dems.ag Open in urlscan Pro
104.196.131.29 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://dems.ag/
Effective URL:
https://dems.ag/
Submission: On July 16 via manual (July 16th 2024, 6:11:23 pm UTC) from US — Scanned from DE

Summary HTTP 60 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 15 IPs in 2 countries across 12 domains to perform 60 HTTP transactions. The main IP is 104.196.131.29, located in North Charleston, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is dems.ag.
TLS certificate: Issued by R3 on May 10th 2024. Valid for: 3 months.

This is the only time dems.ag was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
29	104.196.131.29 104.196.131.29	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
4	2600:9000:26d... 2600:9000:26db:4e00:3:1d53:4780:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
4	3.121.91.221 3.121.91.221	16509 (AMAZON-02) (AMAZON-02)
1	18.66.192.125 18.66.192.125	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	54.230.228.47 54.230.228.47	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
5	45.60.33.183 45.60.33.183	19551 (INCAPSULA) (INCAPSULA)
1	18.66.192.81 18.66.192.81	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
60	15

29 104.196.131.29 (North Charleston, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 29.131.196.104.bc.googleusercontent.com

dems.ag	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:26db:4e00:3:1d53:4780:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.everyaction.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.121.91.221 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-91-221.eu-central-1.compute.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.192.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-125.muc50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.228.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-228-47.muc50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 45.60.33.183 (United States)

ASN19551 (INCAPSULA, US)

profile.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.192.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-81.muc50.r.cloudfront.net

js.verygoodvault.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	dems.ag dems.ag	1 MB
5	ngpvan.com profile.ngpvan.com — Cisco Umbrella Rank: 134580 secure.ngpvan.com — Cisco Umbrella Rank: 281676 fastaction.ngpvan.com Failed	3 KB
4	stackadapt.com tags.srv.stackadapt.com — Cisco Umbrella Rank: 4688	10 KB
4	everyaction.com static.everyaction.com — Cisco Umbrella Rank: 146326	269 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	332 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104 region1.google-analytics.com — Cisco Umbrella Rank: 3123	21 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	4 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	74 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 1335 script.hotjar.com — Cisco Umbrella Rank: 2017	60 KB
1	verygoodvault.com js.verygoodvault.com — Cisco Umbrella Rank: 45244	44 KB
1	gstatic.com fonts.gstatic.com	46 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	1 KB
60	12

	Domain	Requested by
29	dems.ag	dems.ag
4	secure.ngpvan.com	static.everyaction.com dems.ag
4	tags.srv.stackadapt.com	dems.ag tags.srv.stackadapt.com
4	static.everyaction.com	dems.ag static.everyaction.com
4	www.googletagmanager.com	dems.ag www.googletagmanager.com
2	www.facebook.com	dems.ag
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	dems.ag connect.facebook.net
1	js.verygoodvault.com	static.everyaction.com
1	profile.ngpvan.com	static.everyaction.com
1	region1.google-analytics.com	www.googletagmanager.com
1	script.hotjar.com	static.hotjar.com
1	fonts.gstatic.com	fonts.googleapis.com
1	static.hotjar.com	dems.ag
1	fonts.googleapis.com	dems.ag
0	fastaction.ngpvan.com Failed	static.everyaction.com
60	16

This site contains links to these domains. Also see Links.

Domain
secure.actblue.com
fastaction.ngpvan.com
twitter.com
www.facebook.com
www.instagram.com
www.youtube.com

Subject Issuer	Validity	Valid
dems.ag R3	`2024-05-10` - `2024-08-08`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
static.everyaction.com Amazon RSA 2048 M03	`2024-04-08` - `2025-05-07`	a year	crt.sh
upload.video.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.srv.stackadapt.com Amazon RSA 2048 M02	`2023-09-09` - `2024-10-07`	a year	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
*.gstatic.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-04-25` - `2024-07-24`	3 months	crt.sh
*.ngpvan.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-11-07` - `2024-11-06`	a year	crt.sh
*.verygoodvault.com Amazon RSA 2048 M02	`2023-12-19` - `2025-01-16`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://dems.ag/
Frame ID: FA7A6CB1CE3A6835A802767F6E60B9DF
Requests: 60 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home - Democratic Attorneys General Association

Page URL History Show full URLs

http://dems.ag/ HTTP 307
https://dems.ag/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Page Statistics

60
Requests

97 %
HTTPS

57 %
IPv6

12
Domains

16
Subdomains

15
IPs

2
Countries

2344 kB
Transfer

5351 kB
Size

21
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://secure.actblue.com/donate/demagswebsite
Title: Donate

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/actionid_signup
Title: Sign up with your email address

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/terms
Title: terms of service

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/privacy
Title: privacy policy.

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/actionid
Title: Log in with your email address

Search URL Search Domain Scan URL

URL: https://twitter.com/democraticags

Search URL Search Domain Scan URL

URL: https://www.facebook.com/DemocraticAGs/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/democraticags/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC4ETPztHHnI4ka5GlvmF7ag

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://dems.ag/ HTTP 307
https://dems.ag/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

60 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
dems.ag/
Redirect Chain

http://dems.ag/
https://dems.ag/

38 KB
10 KB

550ms
265ms

Document
text/html

104.196.131.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dems.ag/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.131.29 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.131.196.104.bc.googleusercontent.com
Software: nginx / WP Engine
Resource Hash: 688dc53b2c4c4af881abb52a9e4ea0d43af1f9d585308b862905cd09edaceb59

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control: max-age=600, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 16 Jul 2024 18:11:15 GMT
link: <https://dems.ag/wp-json/>; rel="https://api.w.org/" <https://dems.ag/wp-json/wp/v2/pages/148>; rel="alternate"; type="application/json" <https://dems.ag/>; rel=shortlink
server: nginx
vary: Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 1
x-cache-group: normal
x-cacheable: SHORT
x-powered-by: WP Engine

Redirect headers

Location: https://dems.ag/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 styles.css
dems.ag/wp-content/plugins/sitepress-multilingual-cms/dist/css/blocks/ 58 KB
7 KB 153ms
151ms Stylesheet
text/css 104.196.131.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dems.ag/wp-content/plugins/sitepress-multilingual-cms/dist/css/blocks/styles.css?ver=4.6.9
Requested by: Host: dems.ag
URL: https://dems.ag/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.131.29 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.131.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 58c855e7eb9b917e71e6b733e73c542c25bacb986f3ba7df2be1570200312135

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 18:11:16 GMT
content-encoding: br
last-modified: Thu, 11 Jan 2024 03:39:53 GMT
server: nginx
etag: W/"659f6309-e768"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 style.min.css
dems.ag/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-horizontal/ 908 B
509 B 160ms
159ms Stylesheet
text/css 104.196.131.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dems.ag/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-horizontal/style.min.css?ver=1
Requested by: Host: dems.ag
URL: https://dems.ag/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.131.29 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.131.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 22a79f1fbcc70373c7021bae2164d9232d1e9dd3c6a163df9f9f54070e5f6b50

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 18:11:16 GMT
content-encoding: br
last-modified: Thu, 11 Jan 2024 03:39:53 GMT
server: nginx
etag: W/"659f6309-38c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 style.css
dems.ag/wp-content/themes/daga/ 82 KB
12 KB 216ms
215ms Stylesheet
text/css 104.196.131.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dems.ag/wp-content/themes/daga/style.css?ver=1.0.1
Requested by: Host: dems.ag
URL: https://dems.ag/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.131.29 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.131.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: df4331419c5578a5d9187c0ffc11f5394258607985fdfeca7bd0a1558f7d01d6

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 18:11:16 GMT
content-encoding: br
last-modified: Tue, 09 Jul 2024 20:06:06 GMT
server: nginx
etag: W/"668d982e-146be"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 language-cookie.js Show response
dems.ag/wp-content/plugins/sitepress-multilingual-cms/res/js/cookies/ 271 B
401 B 168ms
164ms Script
application/javascript 104.196.131.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dems.ag/wp-content/plugins/sitepress-multilingual-cms/res/js/cookies/language-cookie.js?ver=4.6.9
Requested by: Host: dems.ag
URL: https://dems.ag/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.131.29 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.131.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 20be9b3c63a01d921697a0ef1c1596f647678498eefe6dc508e2363be25277f8

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 18:11:16 GMT
content-encoding: br
last-modified: Thu, 11 Jan 2024 03:39:52 GMT
server: nginx
etag: W/"659f6308-10f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 209 KB
75 KB 210ms
114ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-152621184-1

Requested by

Host: dems.ag
URL: https://dems.ag/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8a7f371261d330b7309c6e1f0fa99143d2150b22e8ee25b096aad3568dc4eff8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 18:11:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76941
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 16 Jul 2024 18:11:16 GMT

GET
H2 200 homepage-desktop.jpg
dems.ag/wp-content/uploads/2022/03/ 933 KB
934 KB 216ms
215ms Image
image/jpeg 104.196.131.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dems.ag/wp-content/uploads/2022/03/homepage-desktop.jpg
Requested by: Host: dems.ag
URL: https://dems.ag/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.131.29 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.131.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: fe0d3bed187d8ffdf78c72929ffe93285cd8fe6d04191d20d94279fe3a9ae888

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 18:11:16 GMT
last-modified: Wed, 16 Mar 2022 15:04:23 GMT
server: nginx
etag: "6231fc77-e922d"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 954925

GET
H2 200 at.js Show response
static.everyaction.com/ea-actiontag/ 840 KB
242 KB 174ms
44ms Script
application/javascript 2600:9000:26db:4e00:3:1d53:4780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.everyaction.com/ea-actiontag/at.js
Requested by: Host: dems.ag
URL: https://dems.ag/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:4e00:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 736cb7ea03bc8e47318e682fadee09429046519d9bb76dd5b566dd01caabbb5f

Request headers

Referer: https://dems.ag/
Origin: https://dems.ag
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 03:41:54 GMT
content-encoding: gzip
via: 1.1 ca623c10f2a669c8a9af30362937ebac.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
age: 54472
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 247305
last-modified: Tue, 09 Jul 2024 14:36:14 GMT
server: AmazonS3
etag: "b0d820de99e06cca319054541a05e5ef"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900, s-maxage=86400, public
accept-ranges: bytes
x-amz-cf-id: g7kuMLz5NSVg2WSNJagH31DHy9DSBuptt2YITaRo0TcZkg5LbgfLWw==

GET
H2 200 at.min.css
static.everyaction.com/ea-actiontag/ 59 KB
12 KB 136ms
48ms Stylesheet
text/css 2600:9000:26db:4e00:3:1d53:4780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.everyaction.com/ea-actiontag/at.min.css
Requested by: Host: dems.ag
URL: https://dems.ag/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:4e00:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f61bb76f0258bb04f6e755806267ee945db59a6349b1a2815f3646614868c1db

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 03:41:54 GMT
content-encoding: gzip
via: 1.1 b9c5f3514baef1f70c91fc9b0be37d2e.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
age: 52354
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 11716
last-modified: Tue, 09 Jul 2024 14:36:14 GMT
server: AmazonS3
etag: "25fe437eaffd2e0a68b4017889b093bf"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900, s-maxage=86400, public
accept-ranges: bytes
x-amz-cf-id: 5ho9Rt65zT0IBvlRcMP4cRcowJ2ANIYYLQf0MBmsmy-S9UI3tseTnA==

GET
H2 200 Website-Headshots-Ford.jpg
dems.ag/wp-content/uploads/2024/02/ 53 KB
53 KB 209ms
209ms Image
image/jpeg 104.196.131.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dems.ag/wp-content/uploads/2024/02/Website-Headshots-Ford.jpg
Requested by: Host: dems.ag
URL: https://dems.ag/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.131.29 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.131.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 30d947046d83a709a5545f69a5ce4b3fb85d321385f2989bc3edd10ee97c1a51

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 18:11:16 GMT
last-modified: Wed, 14 Feb 2024 21:17:40 GMT
server: nginx
etag: "65cd2df4-d34f"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 54095

GET
H2 200 Website-Headshots-Jennings.jpg
dems.ag/wp-content/uploads/2024/02/ 44 KB
44 KB 208ms
204ms Image
image/jpeg 104.196.131.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dems.ag/wp-content/uploads/2024/02/Website-Headshots-Jennings.jpg
Requested by: Host: dems.ag
URL: https://dems.ag/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.131.29 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.131.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: adaa391278f86124ee0f2d353bcb1052cfbaebf561a539aad1434a592ade3fde

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 18:11:16 GMT
last-modified: Wed, 14 Feb 2024 21:17:40 GMT
server: nginx
etag: "65cd2df4-afbe"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 44990

GET
H2 200 Website-Headshots-Ellison.jpg
dems.ag/wp-content/uploads/2024/02/ 47 KB
47 KB 209ms
204ms Image
image/jpeg 104.196.131.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dems.ag/wp-content/uploads/2024/02/Website-Headshots-Ellison.jpg
Requested by: Host: dems.ag
URL: https://dems.ag/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.131.29 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.131.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: eb172a969ec73d1113589ab8f3bb2272d7803b0f829d213f68c5e734011fd79b

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 18:11:16 GMT
last-modified: Wed, 14 Feb 2024 21:02:59 GMT
server: nginx
etag: "65cd2a83-bb0f"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 47887

GET
H2 200 Website-Headshots-Raoul.jpg
dems.ag/wp-content/uploads/2024/02/ 51 KB
51 KB 211ms
207ms Image
image/jpeg 104.196.131.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dems.ag/wp-content/uploads/2024/02/Website-Headshots-Raoul.jpg
Requested by: Host: dems.ag
URL: https://dems.ag/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.131.29 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.131.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3e657027675631828ba5d7a70e651b22acc3c58f9e8052a64a9c38e968a37a51

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 18:11:16 GMT
last-modified: Wed, 14 Feb 2024 21:12:50 GMT
server: nginx
etag: "65cd2cd2-cbd1"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 52177

GET
H2 200 Website-Headshots-Campbell.jpg
dems.ag/wp-content/uploads/2022/09/ 44 KB
44 KB 182ms
178ms Image
image/jpeg 104.196.131.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dems.ag/wp-content/uploads/2022/09/Website-Headshots-Campbell.jpg
Requested by: Host: dems.ag
URL: https://dems.ag/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.131.29 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.131.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9d7ef3a04d7374047b37d4723c483216b9e71501b0d1ae0671faaaea8d05d81a

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 18:11:16 GMT
last-modified: Mon, 08 May 2023 19:47:02 GMT
server: nginx
etag: "645951b6-af70"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 44912

GET
H2 200 Website-Headshots-Bonta.jpg
dems.ag/wp-content/uploads/2024/02/ 46 KB
46 KB 183ms
180ms Image
image/jpeg 104.196.131.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dems.ag/wp-content/uploads/2024/02/Website-Headshots-Bonta.jpg
Requested by: Host: dems.ag
URL: https://dems.ag/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.131.29 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.131.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: a71a46320dfa40f73c07696f24e812c3ba767abbfc46cb25d48bd14e9f10f97b

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 18:11:16 GMT
last-modified: Wed, 14 Feb 2024 21:15:16 GMT
server: nginx
etag: "65cd2d64-b6f7"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 46839

GET
H2 200 Website-Headshots-Rosenblum.jpg
dems.ag/wp-content/uploads/2024/02/ 47 KB
47 KB 183ms
179ms Image
image/jpeg 104.196.131.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dems.ag/wp-content/uploads/2024/02/Website-Headshots-Rosenblum.jpg
Requested by: Host: dems.ag
URL: https://dems.ag/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.131.29 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.131.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0b3a8a9a88333110f24564f4fd7ae1160ae02fd4499f24631d2c8727f5d0bdfb

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 18:11:16 GMT
last-modified: Wed, 14 Feb 2024 20:54:48 GMT
server: nginx
etag: "65cd2898-bce8"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 48360

GET
H2 200 5.4.23-Website-Icons-05-aspect-ratio-13-10.jpg
dems.ag/wp-content/uploads/2023/06/ 21 KB
21 KB 206ms
203ms Image
image/jpeg 104.196.131.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dems.ag/wp-content/uploads/2023/06/5.4.23-Website-Icons-05-aspect-ratio-13-10.jpg
Requested by: Host: dems.ag
URL: https://dems.ag/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.131.29 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.131.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7f4396dc7fdba52353c5d5672fd6ee73ee3a0eef49320f607278d6edf85e173c

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 18:11:16 GMT
last-modified: Mon, 12 Jun 2023 14:56:31 GMT
server: nginx
etag: "6487321f-5305"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 21253

GET
H2 200 5.4.23-Website-Icons-06-aspect-ratio-13-10.jpg
dems.ag/wp-content/uploads/2023/06/ 23 KB
23 KB 166ms
163ms Image
image/jpeg 104.196.131.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dems.ag/wp-content/uploads/2023/06/5.4.23-Website-Icons-06-aspect-ratio-13-10.jpg
Requested by: Host: dems.ag
URL: https://dems.ag/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.131.29 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.131.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: a52f09d890996c427e371c89532e3c94a9e64a410b3f98c41e86918ef69bf734

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 18:11:16 GMT
last-modified: Mon, 12 Jun 2023 14:57:19 GMT
server: nginx
etag: "6487324f-5b55"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 23381

GET
H2 200 5.4.23-Website-Icons-12-aspect-ratio-13-10.jpg
dems.ag/wp-content/uploads/2023/06/ 22 KB
22 KB 357ms
354ms Image
image/jpeg 104.196.131.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dems.ag/wp-content/uploads/2023/06/5.4.23-Website-Icons-12-aspect-ratio-13-10.jpg
Requested by: Host: dems.ag
URL: https://dems.ag/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.131.29 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.131.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 18a42900ff88be3bff6dbd969627128a388aa86ee0d4610d7eb57c976f4ddabf

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 18:11:16 GMT
last-modified: Mon, 12 Jun 2023 14:56:31 GMT
server: nginx
etag: "6487321f-57ab"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 22443

GET
H2 200 5.4.23-Website-Icons-04-aspect-ratio-13-10.jpg
dems.ag/wp-content/uploads/2023/06/ 22 KB
22 KB 357ms
354ms Image
image/jpeg 104.196.131.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dems.ag/wp-content/uploads/2023/06/5.4.23-Website-Icons-04-aspect-ratio-13-10.jpg
Requested by: Host: dems.ag
URL: https://dems.ag/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.131.29 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.131.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 10d85eada027b2fa6575676a3816054bd584e45b0624bcfac005a1089dc70811

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 18:11:16 GMT
last-modified: Mon, 12 Jun 2023 14:56:31 GMT
server: nginx
etag: "6487321f-57b3"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 22451

GET
H2 200 5.4.23-Website-Icons-11-aspect-ratio-13-10.jpg
dems.ag/wp-content/uploads/2023/06/ 24 KB
24 KB 358ms
356ms Image
image/jpeg 104.196.131.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dems.ag/wp-content/uploads/2023/06/5.4.23-Website-Icons-11-aspect-ratio-13-10.jpg
Requested by: Host: dems.ag
URL: https://dems.ag/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.131.29 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.131.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 25a37c10873cce67ce186a14f8c641bb5d08bafc78f9f6482c111df69e7a347b

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 18:11:16 GMT
last-modified: Mon, 12 Jun 2023 14:57:19 GMT
server: nginx
etag: "6487324f-5f35"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 24373

GET
H2 200 5.4.23-Website-Icons-10-aspect-ratio-13-10.jpg
dems.ag/wp-content/uploads/2023/06/ 19 KB
19 KB 401ms
399ms Image
image/jpeg 104.196.131.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dems.ag/wp-content/uploads/2023/06/5.4.23-Website-Icons-10-aspect-ratio-13-10.jpg
Requested by: Host: dems.ag
URL: https://dems.ag/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.131.29 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.131.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8d78565b7fe4bbb7b2cd0ee35f0fb8a62be3c3bbb17da17b4b44662cb45484d2

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 18:11:17 GMT
last-modified: Mon, 12 Jun 2023 14:56:31 GMT
server: nginx
etag: "6487321f-4cf2"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 19698

GET
H2 200 scripts.js Show response
dems.ag/wp-content/themes/daga/js/ 91 KB
26 KB 169ms
165ms Script
application/javascript 104.196.131.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dems.ag/wp-content/themes/daga/js/scripts.js?ver=1.0.1
Requested by: Host: dems.ag
URL: https://dems.ag/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.131.29 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.131.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8d0d0251614e63c66de207727d86c379393085caba768da7e9c8277c5abc43b7

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 18:11:16 GMT
content-encoding: br
last-modified: Fri, 25 Mar 2022 14:11:13 GMT
server: nginx
etag: W/"623dcd81-16c94"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 249 KB
89 KB 150ms
56ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MF9XFBN

Requested by

Host: dems.ag
URL: https://dems.ag/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

38ef59af3bd3d40b320f64f5b59e91cfeea2af6919059da24da1ceb0861d2313

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 18:11:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90294
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 16 Jul 2024 18:11:16 GMT

GET
BLOB 200
OK d4ca303f-3b3a-483b-893d-9f98635ba8ef
https://dems.ag/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://dems.ag/d4ca303f-3b3a-483b-893d-9f98635ba8ef
Requested by: Host: dems.ag
URL: https://dems.ag/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 1185
Content-Type: text/javascript

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 149ms
55ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;700&display=swap

Requested by

Host: dems.ag
URL: https://dems.ag/wp-content/themes/daga/style.css?ver=1.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3ae6e4decd4fb974b41b2f37fa7b19c7a1c9b80127dd45be4bc24702c7145a4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 16 Jul 2024 18:11:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 16 Jul 2024 17:13:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Jul 2024 18:11:16 GMT

GET
H2 200 events.js Show response
tags.srv.stackadapt.com/ 22 KB
7 KB 227ms
132ms Script
text/javascript 3.121.91.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: dems.ag
URL: https://dems.ag/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.121.91.221 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-91-221.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: fa50b4cc65700096c197f39fcc8809a4e2c5baa93dba34269af73aa932394879

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 16 Jul 2024 18:11:16 GMT
cache-control: max-age=5
content-encoding: gzip
content-type: text/javascript

GET
H2 200 hotjar-3929513.js Show response
static.hotjar.com/c/ 9 KB
4 KB 207ms
100ms Script
application/javascript 18.66.192.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3929513.js?sv=5

Requested by

Host: dems.ag
URL: https://dems.ag/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.125 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-125.muc50.r.cloudfront.net

Software

Resource Hash

d3bceeb8641c6ed8aa062b774cd7c7bd1e745946e1ad8d78a5288429dd8cce24

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Tue, 16 Jul 2024 18:11:16 GMT
via: 1.1 878a01abbb158ab50d28bd4e882dc33a.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
etag: W/ca31069c9b8f692305db60bbf7b5f6d2
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: XG-IUx4iAEyTLn8O77cXPhVNSxAfGMT__0TPaapRjBOhsuuCnuY2MA==

GET
H2 200 daga-logo.svg
dems.ag/wp-content/themes/daga/images/ 14 KB
4 KB 340ms
340ms Image
image/svg+xml 104.196.131.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dems.ag/wp-content/themes/daga/images/daga-logo.svg
Requested by: Host: dems.ag
URL: https://dems.ag/wp-content/themes/daga/style.css?ver=1.0.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.131.29 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.131.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: a54be57c482e85ead7bf3126b3a406f7acfbb270b59d49fc6e208391fdc4979c

Request headers

Referer: https://dems.ag/wp-content/themes/daga/style.css?ver=1.0.1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 18:11:17 GMT
content-encoding: br
last-modified: Fri, 25 Mar 2022 14:11:13 GMT
server: nginx
etag: W/"623dcd81-36e0"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 46 KB
46 KB 137ms
43ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://dems.ag
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 09:37:43 GMT
x-content-type-options: nosniff
age: 30813
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Jul 2025 09:37:43 GMT

GET
H2 200 Messapia-Bold.woff2
dems.ag/wp-content/themes/daga/fonts/ 15 KB
15 KB 339ms
339ms Font
font/woff2 104.196.131.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dems.ag/wp-content/themes/daga/fonts/Messapia-Bold.woff2
Requested by: Host: dems.ag
URL: https://dems.ag/wp-content/themes/daga/style.css?ver=1.0.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.131.29 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.131.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0af53c307e0c24070ce7b3f2cf4d77dc60a5ed3b389c05d776b605911242ae66

Request headers

Referer: https://dems.ag/wp-content/themes/daga/style.css?ver=1.0.1
Origin: https://dems.ag
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 18:11:17 GMT
last-modified: Fri, 25 Mar 2022 14:11:13 GMT
server: nginx
etag: "623dcd81-3ca0"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 15520

GET
H2 200 at.js Show response
static.everyaction.com/ea-actiontag/ 840 KB
412 B 44ms
44ms Script
application/javascript 2600:9000:26db:4e00:3:1d53:4780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.everyaction.com/ea-actiontag/at.js
Requested by: Host: dems.ag
URL: https://dems.ag/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:4e00:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 736cb7ea03bc8e47318e682fadee09429046519d9bb76dd5b566dd01caabbb5f

Request headers

Referer: https://dems.ag/
Origin: https://dems.ag
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 03:41:54 GMT
via: 1.1 ca623c10f2a669c8a9af30362937ebac.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: MUC50-P3
age: 54472
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 247305
last-modified: Tue, 09 Jul 2024 14:36:14 GMT
server: AmazonS3
etag: "b0d820de99e06cca319054541a05e5ef"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900, s-maxage=86400, public
accept-ranges: bytes
x-amz-cf-id: igujKFnsz4xItHVXnVnacGU5Ya8IYhyh4yWahYpohjhuKPbHz-OPOQ==

GET
H2 200 arrow-triple-navy.svg
dems.ag/wp-content/themes/daga/images/ 319 B
400 B 411ms
410ms Image
image/svg+xml 104.196.131.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dems.ag/wp-content/themes/daga/images/arrow-triple-navy.svg
Requested by: Host: dems.ag
URL: https://dems.ag/wp-content/themes/daga/style.css?ver=1.0.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.131.29 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.131.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2302443e0fb551886e9486df2ee027a958110280edb9530f64e64a7b25f09077

Request headers

Referer: https://dems.ag/wp-content/themes/daga/style.css?ver=1.0.1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 18:11:17 GMT
content-encoding: br
last-modified: Fri, 25 Mar 2022 14:11:13 GMT
server: nginx
etag: W/"623dcd81-13f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 caret-down.svg
dems.ag/wp-content/themes/daga/images/ 130 B
320 B 276ms
276ms Image
image/svg+xml 104.196.131.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dems.ag/wp-content/themes/daga/images/caret-down.svg
Requested by: Host: dems.ag
URL: https://dems.ag/wp-content/themes/daga/style.css?ver=1.0.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.131.29 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.131.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 47247cf32c064515cfe48b9783072ab2b670ba87617c9ae171f36364bbafe0f0

Request headers

Referer: https://dems.ag/wp-content/themes/daga/style.css?ver=1.0.1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 18:11:16 GMT
content-encoding: br
last-modified: Fri, 25 Mar 2022 14:11:13 GMT
server: nginx
etag: W/"623dcd81-82"
vary: Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 arrow-triple-white.svg
dems.ag/wp-content/themes/daga/images/ 661 B
579 B 275ms
275ms Image
image/svg+xml 104.196.131.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dems.ag/wp-content/themes/daga/images/arrow-triple-white.svg
Requested by: Host: dems.ag
URL: https://dems.ag/wp-content/themes/daga/style.css?ver=1.0.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.131.29 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.131.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: b9b4723e1725fca810a905f00cd53a5bb0e56901b9331973f1cd17d07712d181

Request headers

Referer: https://dems.ag/wp-content/themes/daga/style.css?ver=1.0.1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 18:11:16 GMT
content-encoding: br
last-modified: Fri, 25 Mar 2022 14:11:13 GMT
server: nginx
etag: W/"623dcd81-295"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 modules.e4b2dc39f985f11fb1e4.js Show response
script.hotjar.com/ 223 KB
56 KB 260ms
60ms Script
application/javascript 54.230.228.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.e4b2dc39f985f11fb1e4.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3929513.js?sv=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.228.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-228-47.muc50.r.cloudfront.net

Software

Resource Hash

619feac205d68f6356fcad13d6758533011a8acc7830e3deb0f763249d7516c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 01 Jul 2024 08:11:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 8a0110b64ead65f0aff7193e350b2c52.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P5
age: 1332010
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56291
last-modified: Mon, 01 Jul 2024 08:10:34 GMT
etag: "ca025d2d8ae4b3dc51e058b782590501"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: cE6C1ggQ-4QfTmVHFS-AjCqD__uftmZDBw7cS1sDWDGs8mUCWutLGQ==

GET
H2 200 sa.css
tags.srv.stackadapt.com/ 65 B
203 B 140ms
139ms Stylesheet
text/css 3.121.91.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.121.91.221 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-91-221.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 0eb2ce95540f86ca861f7d0cdc69c6fe2ca70aadc3994351a0cc1c3f1fa60e3f

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 16 Jul 2024 18:11:17 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 65
content-type: text/css

GET
H2 200 sa.jpeg Show response
tags.srv.stackadapt.com/ 0
2 KB 305ms
130ms Fetch
image/jpeg 3.121.91.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.121.91.221 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-91-221.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 16 Jul 2024 18:11:17 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 651
content-type: image/jpeg

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 223 KB
60 KB 174ms
40ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: dems.ag
URL: https://dems.ag/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c4832b19dd5406ac0855426096610e532861e94c65819651ada45299002455de

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 16 Jul 2024 18:11:17 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58653
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1297, tbw=2791, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: 1l4X9fYYdiR1IR4wAqwXR5pm7IWh6dO+8ASUTkMKSkzEgqqOkFhjgW3zsZ0IFDCX+xnjPV1IH7p0i0G/mvnK4A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 209 KB
75 KB 112ms
111ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-152621184-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MF9XFBN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c1268697ea33539c50e002c91473cb72a53d5daceea868d8c7dc5293d9bcf558

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 18:11:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77047
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 16 Jul 2024 18:11:17 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 263 KB
93 KB 93ms
93ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-C0KC0QE7ES&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-152621184-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f093fd5a8986da44843edd1db43ece4fe71c3e73193a4108b57eba0b7df27d14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 18:11:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94794
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 16 Jul 2024 18:11:17 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 151ms
40ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-152621184-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 16 Jul 2024 16:29:07 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 6130
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 16 Jul 2024 18:29:07 GMT

GET
H2 200 Website-Headshots-Ford.jpg
dems.ag/wp-content/uploads/2024/02/ 53 KB
0 1ms
1ms Image
image/jpeg 104.196.131.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dems.ag/wp-content/uploads/2024/02/Website-Headshots-Ford.jpg
Requested by: Host: dems.ag
URL: https://dems.ag/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.131.29 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.131.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 30d947046d83a709a5545f69a5ce4b3fb85d321385f2989bc3edd10ee97c1a51

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 18:11:16 GMT
last-modified: Wed, 14 Feb 2024 21:17:40 GMT
server: nginx
etag: "65cd2df4-d34f"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 54095

GET
H2 200 Website-Headshots-Rosenblum.jpg
dems.ag/wp-content/uploads/2024/02/ 47 KB
0 1ms
1ms Image
image/jpeg 104.196.131.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dems.ag/wp-content/uploads/2024/02/Website-Headshots-Rosenblum.jpg
Requested by: Host: dems.ag
URL: https://dems.ag/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.131.29 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.131.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0b3a8a9a88333110f24564f4fd7ae1160ae02fd4499f24631d2c8727f5d0bdfb

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 18:11:16 GMT
last-modified: Wed, 14 Feb 2024 20:54:48 GMT
server: nginx
etag: "65cd2898-bce8"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 48360

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 147ms
47ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-C0KC0QE7ES&gtm=45je4790v9139033882za200&_p=1721153476121&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1820337151.1721153477&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1721153477&sct=1&seg=0&dl=https%3A%2F%2Fdems.ag%2F&dt=Home%20-%20Democratic%20Attorneys%20General%20Association&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1691&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C0KC0QE7ES&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jul 2024 18:11:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dems.ag
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 wp-emoji-release.min.js Show response
dems.ag/wp-includes/js/ 18 KB
5 KB 162ms
162ms Script
application/javascript 104.196.131.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dems.ag/wp-includes/js/wp-emoji-release.min.js?ver=6.5.5
Requested by: Host: dems.ag
URL: https://dems.ag/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.131.29 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.131.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 18:11:17 GMT
content-encoding: br
last-modified: Fri, 05 Apr 2024 15:39:02 GMT
server: nginx
etag: W/"66101b16-4926"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 extra.min.css
static.everyaction.com/ea-actiontag/ 78 KB
14 KB 53ms
52ms Stylesheet
text/css 2600:9000:26db:4e00:3:1d53:4780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.everyaction.com/ea-actiontag/extra.min.css
Requested by: Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:4e00:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c444a395f548f4915ab1482df66afbe23c5ec9b704453d2094848792cf042591

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 04:04:59 GMT
content-encoding: gzip
via: 1.1 b9c5f3514baef1f70c91fc9b0be37d2e.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
age: 51459
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 14169
last-modified: Tue, 09 Jul 2024 14:36:14 GMT
server: AmazonS3
etag: "28a97034c0ccb036dd0bb670f2452e35"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900, s-maxage=86400, public
accept-ranges: bytes
x-amz-cf-id: iIyEu7gXukqbsfvKOOrdfQ9mPcEBo7mX7LZFB1KQK7IpQEllOqX8Ag==

GET
H2 204 identity Show response
profile.ngpvan.com/ 0
568 B 510ms
413ms Script
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://profile.ngpvan.com/identity?callback=_jqjsp
Requested by: Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 18:11:17 GMT
reason: Returned 204 - No Content. Referrer not whitelisted
server: Microsoft-IIS/10.0
x-cdn: Imperva
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
x-powered-by: Express, ASP.NET
x-iinfo: 9-115521821-115521823 NNNN CT(91 184 0) RT(1721153476518 40) q(0 0 3 0) r(4 4) U24
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H/1.1 200
OK vgs-collect.js Show response
js.verygoodvault.com/vgs-collect/2.18.4/ 134 KB
44 KB 181ms
62ms Script
application/javascript 18.66.192.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/2.18.4/vgs-collect.js
Requested by: Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-81.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 575b2165304d899b7001ab593aeee31b371a46aee8b899c22a87ab9313389eda

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: jfBMjoXBTwBLxrf4sD.h_N_F9QJn5gdY
Content-Encoding: gzip
Via: 1.1 29473aa9cc185f2a037ec3a7e2ffd74c.cloudfront.net (CloudFront)
Date: Tue, 16 Jul 2024 18:11:17 GMT
X-Amz-Cf-Pop: MUC50-P1
Age: 28
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 16 Mar 2023 10:29:55 GMT
Server: AmazonS3
ETag: W/"156be461dd96d02fce3792c020f7748a"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=60
X-Amz-Cf-Id: xXszMbXzjgObwJYh6kn5e4jQ9K7U4n_rWdvnZc5cl0kpRYKMlrtRpw==

GET
H2 200 F0FbMqMdu02IxogaZwEmdA2 Show response
secure.ngpvan.com/v1/Forms/ 3 KB
2 KB 540ms
426ms XHR
application/json 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.ngpvan.com/v1/Forms/F0FbMqMdu02IxogaZwEmdA2

Requested by

Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

b79f63ad8c2922c5d8205b8bbc8f94dc8c58467a54c3b5afef7d755aaf854d72

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 18:11:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-cdn: Imperva
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-iinfo: 13-243794063-243794075 NNNN CT(86 188 0) RT(1721153476549 56) q(0 0 2 1) r(3 3) U18
content-length: 1375
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
vary: Origin,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dems.ag
access-control-expose-headers: Request-Context
cache-control: public, max-age=10
access-control-allow-credentials: true

GET
H2 200 F0FbMqMdu02IxogaZwEmdA2 Show response
secure.ngpvan.com/v1/Forms/ 3 KB
0 537ms
537ms XHR
application/json 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.ngpvan.com/v1/Forms/F0FbMqMdu02IxogaZwEmdA2

Requested by

Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

b79f63ad8c2922c5d8205b8bbc8f94dc8c58467a54c3b5afef7d755aaf854d72

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 18:11:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-cdn: Imperva
x-iinfo: 13-243794063-243794075 NNNN CT(86 188 0) RT(1721153476549 56) q(0 0 2 1) r(3 3) U18
content-length: 1375
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
vary: Origin,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dems.ag
access-control-expose-headers: Request-Context
cache-control: public, max-age=10
access-control-allow-credentials: true

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
200 B 49ms
48ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=112101113&t=pageview&_s=1&dl=https%3A%2F%2Fdems.ag%2F&ul=de-de&de=UTF-8&dt=Home%20-%20Democratic%20Attorneys%20General%20Association&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=59237927&gjid=1816952018&cid=1820337151.1721153477&tid=UA-152621184-1&_gid=309280609.1721153477&_r=1&gtm=457e4790za200zb841931166&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=0&jsscut=1&npa=1&z=1633826980

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 16 Jul 2024 18:11:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dems.ag
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 683722869167845 Show response
connect.facebook.net/signals/config/ 68 KB
14 KB 110ms
109ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/683722869167845?v=2.9.161&r=stable&domain=dems.ag&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2f7ca090c76b4399e0c5745ad655162683b765377411b0c52e3871e92db66309

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 16 Jul 2024 18:11:17 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=66, mss=1297, tbw=64182, tp=-1, tpl=-1, uplat=69, ullat=0
pragma: public
x-fb-debug: C2rhEJKXuQdZB1MICh1KoenJspqdT14fAHywoYxv0w66oXA5KEYDpHy4ROr8gIDy/TvYuKj4V4iLqq/264zT6Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 saq_pxl Show response
tags.srv.stackadapt.com/ 94 B
281 B 132ms
131ms XHR
text/plain 3.121.91.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=cw3_IeIiU2oS4YDxCQsl3g&is_js=true&landing_url=https%3A%2F%2Fdems.ag%2F&t=Home%20-%20Democratic%20Attorneys%20General%20Association&tip=yn2iwZDdJQSDllrYLw3HE9Qbhos-9AiaFQH_HKg9Pgo&host=https%3A%2F%2Fdems.ag&sa_conv_data_css_value=%270-947c4ecf-fc70-56a6-5493-51199a22cfca%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd9947c4ecffc7056a6549351199a22cfca50ff0777&l_src=&l_src_d=&u_src=&u_src_d=&shop=false&sa-user-id-v3=s%253AAQAKIELfWlMLwzqt5FmxEKoBO4F3i--iAFHwt0xfxQIKvOaSENYBGAQgxO_atAYwAToErI9ciEIEqeWOPw.SGUiSkM3eOrkQqcx4n1%252FYTaTbekmRuCvqvqRUr6zdJE&sa-user-id-v2=s%253AlHxOz_xwVqZUk1EZmiLPylD_B3c.9VK3mlNiRs%252B8VDBXsqLJlMejxNzRWb4GwNjGhlfSCug&sa-user-id=s%253A0-947c4ecf-fc70-56a6-5493-51199a22cfca.0d3g2lv9q3kHb%252FdDxc7R2btxS%252FKO9khNCc%252FT2LGmgfA
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.121.91.221 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-91-221.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: https://dems.ag
date: Tue, 16 Jul 2024 18:11:17 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 94
access-control-allow-methods: GET
content-type: text/plain; charset=utf-8

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 124ms
39ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=683722869167845&ev=PageView&dl=https%3A%2F%2Fdems.ag%2F&rl=&if=false&ts=1721153477527&sw=1600&sh=1200&v=2.9.161&r=stable&ec=0&o=4126&fbp=fb.1.1721153477525.909769060201710064&cs_est=true&ler=empty&cdl=API_unavailable&it=1721153477397&coo=false&rqm=GET

Requested by

Host: dems.ag
URL: https://dems.ag/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=36, rtx=0, c=10, mss=1297, tbw=2775, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 16 Jul 2024 18:11:17 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
4 KB 290ms
206ms Image
image/png 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=683722869167845&ev=PageView&dl=https%3A%2F%2Fdems.ag%2F&rl=&if=false&ts=1721153477527&sw=1600&sh=1200&v=2.9.161&r=stable&ec=0&o=4126&fbp=fb.1.1721153477525.909769060201710064&cs_est=true&ler=empty&cdl=API_unavailable&it=1721153477397&coo=false&rqm=FGET

Requested by

Host: dems.ag
URL: https://dems.ag/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x69f771b0002add2d","source_keys":["1","2"]},{"key_piece":"0x2406164326f5998b","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Tue, 16 Jul 2024 18:11:17 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7392297896676629576", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=36, rtx=0, c=10, mss=1297, tbw=3093, tp=-1, tpl=-1, uplat=167, ullat=0
pragma: no-cache
x-fb-debug: TPTWN57C1xRGBkPEnAJjpojL8MnRsBi2yq8KYQ8qyRxP6FOgaOzh0mbQnivfLjzM0KXHqMiXB08zBm0/YhwXcQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7392297896676629576"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET identity
fastaction.ngpvan.com/api/v2/ 0
0

GET
H2 200 F0FbMqMdu02IxogaZwEmdA2
secure.ngpvan.com/v1/Track/ 0
128 B 157ms
156ms Image
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.ngpvan.com/v1/Track/F0FbMqMdu02IxogaZwEmdA2?formSessionId=90706d40-2e31-4fdd-94ca-416fa1505b5a&bName=chrome&dType=desktop&formVersion=7/15/2024%202:51:05%20PM|4/4/2024%207:28:00%20PM&fUrl=aHR0cHM6Ly9kZW1zLmFnLw%3D%3D&fRef=

Requested by

Host: dems.ag
URL: https://dems.ag/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: -1
pragma: no-cache
date: Tue, 16 Jul 2024 18:11:17 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-cdn: Imperva
x-frame-options: SAMEORIGIN
x-iinfo: 13-243794063-243794075 PNNN RT(1721153476549 516) q(0 0 0 -1) r(1 1) U2
access-control-expose-headers: Request-Context
cache-control: no-cache
content-length: 0
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H2 200 F0FbMqMdu02IxogaZwEmdA2
secure.ngpvan.com/v1/Track/ 0
104 B 152ms
151ms Image
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.ngpvan.com/v1/Track/F0FbMqMdu02IxogaZwEmdA2?formSessionId=395db6e7-08e0-4065-842e-0609a84d8c8b&bName=chrome&dType=desktop&formVersion=7/15/2024%202:51:05%20PM|4/4/2024%207:28:00%20PM&fUrl=aHR0cHM6Ly9kZW1zLmFnLw%3D%3D&fRef=

Requested by

Host: dems.ag
URL: https://dems.ag/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: -1
pragma: no-cache
date: Tue, 16 Jul 2024 18:11:17 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-cdn: Imperva
x-frame-options: SAMEORIGIN
x-iinfo: 13-243794063-243794075 PNNN RT(1721153476549 526) q(0 0 0 -1) r(1 1) U2
access-control-expose-headers: Request-Context
cache-control: no-cache
content-length: 0
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H2 200 favicon-32x32.png
dems.ag/wp-content/themes/daga/favicon/ 2 KB
2 KB 135ms
134ms Other
image/png 104.196.131.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dems.ag/wp-content/themes/daga/favicon/favicon-32x32.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.131.29 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.131.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0cfe7289fb771211ec4b46c2369dca04446c8730542347c22243e43324b941a1

Request headers

Referer: https://dems.ag/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 18:11:18 GMT
last-modified: Fri, 25 Mar 2022 14:11:13 GMT
server: nginx
etag: "623dcd81-70f"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1807

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fastaction.ngpvan.com
URL: https://fastaction.ngpvan.com/api/v2/identity

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
tags.srv.stackadapt.com/	1970-01-21 06:51:29	Name: sa-user-id Value: s%3A0-947c4ecf-fc70-56a6-5493-51199a22cfca.0d3g2lv9q3kHb%2FdDxc7R2btxS%2FKO9khNCc%2FT2LGmgfA
.srv.stackadapt.com/	1970-01-21 06:51:29	Name: sa-user-id Value: s%3A0-947c4ecf-fc70-56a6-5493-51199a22cfca.0d3g2lv9q3kHb%2FdDxc7R2btxS%2FKO9khNCc%2FT2LGmgfA
tags.srv.stackadapt.com/	1970-01-21 06:51:29	Name: sa-user-id-v2 Value: s%3AlHxOz_xwVqZUk1EZmiLPylD_B3c.9VK3mlNiRs%2B8VDBXsqLJlMejxNzRWb4GwNjGhlfSCug
.srv.stackadapt.com/	1970-01-21 06:51:29	Name: sa-user-id-v2 Value: s%3AlHxOz_xwVqZUk1EZmiLPylD_B3c.9VK3mlNiRs%2B8VDBXsqLJlMejxNzRWb4GwNjGhlfSCug
tags.srv.stackadapt.com/	1970-01-21 06:51:29	Name: sa-user-id-v3 Value: s%3AAQAKIELfWlMLwzqt5FmxEKoBO4F3i--iAFHwt0xfxQIKvOaSENYBGAQgxO_atAYwAToErI9ciEIEqeWOPw.SGUiSkM3eOrkQqcx4n1%2FYTaTbekmRuCvqvqRUr6zdJE
.srv.stackadapt.com/	1970-01-21 06:51:29	Name: sa-user-id-v3 Value: s%3AAQAKIELfWlMLwzqt5FmxEKoBO4F3i--iAFHwt0xfxQIKvOaSENYBGAQgxO_atAYwAToErI9ciEIEqeWOPw.SGUiSkM3eOrkQqcx4n1%2FYTaTbekmRuCvqvqRUr6zdJE
dems.ag/	1970-01-21 06:51:29	Name: sa-user-id Value: s%253A0-947c4ecf-fc70-56a6-5493-51199a22cfca.0d3g2lv9q3kHb%252FdDxc7R2btxS%252FKO9khNCc%252FT2LGmgfA
dems.ag/	1970-01-21 06:51:29	Name: sa-user-id-v2 Value: s%253AlHxOz_xwVqZUk1EZmiLPylD_B3c.9VK3mlNiRs%252B8VDBXsqLJlMejxNzRWb4GwNjGhlfSCug
dems.ag/	1970-01-21 06:51:29	Name: sa-user-id-v3 Value: s%253AAQAKIELfWlMLwzqt5FmxEKoBO4F3i--iAFHwt0xfxQIKvOaSENYBGAQgxO_atAYwAToErI9ciEIEqeWOPw.SGUiSkM3eOrkQqcx4n1%252FYTaTbekmRuCvqvqRUr6zdJE
.dems.ag/	1970-01-21 00:15:29	Name: _gcl_au Value: 1.1.2021809410.1721153477
.dems.ag/	1970-01-21 07:41:53	Name: _ga_C0KC0QE7ES Value: GS1.1.1721153477.1.0.1721153477.0.0.0
dems.ag/	1969-12-31 23:59:59	Name: wp-wpml_current_language Value: en
.dems.ag/	1970-01-21 07:41:53	Name: _ga Value: GA1.2.1820337151.1721153477
.dems.ag/	1970-01-20 22:07:19	Name: _gid Value: GA1.2.309280609.1721153477
.dems.ag/	1970-01-20 22:05:53	Name: _gat_gtag_UA_152621184_1 Value: 1
.dems.ag/	1970-01-21 06:51:29	Name: _hjSessionUser_3929513 Value: eyJpZCI6Ijk1MzNiZThhLWQzNzAtNTE2Yi05MWRkLTIxMzM1MjAyZTg2MiIsImNyZWF0ZWQiOjE3MjExNTM0NzczODQsImV4aXN0aW5nIjpmYWxzZX0=
.dems.ag/	1970-01-20 22:05:55	Name: _hjSession_3929513 Value: eyJpZCI6Ijc2NmZkODgxLThkZmMtNGU1OC1hMzIyLTdmMDBhZDkzNWVmYiIsImMiOjE3MjExNTM0NzczODUsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.dems.ag/	1970-01-21 00:15:29	Name: _fbp Value: fb.1.1721153477525.909769060201710064
.ngpvan.com/	1970-01-21 06:50:18	Name: visid_incap_1002065 Value: RyGfS36FSnysSgOjOgAePcS3lmYAAAAAQUIPAAAAAADbUbofQ1kPLAszFiBHfmZ6
.ngpvan.com/	1969-12-31 23:59:59	Name: nlbi_1002065 Value: 1IbsGpInTk7W0z7z0IOYSwAAAADSTMbxasVwawqdjVLOj5Yh
.ngpvan.com/	1969-12-31 23:59:59	Name: incap_ses_108_1002065 Value: NLiSOYFJmXBeAfFOcrF/AcS3lmYAAAAAIUNamVUtMf4SuTfQi5x8SA==

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://dems.ag/ Message: Access to XMLHttpRequest at 'https://fastaction.ngpvan.com/api/v2/identity' from origin 'https://dems.ag' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://fastaction.ngpvan.com/api/v2/identity Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
dems.ag
fastaction.ngpvan.com
fonts.googleapis.com
fonts.gstatic.com
js.verygoodvault.com
profile.ngpvan.com
region1.google-analytics.com
script.hotjar.com
secure.ngpvan.com
static.everyaction.com
static.hotjar.com
tags.srv.stackadapt.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
fastaction.ngpvan.com
104.196.131.29
18.66.192.125
18.66.192.81
2001:4860:4802:34::36
2600:9000:26db:4e00:3:1d53:4780:93a1
2a00:1450:4001:813::2003
2a00:1450:4001:81d::2008
2a00:1450:4001:829::200a
2a00:1450:4001:831::200e
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
3.121.91.221
45.60.33.183
54.230.228.47
078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4
0af53c307e0c24070ce7b3f2cf4d77dc60a5ed3b389c05d776b605911242ae66
0b3a8a9a88333110f24564f4fd7ae1160ae02fd4499f24631d2c8727f5d0bdfb
0cfe7289fb771211ec4b46c2369dca04446c8730542347c22243e43324b941a1
0eb2ce95540f86ca861f7d0cdc69c6fe2ca70aadc3994351a0cc1c3f1fa60e3f
10d85eada027b2fa6575676a3816054bd584e45b0624bcfac005a1089dc70811
18a42900ff88be3bff6dbd969627128a388aa86ee0d4610d7eb57c976f4ddabf
20be9b3c63a01d921697a0ef1c1596f647678498eefe6dc508e2363be25277f8
22a79f1fbcc70373c7021bae2164d9232d1e9dd3c6a163df9f9f54070e5f6b50
2302443e0fb551886e9486df2ee027a958110280edb9530f64e64a7b25f09077
25a37c10873cce67ce186a14f8c641bb5d08bafc78f9f6482c111df69e7a347b
2f7ca090c76b4399e0c5745ad655162683b765377411b0c52e3871e92db66309
30d947046d83a709a5545f69a5ce4b3fb85d321385f2989bc3edd10ee97c1a51
38ef59af3bd3d40b320f64f5b59e91cfeea2af6919059da24da1ceb0861d2313
3ae6e4decd4fb974b41b2f37fa7b19c7a1c9b80127dd45be4bc24702c7145a4c
3e657027675631828ba5d7a70e651b22acc3c58f9e8052a64a9c38e968a37a51
47247cf32c064515cfe48b9783072ab2b670ba87617c9ae171f36364bbafe0f0
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
575b2165304d899b7001ab593aeee31b371a46aee8b899c22a87ab9313389eda
58c855e7eb9b917e71e6b733e73c542c25bacb986f3ba7df2be1570200312135
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
619feac205d68f6356fcad13d6758533011a8acc7830e3deb0f763249d7516c0
688dc53b2c4c4af881abb52a9e4ea0d43af1f9d585308b862905cd09edaceb59
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
736cb7ea03bc8e47318e682fadee09429046519d9bb76dd5b566dd01caabbb5f
7f4396dc7fdba52353c5d5672fd6ee73ee3a0eef49320f607278d6edf85e173c
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
8a7f371261d330b7309c6e1f0fa99143d2150b22e8ee25b096aad3568dc4eff8
8d0d0251614e63c66de207727d86c379393085caba768da7e9c8277c5abc43b7
8d78565b7fe4bbb7b2cd0ee35f0fb8a62be3c3bbb17da17b4b44662cb45484d2
9d7ef3a04d7374047b37d4723c483216b9e71501b0d1ae0671faaaea8d05d81a
a52f09d890996c427e371c89532e3c94a9e64a410b3f98c41e86918ef69bf734
a54be57c482e85ead7bf3126b3a406f7acfbb270b59d49fc6e208391fdc4979c
a71a46320dfa40f73c07696f24e812c3ba767abbfc46cb25d48bd14e9f10f97b
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
adaa391278f86124ee0f2d353bcb1052cfbaebf561a539aad1434a592ade3fde
b79f63ad8c2922c5d8205b8bbc8f94dc8c58467a54c3b5afef7d755aaf854d72
b9b4723e1725fca810a905f00cd53a5bb0e56901b9331973f1cd17d07712d181
c1268697ea33539c50e002c91473cb72a53d5daceea868d8c7dc5293d9bcf558
c444a395f548f4915ab1482df66afbe23c5ec9b704453d2094848792cf042591
c4832b19dd5406ac0855426096610e532861e94c65819651ada45299002455de
d3bceeb8641c6ed8aa062b774cd7c7bd1e745946e1ad8d78a5288429dd8cce24
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df4331419c5578a5d9187c0ffc11f5394258607985fdfeca7bd0a1558f7d01d6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb172a969ec73d1113589ab8f3bb2272d7803b0f829d213f68c5e734011fd79b
f093fd5a8986da44843edd1db43ece4fe71c3e73193a4108b57eba0b7df27d14
f61bb76f0258bb04f6e755806267ee945db59a6349b1a2815f3646614868c1db
fa50b4cc65700096c197f39fcc8809a4e2c5baa93dba34269af73aa932394879
fe0d3bed187d8ffdf78c72929ffe93285cd8fe6d04191d20d94279fe3a9ae888

dems.ag Open in urlscan Pro 104.196.131.29 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

60 Requests

97 %HTTPS

57 %IPv6

12 Domains

16 Subdomains

15 IPs

2 Countries

2344 kBTransfer

5351 kBSize

21 Cookies

9 Outgoing links

Page URL History

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

dems.ag Open in urlscan Pro
104.196.131.29 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

97 %
HTTPS

57 %
IPv6

12
Domains

16
Subdomains

15
IPs

2
Countries

2344 kB
Transfer

5351 kB
Size

21
Cookies

60 HTTP transactions
0 data transactions