urlscan.io logo urlscan.io
SecurityTrails logo

dems.ag Open in urlscan Pro
104.196.131.29  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://democraticags.org/
Effective URL: https://dems.ag/
Submission Tags: falconsandbox
Submission: On May 08 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 4 countries across 12 domains to perform 51 HTTP transactions. The main IP is 104.196.131.29, located in North Charleston, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is dems.ag.
TLS certificate: Issued by R3 on March 3rd 2024. Valid for: 3 months.
This is the only time dems.ag was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

28    104.196.131.29 (North Charleston, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 29.131.196.104.bc.googleusercontent.com
democraticags.org
dems.ag
3    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    18.194.86.204 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-86-204.eu-central-1.compute.amazonaws.com
tags.srv.stackadapt.com
1    18.66.102.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-53.fra56.r.cloudfront.net
static.hotjar.com
1    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    13.32.27.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-21.fra56.r.cloudfront.net
script.hotjar.com
2    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    172.217.16.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f8.1e100.net
www.googletagmanager.com
2    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:400c:c02::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    18.66.112.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-110.fra56.r.cloudfront.net
vc.hotjar.io
1    54.228.55.253 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-55-253.eu-west-1.compute.amazonaws.com
content.hotjar.io
1    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    34.254.132.32 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-132-32.eu-west-1.compute.amazonaws.com
metrics.hotjar.io
Apex Domain
Subdomains		 Transfer
27 dems.ag
dems.ag
1 MB
4 stackadapt.com
tags.srv.stackadapt.com — Cisco Umbrella Rank: 2777
9 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
319 KB
3 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 2775
content.hotjar.io — Cisco Umbrella Rank: 6388
metrics.hotjar.io — Cisco Umbrella Rank: 8649
483 B
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
region1.google-analytics.com — Cisco Umbrella Rank: 2533
21 KB
3 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 742
script.hotjar.com — Cisco Umbrella Rank: 988
61 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 183
72 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 101
274 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 89
340 B
1 gstatic.com
fonts.gstatic.com
46 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
1 KB
1 democraticags.org
democraticags.org
229 B
51 12
Domain Requested by
27 dems.ag dems.ag
4 tags.srv.stackadapt.com dems.ag
tags.srv.stackadapt.com
4 www.googletagmanager.com dems.ag
www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 connect.facebook.net dems.ag
connect.facebook.net
2 script.hotjar.com static.hotjar.com
script.hotjar.com
1 metrics.hotjar.io static.hotjar.com
1 www.facebook.com dems.ag
1 content.hotjar.io script.hotjar.com
1 vc.hotjar.io script.hotjar.com
1 stats.g.doubleclick.net www.google-analytics.com
1 region1.google-analytics.com www.googletagmanager.com
1 fonts.gstatic.com fonts.googleapis.com
1 static.hotjar.com dems.ag
1 fonts.googleapis.com dems.ag
1 democraticags.org 1 redirects
51 16

This site contains links to these domains. Also see Links.

Domain
secure.actblue.com
twitter.com
www.facebook.com
www.instagram.com
www.youtube.com
Subject Issuer Validity Valid
dems.ag
R3		 2024-03-03 -
2024-06-01		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.srv.stackadapt.com
Amazon RSA 2048 M02		 2023-09-09 -
2024-10-07		 a year crt.sh
*.hotjar.com
Amazon ECDSA 256 M03		 2024-02-07 -
2025-03-08		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-02-15 -
2024-05-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.hotjar.io
Amazon ECDSA 256 M02		 2024-02-07 -
2025-03-08		 a year crt.sh

This page contains 1 frames:

Primary Page: https://dems.ag/
Frame ID: 4205C44FBA93B96DA1D500A3D083618A
Requests: 51 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home - Democratic Attorneys General Association

Page URL History Show full URLs

  1. http://democraticags.org/ HTTP 307
    https://democraticags.org/ HTTP 301
    https://dems.ag/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

51
Requests

98 %
HTTPS

50 %
IPv6

12
Domains

16
Subdomains

17
IPs

4
Countries

2013 kB
Transfer

3246 kB
Size

18
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://democraticags.org/ HTTP 307
    https://democraticags.org/ HTTP 301
    https://dems.ag/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

51 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
dems.ag/
Redirect Chain
  • http://democraticags.org/
  • https://democraticags.org/
  • https://dems.ag/
39 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dems.ag/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.131.29 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.131.196.104.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
ec0f8bfaa75e24435c99852a20a822c5ec74ab438897e3470c488fd2b1f4723d

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

cache-control
max-age=600, must-revalidate
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 08 May 2024 11:53:22 GMT
link
<https://dems.ag/wp-json/>; rel="https://api.w.org/" <https://dems.ag/wp-json/wp/v2/pages/148>; rel="alternate"; type="application/json" <https://dems.ag/>; rel=shortlink
server
nginx
vary
Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
HIT: 7
x-cache-group
normal
x-cacheable
SHORT
x-powered-by
WP Engine

Redirect headers

cache-control
max-age=600, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 08 May 2024 11:53:21 GMT
expires
Wed, 08 May 2024 12:53:19 GMT
location
https://dems.ag/
server
nginx
x-cache
HIT: 1
x-cache-group
normal
x-cacheable
non200
x-powered-by
WP Engine
x-redirect-by
WordPress
styles.css
dems.ag/wp-content/plugins/sitepress-multilingual-cms/dist/css/blocks/ 		58 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dems.ag/wp-content/plugins/sitepress-multilingual-cms/dist/css/blocks/styles.css?ver=4.6.9
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.131.29 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.131.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
58c855e7eb9b917e71e6b733e73c542c25bacb986f3ba7df2be1570200312135

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://dems.ag/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 11:53:23 GMT
content-encoding
br
last-modified
Thu, 11 Jan 2024 03:39:53 GMT
server
nginx
etag
W/"659f6309-e768"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.min.css
dems.ag/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-horizontal/ 		908 B
509 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dems.ag/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-horizontal/style.min.css?ver=1
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.131.29 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.131.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
22a79f1fbcc70373c7021bae2164d9232d1e9dd3c6a163df9f9f54070e5f6b50

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://dems.ag/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 11:53:23 GMT
content-encoding
br
last-modified
Thu, 11 Jan 2024 03:39:53 GMT
server
nginx
etag
W/"659f6309-38c"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.css
dems.ag/wp-content/themes/daga/ 		80 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dems.ag/wp-content/themes/daga/style.css?ver=1.0.1
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.131.29 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.131.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
5312a4458246ff2b19f16b55b5e6cace215abc5706d457c8888090380165af4b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://dems.ag/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 11:53:23 GMT
content-encoding
br
last-modified
Fri, 15 Apr 2022 15:48:38 GMT
server
nginx
etag
W/"625993d6-140bb"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
language-cookie.js
dems.ag/wp-content/plugins/sitepress-multilingual-cms/res/js/cookies/ 		271 B
401 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dems.ag/wp-content/plugins/sitepress-multilingual-cms/res/js/cookies/language-cookie.js?ver=4.6.9
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.131.29 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.131.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
20be9b3c63a01d921697a0ef1c1596f647678498eefe6dc508e2363be25277f8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://dems.ag/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 11:53:23 GMT
content-encoding
br
last-modified
Thu, 11 Jan 2024 03:39:52 GMT
server
nginx
etag
W/"659f6308-10f"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
js
www.googletagmanager.com/gtag/ 		203 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-152621184-1
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
43b45ffd5884ffabaf8eabad78aec3e0885b07f57a496c21f38843909bebbd10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://dems.ag/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 11:53:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74672
x-xss-protection
0
last-modified
Wed, 08 May 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 08 May 2024 11:53:24 GMT
homepage-desktop.jpg
dems.ag/wp-content/uploads/2022/03/ 		933 KB
934 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dems.ag/wp-content/uploads/2022/03/homepage-desktop.jpg
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.131.29 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.131.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
fe0d3bed187d8ffdf78c72929ffe93285cd8fe6d04191d20d94279fe3a9ae888

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://dems.ag/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 11:53:23 GMT
last-modified
Wed, 16 Mar 2022 15:04:23 GMT
server
nginx
etag
"6231fc77-e922d"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
954925
Website-Headshots-Ford.jpg
dems.ag/wp-content/uploads/2024/02/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dems.ag/wp-content/uploads/2024/02/Website-Headshots-Ford.jpg
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.131.29 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.131.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
30d947046d83a709a5545f69a5ce4b3fb85d321385f2989bc3edd10ee97c1a51

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://dems.ag/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 11:53:23 GMT
last-modified
Wed, 14 Feb 2024 21:17:40 GMT
server
nginx
etag
"65cd2df4-d34f"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
54095
Website-Headshots-Jennings.jpg
dems.ag/wp-content/uploads/2024/02/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dems.ag/wp-content/uploads/2024/02/Website-Headshots-Jennings.jpg
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.131.29 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.131.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
adaa391278f86124ee0f2d353bcb1052cfbaebf561a539aad1434a592ade3fde

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://dems.ag/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 11:53:23 GMT
last-modified
Wed, 14 Feb 2024 21:17:40 GMT
server
nginx
etag
"65cd2df4-afbe"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
44990
Website-Headshots-Ellison.jpg
dems.ag/wp-content/uploads/2024/02/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dems.ag/wp-content/uploads/2024/02/Website-Headshots-Ellison.jpg
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.131.29 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.131.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
eb172a969ec73d1113589ab8f3bb2272d7803b0f829d213f68c5e734011fd79b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://dems.ag/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 11:53:23 GMT
last-modified
Wed, 14 Feb 2024 21:02:59 GMT
server
nginx
etag
"65cd2a83-bb0f"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
47887
Website-Headshots-Raoul.jpg
dems.ag/wp-content/uploads/2024/02/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dems.ag/wp-content/uploads/2024/02/Website-Headshots-Raoul.jpg
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.131.29 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.131.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
3e657027675631828ba5d7a70e651b22acc3c58f9e8052a64a9c38e968a37a51

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://dems.ag/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 11:53:23 GMT
last-modified
Wed, 14 Feb 2024 21:12:50 GMT
server
nginx
etag
"65cd2cd2-cbd1"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
52177
Website-Headshots-Campbell.jpg
dems.ag/wp-content/uploads/2022/09/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dems.ag/wp-content/uploads/2022/09/Website-Headshots-Campbell.jpg
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.131.29 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.131.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
9d7ef3a04d7374047b37d4723c483216b9e71501b0d1ae0671faaaea8d05d81a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://dems.ag/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 11:53:23 GMT
last-modified
Mon, 08 May 2023 19:47:02 GMT
server
nginx
etag
"645951b6-af70"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
44912
Website-Headshots-Bonta.jpg
dems.ag/wp-content/uploads/2024/02/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dems.ag/wp-content/uploads/2024/02/Website-Headshots-Bonta.jpg
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.131.29 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.131.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
a71a46320dfa40f73c07696f24e812c3ba767abbfc46cb25d48bd14e9f10f97b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://dems.ag/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 11:53:23 GMT
last-modified
Wed, 14 Feb 2024 21:15:16 GMT
server
nginx
etag
"65cd2d64-b6f7"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
46839
Website-Headshots-Rosenblum.jpg
dems.ag/wp-content/uploads/2024/02/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dems.ag/wp-content/uploads/2024/02/Website-Headshots-Rosenblum.jpg
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.131.29 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.131.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
0b3a8a9a88333110f24564f4fd7ae1160ae02fd4499f24631d2c8727f5d0bdfb

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://dems.ag/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 11:53:23 GMT
last-modified
Wed, 14 Feb 2024 20:54:48 GMT
server
nginx
etag
"65cd2898-bce8"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
48360
5.4.23-Website-Icons-05-aspect-ratio-13-10.jpg
dems.ag/wp-content/uploads/2023/06/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dems.ag/wp-content/uploads/2023/06/5.4.23-Website-Icons-05-aspect-ratio-13-10.jpg
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.131.29 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.131.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
7f4396dc7fdba52353c5d5672fd6ee73ee3a0eef49320f607278d6edf85e173c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://dems.ag/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 11:53:23 GMT
last-modified
Mon, 12 Jun 2023 14:56:31 GMT
server
nginx
etag
"6487321f-5305"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
21253
5.4.23-Website-Icons-06-aspect-ratio-13-10.jpg
dems.ag/wp-content/uploads/2023/06/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dems.ag/wp-content/uploads/2023/06/5.4.23-Website-Icons-06-aspect-ratio-13-10.jpg
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.131.29 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.131.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
a52f09d890996c427e371c89532e3c94a9e64a410b3f98c41e86918ef69bf734

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://dems.ag/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 11:53:23 GMT
last-modified
Mon, 12 Jun 2023 14:57:19 GMT
server
nginx
etag
"6487324f-5b55"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
23381
5.4.23-Website-Icons-12-aspect-ratio-13-10.jpg
dems.ag/wp-content/uploads/2023/06/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dems.ag/wp-content/uploads/2023/06/5.4.23-Website-Icons-12-aspect-ratio-13-10.jpg
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.131.29 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.131.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
18a42900ff88be3bff6dbd969627128a388aa86ee0d4610d7eb57c976f4ddabf

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://dems.ag/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 11:53:24 GMT
last-modified
Mon, 12 Jun 2023 14:56:31 GMT
server
nginx
etag
"6487321f-57ab"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
22443
5.4.23-Website-Icons-04-aspect-ratio-13-10.jpg
dems.ag/wp-content/uploads/2023/06/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dems.ag/wp-content/uploads/2023/06/5.4.23-Website-Icons-04-aspect-ratio-13-10.jpg
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.131.29 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.131.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
10d85eada027b2fa6575676a3816054bd584e45b0624bcfac005a1089dc70811

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://dems.ag/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 11:53:24 GMT
last-modified
Mon, 12 Jun 2023 14:56:31 GMT
server
nginx
etag
"6487321f-57b3"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
22451
5.4.23-Website-Icons-11-aspect-ratio-13-10.jpg
dems.ag/wp-content/uploads/2023/06/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dems.ag/wp-content/uploads/2023/06/5.4.23-Website-Icons-11-aspect-ratio-13-10.jpg
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.131.29 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.131.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
25a37c10873cce67ce186a14f8c641bb5d08bafc78f9f6482c111df69e7a347b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://dems.ag/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 11:53:24 GMT
last-modified
Mon, 12 Jun 2023 14:57:19 GMT
server
nginx
etag
"6487324f-5f35"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
24373
5.4.23-Website-Icons-10-aspect-ratio-13-10.jpg
dems.ag/wp-content/uploads/2023/06/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dems.ag/wp-content/uploads/2023/06/5.4.23-Website-Icons-10-aspect-ratio-13-10.jpg
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.131.29 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.131.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
8d78565b7fe4bbb7b2cd0ee35f0fb8a62be3c3bbb17da17b4b44662cb45484d2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://dems.ag/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 11:53:24 GMT
last-modified
Mon, 12 Jun 2023 14:56:31 GMT
server
nginx
etag
"6487321f-4cf2"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
19698
scripts.js
dems.ag/wp-content/themes/daga/js/ 		91 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dems.ag/wp-content/themes/daga/js/scripts.js?ver=1.0.1
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.131.29 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.131.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
8d0d0251614e63c66de207727d86c379393085caba768da7e9c8277c5abc43b7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://dems.ag/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 11:53:23 GMT
content-encoding
br
last-modified
Fri, 25 Mar 2022 14:11:13 GMT
server
nginx
etag
W/"623dcd81-16c94"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
gtm.js
www.googletagmanager.com/ 		232 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MF9XFBN
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e738f0f5cade081962e1e82c80030443691b3f4e2e3b2abfb018d2505713713e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://dems.ag/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 11:53:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
84489
x-xss-protection
0
last-modified
Wed, 08 May 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 08 May 2024 11:53:24 GMT
88d5f002-90ce-4f99-8a06-ac1282b358ef
https://dems.ag/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://dems.ag/88d5f002-90ce-4f99-8a06-ac1282b358ef
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length
1185
Content-Type
text/javascript
css2
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@400;700&display=swap
Requested by
Host: dems.ag
URL: https://dems.ag/wp-content/themes/daga/style.css?ver=1.0.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3ae6e4decd4fb974b41b2f37fa7b19c7a1c9b80127dd45be4bc24702c7145a4c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://dems.ag/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 08 May 2024 11:53:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 08 May 2024 10:15:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 08 May 2024 11:53:23 GMT
events.js
tags.srv.stackadapt.com/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/events.js
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.194.86.204 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-86-204.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
2e6b1d6159776e3b6b6dc36cdad2a7f105c6c8193b4897aacb55172cdb483128

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://dems.ag/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Wed, 08 May 2024 11:53:24 GMT
cache-control
max-age=5
content-encoding
gzip
content-type
text/javascript
hotjar-3929513.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-3929513.js?sv=5
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-53.fra56.r.cloudfront.net
Software
/
Resource Hash
00715f8f5f9e184208e242ad21937f2a1466fdd89afa0b5f47749e2cc57d9f80
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://dems.ag/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Wed, 08 May 2024 11:53:24 GMT
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
etag
W/5df9f12450011e503d36f425170edc33
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
x-amz-cf-id
K8OV8GNG-43_kPTohoubyd0M90NwZRoG-csYUFXAoxYd7-6SM9itlg==
daga-logo.svg
dems.ag/wp-content/themes/daga/images/ 		14 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dems.ag/wp-content/themes/daga/images/daga-logo.svg
Requested by
Host: dems.ag
URL: https://dems.ag/wp-content/themes/daga/style.css?ver=1.0.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.131.29 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.131.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
a54be57c482e85ead7bf3126b3a406f7acfbb270b59d49fc6e208391fdc4979c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://dems.ag/wp-content/themes/daga/style.css?ver=1.0.1
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 11:53:24 GMT
content-encoding
br
last-modified
Fri, 25 Mar 2022 14:11:13 GMT
server
nginx
etag
W/"623dcd81-36e0"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
arrow-triple-navy.svg
dems.ag/wp-content/themes/daga/images/ 		319 B
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dems.ag/wp-content/themes/daga/images/arrow-triple-navy.svg
Requested by
Host: dems.ag
URL: https://dems.ag/wp-content/themes/daga/style.css?ver=1.0.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.131.29 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.131.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
2302443e0fb551886e9486df2ee027a958110280edb9530f64e64a7b25f09077

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://dems.ag/wp-content/themes/daga/style.css?ver=1.0.1
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 11:53:24 GMT
content-encoding
br
last-modified
Fri, 25 Mar 2022 14:11:13 GMT
server
nginx
etag
W/"623dcd81-13f"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
caret-down.svg
dems.ag/wp-content/themes/daga/images/ 		130 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dems.ag/wp-content/themes/daga/images/caret-down.svg
Requested by
Host: dems.ag
URL: https://dems.ag/wp-content/themes/daga/style.css?ver=1.0.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.131.29 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.131.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
47247cf32c064515cfe48b9783072ab2b670ba87617c9ae171f36364bbafe0f0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://dems.ag/wp-content/themes/daga/style.css?ver=1.0.1
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 11:53:24 GMT
content-encoding
br
last-modified
Fri, 25 Mar 2022 14:11:13 GMT
server
nginx
etag
W/"623dcd81-82"
vary
Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
arrow-triple-white.svg
dems.ag/wp-content/themes/daga/images/ 		661 B
579 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dems.ag/wp-content/themes/daga/images/arrow-triple-white.svg
Requested by
Host: dems.ag
URL: https://dems.ag/wp-content/themes/daga/style.css?ver=1.0.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.131.29 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.131.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
b9b4723e1725fca810a905f00cd53a5bb0e56901b9331973f1cd17d07712d181

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://dems.ag/wp-content/themes/daga/style.css?ver=1.0.1
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 11:53:24 GMT
content-encoding
br
last-modified
Fri, 25 Mar 2022 14:11:13 GMT
server
nginx
etag
W/"623dcd81-295"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://dems.ag
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 07:48:42 GMT
x-content-type-options
nosniff
age
101082
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46704
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:49:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 May 2025 07:48:42 GMT
Messapia-Bold.woff2
dems.ag/wp-content/themes/daga/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dems.ag/wp-content/themes/daga/fonts/Messapia-Bold.woff2
Requested by
Host: dems.ag
URL: https://dems.ag/wp-content/themes/daga/style.css?ver=1.0.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.131.29 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.131.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
0af53c307e0c24070ce7b3f2cf4d77dc60a5ed3b389c05d776b605911242ae66

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://dems.ag/wp-content/themes/daga/style.css?ver=1.0.1
Origin
https://dems.ag
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 11:53:24 GMT
last-modified
Fri, 25 Mar 2022 14:11:13 GMT
server
nginx
etag
"623dcd81-3ca0"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
15520
modules.1a30a0a67c3c23c13060.js
script.hotjar.com/ 		221 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.1a30a0a67c3c23c13060.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3929513.js?sv=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-21.fra56.r.cloudfront.net
Software
/
Resource Hash
6a22634f79988e2d27b3207f1b854001e840bc838901e419afcc287873f0cf4d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://dems.ag/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 11:24:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
88158
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
55860
last-modified
Tue, 07 May 2024 11:23:47 GMT
etag
"2fd6012f850b43dfffc8cb9291fc5153"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
ZBCnq6zNmO3ZFAio_kvL358sMfm8kkIFh3FZ03EkK5tIydImsFL7xA==
sa.css
tags.srv.stackadapt.com/ 		65 B
203 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.css
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.194.86.204 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-86-204.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
2712f872a8662d4be24e5714ae1ef301eb55eec7937a5fe8510ccc30c778d0e1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://dems.ag/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Wed, 08 May 2024 11:53:24 GMT
cache-control
only-if-cached, no-transform, private, max-age=7776000
content-length
65
content-type
text/css
sa.jpeg
tags.srv.stackadapt.com/ 		0
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.jpeg
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.194.86.204 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-86-204.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://dems.ag/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Wed, 08 May 2024 11:53:24 GMT
cache-control
only-if-cached, no-transform, private, max-age=7776000
content-length
651
content-type
image/jpeg
fbevents.js
connect.facebook.net/en_US/ 		218 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f589b180c1064f697c91ac117fafda9aff1c66123a099e82da0b976a09011510
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://dems.ag/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 08 May 2024 11:53:24 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57845
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=23, rtx=0, c=12, mss=1294, tbw=2802, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
VXxo/5avMIluAsScxWT/0xLIgmjf9KFd4UYs7yd6T2RIlsqg9Rn44UNhhpk0He3HOf1pXcFELunkEYDxdvWUjw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		203 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-152621184-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MF9XFBN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1a367a4f6b08f86885d1078fefb93beb5e35253e8a9992e8cf3f23efcf2ded7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://dems.ag/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 11:53:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74800
x-xss-protection
0
last-modified
Wed, 08 May 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 08 May 2024 11:53:24 GMT
js
www.googletagmanager.com/gtag/ 		255 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-C0KC0QE7ES&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-152621184-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
81f493332a4f2a5a80a5a6000aa25452ff3058a367e86a50531d925a91930b55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://dems.ag/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 11:53:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92240
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 08 May 2024 11:53:24 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-152621184-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://dems.ag/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 08 May 2024 10:07:49 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6335
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 08 May 2024 12:07:49 GMT
saq_pxl
tags.srv.stackadapt.com/ 		94 B
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/saq_pxl?uid=cw3_IeIiU2oS4YDxCQsl3g&is_js=true&landing_url=https%3A%2F%2Fdems.ag%2F&t=Home%20-%20Democratic%20Attorneys%20General%20Association&tip=gdbioC5WM9z2GX-_LtYEZSrdSHRy-khjlFetf65gqUA&host=https%3A%2F%2Fdems.ag&sa_conv_data_css_value=%270-03d006f0-6b6e-5d78-6030-9f20be3ebe93%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd903d006f06b6e5d7860309f20be3ebe93d972da1d&sa-user-id-v3=s%253AAQAKIGK1mPZFpRzQnZi-ZL3bhNRlSh45chUsq9Av6HI8Wc_pEHwYBCC0z-2xBjABOgS9M-cxQgSxvKgz.%252FDXt%252Fv5Utm1f8njVhvepuucisvqhs6BxCEH0Po7evNo&sa-user-id-v2=s%253AA9AG8GtuXXhgMJ8gvj6-k9ly2h0.hVl5EaxaBStsWbhgs1kfLIF8db3dmx0tpRIgoHptAhQ&sa-user-id=s%253A0-03d006f0-6b6e-5d78-6030-9f20be3ebe93.aCrjVGSAn2aUzXKTdraXKb8bW9JY%252Faga9C1DPqZMyOs
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.194.86.204 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-86-204.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://dems.ag/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://dems.ag
date
Wed, 08 May 2024 11:53:24 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
94
access-control-allow-methods
GET
content-type
text/plain; charset=utf-8
683722869167845
connect.facebook.net/signals/config/ 		65 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/683722869167845?v=2.9.155&r=stable&domain=dems.ag&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2db5548836f72829beac8b9dab46e920c3cfab9d84b652b45f4c068ba1386f41
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://dems.ag/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 08 May 2024 11:53:24 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=19, rtx=0, c=65, mss=1294, tbw=63325, tp=-1, tpl=-1, uplat=169, ullat=0
pragma
public
x-fb-debug
9ucoCmRMk/LpSCR/yocW8IfVpwk8hj9e7yRxO5l8nqYOgH5FNWKle6404NmyYDV6YukEDCDcyLk0CO6NDV6NtA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
248 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-C0KC0QE7ES&gtm=45je4510v9139033882za200&_p=1715169203103&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=18090218.1715169204&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1715169204&sct=1&seg=0&dl=https%3A%2F%2Fdems.ag%2F&dt=Home%20-%20Democratic%20Attorneys%20General%20Association&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2938
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C0KC0QE7ES&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://dems.ag/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 08 May 2024 11:53:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dems.ag
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1429557372&t=pageview&_s=1&dl=https%3A%2F%2Fdems.ag%2F&ul=de-de&de=UTF-8&dt=Home%20-%20Democratic%20Attorneys%20General%20Association&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1930174871&gjid=1936809130&cid=18090218.1715169204&tid=UA-152621184-1&_gid=1678055841.1715169204&_r=1&gtm=457e4510za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&jsscut=1&npa=1&z=1173987681
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://dems.ag/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 08 May 2024 11:53:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dems.ag
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-152621184-1&cid=18090218.1715169204&jid=1930174871&gjid=1936809130&_gid=1678055841.1715169204&npa=1&_u=YADAAUAAAAAAACAAI~&z=244108574
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c02::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://dems.ag/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 08 May 2024 11:53:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dems.ag
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
wp-emoji-release.min.js
dems.ag/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dems.ag/wp-includes/js/wp-emoji-release.min.js?ver=6.5.3
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.131.29 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.131.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://dems.ag/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 11:53:24 GMT
content-encoding
br
last-modified
Fri, 05 Apr 2024 15:39:02 GMT
server
nginx
etag
W/"66101b16-4926"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
3929513
vc.hotjar.io/sessions/ 		0
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/3929513?s=0.25&r=0.16821347464088654
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.1a30a0a67c3c23c13060.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-110.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://dems.ag/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Wed, 08 May 2024 11:53:24 GMT
cache-control
no-store
via
1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
TkXyCexSlJ3qa3V2DPGjWCtt9uez0Pzf4blENFaqA03KF3HAJ00GLQ==
x-cache
Miss from cloudfront
browser-perf.8417c6bba72228fa2e29.js
script.hotjar.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/browser-perf.8417c6bba72228fa2e29.js
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.1a30a0a67c3c23c13060.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-21.fra56.r.cloudfront.net
Software
/
Resource Hash
70712c8650feecc46403b5801b9d5b72d5b2d6ba1d1cf0317e105603982321bf
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://dems.ag/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Jan 2024 14:32:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
9062477
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
1782
last-modified
Wed, 24 Jan 2024 14:31:37 GMT
etag
"b83b61bc5871e9a23a0434e2c539f4f3"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
y9f04H-Wo8Jt8IfInC3H-uhN1Ad_zyNdeEYXDvzBcWldVMJBVHFD4w==
/
content.hotjar.io/ 		56 B
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.hotjar.io/?site_id=3929513&gzip=1
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.1a30a0a67c3c23c13060.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.228.55.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-55-253.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
421487a312750e541a16a4ab11d420e178177a585cf3edf6aa237270bd651f7c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://dems.ag/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 08 May 2024 11:53:24 GMT
content-length
56
access-control-max-age
86400
content-type
application/json
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=683722869167845&ev=PageView&dl=https%3A%2F%2Fdems.ag%2F&rl=&if=false&ts=1715169204673&sw=1600&sh=1200&v=2.9.155&r=stable&ec=0&o=4126&fbp=fb.1.1715169204671.2040248004&cs_est=true&ler=empty&cdl=API_unavailable&it=1715169204390&coo=false&rqm=GET
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://dems.ag/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=20, rtx=0, c=10, mss=1294, tbw=2794, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 08 May 2024 11:53:24 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
favicon-32x32.png
dems.ag/wp-content/themes/daga/favicon/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://dems.ag/wp-content/themes/daga/favicon/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.131.29 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.131.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
0cfe7289fb771211ec4b46c2369dca04446c8730542347c22243e43324b941a1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://dems.ag/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 11:53:25 GMT
last-modified
Fri, 25 Mar 2022 14:11:13 GMT
server
nginx
etag
"623dcd81-70f"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
1807
/
metrics.hotjar.io/ 		0
80 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://metrics.hotjar.io/?v=6&site_id=3929513
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3929513.js?sv=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.254.132.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-132-32.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://dems.ag/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 08 May 2024 11:53:27 GMT
access-control-max-age
86400

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| dataLayer object| _wpemojiSettings object| wpml_cookies function| gtag function| saq function| _saq object| HappyForms function| hj object| _hjSettings string| ans object| hjSiteSettings function| hjBootstrap object| hjLazyModules object| hjBootstrapCalled object| google_tag_manager object| google_tag_data function| fbq function| _fbq string| GoogleAnalyticsObject function| ga number| tnsId object| App object| FWP_HTTP object| res object| saCookies string| current_window_url_param object| gaGlobal object| gaplugins object| gaData object| twemoji object| wp

18 Cookies

Domain/Path Name / Value
tags.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-03d006f0-6b6e-5d78-6030-9f20be3ebe93.aCrjVGSAn2aUzXKTdraXKb8bW9JY%2Faga9C1DPqZMyOs
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-03d006f0-6b6e-5d78-6030-9f20be3ebe93.aCrjVGSAn2aUzXKTdraXKb8bW9JY%2Faga9C1DPqZMyOs
tags.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AA9AG8GtuXXhgMJ8gvj6-k9ly2h0.hVl5EaxaBStsWbhgs1kfLIF8db3dmx0tpRIgoHptAhQ
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AA9AG8GtuXXhgMJ8gvj6-k9ly2h0.hVl5EaxaBStsWbhgs1kfLIF8db3dmx0tpRIgoHptAhQ
tags.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIGK1mPZFpRzQnZi-ZL3bhNRlSh45chUsq9Av6HI8Wc_pEHwYBCC0z-2xBjABOgS9M-cxQgSxvKgz.%2FDXt%2Fv5Utm1f8njVhvepuucisvqhs6BxCEH0Po7evNo
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIGK1mPZFpRzQnZi-ZL3bhNRlSh45chUsq9Av6HI8Wc_pEHwYBCC0z-2xBjABOgS9M-cxQgSxvKgz.%2FDXt%2Fv5Utm1f8njVhvepuucisvqhs6BxCEH0Po7evNo
dems.ag/ Name: sa-user-id
Value: s%253A0-03d006f0-6b6e-5d78-6030-9f20be3ebe93.aCrjVGSAn2aUzXKTdraXKb8bW9JY%252Faga9C1DPqZMyOs
dems.ag/ Name: sa-user-id-v2
Value: s%253AA9AG8GtuXXhgMJ8gvj6-k9ly2h0.hVl5EaxaBStsWbhgs1kfLIF8db3dmx0tpRIgoHptAhQ
dems.ag/ Name: sa-user-id-v3
Value: s%253AAQAKIGK1mPZFpRzQnZi-ZL3bhNRlSh45chUsq9Av6HI8Wc_pEHwYBCC0z-2xBjABOgS9M-cxQgSxvKgz.%252FDXt%252Fv5Utm1f8njVhvepuucisvqhs6BxCEH0Po7evNo
.dems.ag/ Name: _gcl_au
Value: 1.1.1855283192.1715169204
.dems.ag/ Name: _ga_C0KC0QE7ES
Value: GS1.1.1715169204.1.0.1715169204.0.0.0
.dems.ag/ Name: _ga
Value: GA1.2.18090218.1715169204
.dems.ag/ Name: _gid
Value: GA1.2.1678055841.1715169204
.dems.ag/ Name: _gat_gtag_UA_152621184_1
Value: 1
.dems.ag/ Name: _hjSessionUser_3929513
Value: eyJpZCI6IjQ3Nzc1Y2MzLTNiMTYtNTU4OS1iYWY3LTE4MWRkZmFhNjQwYSIsImNyZWF0ZWQiOjE3MTUxNjkyMDQ1NTcsImV4aXN0aW5nIjp0cnVlfQ==
.dems.ag/ Name: _hjSession_3929513
Value: eyJpZCI6IjU4MWM0ZjNlLTNjY2UtNDg3Mi04NGRiLWIzMzk1Y2NmMTJlZiIsImMiOjE3MTUxNjkyMDQ1NTksInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=
dems.ag/ Name: wp-wpml_current_language
Value: en
.dems.ag/ Name: _fbp
Value: fb.1.1715169204671.2040248004

21 Console Messages

Source Level URL
Text
other warning URL: https://dems.ag/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dems.ag/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dems.ag/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dems.ag/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dems.ag/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dems.ag/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dems.ag/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dems.ag/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dems.ag/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dems.ag/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dems.ag/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dems.ag/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dems.ag/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dems.ag/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dems.ag/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dems.ag/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dems.ag/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dems.ag/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dems.ag/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dems.ag/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://connect.facebook.net/signals/config/683722869167845?v=2.9.155&r=stable&domain=dems.ag&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 107)
Message:
Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
content.hotjar.io
democraticags.org
dems.ag
fonts.googleapis.com
fonts.gstatic.com
metrics.hotjar.io
region1.google-analytics.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
tags.srv.stackadapt.com
vc.hotjar.io
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
104.196.131.29
13.32.27.21
172.217.16.200
18.194.86.204
18.66.102.53
18.66.112.110
2001:4860:4802:32::36
2a00:1450:4001:800::200a
2a00:1450:4001:806::2008
2a00:1450:4001:80b::200e
2a00:1450:4001:82f::2003
2a00:1450:400c:c02::9c
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
34.254.132.32
54.228.55.253
00715f8f5f9e184208e242ad21937f2a1466fdd89afa0b5f47749e2cc57d9f80
078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4
0af53c307e0c24070ce7b3f2cf4d77dc60a5ed3b389c05d776b605911242ae66
0b3a8a9a88333110f24564f4fd7ae1160ae02fd4499f24631d2c8727f5d0bdfb
0cfe7289fb771211ec4b46c2369dca04446c8730542347c22243e43324b941a1
10d85eada027b2fa6575676a3816054bd584e45b0624bcfac005a1089dc70811
18a42900ff88be3bff6dbd969627128a388aa86ee0d4610d7eb57c976f4ddabf
1a367a4f6b08f86885d1078fefb93beb5e35253e8a9992e8cf3f23efcf2ded7a
20be9b3c63a01d921697a0ef1c1596f647678498eefe6dc508e2363be25277f8
22a79f1fbcc70373c7021bae2164d9232d1e9dd3c6a163df9f9f54070e5f6b50
2302443e0fb551886e9486df2ee027a958110280edb9530f64e64a7b25f09077
25a37c10873cce67ce186a14f8c641bb5d08bafc78f9f6482c111df69e7a347b
2712f872a8662d4be24e5714ae1ef301eb55eec7937a5fe8510ccc30c778d0e1
2db5548836f72829beac8b9dab46e920c3cfab9d84b652b45f4c068ba1386f41
2e6b1d6159776e3b6b6dc36cdad2a7f105c6c8193b4897aacb55172cdb483128
30d947046d83a709a5545f69a5ce4b3fb85d321385f2989bc3edd10ee97c1a51
3ae6e4decd4fb974b41b2f37fa7b19c7a1c9b80127dd45be4bc24702c7145a4c
3e657027675631828ba5d7a70e651b22acc3c58f9e8052a64a9c38e968a37a51
421487a312750e541a16a4ab11d420e178177a585cf3edf6aa237270bd651f7c
43b45ffd5884ffabaf8eabad78aec3e0885b07f57a496c21f38843909bebbd10
47247cf32c064515cfe48b9783072ab2b670ba87617c9ae171f36364bbafe0f0
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
5312a4458246ff2b19f16b55b5e6cace215abc5706d457c8888090380165af4b
58c855e7eb9b917e71e6b733e73c542c25bacb986f3ba7df2be1570200312135
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
6a22634f79988e2d27b3207f1b854001e840bc838901e419afcc287873f0cf4d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70712c8650feecc46403b5801b9d5b72d5b2d6ba1d1cf0317e105603982321bf
7f4396dc7fdba52353c5d5672fd6ee73ee3a0eef49320f607278d6edf85e173c
81f493332a4f2a5a80a5a6000aa25452ff3058a367e86a50531d925a91930b55
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
8d0d0251614e63c66de207727d86c379393085caba768da7e9c8277c5abc43b7
8d78565b7fe4bbb7b2cd0ee35f0fb8a62be3c3bbb17da17b4b44662cb45484d2
9d7ef3a04d7374047b37d4723c483216b9e71501b0d1ae0671faaaea8d05d81a
a52f09d890996c427e371c89532e3c94a9e64a410b3f98c41e86918ef69bf734
a54be57c482e85ead7bf3126b3a406f7acfbb270b59d49fc6e208391fdc4979c
a71a46320dfa40f73c07696f24e812c3ba767abbfc46cb25d48bd14e9f10f97b
adaa391278f86124ee0f2d353bcb1052cfbaebf561a539aad1434a592ade3fde
b9b4723e1725fca810a905f00cd53a5bb0e56901b9331973f1cd17d07712d181
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e738f0f5cade081962e1e82c80030443691b3f4e2e3b2abfb018d2505713713e
eb172a969ec73d1113589ab8f3bb2272d7803b0f829d213f68c5e734011fd79b
ec0f8bfaa75e24435c99852a20a822c5ec74ab438897e3470c488fd2b1f4723d
f589b180c1064f697c91ac117fafda9aff1c66123a099e82da0b976a09011510
fe0d3bed187d8ffdf78c72929ffe93285cd8fe6d04191d20d94279fe3a9ae888