urlscan.io logo urlscan.io
SecurityTrails logo

dems.ag Open in urlscan Pro
141.193.213.10  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://dems.ag/
Effective URL: https://dems.ag/
Submission: On November 21 via api from RU — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 1 countries across 15 domains to perform 59 HTTP transactions. The main IP is 141.193.213.10, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare London, LLC, US. The main domain is dems.ag.
TLS certificate: Issued by E5 on September 23rd 2024. Valid for: 3 months.
This is the only time dems.ag was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
24 141.193.213.10 209242 (CLOUDFLAR...)
2 99.84.160.116 16509 (AMAZON-02)
4 142.250.31.97 15169 (GOOGLE)
3 3.167.88.111 16509 (AMAZON-02)
1 172.253.63.95 15169 (GOOGLE)
4 3.217.39.214 14618 (AMAZON-AES)
1 18.160.41.53 16509 (AMAZON-02)
1 64.233.180.94 15169 (GOOGLE)
2 18.154.227.71 16509 (AMAZON-02)
1 108.138.64.84 16509 (AMAZON-02)
1 18.154.227.109 16509 (AMAZON-02)
4 45.60.31.183 19551 (INCAPSULA)
3 142.251.179.102 15169 (GOOGLE)
1 172.253.115.104 15169 (GOOGLE)
2 31.13.66.19 32934 (FACEBOOK)
1 3.167.56.49 16509 (AMAZON-02)
2 31.13.66.35 32934 (FACEBOOK)
1 18.154.227.96 ()
59 19
24    141.193.213.10 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US)
dems.ag
2    99.84.160.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-160-116.ord52.r.cloudfront.net
iwillvote.com
4    142.250.31.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f97.1e100.net
www.googletagmanager.com
3    3.167.88.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-167-88-111.iad55.r.cloudfront.net
static.everyaction.com
1    172.253.63.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f95.1e100.net
fonts.googleapis.com
4    3.217.39.214 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-39-214.compute-1.amazonaws.com
tags.srv.stackadapt.com
1    18.160.41.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-41-53.iad55.r.cloudfront.net
static.hotjar.com
1    64.233.180.94 (United States)

ASN15169 (GOOGLE, US)
PTR: pe-in-f94.1e100.net
fonts.gstatic.com
2    18.154.227.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-154-227-71.iad55.r.cloudfront.net
vis.iwillvote.com
1    108.138.64.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-64-84.iad12.r.cloudfront.net
js.verygoodvault.com
1    18.154.227.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-154-227-109.iad55.r.cloudfront.net
js.stripe.com
4    45.60.31.183 (United States)

ASN19551 (INCAPSULA, US)
secure.ngpvan.com
3    142.251.179.102 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: pd-in-f102.1e100.net
www.google-analytics.com
1    172.253.115.104 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f104.1e100.net
www.google.com
2    31.13.66.19 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-iad3.fbcdn.net
connect.facebook.net
1    3.167.56.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-167-56-49.iad61.r.cloudfront.net
script.hotjar.com
2    31.13.66.35 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-iad3.facebook.com
www.facebook.com
1    18.154.227.96 (None, )

ASN- ()
js.stripe.com
Apex Domain
Subdomains		 Transfer
24 dems.ag
dems.ag
1 MB
4 ngpvan.com
secure.ngpvan.com — Cisco Umbrella Rank: 231512
2 KB
4 stackadapt.com
tags.srv.stackadapt.com — Cisco Umbrella Rank: 2701
10 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
296 KB
4 iwillvote.com
iwillvote.com — Cisco Umbrella Rank: 426361
vis.iwillvote.com
119 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
21 KB
3 everyaction.com
static.everyaction.com — Cisco Umbrella Rank: 65714
271 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
212 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
76 KB
2 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1073
180 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 888
script.hotjar.com — Cisco Umbrella Rank: 1185
61 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 3
1 verygoodvault.com
js.verygoodvault.com — Cisco Umbrella Rank: 27680
44 KB
1 gstatic.com
fonts.gstatic.com
47 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
59 15
Domain Requested by
24 dems.ag dems.ag
4 secure.ngpvan.com static.everyaction.com
4 tags.srv.stackadapt.com dems.ag
tags.srv.stackadapt.com
4 www.googletagmanager.com dems.ag
www.googletagmanager.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 static.everyaction.com dems.ag
static.everyaction.com
2 www.facebook.com dems.ag
2 connect.facebook.net dems.ag
connect.facebook.net
2 js.stripe.com static.everyaction.com
js.stripe.com
2 vis.iwillvote.com iwillvote.com
2 iwillvote.com dems.ag
1 script.hotjar.com static.hotjar.com
1 www.google.com www.googletagmanager.com
1 js.verygoodvault.com static.everyaction.com
1 fonts.gstatic.com fonts.googleapis.com
1 static.hotjar.com dems.ag
1 fonts.googleapis.com dems.ag
59 17

This site contains links to these domains. Also see Links.

Domain
secure.actblue.com
twitter.com
www.facebook.com
www.instagram.com
www.youtube.com
Subject Issuer Validity Valid
dems.ag
E5		 2024-09-23 -
2024-12-22		 3 months crt.sh
iwillvote.com
Amazon RSA 2048 M03		 2024-07-24 -
2025-08-22		 a year crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
static.everyaction.com
Amazon RSA 2048 M03		 2024-04-08 -
2025-05-07		 a year crt.sh
upload.video.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.srv.stackadapt.com
Amazon RSA 2048 M03		 2024-08-09 -
2025-09-06		 a year crt.sh
*.hotjar.com
Amazon RSA 2048 M03		 2024-05-22 -
2025-06-20		 a year crt.sh
*.gstatic.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.verygoodvault.com
Amazon RSA 2048 M03		 2024-11-18 -
2025-12-16		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-10-30 -
2025-02-06		 3 months crt.sh
*.ngpvan.com
RapidSSL G5 TLS RSA4096 SHA384 2022 CA1		 2024-10-22 -
2025-11-06		 a year crt.sh
*.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-08-30 -
2024-11-28		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://dems.ag/
Frame ID: C7F4D58A0F4E9478FF83A5071353D45D
Requests: 55 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fdems.ag
Frame ID: 99E296C36D470FE9E88D4F1059072BC9
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 8EFEEB6AA4EEEBD0758B21BCBC5BF65E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home - Democratic Attorneys General Association

Page URL History Show full URLs

  1. http://dems.ag/ HTTP 307
    https://dems.ag/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

59
Requests

98 %
HTTPS

0 %
IPv6

15
Domains

17
Subdomains

19
IPs

1
Countries

2530 kB
Transfer

5400 kB
Size

20
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://dems.ag/ HTTP 307
    https://dems.ag/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

59 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
dems.ag/
Redirect Chain
  • http://dems.ag/
  • https://dems.ag/
37 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dems.ag/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare / WP Engine
Resource Hash
22b68d2e22a3363202c2c6de7bb5423a7f266b5c591ff77990189a227d0ff5e7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=600, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8e5e8068ab5bab69-YYZ
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 21 Nov 2024 06:07:48 GMT
link
<https://dems.ag/wp-json/>; rel="https://api.w.org/" <https://dems.ag/wp-json/wp/v2/pages/148>; rel="alternate"; title="JSON"; type="application/json" <https://dems.ag/>; rel=shortlink
server
cloudflare
vary
Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
HIT: 3
x-cache-group
normal
x-cacheable
SHORT
x-powered-by
WP Engine

Redirect headers

Location
https://dems.ag/
Non-Authoritative-Reason
HttpsUpgrades
widget-v2.css
iwillvote.com/locate/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://iwillvote.com/locate/widget-v2.css
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.160.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-160-116.ord52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3c23fc019936beeb0d65896c3b73caf063e3a5491acae393a3437031368fa71d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

x-amz-cf-pop
ORD52-C2
content-encoding
gzip
etag
W/"b636fd7ba3227e9def71a1e9f5fb259a"
age
1703
via
1.1 17256fd1010bade0d64432a8527fd53c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
vS_jgQ8u-kLGqkGXX1ayG6ZmvsSnVRQzHIG18eaH6b2V21d5IgSo3g==
date
Thu, 21 Nov 2024 05:39:25 GMT
content-type
text/css
vary
accept-encoding
server
AmazonS3
last-modified
Wed, 20 Nov 2024 17:37:15 GMT
x-amz-server-side-encryption
AES256
style.css
dems.ag/wp-content/themes/daga/ 		82 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dems.ag/wp-content/themes/daga/style.css?ver=1.0.1
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32526bffc26a3a0a4d7283d2e971eba2a1a9102799da3ac6560ef24a95478e43

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"6699b98f-147b4"
age
19252
cf-ray
8e5e806a0c41ab69-YYZ
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Thu, 21 Nov 2024 06:07:48 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Fri, 19 Jul 2024 00:55:43 GMT
js
www.googletagmanager.com/gtag/ 		223 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-152621184-1
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
50c807ebcd96279309f977b30a31b77a72e527e4d01274f9e76e047e9bc0ed70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 21 Nov 2024 06:07:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Nov 2024 06:07:49 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
81496
x-xss-protection
0
server
Google Tag Manager
homepage-desktop.jpg
dems.ag/wp-content/uploads/2022/03/ 		900 KB
901 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dems.ag/wp-content/uploads/2022/03/homepage-desktop.jpg
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f825f8c1bcadeb617528a460f8bed506345bff6d0aa9596f28b87dfbbdc52d58

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

cf-bgj
imgq:100,h2pri
etag
"6231fc77-e922d"
age
101660
cf-cache-status
HIT
cf-polished
origSize=954925
alt-svc
h3=":443"; ma=86400
date
Thu, 21 Nov 2024 06:07:48 GMT
content-type
image/jpeg
last-modified
Wed, 16 Mar 2022 15:04:23 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
8e5e806a0c42ab69-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
921432
server
cloudflare
at.js
static.everyaction.com/ea-actiontag/ 		854 KB
245 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.everyaction.com/ea-actiontag/at.js
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.167.88.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-167-88-111.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3bb6a2bab36133ec7a878a0b2fa75761f78d81b124a8fe1c2810427669dd07e9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://dems.ag
Referer
https://dems.ag/

Response headers

access-control-max-age
3000
content-encoding
gzip
etag
"3ada072011015f4e4bbe0156b04c2147"
age
52400
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
bItuegEoYBpxbbU4gs_QPvn_mPjiBkwVJrVa2JZPGkPvdqGYMS4ujQ==
date
Wed, 20 Nov 2024 15:34:30 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 19 Nov 2024 15:34:25 GMT
cache-control
max-age=900, s-maxage=86400, public
via
1.1 1f0befe1f0c7d5efec2c028b0e0af7ea.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
249741
x-amz-cf-pop
IAD55-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
at.min.css
static.everyaction.com/ea-actiontag/ 		60 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.everyaction.com/ea-actiontag/at.min.css
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.167.88.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-167-88-111.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
97c6de33479451be085c649d73bc65843a2b00955788b52dc48e74e0ab533c1f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

access-control-max-age
3000
content-encoding
gzip
etag
"f6977fbb3575eaf90c19b187aad4f779"
age
52401
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
MR6f5hcfpdIMgK8Pd_Gn5-9fKI49CHuii6Fbu6UHJUXY-lu_zdk6fA==
date
Wed, 20 Nov 2024 15:34:29 GMT
content-type
text/css; charset=utf-8
last-modified
Tue, 19 Nov 2024 15:34:25 GMT
cache-control
max-age=900, s-maxage=86400, public
via
1.1 eafa30ac9eebc826d698b6b51868b24a.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
11811
x-amz-cf-pop
IAD55-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
widget-v2.js
iwillvote.com/locate/ 		465 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iwillvote.com/locate/widget-v2.js
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.160.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-160-116.ord52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8dde41c93a651d44b5743978734a3d707a552e0e07fb1377df7b1fd62020e842

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

x-amz-cf-pop
ORD52-C2
content-encoding
gzip
etag
W/"31f8984478341d177a22e496547d3ede"
age
70
via
1.1 17256fd1010bade0d64432a8527fd53c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
naJ2IClrTJJk5DwTslwgpqO1u5P-yzQCdUMEpZH-osP6_fv1rPd4JA==
date
Thu, 21 Nov 2024 06:07:49 GMT
content-type
text/javascript
vary
accept-encoding
server
AmazonS3
last-modified
Wed, 20 Nov 2024 17:37:15 GMT
x-amz-server-side-encryption
AES256
Website-Headshots-Ford.jpg
dems.ag/wp-content/uploads/2024/02/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dems.ag/wp-content/uploads/2024/02/Website-Headshots-Ford.jpg
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fc5e8a20bac765f6e6c5561f28bbad7b7302bf3009b2910e0070b7b27a95fd8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

cf-bgj
imgq:100,h2pri
etag
"65cd2df4-d34f"
age
200040
cf-cache-status
HIT
cf-polished
origSize=54095
alt-svc
h3=":443"; ma=86400
date
Thu, 21 Nov 2024 06:07:49 GMT
content-type
image/jpeg
last-modified
Wed, 14 Feb 2024 21:17:40 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
8e5e806c482cac5a-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
51119
server
cloudflare
Website-Headshots-Jennings.jpg
dems.ag/wp-content/uploads/2024/02/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dems.ag/wp-content/uploads/2024/02/Website-Headshots-Jennings.jpg
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fbffd71285d5ce0463e13b8158978a198849b086c26dead89c6062dbb4bfddb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

cf-bgj
imgq:100,h2pri
etag
"65cd2df4-afbe"
age
200040
cf-cache-status
HIT
cf-polished
origSize=44990
alt-svc
h3=":443"; ma=86400
date
Thu, 21 Nov 2024 06:07:49 GMT
content-type
image/jpeg
last-modified
Wed, 14 Feb 2024 21:17:40 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
8e5e806c482eac5a-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
42232
server
cloudflare
Website-Headshots-Ellison.jpg
dems.ag/wp-content/uploads/2024/02/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dems.ag/wp-content/uploads/2024/02/Website-Headshots-Ellison.jpg
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39494eaf8540d7aed130e68f3f9ec865cc25d987c174046cb4cb6f3fd4bc4be8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

cf-bgj
imgq:100,h2pri
etag
"65cd2a83-bb0f"
age
101661
cf-cache-status
HIT
cf-polished
origSize=47887
alt-svc
h3=":443"; ma=86400
date
Thu, 21 Nov 2024 06:07:49 GMT
content-type
image/jpeg
last-modified
Wed, 14 Feb 2024 21:02:59 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
8e5e806c4830ac5a-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
44805
server
cloudflare
Website-Headshots-Raoul.jpg
dems.ag/wp-content/uploads/2024/02/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dems.ag/wp-content/uploads/2024/02/Website-Headshots-Raoul.jpg
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db04c86ad3bc46d16b82b6d9ce6b6174ec8e839b8ef5d1a875bcf2852a6e9a71

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

cf-bgj
imgq:100,h2pri
etag
"65cd2cd2-cbd1"
age
200040
cf-cache-status
HIT
cf-polished
origSize=52177
alt-svc
h3=":443"; ma=86400
date
Thu, 21 Nov 2024 06:07:49 GMT
content-type
image/jpeg
last-modified
Wed, 14 Feb 2024 21:12:50 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
8e5e806c4832ac5a-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
48785
server
cloudflare
Website-Headshots-Campbell.jpg
dems.ag/wp-content/uploads/2022/09/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dems.ag/wp-content/uploads/2022/09/Website-Headshots-Campbell.jpg
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd0f34c8c78b19b7a19090b79b8b81dcda22cb5ea90c6dd14f5abea5e67f3306

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

cf-bgj
imgq:100,h2pri
etag
"645951b6-af70"
age
200040
cf-cache-status
HIT
cf-polished
origSize=44912
alt-svc
h3=":443"; ma=86400
date
Thu, 21 Nov 2024 06:07:49 GMT
content-type
image/jpeg
last-modified
Mon, 08 May 2023 19:47:02 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
8e5e806c4834ac5a-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
42486
server
cloudflare
Website-Headshots-Bonta.jpg
dems.ag/wp-content/uploads/2024/02/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dems.ag/wp-content/uploads/2024/02/Website-Headshots-Bonta.jpg
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c009d46ad59d5e552af2aea6c3072d7fe5f33034a44c855e4754fa0f72cb7af

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

cf-bgj
imgq:100,h2pri
etag
"65cd2d64-b6f7"
age
200040
cf-cache-status
HIT
cf-polished
origSize=46839
alt-svc
h3=":443"; ma=86400
date
Thu, 21 Nov 2024 06:07:49 GMT
content-type
image/jpeg
last-modified
Wed, 14 Feb 2024 21:15:16 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
8e5e806c4835ac5a-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
44397
server
cloudflare
Website-Headshots-Rosenblum.jpg
dems.ag/wp-content/uploads/2024/02/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dems.ag/wp-content/uploads/2024/02/Website-Headshots-Rosenblum.jpg
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c6764b994fc6d19f5aa48ba15956f0731a5172c4de07d2488a1c223868b58af

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

cf-bgj
imgq:100,h2pri
etag
"65cd2898-bce8"
age
200040
cf-cache-status
HIT
cf-polished
origSize=48360
alt-svc
h3=":443"; ma=86400
date
Thu, 21 Nov 2024 06:07:49 GMT
content-type
image/jpeg
last-modified
Wed, 14 Feb 2024 20:54:48 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
8e5e806c4836ac5a-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
45877
server
cloudflare
5.4.23-Website-Icons-05-aspect-ratio-13-10.jpg
dems.ag/wp-content/uploads/2023/06/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dems.ag/wp-content/uploads/2023/06/5.4.23-Website-Icons-05-aspect-ratio-13-10.jpg
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98e596c6c2b3eee4ac1937072fea9c643794b701308b60adc36b767ee8545392

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

cf-bgj
imgq:100,h2pri
etag
"6487321f-5305"
age
200040
cf-cache-status
HIT
cf-polished
origSize=21253
alt-svc
h3=":443"; ma=86400
date
Thu, 21 Nov 2024 06:07:49 GMT
content-type
image/jpeg
last-modified
Mon, 12 Jun 2023 14:56:31 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
8e5e806c4837ac5a-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
18210
server
cloudflare
5.4.23-Website-Icons-06-aspect-ratio-13-10.jpg
dems.ag/wp-content/uploads/2023/06/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dems.ag/wp-content/uploads/2023/06/5.4.23-Website-Icons-06-aspect-ratio-13-10.jpg
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be5a87773af2ae635efc8356c8281457b310511cce556822ef0bd28a35ad8c01

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

cf-bgj
imgq:100,h2pri
etag
"6487324f-5b55"
age
200040
cf-cache-status
HIT
cf-polished
origSize=23381
alt-svc
h3=":443"; ma=86400
date
Thu, 21 Nov 2024 06:07:49 GMT
content-type
image/jpeg
last-modified
Mon, 12 Jun 2023 14:57:19 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
8e5e806c4838ac5a-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
20115
server
cloudflare
5.4.23-Website-Icons-12-aspect-ratio-13-10.jpg
dems.ag/wp-content/uploads/2023/06/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dems.ag/wp-content/uploads/2023/06/5.4.23-Website-Icons-12-aspect-ratio-13-10.jpg
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
120f82490e19609333eee4140b8c882dd2c8fabc938410a4539de297e6b12f85

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

cf-bgj
imgq:100,h2pri
etag
"6487321f-57ab"
age
200040
cf-cache-status
HIT
cf-polished
origSize=22443
alt-svc
h3=":443"; ma=86400
date
Thu, 21 Nov 2024 06:07:49 GMT
content-type
image/jpeg
last-modified
Mon, 12 Jun 2023 14:56:31 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
8e5e806c483aac5a-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
18894
server
cloudflare
5.4.23-Website-Icons-04-aspect-ratio-13-10.jpg
dems.ag/wp-content/uploads/2023/06/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dems.ag/wp-content/uploads/2023/06/5.4.23-Website-Icons-04-aspect-ratio-13-10.jpg
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b40277966ab293d963c0af593ac6a65352e3c29465929982c9c4785e487b331b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

cf-bgj
imgq:100,h2pri
etag
"6487321f-57b3"
age
101661
cf-cache-status
HIT
cf-polished
origSize=22451
alt-svc
h3=":443"; ma=86400
date
Thu, 21 Nov 2024 06:07:49 GMT
content-type
image/jpeg
last-modified
Mon, 12 Jun 2023 14:56:31 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
8e5e806c483bac5a-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
18550
server
cloudflare
5.4.23-Website-Icons-11-aspect-ratio-13-10.jpg
dems.ag/wp-content/uploads/2023/06/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dems.ag/wp-content/uploads/2023/06/5.4.23-Website-Icons-11-aspect-ratio-13-10.jpg
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18d5b551a742857bcf9fc62a7c5469a7b6d5142360268b3e2edd17d5a666ecfe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

cf-bgj
imgq:100,h2pri
etag
"6487324f-5f35"
age
101661
cf-cache-status
HIT
cf-polished
origSize=24373
alt-svc
h3=":443"; ma=86400
date
Thu, 21 Nov 2024 06:07:49 GMT
content-type
image/jpeg
last-modified
Mon, 12 Jun 2023 14:57:19 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
8e5e806c483cac5a-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
21130
server
cloudflare
5.4.23-Website-Icons-10-aspect-ratio-13-10.jpg
dems.ag/wp-content/uploads/2023/06/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dems.ag/wp-content/uploads/2023/06/5.4.23-Website-Icons-10-aspect-ratio-13-10.jpg
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a628cc5900cf4788c2ad7857a1f7987d53204ef05e71c60795b3b194a3708e7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

cf-bgj
imgq:100,h2pri
etag
"6487321f-4cf2"
age
101661
cf-cache-status
HIT
cf-polished
origSize=19698
alt-svc
h3=":443"; ma=86400
date
Thu, 21 Nov 2024 06:07:49 GMT
content-type
image/jpeg
last-modified
Mon, 12 Jun 2023 14:56:31 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
8e5e806c483dac5a-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
16201
server
cloudflare
scripts.js
dems.ag/wp-content/themes/daga/js/ 		91 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dems.ag/wp-content/themes/daga/js/scripts.js?ver=1.0.1
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d0d0251614e63c66de207727d86c379393085caba768da7e9c8277c5abc43b7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"623dcd81-16c94"
age
200040
cf-ray
8e5e806c4833ac5a-YYZ
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Thu, 21 Nov 2024 06:07:49 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Fri, 25 Mar 2022 14:11:13 GMT
gtm.js
www.googletagmanager.com/ 		271 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MF9XFBN
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
1be77d69628d8c51ea98b28c2b5928ed207750e464fd3842631487170eb348cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Thu, 21 Nov 2024 06:07:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Nov 2024 06:07:49 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
97715
x-xss-protection
0
server
Google Tag Manager
13b0a850-f9ac-465b-9e00-e48058c0b581
https://dems.ag/ Frame 		0
0
css2
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@400;700&display=swap
Requested by
Host: dems.ag
URL: https://dems.ag/wp-content/themes/daga/style.css?ver=1.0.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f95.1e100.net
Software
ESF /
Resource Hash
904dc3e1bee45978299da81e6b6c3a731f1240118afde61161e2be24c4c1031b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 21 Nov 2024 06:07:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Nov 2024 06:07:49 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Thu, 21 Nov 2024 05:56:47 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
events.js
tags.srv.stackadapt.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/events.js
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.39.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-39-214.compute-1.amazonaws.com
Software
/
Resource Hash
6c7bee93ba59a89cb8231e9641d69512ee4453bb548ab55f2621f71d738606fe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

access-control-allow-origin
*
cache-control
max-age=5
content-encoding
gzip
date
Thu, 21 Nov 2024 06:07:49 GMT
content-type
text/javascript
hotjar-3929513.js
static.hotjar.com/c/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-3929513.js?sv=5
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.41.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-41-53.iad55.r.cloudfront.net
Software
/
Resource Hash
56432b84798fd1b1bbba58a23e3491c04a67447282114fa5cd776f4f5fd4e70b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=60
content-encoding
br
etag
W/29ab0921e3e0a1a27bfb753a559d8fcf
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
x-cache-hit
1
via
1.1 4244245835579031ffc201ddc6d644a2.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amz-cf-id
e_wMdMkgROABtOaC8tqxQlQHnOL5ycjaP-sTMVJjoNJsmwBXzooPcQ==
date
Thu, 21 Nov 2024 06:07:49 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
x-amz-cf-pop
IAD55-P1
daga-logo.svg
dems.ag/wp-content/themes/daga/images/ 		14 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dems.ag/wp-content/themes/daga/images/daga-logo.svg
Requested by
Host: dems.ag
URL: https://dems.ag/wp-content/themes/daga/style.css?ver=1.0.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a54be57c482e85ead7bf3126b3a406f7acfbb270b59d49fc6e208391fdc4979c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dems.ag/wp-content/themes/daga/style.css?ver=1.0.1

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"623dcd81-36e0"
age
37301
cf-ray
8e5e806c483fac5a-YYZ
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Thu, 21 Nov 2024 06:07:49 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Fri, 25 Mar 2022 14:11:13 GMT
UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
fonts.gstatic.com/s/inter/v18/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
pe-in-f94.1e100.net
Software
sffe /
Resource Hash
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://dems.ag
Referer
https://fonts.googleapis.com/

Response headers

age
348702
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Mon, 17 Nov 2025 05:16:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 17 Nov 2024 05:16:07 GMT
last-modified
Mon, 29 Jul 2024 22:51:01 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48444
x-xss-protection
0
server
sffe
Messapia-Bold.woff2
dems.ag/wp-content/themes/daga/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dems.ag/wp-content/themes/daga/fonts/Messapia-Bold.woff2
Requested by
Host: dems.ag
URL: https://dems.ag/wp-content/themes/daga/style.css?ver=1.0.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0af53c307e0c24070ce7b3f2cf4d77dc60a5ed3b389c05d776b605911242ae66

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://dems.ag
Referer
https://dems.ag/wp-content/themes/daga/style.css?ver=1.0.1

Response headers

cache-control
public, max-age=31536000
cf-cache-status
HIT
etag
"623dcd81-3ca0"
age
200040
cf-ray
8e5e806c5847ac5a-YYZ
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
15520
date
Thu, 21 Nov 2024 06:07:49 GMT
content-type
font/woff2
last-modified
Fri, 25 Mar 2022 14:11:13 GMT
vary
Accept-Encoding
server
cloudflare
track-widget-view
vis.iwillvote.com/widget/ 		16 B
635 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vis.iwillvote.com/widget/track-widget-view
Requested by
Host: iwillvote.com
URL: https://iwillvote.com/locate/widget-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.227.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-227-71.iad55.r.cloudfront.net
Software
/
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://dems.ag/

Response headers

x-amzn-remapped-content-length
16
x-amzn-remapped-connection
keep-alive
x-content-type-options
nosniff
x-amzn-requestid
63c2f9a8-546b-45b2-9358-55dbea9a0a48
x-amzn-remapped-server
nginx/1.26.2
x-cache
Miss from cloudfront
x-amz-cf-id
CRvi-Rs72hbAjdKuK6vBoxHHt-87di8RZ7xUqSH_I1nRiSMc6Tmdog==
date
Thu, 21 Nov 2024 06:07:49 GMT
content-type
application/json
vary
Accept, Origin, Cookie
x-frame-options
DENY
cross-origin-opener-policy
same-origin
x-amz-apigw-id
BlUobEXWoAMEf7Q=
x-amzn-remapped-date
Thu, 21 Nov 2024 06:07:49 GMT
x-amzn-trace-id
Root=1-673ece35-3980c5401c03bf5a3b5d34bb
referrer-policy
same-origin
allow
POST, OPTIONS
via
1.1 ddf6879aa6c2007b075baebb295e9494.cloudfront.net (CloudFront)
access-control-allow-origin
*
content-length
16
x-amz-cf-pop
IAD55-P5
track-widget-view
vis.iwillvote.com/widget/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://vis.iwillvote.com/widget/track-widget-view
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.227.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-227-71.iad55.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://dems.ag
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Thu, 21 Nov 2024 06:07:49 GMT
via
1.1 ddf6879aa6c2007b075baebb295e9494.cloudfront.net (CloudFront)
x-amz-apigw-id
BlUoaFlSoAMEUFQ=
x-amz-cf-id
7e80-mwAT1ZzIQouX7XAfPf87lkohUhTbRA84tnYbjKkxlWaBKtPcQ==
x-amz-cf-pop
IAD55-P5
x-amzn-requestid
77b438ca-7f1f-49c4-866a-0ee537c82f15
x-amzn-trace-id
Root=1-673ece35-26b9f562765e421c67c1bd79
x-cache
Miss from cloudfront
arrow-triple-navy.svg
dems.ag/wp-content/themes/daga/images/ 		319 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dems.ag/wp-content/themes/daga/images/arrow-triple-navy.svg
Requested by
Host: dems.ag
URL: https://dems.ag/wp-content/themes/daga/style.css?ver=1.0.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2302443e0fb551886e9486df2ee027a958110280edb9530f64e64a7b25f09077

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dems.ag/wp-content/themes/daga/style.css?ver=1.0.1

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"623dcd81-13f"
age
245849
cf-ray
8e5e806df97cac5a-YYZ
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Thu, 21 Nov 2024 06:07:49 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Fri, 25 Mar 2022 14:11:13 GMT
caret-down.svg
dems.ag/wp-content/themes/daga/images/ 		130 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dems.ag/wp-content/themes/daga/images/caret-down.svg
Requested by
Host: dems.ag
URL: https://dems.ag/wp-content/themes/daga/style.css?ver=1.0.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47247cf32c064515cfe48b9783072ab2b670ba87617c9ae171f36364bbafe0f0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dems.ag/wp-content/themes/daga/style.css?ver=1.0.1

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"623dcd81-82"
age
200040
cf-ray
8e5e806df97eac5a-YYZ
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Thu, 21 Nov 2024 06:07:49 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Fri, 25 Mar 2022 14:11:13 GMT
arrow-triple-white.svg
dems.ag/wp-content/themes/daga/images/ 		661 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dems.ag/wp-content/themes/daga/images/arrow-triple-white.svg
Requested by
Host: dems.ag
URL: https://dems.ag/wp-content/themes/daga/style.css?ver=1.0.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9b4723e1725fca810a905f00cd53a5bb0e56901b9331973f1cd17d07712d181

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dems.ag/wp-content/themes/daga/style.css?ver=1.0.1

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"623dcd81-295"
age
101660
cf-ray
8e5e806e097fac5a-YYZ
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Thu, 21 Nov 2024 06:07:49 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Fri, 25 Mar 2022 14:11:13 GMT
sa.css
tags.srv.stackadapt.com/ 		65 B
203 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.css
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.39.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-39-214.compute-1.amazonaws.com
Software
/
Resource Hash
11426543cfee130862678a9b389c1360cdb41dec033dac8d6d6cc039e60a34a7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

access-control-allow-origin
*
cache-control
only-if-cached, no-transform, private, max-age=7776000
content-length
65
date
Thu, 21 Nov 2024 06:07:49 GMT
content-type
text/css
sa.jpeg
tags.srv.stackadapt.com/ 		0
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.jpeg
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.39.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-39-214.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

access-control-allow-origin
*
cache-control
only-if-cached, no-transform, private, max-age=7776000
content-length
651
date
Thu, 21 Nov 2024 06:07:49 GMT
content-type
image/jpeg
wp-emoji-release.min.js
dems.ag/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dems.ag/wp-includes/js/wp-emoji-release.min.js?ver=6.7
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"66101b16-4926"
age
37301
cf-ray
8e5e806e69c2ac5a-YYZ
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Thu, 21 Nov 2024 06:07:49 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Fri, 05 Apr 2024 15:39:02 GMT
extra.min.css
static.everyaction.com/ea-actiontag/ 		78 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.everyaction.com/ea-actiontag/extra.min.css
Requested by
Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.167.88.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-167-88-111.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6cbc2458b099f9e7fc94c96932f3b9a47a6e54d6ec2f1d1461297e91a32808a5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

access-control-max-age
3000
content-encoding
gzip
etag
"f12c939807fd25b700999748b6de6844"
age
52402
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
AKkYhlQ0HN3_FOlYJHGVwdGY9lfYR0Hk5Cvpn_zqXpcfGjqpOaNSIQ==
date
Wed, 20 Nov 2024 15:34:28 GMT
content-type
text/css; charset=utf-8
last-modified
Tue, 19 Nov 2024 15:34:25 GMT
cache-control
max-age=900, s-maxage=86400, public
via
1.1 eafa30ac9eebc826d698b6b51868b24a.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
14169
x-amz-cf-pop
IAD55-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
vgs-collect.js
js.verygoodvault.com/vgs-collect/2.18.4/ 		134 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.verygoodvault.com/vgs-collect/2.18.4/vgs-collect.js
Requested by
Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.64.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-64-84.iad12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
575b2165304d899b7001ab593aeee31b371a46aee8b899c22a87ab9313389eda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

Content-Encoding
gzip
x-amz-version-id
jfBMjoXBTwBLxrf4sD.h_N_F9QJn5gdY
ETag
W/"156be461dd96d02fce3792c020f7748a"
Age
3
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
_TllVbLpu-XqVxUnMvd69XJHvr9qRg_0dkzH_2VgrpDYG6gEfIHHPw==
Date
Thu, 21 Nov 2024 06:07:47 GMT
Content-Type
application/javascript
Vary
Accept-Encoding
Last-Modified
Thu, 16 Mar 2023 10:29:55 GMT
Transfer-Encoding
chunked
Cache-Control
max-age=60
Connection
keep-alive
Via
1.1 09aa283795aaafe63cbd7c2cbac2c306.cloudfront.net (CloudFront)
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
IAD12-P1
Server
AmazonS3
x-amz-server-side-encryption
AES256
v3
js.stripe.com/ 		690 KB
180 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.227.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-227-109.iad55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
646083951ff6b22833bfab6e5c8d1619db124b19a667b4c71a5947f7553490e1
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

content-encoding
br
etag
W/"38a950fb6709c608ef9538feab486d8c"
age
3
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
9yIQ90j6XjL6FmSE6ogzdt0HGplTVcvztzR8nyLhjB8-FbQfbAWfnA==
date
Thu, 21 Nov 2024 06:07:47 GMT
content-type
text/javascript; charset=utf-8
last-modified
Thu, 21 Nov 2024 01:07:14 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31556926; includeSubDomains; preload
cache-control
max-age=60
timing-allow-origin
*
via
1.1 b97ecc65af57f73e17a5596e8dc5a2d4.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
IAD55-P5
server
Cloudfront
F0FbMqMdu02IxogaZwEmdA2
secure.ngpvan.com/v1/Forms/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.ngpvan.com/v1/Forms/F0FbMqMdu02IxogaZwEmdA2
Requested by
Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
9cbadb44a3affb05a48ae41af44e7002248a31cbe85603044c5414c6a788a1ff
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://dems.ag/

Response headers

access-control-expose-headers
Request-Context
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 21 Nov 2024 06:07:50 GMT
content-type
application/json; charset=utf-8
vary
Origin,Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
x-iinfo
13-40156812-40156818 2NNN RT(1732169270213 43) q(0 0 0 0) r(1 1)
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
cache-control
public, max-age=10
x-cdn
Imperva
access-control-allow-credentials
true
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
access-control-allow-origin
https://dems.ag
content-length
1342
x-xss-protection
1; mode=block
F0FbMqMdu02IxogaZwEmdA2
secure.ngpvan.com/v1/Forms/ 		2 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.ngpvan.com/v1/Forms/F0FbMqMdu02IxogaZwEmdA2
Requested by
Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
9cbadb44a3affb05a48ae41af44e7002248a31cbe85603044c5414c6a788a1ff
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://dems.ag/

Response headers

access-control-expose-headers
Request-Context
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 21 Nov 2024 06:07:50 GMT
content-type
application/json; charset=utf-8
vary
Origin,Accept-Encoding
x-frame-options
SAMEORIGIN
x-iinfo
13-40156812-40156818 2NNN RT(1732169270213 43) q(0 0 0 0) r(1 1)
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
cache-control
public, max-age=10
x-cdn
Imperva
access-control-allow-credentials
true
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
access-control-allow-origin
https://dems.ag
content-length
1342
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		359 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-C0KC0QE7ES&l=dataLayer&cx=c&gtm=457e4bk0za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-152621184-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
c736276d3926d3e1f7eccdf76203dddfc37ba398c974ac6ab772825579ac61b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 21 Nov 2024 06:07:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Nov 2024 06:07:49 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
122897
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-152621184-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.179.102 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f102.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

content-encoding
gzip
age
6019
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Thu, 21 Nov 2024 06:27:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Nov 2024 04:27:31 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
collect
www.google.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fdems.ag%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=949640602.1732169270&auid=1777483563.1732169270&npa=0&gtm=45He4bk0v841931166za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tft=1732169269576&tfd=1402&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MF9XFBN
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f104.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-EuGWqamV' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 21 Nov 2024 06:07:49 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-EuGWqamV' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=40, rtx=0, c=23, mss=1232, tbw=4427, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
LCHWYjqc5xfFfWUCz3VL8UncQSvhI/09DOOehadeUUh+m5+t/FEvpS1kZBOvcSiD7k6N8YP261UhKOD+uUKn6A==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62107
x-xss-protection
0
origin-agent-cluster
?1
sw_iframe.html
www.googletagmanager.com/static/service_worker/4bj0/ Frame 99E2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fdems.ag
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MF9XFBN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f97.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Thu, 21 Nov 2024 06:07:50 GMT
expires
Fri, 21 Nov 2025 06:07:50 GMT
last-modified
Tue, 19 Nov 2024 10:38:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
saq_pxl
tags.srv.stackadapt.com/ 		94 B
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/saq_pxl?uid=cw3_IeIiU2oS4YDxCQsl3g&is_js=true&landing_url=https%3A%2F%2Fdems.ag%2F&t=Home%20-%20Democratic%20Attorneys%20General%20Association&tip=1OhzXldl2OzOUXIF69h4tFhVLPgfLS1i1qL2mxU7a0A&host=https%3A%2F%2Fdems.ag&sa_conv_data_css_value=%270-841ffcf2-9ddd-507d-7c7d-67cff46420bb%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd9841ffcf29ddd507d7c7d67cff46420bb9a2f1139&l_src=&l_src_d=&u_src=&u_src_d=&shop=false&sa-user-id-v3=s%253AAQAKICoUBSZYFbgBwAvTJ7UxRc9Z_ntS9PQGPqUuQOQjpz5DENYBGAQgtZz7uQYwAToEQiu0oEIEtrVsrw.foUp51GP6EA5eHVG3Ugs3OwP4sDASgViQ4F2fgPO5%252BQ&sa-user-id-v2=s%253AhB_88p3dUH18fWfP9GQgu5ovETk.dgh4%252FJ%252FHbgI6Ic7UVIiZx7KWD2a6Vk9tT66pZTjnSHQ&sa-user-id=s%253A0-841ffcf2-9ddd-507d-7c7d-67cff46420bb.JPQV2GShewe44HNMyRsQUaYeFvVlT5MVHZjZjcCLFwY
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.39.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-39-214.compute-1.amazonaws.com
Software
/
Resource Hash
078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

access-control-allow-methods
GET
access-control-allow-origin
https://dems.ag
content-length
94
date
Thu, 21 Nov 2024 06:07:49 GMT
content-type
text/plain; charset=utf-8
access-control-allow-credentials
true
access-control-allow-headers
*
modules.86621fa4aeada5bcf025.js
script.hotjar.com/ 		222 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.86621fa4aeada5bcf025.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3929513.js?sv=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.167.56.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-167-56-49.iad61.r.cloudfront.net
Software
/
Resource Hash
feb5c0ee05ef970a3cf34bac95d465e96ccb3a3df353b3a641d9391c168e68ad
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

x-robots-tag
none
content-encoding
br
etag
"ff8702986a1c41356391628a5f5d6f03"
age
57343
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
_swsllLeErt9_uxgMxnsF0zXqAvJaueHJgPn4BVKPahArfu5mUkD9Q==
date
Wed, 20 Nov 2024 14:12:07 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 20 Nov 2024 14:11:55 GMT
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
via
1.1 ee577eca64c62b377915121bc88081d2.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
56243
x-amz-cf-pop
IAD61-P5
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-C0KC0QE7ES&gtm=45je4bk0v9139033882za200&_p=1732169268988&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=350570187.1732169270&ul=en-ca&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1732169269&sct=1&seg=0&dl=https%3A%2F%2Fdems.ag%2F&dt=Home%20-%20Democratic%20Attorneys%20General%20Association&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1521
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C0KC0QE7ES&l=dataLayer&cx=c&gtm=457e4bk0za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.179.102 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f102.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://dems.ag
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Nov 2024 06:07:50 GMT
content-type
text/plain
server
Golfe2
683722869167845
connect.facebook.net/signals/config/ 		76 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/683722869167845?v=2.9.176&r=stable&domain=dems.ag&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
1f464016cde2bad7da1dd1349d232fda8bb8f0086c4638811add5db92d43c3b6
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-j0Rzo0sU' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 21 Nov 2024 06:07:49 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-j0Rzo0sU' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=44, rtx=0, c=76, mss=1232, tbw=70251, tp=65, tpl=0, uplat=72, ullat=0
pragma
public
x-fb-debug
idLdCcMk0ZJIYmZdKqc6MDx5mzBP2wSVssWh8eoE5nHcrWzEnLtTPRB3PEhWfi4oij2wLJcJJso1EbTXo5+49w==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
cross-origin-opener-policy-report-only
restrict-properties;report-to="coop_report"
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=683722869167845&ev=PageView&dl=https%3A%2F%2Fdems.ag%2F&rl=&if=false&ts=1732169269877&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732169269874.144545334285308467&cs_est=true&ler=empty&cdl=API_unavailable&it=1732169269740&coo=false&rqm=GET
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=40, rtx=0, c=23, mss=1232, tbw=4611, tp=12, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 21 Nov 2024 06:07:50 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=683722869167845&ev=PageView&dl=https%3A%2F%2Fdems.ag%2F&rl=&if=false&ts=1732169269877&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732169269874.144545334285308467&cs_est=true&ler=empty&cdl=API_unavailable&it=1732169269740&coo=false&rqm=FGET
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7439610367558007935"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 21 Nov 2024 06:07:50 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
05aJZHmLAFJd+epdtOb/r8LF/mQrjDwmeZ6FbU5WCVWBoRzF3iD1WKKNYEzWaIymLwi4nWtLno2r8E43zhq1FA==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7439610367558007935", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=40, rtx=0, c=23, mss=1232, tbw=4979, tp=15, tpl=0, uplat=41, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
collect
www.google-analytics.com/j/ 		1 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=989659253&t=pageview&_s=1&dl=https%3A%2F%2Fdems.ag%2F&ul=en-ca&de=UTF-8&dt=Home%20-%20Democratic%20Attorneys%20General%20Association&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1146485406&gjid=1759450412&cid=350570187.1732169270&tid=UA-152621184-1&_gid=1515412485.1732169271&_r=1&gtm=457e4bk0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&jsscut=1&z=1443347794
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.179.102 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f102.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://dems.ag/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Nov 2024 06:07:50 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://dems.ag
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
1
server
Golfe2
favicon-32x32.png
dems.ag/wp-content/themes/daga/favicon/ 		894 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://dems.ag/wp-content/themes/daga/favicon/favicon-32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f9b2f16df3b1d83b6d59bcf981f97aa2a0a281a2941e5ab4501cdd9e0c807e6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

cf-bgj
imgq:100,h2pri
etag
"623dcd81-70f"
age
197093
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=1807
alt-svc
h3=":443"; ma=86400
date
Thu, 21 Nov 2024 06:07:50 GMT
content-type
image/webp
content-disposition
inline; filename="favicon-32x32.webp"
vary
Accept
last-modified
Fri, 25 Mar 2022 14:11:13 GMT
cache-control
public, max-age=31536000
cf-ray
8e5e8077383eac5a-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
894
server
cloudflare
F0FbMqMdu02IxogaZwEmdA2
secure.ngpvan.com/v1/Track/ 		0
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.ngpvan.com/v1/Track/F0FbMqMdu02IxogaZwEmdA2?formSessionId=237b67c6-e613-44f1-bf30-49ddb468260f&bName=chrome&dType=desktop&formVersion=7/29/2024%206:01:14%20PM|4/4/2024%207:28:00%20PM&fUrl=aHR0cHM6Ly9kZW1zLmFnLw%3D%3D&fRef=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

strict-transport-security
max-age=31536000
x-iinfo
13-40156812-40156825 NNNN CT(21 45 0) RT(1732169270213 247) q(0 0 1 -1) r(1 1) U2
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
access-control-expose-headers
Request-Context
cache-control
no-cache
pragma
no-cache
x-cdn
Imperva
x-content-type-options
nosniff
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
expires
-1
content-length
0
date
Thu, 21 Nov 2024 06:07:50 GMT
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
F0FbMqMdu02IxogaZwEmdA2
secure.ngpvan.com/v1/Track/ 		0
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.ngpvan.com/v1/Track/F0FbMqMdu02IxogaZwEmdA2?formSessionId=c1f3bdd2-3d90-4671-af94-e8427de44286&bName=chrome&dType=desktop&formVersion=7/29/2024%206:01:14%20PM|4/4/2024%207:28:00%20PM&fUrl=aHR0cHM6Ly9kZW1zLmFnLw%3D%3D&fRef=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

strict-transport-security
max-age=31536000
x-iinfo
13-40156812-40156825 PNNN RT(1732169270213 257) q(0 0 1 -1) r(1 1) U2
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
access-control-expose-headers
Request-Context
cache-control
no-cache
pragma
no-cache
x-cdn
Imperva
x-content-type-options
nosniff
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
expires
-1
content-length
0
date
Thu, 21 Nov 2024 06:07:50 GMT
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 8EFE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.227.96 -, , ASN (),
Reverse DNS
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://dems.ag/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2033
alt-svc
h3=":443"; ma=86400
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 21 Nov 2024 06:01:24 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Fri, 15 Nov 2024 21:14:25 GMT
origin-agent-cluster
?1
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 af714cbe72276e767e61cd6e1fa5ed48.cloudfront.net (CloudFront)
x-amz-cf-id
sMlnXoo5v7dMJxoRegVeB2yAaWMVnzGLgzPYZH4kO3tcDLVd2safmQ==
x-amz-cf-pop
IAD55-P5
x-cache
Hit from cloudfront
x-content-type-options
nosniff

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
dems.ag
URL
blob:https://dems.ag/13b0a850-f9ac-465b-9e00-e48058c0b581

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| dataLayer object| _wpemojiSettings function| gtag function| saq function| _saq object| HappyForms function| hj object| _hjSettings function| _ object| Backbone object| CSSModal object| nvtag object| _gaq object| nvtag_plugins object| IWillVoteLocationSearch object| __REACT_INTL_CONTEXT__ string| ans number| tnsId object| App object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| twemoji object| wp object| res object| saCookies string| current_window_url_param object| hjSiteSettings object| hjLazyModules function| hjBootstrap object| hjBootstrapCalled object| gaGlobal object| VgForm object| SecureForm object| VGSCollect object| webpackChunkStripeJSouter function| noop function| Stripe object| gaplugins object| gaData object| formview

20 Cookies

Domain/Path Name / Value
tags.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-841ffcf2-9ddd-507d-7c7d-67cff46420bb.JPQV2GShewe44HNMyRsQUaYeFvVlT5MVHZjZjcCLFwY
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-841ffcf2-9ddd-507d-7c7d-67cff46420bb.JPQV2GShewe44HNMyRsQUaYeFvVlT5MVHZjZjcCLFwY
tags.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AhB_88p3dUH18fWfP9GQgu5ovETk.dgh4%2FJ%2FHbgI6Ic7UVIiZx7KWD2a6Vk9tT66pZTjnSHQ
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AhB_88p3dUH18fWfP9GQgu5ovETk.dgh4%2FJ%2FHbgI6Ic7UVIiZx7KWD2a6Vk9tT66pZTjnSHQ
tags.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKICoUBSZYFbgBwAvTJ7UxRc9Z_ntS9PQGPqUuQOQjpz5DENYBGAQgtZz7uQYwAToEQiu0oEIEtrVsrw.foUp51GP6EA5eHVG3Ugs3OwP4sDASgViQ4F2fgPO5%2BQ
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKICoUBSZYFbgBwAvTJ7UxRc9Z_ntS9PQGPqUuQOQjpz5DENYBGAQgtZz7uQYwAToEQiu0oEIEtrVsrw.foUp51GP6EA5eHVG3Ugs3OwP4sDASgViQ4F2fgPO5%2BQ
dems.ag/ Name: sa-user-id
Value: s%253A0-841ffcf2-9ddd-507d-7c7d-67cff46420bb.JPQV2GShewe44HNMyRsQUaYeFvVlT5MVHZjZjcCLFwY
dems.ag/ Name: sa-user-id-v2
Value: s%253AhB_88p3dUH18fWfP9GQgu5ovETk.dgh4%252FJ%252FHbgI6Ic7UVIiZx7KWD2a6Vk9tT66pZTjnSHQ
dems.ag/ Name: sa-user-id-v3
Value: s%253AAQAKICoUBSZYFbgBwAvTJ7UxRc9Z_ntS9PQGPqUuQOQjpz5DENYBGAQgtZz7uQYwAToEQiu0oEIEtrVsrw.foUp51GP6EA5eHVG3Ugs3OwP4sDASgViQ4F2fgPO5%252BQ
.dems.ag/ Name: _gcl_au
Value: 1.1.1777483563.1732169270
.dems.ag/ Name: _ga_C0KC0QE7ES
Value: GS1.1.1732169269.1.0.1732169269.0.0.0
.dems.ag/ Name: _fbp
Value: fb.1.1732169269874.144545334285308467
.dems.ag/ Name: _ga
Value: GA1.2.350570187.1732169270
.dems.ag/ Name: _gid
Value: GA1.2.1515412485.1732169271
.dems.ag/ Name: _gat_gtag_UA_152621184_1
Value: 1
.dems.ag/ Name: _hjSessionUser_3929513
Value: eyJpZCI6IjU0ZDFkMDA0LTExYjctNWQ1Ny05NGZlLWU1MGJlODMxYTQ2NCIsImNyZWF0ZWQiOjE3MzIxNjkyNzA4NzgsImV4aXN0aW5nIjpmYWxzZX0=
.dems.ag/ Name: _hjSession_3929513
Value: eyJpZCI6IjQxOGQ0NDMzLWYwZmMtNDBjYy04Mzc3LWJjN2FhZDZjZjk0MyIsImMiOjE3MzIxNjkyNzA4ODAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.ngpvan.com/ Name: nlbi_1002065
Value: O591ITOpWRzpSZJa0IOYSwAAAADpJk8Gnocz720bvn/xJvmI
.ngpvan.com/ Name: visid_incap_1002065
Value: mmcAdqqwSBGRBLwDX4eONTbOPmcAAAAAQUIPAAAAAACuOc6c4WNcFei+T5em3exk
.ngpvan.com/ Name: incap_ses_327_1002065
Value: 0yRKS4Aomy09Typq9byJBDbOPmcAAAAAa7ZtLTGpFn7K3OO3dNxElw==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
dems.ag
fonts.googleapis.com
fonts.gstatic.com
iwillvote.com
js.stripe.com
js.verygoodvault.com
script.hotjar.com
secure.ngpvan.com
static.everyaction.com
static.hotjar.com
tags.srv.stackadapt.com
vis.iwillvote.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
dems.ag
108.138.64.84
141.193.213.10
142.250.31.97
142.251.179.102
172.253.115.104
172.253.63.95
18.154.227.109
18.154.227.71
18.154.227.96
18.160.41.53
3.167.56.49
3.167.88.111
3.217.39.214
31.13.66.19
31.13.66.35
45.60.31.183
64.233.180.94
99.84.160.116
078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4
0af53c307e0c24070ce7b3f2cf4d77dc60a5ed3b389c05d776b605911242ae66
11426543cfee130862678a9b389c1360cdb41dec033dac8d6d6cc039e60a34a7
120f82490e19609333eee4140b8c882dd2c8fabc938410a4539de297e6b12f85
18d5b551a742857bcf9fc62a7c5469a7b6d5142360268b3e2edd17d5a666ecfe
1be77d69628d8c51ea98b28c2b5928ed207750e464fd3842631487170eb348cf
1f464016cde2bad7da1dd1349d232fda8bb8f0086c4638811add5db92d43c3b6
1f9b2f16df3b1d83b6d59bcf981f97aa2a0a281a2941e5ab4501cdd9e0c807e6
1fc5e8a20bac765f6e6c5561f28bbad7b7302bf3009b2910e0070b7b27a95fd8
22b68d2e22a3363202c2c6de7bb5423a7f266b5c591ff77990189a227d0ff5e7
2302443e0fb551886e9486df2ee027a958110280edb9530f64e64a7b25f09077
32526bffc26a3a0a4d7283d2e971eba2a1a9102799da3ac6560ef24a95478e43
39494eaf8540d7aed130e68f3f9ec865cc25d987c174046cb4cb6f3fd4bc4be8
3bb6a2bab36133ec7a878a0b2fa75761f78d81b124a8fe1c2810427669dd07e9
3c23fc019936beeb0d65896c3b73caf063e3a5491acae393a3437031368fa71d
3fbffd71285d5ce0463e13b8158978a198849b086c26dead89c6062dbb4bfddb
47247cf32c064515cfe48b9783072ab2b670ba87617c9ae171f36364bbafe0f0
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
50c807ebcd96279309f977b30a31b77a72e527e4d01274f9e76e047e9bc0ed70
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
56432b84798fd1b1bbba58a23e3491c04a67447282114fa5cd776f4f5fd4e70b
575b2165304d899b7001ab593aeee31b371a46aee8b899c22a87ab9313389eda
5c009d46ad59d5e552af2aea6c3072d7fe5f33034a44c855e4754fa0f72cb7af
646083951ff6b22833bfab6e5c8d1619db124b19a667b4c71a5947f7553490e1
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c6764b994fc6d19f5aa48ba15956f0731a5172c4de07d2488a1c223868b58af
6c7bee93ba59a89cb8231e9641d69512ee4453bb548ab55f2621f71d738606fe
6cbc2458b099f9e7fc94c96932f3b9a47a6e54d6ec2f1d1461297e91a32808a5
8d0d0251614e63c66de207727d86c379393085caba768da7e9c8277c5abc43b7
8dde41c93a651d44b5743978734a3d707a552e0e07fb1377df7b1fd62020e842
904dc3e1bee45978299da81e6b6c3a731f1240118afde61161e2be24c4c1031b
97c6de33479451be085c649d73bc65843a2b00955788b52dc48e74e0ab533c1f
98e596c6c2b3eee4ac1937072fea9c643794b701308b60adc36b767ee8545392
9cbadb44a3affb05a48ae41af44e7002248a31cbe85603044c5414c6a788a1ff
a54be57c482e85ead7bf3126b3a406f7acfbb270b59d49fc6e208391fdc4979c
a628cc5900cf4788c2ad7857a1f7987d53204ef05e71c60795b3b194a3708e7d
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b40277966ab293d963c0af593ac6a65352e3c29465929982c9c4785e487b331b
b9b4723e1725fca810a905f00cd53a5bb0e56901b9331973f1cd17d07712d181
be5a87773af2ae635efc8356c8281457b310511cce556822ef0bd28a35ad8c01
c736276d3926d3e1f7eccdf76203dddfc37ba398c974ac6ab772825579ac61b6
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cd0f34c8c78b19b7a19090b79b8b81dcda22cb5ea90c6dd14f5abea5e67f3306
db04c86ad3bc46d16b82b6d9ce6b6174ec8e839b8ef5d1a875bcf2852a6e9a71
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
f825f8c1bcadeb617528a460f8bed506345bff6d0aa9596f28b87dfbbdc52d58
feb5c0ee05ef970a3cf34bac95d465e96ccb3a3df353b3a641d9391c168e68ad