vice.com/en_us/article/…
![](https://pbs.twimg.com/media/EQB_7l7UwAA1Gsl.png)
Is this a hardcoded API key/ID? 8/ https://9794bb51044e4aa298d7ce3332dbcea8@sentry.io/179249
![](https://pbs.twimg.com/media/EQCER8MUEAASQGL.png)
![](https://pbs.twimg.com/media/EQCER7pXkAIkEmi.jpg)
![](https://pbs.twimg.com/media/EQCER8LU0AEdmL7.jpg)
![](https://pbs.twimg.com/media/EQCFtcAXUAInxzf.jpg)
![](https://pbs.twimg.com/media/EQCFtcCWoAERWdS.jpg)
Not sure what this server does yet, but it's on the Google cloud (IDP is Iowa Democratic Party): idp-api.americanappservices.com
This is a Google server with hooks in the app as well:
clients3.google.com 12/
![](https://pbs.twimg.com/media/EQCG4s6WsAAbn36.jpg)
![](https://pbs.twimg.com/media/EQCG4s8WsAAT6P_.jpg)
![](https://pbs.twimg.com/media/EQCG4tDXsAA1mXh.jpg)
![](https://pbs.twimg.com/media/EQCLF9AX4AIIOMH.png)
...but seriously, most apps are, esp. under this kind of spotlight. not an excuse and doubly-disturbing given the fact that it supposedly had an independent security audit (or two?) #IowaCaucasDisaster