c889a102e192e21145a37ca980b721c8ee69b9b335709d0b266a7fef2b2ebd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Origin
https://register.vote.org
Referer
https://register.vote.org/assets/application-363d2785c1b6ec6aed674580c1f6438a.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Sep 2020 23:37:23 GMT
via
1.1 vegur
vary
Accept-Encoding
cf-cache-status
HIT
age
2523
status
200
content-length
21328
cf-request-id
054f7a2cd200001e89f039a200000001
last-modified
Mon, 26 Nov 2018 17:30:44 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
application/font-woff2
cache-control
public, max-age=86400, no-transform
accept-ranges
bytes
cf-ray
5d5f5fc15ada1e89-AMS
caret-down-c7236d3dce02d5c85e4912305a7c8275.svg
register.vote.org/assets/ 		229 B
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://register.vote.org/assets/caret-down-c7236d3dce02d5c85e4912305a7c8275.svg
Requested by
Host: register.vote.org
URL: https://register.vote.org/assets/application-363d2785c1b6ec6aed674580c1f6438a.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.137.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc46792c61d9fb886565a7880c32887297ae827cc7919d4784ecc07f43938920
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://register.vote.org/assets/application-363d2785c1b6ec6aed674580c1f6438a.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Sep 2020 23:37:23 GMT
via
1.1 vegur
vary
Accept-Encoding
cf-cache-status
HIT
age
4710
status
200
content-encoding
gzip
cf-request-id
054f7a2cde00001e89f039b200000001
last-modified
Mon, 26 Nov 2018 17:30:44 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
5d5f5fc16aeb1e89-AMS
cf-bgj
h2pri
ClearSans-Bold-webfont-5826e649aa9c979520eee016742e18ff.woff2
register.vote.org/assets/clearsans/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://register.vote.org/assets/clearsans/ClearSans-Bold-webfont-5826e649aa9c979520eee016742e18ff.woff2
Requested by
Host: register.vote.org
URL: https://register.vote.org/assets/application-363d2785c1b6ec6aed674580c1f6438a.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.137.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d4548337af5dd61ed41b7d168199bf6bde74614c6e41ad8575074a14d53685a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Origin
https://register.vote.org
Referer
https://register.vote.org/assets/application-363d2785c1b6ec6aed674580c1f6438a.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Sep 2020 23:37:23 GMT
via
1.1 vegur
vary
Accept-Encoding
cf-cache-status
HIT
age
2523
status
200
content-length
21624
cf-request-id
054f7a2ce100001e89f039c200000001
last-modified
Mon, 26 Nov 2018 17:30:44 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
application/font-woff2
cache-control
public, max-age=86400, no-transform
accept-ranges
bytes
cf-ray
5d5f5fc16af11e89-AMS
collect
stats.g.doubleclick.net/j/ 		1 B
87 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-75164262-1&cid=1767361537.1600645043&jid=1947258842&gjid=712238156&_gid=1704189723.1600645043&_u=IGBAgEABAAAAAE~&z=1225562926
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/2.3.0/raven.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://register.vote.org/?partner=898816&campaign=flvrscale
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 20 Sep 2020 23:37:23 GMT
status
200
content-type
text/plain
access-control-allow-origin
https://register.vote.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
392 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j86&a=2018879464&t=pageview&_s=1&dl=https%3A%2F%2Fregister.vote.org%2F%3Fpartner%3D898816%26campaign%3Dflvrscale&ul=en-us&de=UTF-8&dt=Register%20to%20vote%20-%20Vote.org&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAgEAB~&jid=1947258842&gjid=712238156&cid=1767361537.1600645043&tid=UA-75164262-1&_gid=1704189723.1600645043&z=945319628
Requested by
Host: register.vote.org
URL: https://register.vote.org/?partner=898816&campaign=flvrscale
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://register.vote.org/?partner=898816&campaign=flvrscale
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Sep 2020 02:27:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
76199
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
1058710734314277
connect.facebook.net/signals/config/ 		524 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1058710734314277?v=2.9.24&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5838a91a2c72dc7bf4e3f6ed1c87ad26b7b0eed92d10b40377f16cdcb671c77f
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://register.vote.org/?partner=898816&campaign=flvrscale
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
WNyn8PKVmp/xQHCalq6Z0x2vkOrpHjVqIQlECfehD9Ia7PcV7RS9gK6UfyTacBqJxVHVQiHYdj+4vQX/THuHVw==
x-fb-trip-id
1460883810
x-frame-options
DENY
date
Sun, 20 Sep 2020 23:37:23 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1058710734314277&ev=PageView&dl=https%3A%2F%2Fregister.vote.org%2F%3Fpartner%3D898816%26campaign%3Dflvrscale&rl=&if=false&ts=1600645043753&sw=1600&sh=1200&v=2.9.24&r=stable&ec=0&o=30&fbp=fb.1.1600645043752.1418340377&it=1600645043503&coo=false&rqm=GET
Requested by
Host: register.vote.org
URL: https://register.vote.org/?partner=898816&campaign=flvrscale
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://register.vote.org/?partner=898816&campaign=flvrscale
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Sep 2020 23:37:23 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sun, 20 Sep 2020 23:37:23 GMT
nr-1177.min.js
js-agent.newrelic.com/ 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1177.min.js
Requested by
Host: register.vote.org
URL: https://register.vote.org/?partner=898816&campaign=flvrscale
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
67f243af83cf56b2fd0fb502ab9f7a8533500e2571b4459d5bf6f6481a2da4ca

Request headers

Referer
https://register.vote.org/?partner=898816&campaign=flvrscale
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Sep 2020 23:37:23 GMT
content-encoding
gzip
x-amz-request-id
4F930AF2622C2177
x-cache
HIT
status
200
content-length
10405
x-amz-id-2
U7tObmI036MTRpBI0DMqANsZED0ff6ySLFb6J6xUAvrjeydJkzxfcOtpUXwF34MJgKtcfhq4e+o=
x-served-by
cache-hhn4060-HHN
last-modified
Tue, 18 Aug 2020 17:23:32 GMT
server
AmazonS3
x-timer
S1600645044.821237,VS0,VE0
etag
"97c8d5802b0de603104986846cdc509a"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
1490
bf1064f2b0
bam.nr-data.net/1/ 		57 B
275 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/bf1064f2b0?a=108671355&v=1177.96a4d39&to=dQoIQRBYD1gAQk0MXVsASVwMUwZM&rst=1530&ck=1&ref=https://register.vote.org/&qt=2&ap=19&be=1001&fe=1451&dc=1085&perf=%7B%22timing%22:%7B%22of%22:1600645042310,%22n%22:0,%22f%22:773,%22dn%22:773,%22dne%22:784,%22c%22:784,%22s%22:798,%22ce%22:822,%22rq%22:822,%22rp%22:988,%22rpe%22:996,%22dl%22:992,%22di%22:1085,%22ds%22:1085,%22de%22:1161,%22dc%22:1451,%22l%22:1451,%22le%22:1452%7D,%22navigation%22:%7B%7D%7D&fp=1170&fcp=1170&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1177.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.21 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-9.nr-data.net
Software
/
Resource Hash
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1

Request headers

Referer
https://register.vote.org/?partner=898816&campaign=flvrscale
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
57
Content-Type
text/javascript;charset=ISO-8859-1
/
www.facebook.com/tr/ 		44 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1058710734314277&ev=Microdata&dl=https%3A%2F%2Fregister.vote.org%2F%3Fpartner%3D898816%26campaign%3Dflvrscale&rl=&if=false&ts=1600645044256&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%20%20%20%20%20%20Register%20to%20vote%20-%20Vote.org%5Cn%20%20%20%20%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Register%20to%20Vote%22%2C%22og%3Adescription%22%3A%22Register%20to%20Vote%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fimages.vote.org%2Fog-register-to-vote.jpg%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.vote.org%2Fregister-to-vote%2F%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.24&r=stable&ec=1&o=30&fbp=fb.1.1600645043752.1418340377&it=1600645043503&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://register.vote.org/?partner=898816&campaign=flvrscale
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Sep 2020 23:37:24 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sun, 20 Sep 2020 23:37:24 GMT
bf1064f2b0
bam.nr-data.net/events/1/ 		24 B
184 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/events/1/bf1064f2b0?a=108671355&v=1177.96a4d39&to=dQoIQRBYD1gAQk0MXVsASVwMUwZM&rst=11529&ck=1&ref=https://register.vote.org/
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/2.3.0/raven.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.21 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-9.nr-data.net
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://register.vote.org/?partner=898816&campaign=flvrscale
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://register.vote.org
Access-Control-Allow-Credentials
true
Content-Length
24
Content-Type
image/gif

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes object| NREUM object| newrelic function| __nr_require string| GoogleAnalyticsObject function| ga function| refresh object| Mailcheck object| ValidatedForm object| AddressAutocomplete number| inactivityTime function| $ function| jQuery function| Polyglot function| Download function| Preview function| Esign function| Mail function| goog_snippet_vars function| goog_report_conversion object| jQuery112406642902258351133 function| Cropper function| Cookies object| jstz object| Raven function| fbq function| _fbq object| google_tag_data object| gaplugins object| gaGlobal object| gaData

7 Cookies

Domain/Path Name / Value
.vote.org/ Name: _ga
Value: GA1.2.1767361537.1600645043
register.vote.org/ Name: browser.timezone
Value: Europe/Berlin
.vote.org/ Name: _fbp
Value: fb.1.1600645043752.1418340377
register.vote.org/ Name: _apollo_session
Value: bXAwbTVjWFl1NE5lNi9FNVZ6YmNwdU8xci9KNi9Gc21CSUFOSnRHenRZRmhKR0hXMGNtVm9hK0ZHeTN2eXc5TUxRZEZmZEsyZDB0c0RmRnFHeno4QndPOGZ5NTJ4Z2V2TXlFTzhDY0lNNHBOaFd4MHRtUktCajIvTzlLWUJtb1U5ZTE0WVFhUGV6S25FSDBuT1M0OVdRPT0tLUpHeUlLTjFmZGpsV2dZOUtNMlVjanc9PQ%3D%3D--8319490b0fe37aa8dab767cb8dd9d48717808dc9
.vote.org/ Name: _gat
Value: 1
.vote.org/ Name: _gid
Value: GA1.2.1704189723.1600645043
.vote.org/ Name: __cfduid
Value: d823d114733e88fc91bd1d61ee286ca1f1600645043

1 Console Messages

Source Level URL
Text
console-api warning URL: https://register.vote.org/assets/application-6984873f4a32f40918ce7fe9a57f7c5f.js(Line 8)
Message:
There was an issue retrieving Bootstrap's version. Ensure Bootstrap is being loaded before bootstrap-select and there is no namespace collision. If loading Bootstrap asynchronously, the version may need to be manually specified via $.fn.selectpicker.Constructor.BootstrapVersion. TypeError: Cannot read property 'Constructor' of undefined

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

afvfl.click
bam.nr-data.net
cdn.ravenjs.com
connect.facebook.net
js-agent.newrelic.com
register.vote.org
stats.g.doubleclick.net
use.fontawesome.com
www.facebook.com
www.google-analytics.com
104.20.137.64
151.101.114.110
162.247.242.21
18.234.16.61
23.111.9.35
2a00:1450:4001:820::200e
2a00:1450:4001:821::200e
2a00:1450:400c:c07::9c
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:400::729
097afea517679d2e0b986d77cb3fe7808026882b52ca074a050e03e7a4a6996b
0ae095f7d9f1da06a04dfe80ece00c569465728401f8d9759312cbfb7a67550d
0bbc2e50ba2fcbfe8112c113798016d5ffcbabfea4fbe94ea7c517f586edc12b
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0d4548337af5dd61ed41b7d168199bf6bde74614c6e41ad8575074a14d53685a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11c889a102e192e21145a37ca980b721c8ee69b9b335709d0b266a7fef2b2ebd
1ab26751dd2eeb6245a405ffea43a7f3906eae0b1150e283a19248de970b5f54
5838a91a2c72dc7bf4e3f6ed1c87ad26b7b0eed92d10b40377f16cdcb671c77f
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
67f243af83cf56b2fd0fb502ab9f7a8533500e2571b4459d5bf6f6481a2da4ca
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
cc46792c61d9fb886565a7880c32887297ae827cc7919d4784ecc07f43938920
ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
f960668adb17efe3bc9f1598d4808f7f20a819facbe943d9e13381524569b1c8