dems.ag Open in urlscan Pro
141.193.213.10 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://dems.ag/
Submission Tags: falconsandbox
Submission: On August 12 via api (August 12th 2024, 9:43:02 pm UTC) from US — Scanned from DE

Summary HTTP 55 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 16 IPs in 2 countries across 13 domains to perform 55 HTTP transactions. The main IP is 141.193.213.10, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is dems.ag.
TLS certificate: Issued by E5 on July 26th 2024. Valid for: 3 months.

This is the only time dems.ag was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
27	141.193.213.10 141.193.213.10	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
3	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
3	2600:9000:238... 2600:9000:238d:d600:3:1d53:4780:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
4	18.196.139.72 18.196.139.72	16509 (AMAZON-02) (AMAZON-02)
1	18.66.102.51 18.66.102.51	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	13.33.187.92 13.33.187.92	16509 (AMAZON-02) (AMAZON-02)
1	18.239.83.43 18.239.83.43	16509 (AMAZON-02) (AMAZON-02)
4	45.60.33.183 45.60.33.183	19551 (INCAPSULA) (INCAPSULA)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	18.245.175.99 18.245.175.99	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
55	16

27 141.193.213.10 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

dems.ag	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:238d:d600:3:1d53:4780:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.everyaction.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.196.139.72 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-139-72.eu-central-1.compute.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-51.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.187.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-187-92.fra60.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.83.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-83-43.ams58.r.cloudfront.net

js.verygoodvault.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.60.33.183 (United States)

ASN19551 (INCAPSULA, US)

secure.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.175.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-175-99.cdg55.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	dems.ag dems.ag	1 MB
4	ngpvan.com secure.ngpvan.com — Cisco Umbrella Rank: 281676	2 KB
4	stackadapt.com tags.srv.stackadapt.com — Cisco Umbrella Rank: 4688	10 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104 region1.google-analytics.com — Cisco Umbrella Rank: 3123	21 KB
3	everyaction.com static.everyaction.com — Cisco Umbrella Rank: 146326	267 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	258 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	74 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 1335 script.hotjar.com — Cisco Umbrella Rank: 2017	60 KB
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 4716	231 B
1	verygoodvault.com js.verygoodvault.com — Cisco Umbrella Rank: 45244	44 KB
1	gstatic.com fonts.gstatic.com	48 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	1 KB
55	13

	Domain	Requested by
27	dems.ag	dems.ag
4	secure.ngpvan.com	static.everyaction.com dems.ag
4	tags.srv.stackadapt.com	dems.ag tags.srv.stackadapt.com
3	static.everyaction.com	dems.ag static.everyaction.com
3	www.googletagmanager.com	dems.ag www.googletagmanager.com
2	www.facebook.com	dems.ag
2	connect.facebook.net	dems.ag connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	region1.google-analytics.com	www.googletagmanager.com
1	vc.hotjar.io	script.hotjar.com
1	js.verygoodvault.com	static.everyaction.com
1	script.hotjar.com	static.hotjar.com
1	fonts.gstatic.com	fonts.googleapis.com
1	static.hotjar.com	dems.ag
1	fonts.googleapis.com	dems.ag
55	15

This site contains links to these domains. Also see Links.

Domain
secure.actblue.com
twitter.com
www.facebook.com
www.instagram.com
www.youtube.com

Subject Issuer	Validity	Valid
dems.ag E5	`2024-07-26` - `2024-10-24`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
static.everyaction.com Amazon RSA 2048 M03	`2024-04-08` - `2025-05-07`	a year	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.srv.stackadapt.com Amazon RSA 2048 M02	`2024-08-09` - `2025-09-07`	a year	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.verygoodvault.com Amazon RSA 2048 M02	`2023-12-19` - `2025-01-16`	a year	crt.sh
*.ngpvan.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-11-07` - `2024-11-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-05-22` - `2024-08-20`	3 months	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2024-02-07` - `2025-03-08`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://dems.ag/
Frame ID: 8C561323F4D9A4111DCDCD6BDE6ABDCA
Requests: 55 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home - Democratic Attorneys General Association

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Page Statistics

55
Requests

98 %
HTTPS

53 %
IPv6

13
Domains

15
Subdomains

16
IPs

2
Countries

2197 kB
Transfer

4138 kB
Size

21
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://secure.actblue.com/donate/demagswebsite
Title: Donate

Search URL Search Domain Scan URL

URL: https://twitter.com/democraticags

Search URL Search Domain Scan URL

URL: https://www.facebook.com/DemocraticAGs/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/democraticags/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC4ETPztHHnI4ka5GlvmF7ag

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

55 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
dems.ag/ 38 KB
10 KB 560ms
448ms Document
text/html 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://dems.ag/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / WP Engine
Resource Hash: 415edcfe99b62be6265a41b1a2e15af98806df3e6ba32b37b67b793d4212a40e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=600, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8b23a3596c079130-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 12 Aug 2024 21:42:56 GMT
link: <https://dems.ag/wp-json/>; rel="https://api.w.org/" <https://dems.ag/wp-json/wp/v2/pages/148>; rel="alternate"; title="JSON"; type="application/json" <https://dems.ag/>; rel=shortlink
server: cloudflare
vary: Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 24
x-cache-group: normal
x-cacheable: SHORT
x-powered-by: WP Engine

GET
H2 200 styles.css
dems.ag/wp-content/plugins/sitepress-multilingual-cms/dist/css/blocks/ 58 KB
7 KB 72ms
71ms Stylesheet
text/css 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://dems.ag/wp-content/plugins/sitepress-multilingual-cms/dist/css/blocks/styles.css?ver=4.6.9
Requested by: Host: dems.ag
URL: https://dems.ag/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58c855e7eb9b917e71e6b733e73c542c25bacb986f3ba7df2be1570200312135

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 21:42:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Jan 2024 03:39:53 GMT
server: cloudflare
age: 207309
etag: W/"659f6309-e768"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b23a35c4f869130-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.min.css
dems.ag/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-horizontal/ 908 B
400 B 44ms
44ms Stylesheet
text/css 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://dems.ag/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-horizontal/style.min.css?ver=1
Requested by: Host: dems.ag
URL: https://dems.ag/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22a79f1fbcc70373c7021bae2164d9232d1e9dd3c6a163df9f9f54070e5f6b50

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 21:42:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Jan 2024 03:39:53 GMT
server: cloudflare
age: 225857
etag: W/"659f6309-38c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b23a35c4f889130-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.css
dems.ag/wp-content/themes/daga/ 82 KB
12 KB 46ms
46ms Stylesheet
text/css 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://dems.ag/wp-content/themes/daga/style.css?ver=1.0.1
Requested by: Host: dems.ag
URL: https://dems.ag/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32526bffc26a3a0a4d7283d2e971eba2a1a9102799da3ac6560ef24a95478e43

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 21:42:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 19 Jul 2024 00:55:43 GMT
server: cloudflare
age: 225857
etag: W/"6699b98f-147b4"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b23a35c4f899130-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 language-cookie.js Show response
dems.ag/wp-content/plugins/sitepress-multilingual-cms/res/js/cookies/ 271 B
356 B 87ms
85ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://dems.ag/wp-content/plugins/sitepress-multilingual-cms/res/js/cookies/language-cookie.js?ver=4.6.9
Requested by: Host: dems.ag
URL: https://dems.ag/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20be9b3c63a01d921697a0ef1c1596f647678498eefe6dc508e2363be25277f8

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 21:42:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Jan 2024 03:39:52 GMT
server: cloudflare
age: 225857
etag: W/"659f6308-10f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b23a35d1b06913d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 210 KB
76 KB 89ms
39ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-152621184-1

Requested by

Host: dems.ag
URL: https://dems.ag/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b56e40d0b9155440a3331e0118c665ffacbd1ea5a76b9e4868a5840bf6bff0ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 21:42:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77308
x-xss-protection: 0
last-modified: Mon, 12 Aug 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Aug 2024 21:42:56 GMT

GET
H2 200 homepage-desktop.jpg
dems.ag/wp-content/uploads/2022/03/ 900 KB
901 KB 46ms
46ms Image
image/jpeg 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dems.ag/wp-content/uploads/2022/03/homepage-desktop.jpg
Requested by: Host: dems.ag
URL: https://dems.ag/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f825f8c1bcadeb617528a460f8bed506345bff6d0aa9596f28b87dfbbdc52d58

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 21:42:56 GMT
cf-cache-status: HIT
age: 154270
cf-polished: origSize=954925
alt-svc: h3=":443"; ma=86400
content-length: 921432
cf-bgj: imgq:100,h2pri
last-modified: Wed, 16 Mar 2022 15:04:23 GMT
server: cloudflare
etag: "6231fc77-e922d"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b23a35c4f8b9130-FRA

GET
H2 200 at.js Show response
static.everyaction.com/ea-actiontag/ 835 KB
240 KB 127ms
27ms Script
application/javascript 2600:9000:238d:d600:3:1d53:4780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.everyaction.com/ea-actiontag/at.js
Requested by: Host: dems.ag
URL: https://dems.ag/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:238d:d600:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3ef9effb9eeb4a19994e2a877058ad642ebd1c5c64de77357db023ac4ef4ba14

Request headers

Referer: https://dems.ag/
Origin: https://dems.ag
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 06:27:25 GMT
content-encoding: gzip
via: 1.1 34833e1e6b760bb81603c4fa1e0bb5d6.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 54964
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 245481
last-modified: Tue, 06 Aug 2024 14:36:39 GMT
server: AmazonS3
etag: "2913b602bcc0f396343b710c692c2724"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900, s-maxage=86400, public
accept-ranges: bytes
x-amz-cf-id: 3pTZVBWjCABl7xdG_Nlc5i2rypxQsc7Tf9uNThTVK5s3V3YFTSp75Q==

GET
H2 200 at.min.css
static.everyaction.com/ea-actiontag/ 59 KB
12 KB 81ms
27ms Stylesheet
text/css 2600:9000:238d:d600:3:1d53:4780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.everyaction.com/ea-actiontag/at.min.css
Requested by: Host: dems.ag
URL: https://dems.ag/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:238d:d600:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d80aaa49e6ac8f56fc33300d62460d6dadad5f61225efeebaea10b22bb1ef08c

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 01:02:25 GMT
content-encoding: gzip
via: 1.1 9500c58b11c15528d15f2ca9add5bc00.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 74432
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 11716
last-modified: Tue, 06 Aug 2024 14:36:39 GMT
server: AmazonS3
etag: "4cbc89cfd1033d4c7fdc0ee0d092f172"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900, s-maxage=86400, public
accept-ranges: bytes
x-amz-cf-id: g6Jtn6MY4G6gCTCY0W2U-dPPs30ROVGLmAL7RHRfYZhG-wr6UDzNmA==

GET
H3 200 Website-Headshots-Ford.jpg
dems.ag/wp-content/uploads/2024/02/ 50 KB
50 KB 42ms
40ms Image
image/jpeg 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dems.ag/wp-content/uploads/2024/02/Website-Headshots-Ford.jpg
Requested by: Host: dems.ag
URL: https://dems.ag/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fc5e8a20bac765f6e6c5561f28bbad7b7302bf3009b2910e0070b7b27a95fd8

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 21:42:56 GMT
cf-cache-status: HIT
age: 75769
cf-polished: origSize=54095
alt-svc: h3=":443"; ma=86400
content-length: 51119
cf-bgj: imgq:100,h2pri
last-modified: Wed, 14 Feb 2024 21:17:40 GMT
server: cloudflare
etag: "65cd2df4-d34f"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b23a35d1afe913d-FRA

GET
H3 200 Website-Headshots-Jennings.jpg
dems.ag/wp-content/uploads/2024/02/ 41 KB
41 KB 172ms
170ms Image
image/jpeg 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dems.ag/wp-content/uploads/2024/02/Website-Headshots-Jennings.jpg
Requested by: Host: dems.ag
URL: https://dems.ag/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fbffd71285d5ce0463e13b8158978a198849b086c26dead89c6062dbb4bfddb

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 21:42:56 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Wed, 14 Feb 2024 21:17:40 GMT
server: cloudflare
cf-polished: origSize=44990
etag: "65cd2df4-afbe"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b23a35d1aff913d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 42232

GET
H3 200 Website-Headshots-Ellison.jpg
dems.ag/wp-content/uploads/2024/02/ 44 KB
44 KB 65ms
62ms Image
image/jpeg 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dems.ag/wp-content/uploads/2024/02/Website-Headshots-Ellison.jpg
Requested by: Host: dems.ag
URL: https://dems.ag/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39494eaf8540d7aed130e68f3f9ec865cc25d987c174046cb4cb6f3fd4bc4be8

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 21:42:56 GMT
cf-cache-status: HIT
age: 97845
cf-polished: origSize=47887
alt-svc: h3=":443"; ma=86400
content-length: 44805
cf-bgj: imgq:100,h2pri
last-modified: Wed, 14 Feb 2024 21:02:59 GMT
server: cloudflare
etag: "65cd2a83-bb0f"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b23a35d1b01913d-FRA

GET
H3 200 Website-Headshots-Raoul.jpg
dems.ag/wp-content/uploads/2024/02/ 48 KB
48 KB 66ms
64ms Image
image/jpeg 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dems.ag/wp-content/uploads/2024/02/Website-Headshots-Raoul.jpg
Requested by: Host: dems.ag
URL: https://dems.ag/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: db04c86ad3bc46d16b82b6d9ce6b6174ec8e839b8ef5d1a875bcf2852a6e9a71

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 21:42:56 GMT
cf-cache-status: HIT
age: 154270
cf-polished: origSize=52177
alt-svc: h3=":443"; ma=86400
content-length: 48785
cf-bgj: imgq:100,h2pri
last-modified: Wed, 14 Feb 2024 21:12:50 GMT
server: cloudflare
etag: "65cd2cd2-cbd1"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b23a35d1b03913d-FRA

GET
H3 200 Website-Headshots-Campbell.jpg
dems.ag/wp-content/uploads/2022/09/ 41 KB
42 KB 87ms
85ms Image
image/jpeg 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dems.ag/wp-content/uploads/2022/09/Website-Headshots-Campbell.jpg
Requested by: Host: dems.ag
URL: https://dems.ag/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd0f34c8c78b19b7a19090b79b8b81dcda22cb5ea90c6dd14f5abea5e67f3306

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 21:42:56 GMT
cf-cache-status: HIT
age: 75769
cf-polished: origSize=44912
alt-svc: h3=":443"; ma=86400
content-length: 42486
cf-bgj: imgq:100,h2pri
last-modified: Mon, 08 May 2023 19:47:02 GMT
server: cloudflare
etag: "645951b6-af70"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b23a35d1b07913d-FRA

GET
H3 200 Website-Headshots-Bonta.jpg
dems.ag/wp-content/uploads/2024/02/ 43 KB
44 KB 131ms
129ms Image
image/jpeg 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dems.ag/wp-content/uploads/2024/02/Website-Headshots-Bonta.jpg
Requested by: Host: dems.ag
URL: https://dems.ag/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c009d46ad59d5e552af2aea6c3072d7fe5f33034a44c855e4754fa0f72cb7af

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 21:42:56 GMT
cf-cache-status: HIT
age: 154270
cf-polished: origSize=46839
alt-svc: h3=":443"; ma=86400
content-length: 44397
cf-bgj: imgq:100,h2pri
last-modified: Wed, 14 Feb 2024 21:15:16 GMT
server: cloudflare
etag: "65cd2d64-b6f7"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b23a35d1b08913d-FRA

GET
H3 200 Website-Headshots-Rosenblum.jpg
dems.ag/wp-content/uploads/2024/02/ 45 KB
45 KB 150ms
148ms Image
image/jpeg 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dems.ag/wp-content/uploads/2024/02/Website-Headshots-Rosenblum.jpg
Requested by: Host: dems.ag
URL: https://dems.ag/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c6764b994fc6d19f5aa48ba15956f0731a5172c4de07d2488a1c223868b58af

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 21:42:56 GMT
cf-cache-status: HIT
age: 154270
cf-polished: origSize=48360
alt-svc: h3=":443"; ma=86400
content-length: 45877
cf-bgj: imgq:100,h2pri
last-modified: Wed, 14 Feb 2024 20:54:48 GMT
server: cloudflare
etag: "65cd2898-bce8"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b23a35d1b09913d-FRA

GET
H3 200 5.4.23-Website-Icons-05-aspect-ratio-13-10.jpg
dems.ag/wp-content/uploads/2023/06/ 18 KB
18 KB 152ms
150ms Image
image/jpeg 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dems.ag/wp-content/uploads/2023/06/5.4.23-Website-Icons-05-aspect-ratio-13-10.jpg
Requested by: Host: dems.ag
URL: https://dems.ag/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98e596c6c2b3eee4ac1937072fea9c643794b701308b60adc36b767ee8545392

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 21:42:56 GMT
cf-cache-status: HIT
age: 154270
cf-polished: origSize=21253
alt-svc: h3=":443"; ma=86400
content-length: 18210
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Jun 2023 14:56:31 GMT
server: cloudflare
etag: "6487321f-5305"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b23a35d1b0a913d-FRA

GET
H3 200 5.4.23-Website-Icons-06-aspect-ratio-13-10.jpg
dems.ag/wp-content/uploads/2023/06/ 20 KB
20 KB 153ms
152ms Image
image/jpeg 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dems.ag/wp-content/uploads/2023/06/5.4.23-Website-Icons-06-aspect-ratio-13-10.jpg
Requested by: Host: dems.ag
URL: https://dems.ag/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: be5a87773af2ae635efc8356c8281457b310511cce556822ef0bd28a35ad8c01

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 21:42:56 GMT
cf-cache-status: HIT
age: 154270
cf-polished: origSize=23381
alt-svc: h3=":443"; ma=86400
content-length: 20115
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Jun 2023 14:57:19 GMT
server: cloudflare
etag: "6487324f-5b55"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b23a35d1b0c913d-FRA

GET
H3 200 5.4.23-Website-Icons-12-aspect-ratio-13-10.jpg
dems.ag/wp-content/uploads/2023/06/ 18 KB
19 KB 152ms
151ms Image
image/jpeg 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dems.ag/wp-content/uploads/2023/06/5.4.23-Website-Icons-12-aspect-ratio-13-10.jpg
Requested by: Host: dems.ag
URL: https://dems.ag/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 120f82490e19609333eee4140b8c882dd2c8fabc938410a4539de297e6b12f85

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 21:42:56 GMT
cf-cache-status: HIT
age: 207308
cf-polished: origSize=22443
alt-svc: h3=":443"; ma=86400
content-length: 18894
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Jun 2023 14:56:31 GMT
server: cloudflare
etag: "6487321f-57ab"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b23a35d1b0d913d-FRA

GET
H3 200 5.4.23-Website-Icons-04-aspect-ratio-13-10.jpg
dems.ag/wp-content/uploads/2023/06/ 18 KB
18 KB 154ms
153ms Image
image/jpeg 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dems.ag/wp-content/uploads/2023/06/5.4.23-Website-Icons-04-aspect-ratio-13-10.jpg
Requested by: Host: dems.ag
URL: https://dems.ag/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b40277966ab293d963c0af593ac6a65352e3c29465929982c9c4785e487b331b

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 21:42:56 GMT
cf-cache-status: HIT
age: 154269
cf-polished: origSize=22451
alt-svc: h3=":443"; ma=86400
content-length: 18550
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Jun 2023 14:56:31 GMT
server: cloudflare
etag: "6487321f-57b3"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b23a35d1b0f913d-FRA

GET
H3 200 5.4.23-Website-Icons-11-aspect-ratio-13-10.jpg
dems.ag/wp-content/uploads/2023/06/ 21 KB
21 KB 155ms
153ms Image
image/jpeg 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dems.ag/wp-content/uploads/2023/06/5.4.23-Website-Icons-11-aspect-ratio-13-10.jpg
Requested by: Host: dems.ag
URL: https://dems.ag/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18d5b551a742857bcf9fc62a7c5469a7b6d5142360268b3e2edd17d5a666ecfe

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 21:42:56 GMT
cf-cache-status: HIT
age: 207308
cf-polished: origSize=24373
alt-svc: h3=":443"; ma=86400
content-length: 21130
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Jun 2023 14:57:19 GMT
server: cloudflare
etag: "6487324f-5f35"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b23a35d1b10913d-FRA

GET
H3 200 5.4.23-Website-Icons-10-aspect-ratio-13-10.jpg
dems.ag/wp-content/uploads/2023/06/ 16 KB
16 KB 156ms
154ms Image
image/jpeg 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dems.ag/wp-content/uploads/2023/06/5.4.23-Website-Icons-10-aspect-ratio-13-10.jpg
Requested by: Host: dems.ag
URL: https://dems.ag/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a628cc5900cf4788c2ad7857a1f7987d53204ef05e71c60795b3b194a3708e7d

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 21:42:56 GMT
cf-cache-status: HIT
age: 52151
cf-polished: origSize=19698
alt-svc: h3=":443"; ma=86400
content-length: 16201
cf-bgj: imgq:100,h2pri
last-modified: Mon, 12 Jun 2023 14:56:31 GMT
server: cloudflare
etag: "6487321f-4cf2"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b23a35d1b12913d-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 251 KB
89 KB 115ms
66ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MF9XFBN

Requested by

Host: dems.ag
URL: https://dems.ag/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3d53c4259f23b38a024c3bffbceb153f1b1f07679d70bb04c259ed1b97690089

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 21:42:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 90786
x-xss-protection: 0
last-modified: Mon, 12 Aug 2024 21:03:24 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Aug 2024 21:42:56 GMT

GET
H3 200 scripts.js Show response
dems.ag/wp-content/themes/daga/js/ 91 KB
26 KB 66ms
64ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://dems.ag/wp-content/themes/daga/js/scripts.js?ver=1.0.1
Requested by: Host: dems.ag
URL: https://dems.ag/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d0d0251614e63c66de207727d86c379393085caba768da7e9c8277c5abc43b7

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 21:42:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 25 Mar 2022 14:11:13 GMT
server: cloudflare
age: 225857
etag: W/"623dcd81-16c94"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b23a35d1b05913d-FRA
alt-svc: h3=":443"; ma=86400

GET
BLOB 200
OK 83980b89-50cb-48c9-80cd-ffaa167ffb72
https://dems.ag/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://dems.ag/83980b89-50cb-48c9-80cd-ffaa167ffb72
Requested by: Host: dems.ag
URL: https://dems.ag/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length: 1185
Content-Type: text/javascript

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 80ms
29ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;700&display=swap

Requested by

Host: dems.ag
URL: https://dems.ag/wp-content/themes/daga/style.css?ver=1.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ea1ac21fa65ac3003d8b1a3fde6c30ae453782946cd8e4bc3a9643a3364cb30c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 12 Aug 2024 21:42:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 12 Aug 2024 21:23:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 12 Aug 2024 21:42:56 GMT

GET
H2 200 events.js Show response
tags.srv.stackadapt.com/ 22 KB
8 KB 165ms
113ms Script
text/javascript 18.196.139.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: dems.ag
URL: https://dems.ag/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.196.139.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-139-72.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 099a5eff47f1cce93a02959777d5acdd91f49f1740e7e310a1104b47605ec423

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 12 Aug 2024 21:42:56 GMT
cache-control: max-age=5
content-encoding: gzip
content-type: text/javascript

GET
H2 200 hotjar-3929513.js Show response
static.hotjar.com/c/ 11 KB
5 KB 121ms
73ms Script
application/javascript 18.66.102.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3929513.js?sv=5

Requested by

Host: dems.ag
URL: https://dems.ag/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.51 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-51.fra56.r.cloudfront.net

Software

Resource Hash

9c6cabfcdd101b3f05f9be77a2bcf72ba09723dde2522c16cfa1c056159384c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 21:42:56 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/768c0bbd6bb8431b15583d3d92ef7c3e
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: zl-aZkz2-L-KNuyaKFf2wcpD3Pu7jVHtcwevwFw0cOROcUQ0R3K8rA==

GET
H3 200 daga-logo.svg
dems.ag/wp-content/themes/daga/images/ 14 KB
4 KB 156ms
155ms Image
image/svg+xml 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dems.ag/wp-content/themes/daga/images/daga-logo.svg
Requested by: Host: dems.ag
URL: https://dems.ag/wp-content/themes/daga/style.css?ver=1.0.1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a54be57c482e85ead7bf3126b3a406f7acfbb270b59d49fc6e208391fdc4979c

Request headers

Referer: https://dems.ag/wp-content/themes/daga/style.css?ver=1.0.1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 21:42:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 25 Mar 2022 14:11:13 GMT
server: cloudflare
age: 75769
etag: W/"623dcd81-36e0"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b23a35d1b13913d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
fonts.gstatic.com/s/inter/v18/ 47 KB
48 KB 69ms
21ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://dems.ag
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 01:23:45 GMT
x-content-type-options: nosniff
age: 418751
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48444
x-xss-protection: 0
last-modified: Mon, 29 Jul 2024 22:51:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Aug 2025 01:23:45 GMT

GET
H3 200 Messapia-Bold.woff2
dems.ag/wp-content/themes/daga/fonts/ 15 KB
15 KB 150ms
150ms Font
font/woff2 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://dems.ag/wp-content/themes/daga/fonts/Messapia-Bold.woff2
Requested by: Host: dems.ag
URL: https://dems.ag/wp-content/themes/daga/style.css?ver=1.0.1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0af53c307e0c24070ce7b3f2cf4d77dc60a5ed3b389c05d776b605911242ae66

Request headers

Referer: https://dems.ag/wp-content/themes/daga/style.css?ver=1.0.1
Origin: https://dems.ag
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 21:42:56 GMT
cf-cache-status: HIT
last-modified: Fri, 25 Mar 2022 14:11:13 GMT
server: cloudflare
age: 225856
etag: "623dcd81-3ca0"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b23a35d1b15913d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 15520

GET
H3 200 arrow-triple-navy.svg
dems.ag/wp-content/themes/daga/images/ 319 B
372 B 37ms
37ms Image
image/svg+xml 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dems.ag/wp-content/themes/daga/images/arrow-triple-navy.svg
Requested by: Host: dems.ag
URL: https://dems.ag/wp-content/themes/daga/style.css?ver=1.0.1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2302443e0fb551886e9486df2ee027a958110280edb9530f64e64a7b25f09077

Request headers

Referer: https://dems.ag/wp-content/themes/daga/style.css?ver=1.0.1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 21:42:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 25 Mar 2022 14:11:13 GMT
server: cloudflare
age: 154270
etag: W/"623dcd81-13f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b23a35e4c4b913d-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 caret-down.svg
dems.ag/wp-content/themes/daga/images/ 130 B
300 B 42ms
42ms Image
image/svg+xml 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dems.ag/wp-content/themes/daga/images/caret-down.svg
Requested by: Host: dems.ag
URL: https://dems.ag/wp-content/themes/daga/style.css?ver=1.0.1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47247cf32c064515cfe48b9783072ab2b670ba87617c9ae171f36364bbafe0f0

Request headers

Referer: https://dems.ag/wp-content/themes/daga/style.css?ver=1.0.1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 21:42:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 25 Mar 2022 14:11:13 GMT
server: cloudflare
age: 75770
etag: W/"623dcd81-82"
vary: Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b23a35e4c4c913d-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 arrow-triple-white.svg
dems.ag/wp-content/themes/daga/images/ 661 B
552 B 39ms
38ms Image
image/svg+xml 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dems.ag/wp-content/themes/daga/images/arrow-triple-white.svg
Requested by: Host: dems.ag
URL: https://dems.ag/wp-content/themes/daga/style.css?ver=1.0.1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9b4723e1725fca810a905f00cd53a5bb0e56901b9331973f1cd17d07712d181

Request headers

Referer: https://dems.ag/wp-content/themes/daga/style.css?ver=1.0.1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 21:42:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 25 Mar 2022 14:11:13 GMT
server: cloudflare
age: 75770
etag: W/"623dcd81-295"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b23a35e4c4e913d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 modules.8da33a8f469c3b5ffcec.js Show response
script.hotjar.com/ 223 KB
56 KB 75ms
25ms Script
application/javascript 13.33.187.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3929513.js?sv=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.187.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-187-92.fra60.r.cloudfront.net

Software

Resource Hash

76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 14:23:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 32803d0ba3af70cddd7db80d2fd00608.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9
age: 1149591
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56385
last-modified: Tue, 30 Jul 2024 14:22:40 GMT
etag: "0728625a147ca79276a1790b9cf3175d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: NzNNwoBjOYbGfpxG6mWKk14xIrHGIw4uTnySfdpO1AEF6Hjp7RKOXQ==

GET
H3 200 wp-emoji-release.min.js Show response
dems.ag/wp-includes/js/ 18 KB
5 KB 39ms
39ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://dems.ag/wp-includes/js/wp-emoji-release.min.js?ver=6.6.1
Requested by: Host: dems.ag
URL: https://dems.ag/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 21:42:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 05 Apr 2024 15:39:02 GMT
server: cloudflare
age: 225857
etag: W/"66101b16-4926"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b23a35e7c92913d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 extra.min.css
static.everyaction.com/ea-actiontag/ 78 KB
14 KB 29ms
28ms Stylesheet
text/css 2600:9000:238d:d600:3:1d53:4780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.everyaction.com/ea-actiontag/extra.min.css
Requested by: Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:238d:d600:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b1f565b09169f1b1c0802812c3066d4fd01f4567bcafce215a61447942951264

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 06:06:16 GMT
content-encoding: gzip
via: 1.1 9500c58b11c15528d15f2ca9add5bc00.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 56201
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 14169
last-modified: Tue, 06 Aug 2024 14:36:39 GMT
server: AmazonS3
etag: "189892fc6deb2453e8b752c6f001102d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900, s-maxage=86400, public
accept-ranges: bytes
x-amz-cf-id: Tja2l6PSpmHZxOmk1zG8BbExzmRaf-LyqE9zndlNmj9eom28nAWgvA==

GET
H/1.1 200
OK vgs-collect.js Show response
js.verygoodvault.com/vgs-collect/2.18.4/ 134 KB
44 KB 546ms
440ms Script
application/javascript 18.239.83.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/2.18.4/vgs-collect.js
Requested by: Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.83.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-83-43.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 575b2165304d899b7001ab593aeee31b371a46aee8b899c22a87ab9313389eda

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: jfBMjoXBTwBLxrf4sD.h_N_F9QJn5gdY
Content-Encoding: gzip
Via: 1.1 416dae0837568c2bb7cea7ae5c6bba22.cloudfront.net (CloudFront)
Date: Mon, 12 Aug 2024 21:42:58 GMT
X-Amz-Cf-Pop: AMS58-P5
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: RefreshHit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 16 Mar 2023 10:29:55 GMT
Server: AmazonS3
ETag: W/"156be461dd96d02fce3792c020f7748a"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=60
X-Amz-Cf-Id: 28BAT4tvR9iCRZzQx_j8V_REu4GbGWntUrZZ9btisR9r-LycO10AlA==

GET
H2 200 F0FbMqMdu02IxogaZwEmdA2 Show response
secure.ngpvan.com/v1/Forms/ 2 KB
2 KB 515ms
431ms XHR
application/json 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.ngpvan.com/v1/Forms/F0FbMqMdu02IxogaZwEmdA2

Requested by

Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

9cb5ea0a834d574435a91aae73fbfce5aa5fa7fed6bdc144371f2301050d357f

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 21:42:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-cdn: Imperva
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-iinfo: 9-37020936-37018615 2NNN RT(1723498976961 26) q(0 0 0 0) r(4 4)
content-length: 1330
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
vary: Origin,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dems.ag
access-control-expose-headers: Request-Context
cache-control: public, max-age=10
access-control-allow-credentials: true

GET
H2 200 F0FbMqMdu02IxogaZwEmdA2 Show response
secure.ngpvan.com/v1/Forms/ 2 KB
0 514ms
514ms XHR
application/json 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.ngpvan.com/v1/Forms/F0FbMqMdu02IxogaZwEmdA2

Requested by

Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

9cb5ea0a834d574435a91aae73fbfce5aa5fa7fed6bdc144371f2301050d357f

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 21:42:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-cdn: Imperva
x-iinfo: 9-37020936-37018615 2NNN RT(1723498976961 26) q(0 0 0 0) r(4 4)
content-length: 1330
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
vary: Origin,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dems.ag
access-control-expose-headers: Request-Context
cache-control: public, max-age=10
access-control-allow-credentials: true

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 265 KB
93 KB 42ms
40ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-C0KC0QE7ES&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-152621184-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

187ff13c63b2c4bbdd7e07d6a7ad647510989b92e7dc47ef51567de73b8897a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 21:42:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95241
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 12 Aug 2024 21:42:57 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 74ms
22ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-152621184-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 12 Aug 2024 21:15:05 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1672
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 12 Aug 2024 23:15:05 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
60 KB 63ms
20ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: dems.ag
URL: https://dems.ag/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 12 Aug 2024 21:42:57 GMT
document-policy: force-load-at-top
x-fb-server-load: 41
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58865
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=12, mss=1328, tbw=2788, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: w9yYURLfXfRiLLx6NbvMsq+sRjThnipSTZaFL54Xl2R14AGph1aVxA7pl8MP902Nkrz67gkOtGOpxByuA+ikQw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sa.css
tags.srv.stackadapt.com/ 65 B
203 B 112ms
111ms Stylesheet
text/css 18.196.139.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.196.139.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-139-72.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 8a73c52c8dcf31907b545f1a6d5d8e5618f965017e35847275f7ea387b67304c

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 12 Aug 2024 21:42:57 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 65
content-type: text/css

GET
H2 200 sa.jpeg Show response
tags.srv.stackadapt.com/ 0
2 KB 156ms
114ms Fetch
image/jpeg 18.196.139.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.196.139.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-139-72.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 12 Aug 2024 21:42:57 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 651
content-type: image/jpeg

GET
H2 204 3929513 Show response
vc.hotjar.io/sessions/ 0
231 B 121ms
51ms XHR
text/plain 18.245.175.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/3929513?s=0.25&r=0.16040558122943915
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.175.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-175-99.cdg55.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 12 Aug 2024 21:42:57 GMT
cache-control: no-store
via: 1.1 f55bf4c9168b3103c097c59981f4dbb8.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG55-P1
x-amz-cf-id: LXeAYe2vpCTETZsCKL9WP2Ygn153mWt47R0xYO6aQbPiTu06a5_Zbg==
x-cache: Miss from cloudfront

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
200 B 30ms
29ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=848668079&t=pageview&_s=1&dl=https%3A%2F%2Fdems.ag%2F&ul=de-de&de=UTF-8&dt=Home%20-%20Democratic%20Attorneys%20General%20Association&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=121828046&gjid=1986756743&cid=1072454649.1723498977&tid=UA-152621184-1&_gid=1523562735.1723498977&_r=1&gtm=457e4880za200&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=0&jsscut=1&npa=1&z=1756807660

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Aug 2024 21:42:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dems.ag
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 81ms
30ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-C0KC0QE7ES&gtm=45je4880v9139033882za200&_p=1723498976680&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1072454649.1723498977&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1723498977&sct=1&seg=0&dl=https%3A%2F%2Fdems.ag%2F&dt=Home%20-%20Democratic%20Attorneys%20General%20Association&en=page_view&_fv=1&_ss=1&tfd=1076
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C0KC0QE7ES&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Aug 2024 21:42:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dems.ag
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 683722869167845 Show response
connect.facebook.net/signals/config/ 72 KB
14 KB 247ms
247ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/683722869167845?v=2.9.164&r=stable&domain=dems.ag&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d24478b74ca6fbec6a07827aee7986875c36f33e7cfce7c93a039ac5b8f9b3ba

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 12 Aug 2024 21:42:57 GMT
document-policy: force-load-at-top
x-fb-server-load: 25
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=58, mss=1328, tbw=64407, tp=-1, tpl=-1, uplat=226, ullat=0
pragma: public
x-fb-debug: PUJujmX+DHaFaZOltPZVj9fXPMlq03twqqOGKd4AwQc0eBHY3uJgIN8USeES0cFzMbr40kg8lsxs0zuJbFwdJA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 saq_pxl Show response
tags.srv.stackadapt.com/ 94 B
281 B 116ms
116ms XHR
text/plain 18.196.139.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=cw3_IeIiU2oS4YDxCQsl3g&is_js=true&landing_url=https%3A%2F%2Fdems.ag%2F&t=Home%20-%20Democratic%20Attorneys%20General%20Association&tip=m2xmo_dKJmvsGcgs3I3al5kU1SAhxKivhw8vv3S_pMw&host=https%3A%2F%2Fdems.ag&sa_conv_data_css_value=%270-a67ac11d-950b-5c13-7b69-6bf5d760397f%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd9a67ac11d950b5c137b696bf5d760397f5413afa5&l_src=&l_src_d=&u_src=&u_src_d=&shop=false&sa-user-id-v3=s%253AAQAKIElOXdSZ7By4WPEYVi5UFYA4BZ_Nk0uvFs4tzLYfp2HYENYBGAQg4IPqtQYwAToEFPvsiUIEBRTzVQ.8RapSC1QDiXLOPc0Z8goSHzu68rlGcdbv9Q2CxnvzCs&sa-user-id-v2=s%253ApnrBHZULXBN7aWv112A5f1QTr6U.U%252F8P9YYW%252FZqVt5V%252BtWaldUFXHq4YLzy%252BZ%252B%252BqpI5oJOA&sa-user-id=s%253A0-a67ac11d-950b-5c13-7b69-6bf5d760397f.vWBp0UfZTSjm3JthhYD60q5jhePTFKXdPmI4qAhLG%252Bc
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.196.139.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-139-72.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: https://dems.ag
date: Mon, 12 Aug 2024 21:42:57 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 94
access-control-allow-methods: GET
content-type: text/plain; charset=utf-8

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 64ms
21ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=683722869167845&ev=PageView&dl=https%3A%2F%2Fdems.ag%2F&rl=&if=false&ts=1723498977480&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1723498977478.472471209604210689&cs_est=true&ler=empty&cdl=API_unavailable&it=1723498977211&coo=false&rqm=GET

Requested by

Host: dems.ag
URL: https://dems.ag/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=0, c=10, mss=1328, tbw=2794, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 12 Aug 2024 21:42:57 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 208ms
165ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=683722869167845&ev=PageView&dl=https%3A%2F%2Fdems.ag%2F&rl=&if=false&ts=1723498977480&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1723498977478.472471209604210689&cs_est=true&ler=empty&cdl=API_unavailable&it=1723498977211&coo=false&rqm=FGET

Requested by

Host: dems.ag
URL: https://dems.ag/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Mon, 12 Aug 2024 21:42:57 GMT
document-policy: force-load-at-top
x-fb-server-load: 21
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7402371742338132665", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=25, rtx=0, c=10, mss=1328, tbw=3112, tp=-1, tpl=-1, uplat=143, ullat=1
pragma: no-cache
x-fb-debug: hH4WwJfXB7u4DclM5EhMg1UJkR5vSzhFYpymz/P2BUk3pRHNqKRMwA+iQE/aex3A7BdeIYCHOADPMiNn0FpwIg==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7402371742338132665"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 F0FbMqMdu02IxogaZwEmdA2
secure.ngpvan.com/v1/Track/ 0
160 B 400ms
400ms Image
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.ngpvan.com/v1/Track/F0FbMqMdu02IxogaZwEmdA2?formSessionId=8f1013e2-d7c4-45b9-a041-cd6d0984442b&bName=chrome&dType=desktop&formVersion=7/29/2024%206:01:14%20PM|4/4/2024%207:28:00%20PM&fUrl=aHR0cHM6Ly9kZW1zLmFnLw%3D%3D&fRef=

Requested by

Host: dems.ag
URL: https://dems.ag/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
pragma: no-cache
date: Mon, 12 Aug 2024 21:42:57 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-cdn: Imperva
x-frame-options: SAMEORIGIN
x-iinfo: 9-37020936-37020958 NNNN CT(86 184 0) RT(1723498976961 473) q(0 0 3 -1) r(4 4) U2
access-control-expose-headers: Request-Context
cache-control: no-cache
content-length: 0
x-xss-protection: 1; mode=block
expires: -1

GET
H2 200 F0FbMqMdu02IxogaZwEmdA2
secure.ngpvan.com/v1/Track/ 0
102 B 395ms
395ms Image
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.ngpvan.com/v1/Track/F0FbMqMdu02IxogaZwEmdA2?formSessionId=4779df25-1794-43e7-b3b2-25abdda935a6&bName=chrome&dType=desktop&formVersion=7/29/2024%206:01:14%20PM|4/4/2024%207:28:00%20PM&fUrl=aHR0cHM6Ly9kZW1zLmFnLw%3D%3D&fRef=

Requested by

Host: dems.ag
URL: https://dems.ag/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
pragma: no-cache
date: Mon, 12 Aug 2024 21:42:57 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-cdn: Imperva
x-frame-options: SAMEORIGIN
x-iinfo: 9-37020936-37020958 PNNN RT(1723498976961 478) q(0 0 3 -1) r(4 4) U2
access-control-expose-headers: Request-Context
cache-control: no-cache
content-length: 0
x-xss-protection: 1; mode=block
expires: -1

GET
H3 200 favicon-32x32.png
dems.ag/wp-content/themes/daga/favicon/ 894 B
1 KB 45ms
45ms Other
image/webp 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://dems.ag/wp-content/themes/daga/favicon/favicon-32x32.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f9b2f16df3b1d83b6d59bcf981f97aa2a0a281a2941e5ab4501cdd9e0c807e6

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 21:42:58 GMT
cf-cache-status: HIT
age: 142284
cf-polished: origFmt=png, origSize=1807
content-disposition: inline; filename="favicon-32x32.webp"
alt-svc: h3=":443"; ma=86400
content-length: 894
cf-bgj: imgq:100,h2pri
last-modified: Fri, 25 Mar 2022 14:11:13 GMT
server: cloudflare
etag: "623dcd81-70f"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b23a3648a81913d-FRA

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
tags.srv.stackadapt.com/	1970-01-21 07:30:34	Name: sa-user-id Value: s%3A0-a67ac11d-950b-5c13-7b69-6bf5d760397f.vWBp0UfZTSjm3JthhYD60q5jhePTFKXdPmI4qAhLG%2Bc
.srv.stackadapt.com/	1970-01-21 07:30:34	Name: sa-user-id Value: s%3A0-a67ac11d-950b-5c13-7b69-6bf5d760397f.vWBp0UfZTSjm3JthhYD60q5jhePTFKXdPmI4qAhLG%2Bc
tags.srv.stackadapt.com/	1970-01-21 07:30:34	Name: sa-user-id-v2 Value: s%3ApnrBHZULXBN7aWv112A5f1QTr6U.U%2F8P9YYW%2FZqVt5V%2BtWaldUFXHq4YLzy%2BZ%2B%2BqpI5oJOA
.srv.stackadapt.com/	1970-01-21 07:30:34	Name: sa-user-id-v2 Value: s%3ApnrBHZULXBN7aWv112A5f1QTr6U.U%2F8P9YYW%2FZqVt5V%2BtWaldUFXHq4YLzy%2BZ%2B%2BqpI5oJOA
tags.srv.stackadapt.com/	1970-01-21 07:30:34	Name: sa-user-id-v3 Value: s%3AAQAKIElOXdSZ7By4WPEYVi5UFYA4BZ_Nk0uvFs4tzLYfp2HYENYBGAQg4IPqtQYwAToEFPvsiUIEBRTzVQ.8RapSC1QDiXLOPc0Z8goSHzu68rlGcdbv9Q2CxnvzCs
.srv.stackadapt.com/	1970-01-21 07:30:34	Name: sa-user-id-v3 Value: s%3AAQAKIElOXdSZ7By4WPEYVi5UFYA4BZ_Nk0uvFs4tzLYfp2HYENYBGAQg4IPqtQYwAToEFPvsiUIEBRTzVQ.8RapSC1QDiXLOPc0Z8goSHzu68rlGcdbv9Q2CxnvzCs
dems.ag/	1969-12-31 23:59:59	Name: wp-wpml_current_language Value: en
.dems.ag/	1970-01-21 00:54:34	Name: _gcl_au Value: 1.1.1980866067.1723498977
dems.ag/	1970-01-21 07:30:34	Name: sa-user-id Value: s%253A0-a67ac11d-950b-5c13-7b69-6bf5d760397f.vWBp0UfZTSjm3JthhYD60q5jhePTFKXdPmI4qAhLG%252Bc
dems.ag/	1970-01-21 07:30:34	Name: sa-user-id-v2 Value: s%253ApnrBHZULXBN7aWv112A5f1QTr6U.U%252F8P9YYW%252FZqVt5V%252BtWaldUFXHq4YLzy%252BZ%252B%252BqpI5oJOA
dems.ag/	1970-01-21 07:30:34	Name: sa-user-id-v3 Value: s%253AAQAKIElOXdSZ7By4WPEYVi5UFYA4BZ_Nk0uvFs4tzLYfp2HYENYBGAQg4IPqtQYwAToEFPvsiUIEBRTzVQ.8RapSC1QDiXLOPc0Z8goSHzu68rlGcdbv9Q2CxnvzCs
.dems.ag/	1970-01-21 07:30:34	Name: _hjSessionUser_3929513 Value: eyJpZCI6IjdlZWMyZGQ5LWIwNzQtNTk3MC1iZjEzLWQwZDNjYzhiYzFkZiIsImNyZWF0ZWQiOjE3MjM0OTg5NzcxMzQsImV4aXN0aW5nIjpmYWxzZX0=
.dems.ag/	1970-01-20 22:45:00	Name: _hjSession_3929513 Value: eyJpZCI6Ijk0ZThiZDAwLTdjZWItNDI2Ny04YmUzLWQwMTQ1Zjk5NGZiNCIsImMiOjE3MjM0OTg5NzcxMzUsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=
.dems.ag/	1970-01-20 22:46:25	Name: _gid Value: GA1.2.1523562735.1723498977
.dems.ag/	1970-01-20 22:44:59	Name: _gat_gtag_UA_152621184_1 Value: 1
.dems.ag/	1970-01-21 08:20:58	Name: _ga_C0KC0QE7ES Value: GS1.1.1723498977.1.0.1723498977.0.0.0
.dems.ag/	1970-01-21 08:20:58	Name: _ga Value: GA1.1.1072454649.1723498977
.dems.ag/	1970-01-21 00:54:34	Name: _fbp Value: fb.1.1723498977478.472471209604210689
.ngpvan.com/	1969-12-31 23:59:59	Name: nlbi_1002065 Value: EkbkW9FweSMR3qvV0IOYSwAAAADUjh81doUL0Q9XhGYpkkDV
.ngpvan.com/	1970-01-21 07:29:12	Name: visid_incap_1002065 Value: YeMcUpMoTtu7j05A53XIpeCBumYAAAAAQUIPAAAAAAC+assq+E41ZZupUyBf8R/9
.ngpvan.com/	1969-12-31 23:59:59	Name: incap_ses_1288_1002065 Value: Q/SLKL1leDxnqHxiNuXfEeGBumYAAAAA+zL3GK6K5DUxZew+ZconMg==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
dems.ag
fonts.googleapis.com
fonts.gstatic.com
js.verygoodvault.com
region1.google-analytics.com
script.hotjar.com
secure.ngpvan.com
static.everyaction.com
static.hotjar.com
tags.srv.stackadapt.com
vc.hotjar.io
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
13.33.187.92
141.193.213.10
18.196.139.72
18.239.83.43
18.245.175.99
18.66.102.51
2001:4860:4802:32::36
2600:9000:238d:d600:3:1d53:4780:93a1
2a00:1450:4001:802::2003
2a00:1450:4001:806::2008
2a00:1450:4001:811::200e
2a00:1450:4001:830::200a
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
45.60.33.183
078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4
099a5eff47f1cce93a02959777d5acdd91f49f1740e7e310a1104b47605ec423
0af53c307e0c24070ce7b3f2cf4d77dc60a5ed3b389c05d776b605911242ae66
120f82490e19609333eee4140b8c882dd2c8fabc938410a4539de297e6b12f85
187ff13c63b2c4bbdd7e07d6a7ad647510989b92e7dc47ef51567de73b8897a9
18d5b551a742857bcf9fc62a7c5469a7b6d5142360268b3e2edd17d5a666ecfe
1f9b2f16df3b1d83b6d59bcf981f97aa2a0a281a2941e5ab4501cdd9e0c807e6
1fc5e8a20bac765f6e6c5561f28bbad7b7302bf3009b2910e0070b7b27a95fd8
20be9b3c63a01d921697a0ef1c1596f647678498eefe6dc508e2363be25277f8
22a79f1fbcc70373c7021bae2164d9232d1e9dd3c6a163df9f9f54070e5f6b50
2302443e0fb551886e9486df2ee027a958110280edb9530f64e64a7b25f09077
32526bffc26a3a0a4d7283d2e971eba2a1a9102799da3ac6560ef24a95478e43
39494eaf8540d7aed130e68f3f9ec865cc25d987c174046cb4cb6f3fd4bc4be8
3d53c4259f23b38a024c3bffbceb153f1b1f07679d70bb04c259ed1b97690089
3ef9effb9eeb4a19994e2a877058ad642ebd1c5c64de77357db023ac4ef4ba14
3fbffd71285d5ce0463e13b8158978a198849b086c26dead89c6062dbb4bfddb
415edcfe99b62be6265a41b1a2e15af98806df3e6ba32b37b67b793d4212a40e
47247cf32c064515cfe48b9783072ab2b670ba87617c9ae171f36364bbafe0f0
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
575b2165304d899b7001ab593aeee31b371a46aee8b899c22a87ab9313389eda
58c855e7eb9b917e71e6b733e73c542c25bacb986f3ba7df2be1570200312135
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
5c009d46ad59d5e552af2aea6c3072d7fe5f33034a44c855e4754fa0f72cb7af
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c6764b994fc6d19f5aa48ba15956f0731a5172c4de07d2488a1c223868b58af
76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14
8a73c52c8dcf31907b545f1a6d5d8e5618f965017e35847275f7ea387b67304c
8d0d0251614e63c66de207727d86c379393085caba768da7e9c8277c5abc43b7
98e596c6c2b3eee4ac1937072fea9c643794b701308b60adc36b767ee8545392
9c6cabfcdd101b3f05f9be77a2bcf72ba09723dde2522c16cfa1c056159384c1
9cb5ea0a834d574435a91aae73fbfce5aa5fa7fed6bdc144371f2301050d357f
a54be57c482e85ead7bf3126b3a406f7acfbb270b59d49fc6e208391fdc4979c
a628cc5900cf4788c2ad7857a1f7987d53204ef05e71c60795b3b194a3708e7d
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b1f565b09169f1b1c0802812c3066d4fd01f4567bcafce215a61447942951264
b40277966ab293d963c0af593ac6a65352e3c29465929982c9c4785e487b331b
b56e40d0b9155440a3331e0118c665ffacbd1ea5a76b9e4868a5840bf6bff0ad
b9b4723e1725fca810a905f00cd53a5bb0e56901b9331973f1cd17d07712d181
be5a87773af2ae635efc8356c8281457b310511cce556822ef0bd28a35ad8c01
cd0f34c8c78b19b7a19090b79b8b81dcda22cb5ea90c6dd14f5abea5e67f3306
d24478b74ca6fbec6a07827aee7986875c36f33e7cfce7c93a039ac5b8f9b3ba
d80aaa49e6ac8f56fc33300d62460d6dadad5f61225efeebaea10b22bb1ef08c
db04c86ad3bc46d16b82b6d9ce6b6174ec8e839b8ef5d1a875bcf2852a6e9a71
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea1ac21fa65ac3003d8b1a3fde6c30ae453782946cd8e4bc3a9643a3364cb30c
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
f825f8c1bcadeb617528a460f8bed506345bff6d0aa9596f28b87dfbbdc52d58

dems.ag Open in urlscan Pro 141.193.213.10 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

55 Requests

98 %HTTPS

53 %IPv6

13 Domains

15 Subdomains

16 IPs

2 Countries

2197 kBTransfer

4138 kBSize

21 Cookies

5 Outgoing links

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

dems.ag Open in urlscan Pro
141.193.213.10 Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

98 %
HTTPS

53 %
IPv6

13
Domains

15
Subdomains

16
IPs

2
Countries

2197 kB
Transfer

4138 kB
Size

21
Cookies

55 HTTP transactions
0 data transactions