urlscan.io logo urlscan.io
SecurityTrails logo

dems.ag Open in urlscan Pro
141.193.213.11  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://democraticags.org/
Effective URL: https://dems.ag/
Submission: On September 28 via api from TW — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 1 countries across 14 domains to perform 58 HTTP transactions. The main IP is 141.193.213.11, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is dems.ag.
TLS certificate: Issued by E5 on September 23rd 2024. Valid for: 3 months.
This is the only time dems.ag was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 104.196.131.29 15169 (GOOGLE)
24 141.193.213.11 209242 (CLOUDFLAR...)
9 172.217.222.97 15169 (GOOGLE)
3 18.173.219.58 16509 (AMAZON-02)
1 172.217.197.95 15169 (GOOGLE)
3 74.125.192.138 15169 (GOOGLE)
4 3.225.234.29 14618 (AMAZON-AES)
1 13.33.252.92 16509 (AMAZON-02)
1 142.251.174.94 15169 (GOOGLE)
2 157.240.229.1 32934 (FACEBOOK)
1 52.85.61.102 16509 (AMAZON-02)
4 45.60.31.183 19551 (INCAPSULA)
1 18.164.96.87 16509 (AMAZON-02)
2 157.240.229.35 32934 (FACEBOOK)
1 18.164.96.52 16509 (AMAZON-02)
58 15
1    104.196.131.29 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 29.131.196.104.bc.googleusercontent.com
democraticags.org
24    141.193.213.11 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
dems.ag
9    172.217.222.97 (United States)

ASN15169 (GOOGLE, US)
PTR: qi-in-f97.1e100.net
www.googletagmanager.com
3    18.173.219.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-219-58.jfk52.r.cloudfront.net
static.everyaction.com
1    172.217.197.95 (United States)

ASN15169 (GOOGLE, US)
PTR: qa-in-f95.1e100.net
fonts.googleapis.com
3    74.125.192.138 (United States)

ASN15169 (GOOGLE, US)
PTR: qn-in-f138.1e100.net
www.google-analytics.com
4    3.225.234.29 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-234-29.compute-1.amazonaws.com
tags.srv.stackadapt.com
1    13.33.252.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-252-92.jfk50.r.cloudfront.net
static.hotjar.com
1    142.251.174.94 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: qc-in-f94.1e100.net
fonts.gstatic.com
2    157.240.229.1 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-iad3.fbcdn.net
connect.facebook.net
1    52.85.61.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-102.ewr53.r.cloudfront.net
js.verygoodvault.com
4    45.60.31.183 (United States)

ASN19551 (INCAPSULA, US)
secure.ngpvan.com
1    18.164.96.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-87.jfk50.r.cloudfront.net
script.hotjar.com
2    157.240.229.35 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-iad3.facebook.com
www.facebook.com
1    18.164.96.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-52.jfk50.r.cloudfront.net
vc.hotjar.io
Apex Domain
Subdomains		 Transfer
24 dems.ag
dems.ag
1 MB
9 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 57
263 KB
4 ngpvan.com
secure.ngpvan.com — Cisco Umbrella Rank: 236540
2 KB
4 stackadapt.com
tags.srv.stackadapt.com — Cisco Umbrella Rank: 3026
10 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
21 KB
3 everyaction.com
static.everyaction.com — Cisco Umbrella Rank: 68282
267 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 112
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 196
72 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 957
script.hotjar.com — Cisco Umbrella Rank: 1386
61 KB
1 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 3537
230 B
1 verygoodvault.com
js.verygoodvault.com — Cisco Umbrella Rank: 30814
44 KB
1 gstatic.com
fonts.gstatic.com
47 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
1 KB
1 democraticags.org
democraticags.org
229 B
58 14
Domain Requested by
24 dems.ag dems.ag
9 www.googletagmanager.com dems.ag
www.googletagmanager.com
4 secure.ngpvan.com static.everyaction.com
dems.ag
4 tags.srv.stackadapt.com dems.ag
tags.srv.stackadapt.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 static.everyaction.com dems.ag
static.everyaction.com
2 www.facebook.com dems.ag
2 connect.facebook.net dems.ag
connect.facebook.net
1 vc.hotjar.io script.hotjar.com
1 script.hotjar.com static.hotjar.com
1 js.verygoodvault.com static.everyaction.com
1 fonts.gstatic.com fonts.googleapis.com
1 static.hotjar.com dems.ag
1 fonts.googleapis.com dems.ag
1 democraticags.org 1 redirects
58 15

This site contains links to these domains. Also see Links.

Domain
secure.actblue.com
twitter.com
www.facebook.com
www.instagram.com
www.youtube.com
Subject Issuer Validity Valid
dems.ag
E5		 2024-09-23 -
2024-12-22		 3 months crt.sh
*.google-analytics.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
static.everyaction.com
Amazon RSA 2048 M03		 2024-04-08 -
2025-05-07		 a year crt.sh
upload.video.google.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
*.srv.stackadapt.com
Amazon RSA 2048 M03		 2024-08-09 -
2025-09-06		 a year crt.sh
*.hotjar.com
Amazon RSA 2048 M03		 2024-05-22 -
2025-06-20		 a year crt.sh
*.gstatic.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-07-07 -
2024-10-05		 3 months crt.sh
*.verygoodvault.com
Amazon RSA 2048 M02		 2023-12-19 -
2025-01-16		 a year crt.sh
*.ngpvan.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-11-07 -
2024-11-06		 a year crt.sh
*.hotjar.io
Amazon ECDSA 256 M02		 2024-02-07 -
2025-03-08		 a year crt.sh

This page contains 1 frames:

Primary Page: https://dems.ag/
Frame ID: F153D0E532CA37C2122C07F5F34E519A
Requests: 57 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home - Democratic Attorneys General Association

Page URL History Show full URLs

  1. http://democraticags.org/ HTTP 307
    https://democraticags.org/ HTTP 301
    https://dems.ag/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

58
Requests

98 %
HTTPS

0 %
IPv6

14
Domains

15
Subdomains

15
IPs

1
Countries

2191 kB
Transfer

4096 kB
Size

20
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://democraticags.org/ HTTP 307
    https://democraticags.org/ HTTP 301
    https://dems.ag/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

58 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
dems.ag/
Redirect Chain
  • http://democraticags.org/
  • https://democraticags.org/
  • https://dems.ag/
37 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dems.ag/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / WP Engine
Resource Hash
e8550116b105ab1dda412fa8d972aabc37ffde2d975369b054f85bfcb869d063

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
max-age=600, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8ca00a6e4be9a253-YYZ
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 28 Sep 2024 01:43:07 GMT
link
<https://dems.ag/wp-json/>; rel="https://api.w.org/" <https://dems.ag/wp-json/wp/v2/pages/148>; rel="alternate"; title="JSON"; type="application/json" <https://dems.ag/>; rel=shortlink
server
cloudflare
vary
Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
HIT: 2
x-cache-group
normal
x-cacheable
SHORT
x-powered-by
WP Engine

Redirect headers

cache-control
max-age=600, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 28 Sep 2024 01:43:06 GMT
expires
Sat, 28 Sep 2024 02:26:20 GMT
location
https://dems.ag/
server
nginx
x-cache
HIT: 1
x-cache-group
normal
x-cacheable
non200
x-powered-by
WP Engine
x-redirect-by
WordPress
style.css
dems.ag/wp-content/themes/daga/ 		82 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dems.ag/wp-content/themes/daga/style.css?ver=1.0.1
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
32526bffc26a3a0a4d7283d2e971eba2a1a9102799da3ac6560ef24a95478e43

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"6699b98f-147b4"
cf-ray
8ca00a6fed54a253-YYZ
access-control-allow-origin
*
date
Sat, 28 Sep 2024 01:43:07 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Fri, 19 Jul 2024 00:55:43 GMT
js
www.googletagmanager.com/gtag/ 		214 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-152621184-1
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.222.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
8d30c239297a0e1a02b34235151a3af763158eede37271f0b450441bb02bbb82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sat, 28 Sep 2024 01:43:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Sep 2024 01:43:07 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sat, 28 Sep 2024 00:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
78561
x-xss-protection
0
server
Google Tag Manager
homepage-desktop.jpg
dems.ag/wp-content/uploads/2022/03/ 		900 KB
901 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dems.ag/wp-content/uploads/2022/03/homepage-desktop.jpg
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f825f8c1bcadeb617528a460f8bed506345bff6d0aa9596f28b87dfbbdc52d58

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

cache-control
public, max-age=31536000
cf-bgj
imgq:100,h2pri
etag
"6231fc77-e922d"
cf-cache-status
HIT
cf-ray
8ca00a6fed55a253-YYZ
accept-ranges
bytes
access-control-allow-origin
*
cf-polished
origSize=954925
content-length
921432
date
Sat, 28 Sep 2024 01:43:07 GMT
content-type
image/jpeg
last-modified
Wed, 16 Mar 2022 15:04:23 GMT
vary
Accept-Encoding
server
cloudflare
at.js
static.everyaction.com/ea-actiontag/ 		835 KB
241 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.everyaction.com/ea-actiontag/at.js
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-58.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6e8a1f67acae64fc684bb86352bd299bead015c7a97bf527244f7a79b2b71f79

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://dems.ag
Referer
https://dems.ag/

Response headers

access-control-max-age
3000
content-encoding
gzip
etag
"867f29f2d1a82d05493f65c1fe990970"
age
22080
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
HiFIv8ThIGjtYPA1xDyPpuKCp_3FH_q87VGkVQYJ8b1giEFwztFWSA==
date
Fri, 27 Sep 2024 19:35:08 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 17 Sep 2024 14:34:05 GMT
cache-control
max-age=900, s-maxage=86400, public
via
1.1 1461aa0cc0d6d2fb29baf25a00e64194.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
245537
x-amz-cf-pop
JFK52-P1
server
AmazonS3
x-amz-server-side-encryption
AES256
at.min.css
static.everyaction.com/ea-actiontag/ 		59 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.everyaction.com/ea-actiontag/at.min.css
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-58.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cad32c58f653cd5aab042f97017dcd8e86a44cbad12adc1422e9f60af68c25d6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

access-control-max-age
3000
content-encoding
gzip
etag
"13cc3bd6b0384d03ad93f2f71d046259"
age
10417
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
qCbW8_MxidyL6WTbQNvY45BQfzz0VcQHHGKH7w9reL1-ZRAD5IXDcA==
date
Fri, 27 Sep 2024 22:49:31 GMT
content-type
text/css; charset=utf-8
last-modified
Tue, 17 Sep 2024 14:34:05 GMT
cache-control
max-age=900, s-maxage=86400, public
via
1.1 078fe53d3a4b452fe5cde4b5d9596b0e.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
11716
x-amz-cf-pop
JFK52-P1
server
AmazonS3
x-amz-server-side-encryption
AES256
Website-Headshots-Ford.jpg
dems.ag/wp-content/uploads/2024/02/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dems.ag/wp-content/uploads/2024/02/Website-Headshots-Ford.jpg
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fc5e8a20bac765f6e6c5561f28bbad7b7302bf3009b2910e0070b7b27a95fd8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

cache-control
public, max-age=31536000
cf-bgj
imgq:100,h2pri
etag
"65cd2df4-d34f"
age
10263
cf-cache-status
HIT
cf-ray
8ca00a724816a253-YYZ
accept-ranges
bytes
access-control-allow-origin
*
cf-polished
origSize=54095
content-length
51119
date
Sat, 28 Sep 2024 01:43:07 GMT
content-type
image/jpeg
last-modified
Wed, 14 Feb 2024 21:17:40 GMT
vary
Accept-Encoding
server
cloudflare
Website-Headshots-Jennings.jpg
dems.ag/wp-content/uploads/2024/02/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dems.ag/wp-content/uploads/2024/02/Website-Headshots-Jennings.jpg
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fbffd71285d5ce0463e13b8158978a198849b086c26dead89c6062dbb4bfddb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

cache-control
public, max-age=31536000
cf-bgj
imgq:100,h2pri
etag
"65cd2df4-afbe"
age
10263
cf-cache-status
HIT
cf-ray
8ca00a724817a253-YYZ
accept-ranges
bytes
access-control-allow-origin
*
cf-polished
origSize=44990
content-length
42232
date
Sat, 28 Sep 2024 01:43:07 GMT
content-type
image/jpeg
last-modified
Wed, 14 Feb 2024 21:17:40 GMT
vary
Accept-Encoding
server
cloudflare
Website-Headshots-Ellison.jpg
dems.ag/wp-content/uploads/2024/02/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dems.ag/wp-content/uploads/2024/02/Website-Headshots-Ellison.jpg
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
39494eaf8540d7aed130e68f3f9ec865cc25d987c174046cb4cb6f3fd4bc4be8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

cache-control
public, max-age=31536000
cf-bgj
imgq:100,h2pri
etag
"65cd2a83-bb0f"
age
10257
cf-cache-status
HIT
cf-ray
8ca00a72481aa253-YYZ
accept-ranges
bytes
access-control-allow-origin
*
cf-polished
origSize=47887
content-length
44805
date
Sat, 28 Sep 2024 01:43:07 GMT
content-type
image/jpeg
last-modified
Wed, 14 Feb 2024 21:02:59 GMT
vary
Accept-Encoding
server
cloudflare
Website-Headshots-Raoul.jpg
dems.ag/wp-content/uploads/2024/02/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dems.ag/wp-content/uploads/2024/02/Website-Headshots-Raoul.jpg
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
db04c86ad3bc46d16b82b6d9ce6b6174ec8e839b8ef5d1a875bcf2852a6e9a71

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

cache-control
public, max-age=31536000
cf-bgj
imgq:100,h2pri
etag
"65cd2cd2-cbd1"
age
10263
cf-cache-status
HIT
cf-ray
8ca00a72481ea253-YYZ
accept-ranges
bytes
access-control-allow-origin
*
cf-polished
origSize=52177
content-length
48785
date
Sat, 28 Sep 2024 01:43:07 GMT
content-type
image/jpeg
last-modified
Wed, 14 Feb 2024 21:12:50 GMT
vary
Accept-Encoding
server
cloudflare
Website-Headshots-Campbell.jpg
dems.ag/wp-content/uploads/2022/09/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dems.ag/wp-content/uploads/2022/09/Website-Headshots-Campbell.jpg
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd0f34c8c78b19b7a19090b79b8b81dcda22cb5ea90c6dd14f5abea5e67f3306

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

cache-control
public, max-age=31536000
cf-bgj
imgq:100,h2pri
etag
"645951b6-af70"
age
10263
cf-cache-status
HIT
cf-ray
8ca00a724822a253-YYZ
accept-ranges
bytes
access-control-allow-origin
*
cf-polished
origSize=44912
content-length
42486
date
Sat, 28 Sep 2024 01:43:07 GMT
content-type
image/jpeg
last-modified
Mon, 08 May 2023 19:47:02 GMT
vary
Accept-Encoding
server
cloudflare
Website-Headshots-Bonta.jpg
dems.ag/wp-content/uploads/2024/02/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dems.ag/wp-content/uploads/2024/02/Website-Headshots-Bonta.jpg
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c009d46ad59d5e552af2aea6c3072d7fe5f33034a44c855e4754fa0f72cb7af

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

cache-control
public, max-age=31536000
cf-bgj
imgq:100,h2pri
etag
"65cd2d64-b6f7"
age
10263
cf-cache-status
HIT
cf-ray
8ca00a724823a253-YYZ
accept-ranges
bytes
access-control-allow-origin
*
cf-polished
origSize=46839
content-length
44397
date
Sat, 28 Sep 2024 01:43:07 GMT
content-type
image/jpeg
last-modified
Wed, 14 Feb 2024 21:15:16 GMT
vary
Accept-Encoding
server
cloudflare
Website-Headshots-Rosenblum.jpg
dems.ag/wp-content/uploads/2024/02/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dems.ag/wp-content/uploads/2024/02/Website-Headshots-Rosenblum.jpg
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c6764b994fc6d19f5aa48ba15956f0731a5172c4de07d2488a1c223868b58af

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

cache-control
public, max-age=31536000
cf-bgj
imgq:100,h2pri
etag
"65cd2898-bce8"
age
10263
cf-cache-status
HIT
cf-ray
8ca00a724825a253-YYZ
accept-ranges
bytes
access-control-allow-origin
*
cf-polished
origSize=48360
content-length
45877
date
Sat, 28 Sep 2024 01:43:07 GMT
content-type
image/jpeg
last-modified
Wed, 14 Feb 2024 20:54:48 GMT
vary
Accept-Encoding
server
cloudflare
5.4.23-Website-Icons-05-aspect-ratio-13-10.jpg
dems.ag/wp-content/uploads/2023/06/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dems.ag/wp-content/uploads/2023/06/5.4.23-Website-Icons-05-aspect-ratio-13-10.jpg
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
98e596c6c2b3eee4ac1937072fea9c643794b701308b60adc36b767ee8545392

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

cache-control
public, max-age=31536000
cf-bgj
imgq:100,h2pri
etag
"6487321f-5305"
cf-cache-status
HIT
cf-ray
8ca00a724826a253-YYZ
accept-ranges
bytes
access-control-allow-origin
*
cf-polished
origSize=21253
content-length
18210
date
Sat, 28 Sep 2024 01:43:07 GMT
content-type
image/jpeg
last-modified
Mon, 12 Jun 2023 14:56:31 GMT
vary
Accept-Encoding
server
cloudflare
5.4.23-Website-Icons-06-aspect-ratio-13-10.jpg
dems.ag/wp-content/uploads/2023/06/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dems.ag/wp-content/uploads/2023/06/5.4.23-Website-Icons-06-aspect-ratio-13-10.jpg
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
be5a87773af2ae635efc8356c8281457b310511cce556822ef0bd28a35ad8c01

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

cache-control
public, max-age=31536000
cf-bgj
imgq:100,h2pri
etag
"6487324f-5b55"
age
10263
cf-cache-status
HIT
cf-ray
8ca00a724827a253-YYZ
accept-ranges
bytes
access-control-allow-origin
*
cf-polished
origSize=23381
content-length
20115
date
Sat, 28 Sep 2024 01:43:07 GMT
content-type
image/jpeg
last-modified
Mon, 12 Jun 2023 14:57:19 GMT
vary
Accept-Encoding
server
cloudflare
5.4.23-Website-Icons-12-aspect-ratio-13-10.jpg
dems.ag/wp-content/uploads/2023/06/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dems.ag/wp-content/uploads/2023/06/5.4.23-Website-Icons-12-aspect-ratio-13-10.jpg
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
120f82490e19609333eee4140b8c882dd2c8fabc938410a4539de297e6b12f85

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

cache-control
public, max-age=31536000
cf-bgj
imgq:100,h2pri
etag
"6487321f-57ab"
age
2473
cf-cache-status
HIT
cf-ray
8ca00a72784fa253-YYZ
accept-ranges
bytes
access-control-allow-origin
*
cf-polished
origSize=22443
content-length
18894
date
Sat, 28 Sep 2024 01:43:07 GMT
content-type
image/jpeg
last-modified
Mon, 12 Jun 2023 14:56:31 GMT
vary
Accept-Encoding
server
cloudflare
5.4.23-Website-Icons-04-aspect-ratio-13-10.jpg
dems.ag/wp-content/uploads/2023/06/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dems.ag/wp-content/uploads/2023/06/5.4.23-Website-Icons-04-aspect-ratio-13-10.jpg
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b40277966ab293d963c0af593ac6a65352e3c29465929982c9c4785e487b331b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

cache-control
public, max-age=31536000
cf-bgj
imgq:100,h2pri
etag
"6487321f-57b3"
age
10262
cf-cache-status
HIT
cf-ray
8ca00a727850a253-YYZ
accept-ranges
bytes
access-control-allow-origin
*
cf-polished
origSize=22451
content-length
18550
date
Sat, 28 Sep 2024 01:43:07 GMT
content-type
image/jpeg
last-modified
Mon, 12 Jun 2023 14:56:31 GMT
vary
Accept-Encoding
server
cloudflare
5.4.23-Website-Icons-11-aspect-ratio-13-10.jpg
dems.ag/wp-content/uploads/2023/06/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dems.ag/wp-content/uploads/2023/06/5.4.23-Website-Icons-11-aspect-ratio-13-10.jpg
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
18d5b551a742857bcf9fc62a7c5469a7b6d5142360268b3e2edd17d5a666ecfe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

cache-control
public, max-age=31536000
cf-bgj
imgq:100,h2pri
etag
"6487324f-5f35"
age
10262
cf-cache-status
HIT
cf-ray
8ca00a727851a253-YYZ
accept-ranges
bytes
access-control-allow-origin
*
cf-polished
origSize=24373
content-length
21130
date
Sat, 28 Sep 2024 01:43:07 GMT
content-type
image/jpeg
last-modified
Mon, 12 Jun 2023 14:57:19 GMT
vary
Accept-Encoding
server
cloudflare
5.4.23-Website-Icons-10-aspect-ratio-13-10.jpg
dems.ag/wp-content/uploads/2023/06/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dems.ag/wp-content/uploads/2023/06/5.4.23-Website-Icons-10-aspect-ratio-13-10.jpg
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a628cc5900cf4788c2ad7857a1f7987d53204ef05e71c60795b3b194a3708e7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

cache-control
public, max-age=31536000
cf-bgj
imgq:100,h2pri
etag
"6487321f-4cf2"
age
10261
cf-cache-status
HIT
cf-ray
8ca00a727852a253-YYZ
accept-ranges
bytes
access-control-allow-origin
*
cf-polished
origSize=19698
content-length
16201
date
Sat, 28 Sep 2024 01:43:07 GMT
content-type
image/jpeg
last-modified
Mon, 12 Jun 2023 14:56:31 GMT
vary
Accept-Encoding
server
cloudflare
scripts.js
dems.ag/wp-content/themes/daga/js/ 		91 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dems.ag/wp-content/themes/daga/js/scripts.js?ver=1.0.1
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d0d0251614e63c66de207727d86c379393085caba768da7e9c8277c5abc43b7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"623dcd81-16c94"
cf-ray
8ca00a72481fa253-YYZ
access-control-allow-origin
*
date
Sat, 28 Sep 2024 01:43:07 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Fri, 25 Mar 2022 14:11:13 GMT
fa31c2ea-aafb-41a7-8d2d-9a83ba174744
https://dems.ag/ 		0
0
gtm.js
www.googletagmanager.com/ 		257 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MF9XFBN
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.222.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
bca00a0e2f0587f13b0dad426da199d19cea597c311874db16c75587948dab70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Sat, 28 Sep 2024 01:43:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Sep 2024 01:43:07 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sat, 28 Sep 2024 00:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
92794
x-xss-protection
0
server
Google Tag Manager
css2
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@400;700&display=swap
Requested by
Host: dems.ag
URL: https://dems.ag/wp-content/themes/daga/style.css?ver=1.0.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.197.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qa-in-f95.1e100.net
Software
ESF /
Resource Hash
ea1ac21fa65ac3003d8b1a3fde6c30ae453782946cd8e4bc3a9643a3364cb30c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 28 Sep 2024 01:43:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Sep 2024 01:43:07 GMT
content-type
text/css; charset=utf-8
last-modified
Sat, 28 Sep 2024 00:56:37 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
js
www.googletagmanager.com/gtag/ 		269 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-C0KC0QE7ES&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-152621184-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.222.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
82100ef4e139cd2c7d7d7546357853014f3659aebee8f1c7607183cac97cff70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sat, 28 Sep 2024 01:43:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Sep 2024 01:43:07 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
96370
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-152621184-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.192.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

content-encoding
gzip
age
5253
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Sat, 28 Sep 2024 02:15:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Sep 2024 00:15:35 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
events.js
tags.srv.stackadapt.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/events.js
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.234.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-234-29.compute-1.amazonaws.com
Software
/
Resource Hash
dd8d76a04d9498f127f22a1c2f03159c26995af359157335fbe339a39ed20c41

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

access-control-allow-origin
*
cache-control
max-age=5
content-encoding
gzip
date
Sat, 28 Sep 2024 01:43:08 GMT
content-type
text/javascript
hotjar-3929513.js
static.hotjar.com/c/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-3929513.js?sv=5
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.252.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-252-92.jfk50.r.cloudfront.net
Software
/
Resource Hash
5296a70660209fdd79ab3fc20adfa4eded706568d708547d081374bdb8cccd72
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=60
content-encoding
br
etag
W/0988718aa4874da37745b9560cc5d5ed
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
x-cache-hit
1
via
1.1 04eb98a9e0ea7d312d38391a3e694d2e.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amz-cf-id
ihWFN-wTBiIbvs0k35ABVAw_W5s-b9CK6sCnZcZrxJul2sOUdaZ2hA==
date
Sat, 28 Sep 2024 01:43:08 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
x-amz-cf-pop
JFK50-P10
daga-logo.svg
dems.ag/wp-content/themes/daga/images/ 		14 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dems.ag/wp-content/themes/daga/images/daga-logo.svg
Requested by
Host: dems.ag
URL: https://dems.ag/wp-content/themes/daga/style.css?ver=1.0.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a54be57c482e85ead7bf3126b3a406f7acfbb270b59d49fc6e208391fdc4979c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dems.ag/wp-content/themes/daga/style.css?ver=1.0.1

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"623dcd81-36e0"
cf-ray
8ca00a727856a253-YYZ
access-control-allow-origin
*
date
Sat, 28 Sep 2024 01:43:07 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Fri, 25 Mar 2022 14:11:13 GMT
UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
fonts.gstatic.com/s/inter/v18/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.174.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qc-in-f94.1e100.net
Software
sffe /
Resource Hash
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://dems.ag
Referer
https://fonts.googleapis.com/

Response headers

age
322747
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 24 Sep 2025 08:04:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Sep 2024 08:04:00 GMT
last-modified
Mon, 29 Jul 2024 22:51:01 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48444
x-xss-protection
0
server
sffe
Messapia-Bold.woff2
dems.ag/wp-content/themes/daga/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dems.ag/wp-content/themes/daga/fonts/Messapia-Bold.woff2
Requested by
Host: dems.ag
URL: https://dems.ag/wp-content/themes/daga/style.css?ver=1.0.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0af53c307e0c24070ce7b3f2cf4d77dc60a5ed3b389c05d776b605911242ae66

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://dems.ag
Referer
https://dems.ag/wp-content/themes/daga/style.css?ver=1.0.1

Response headers

cache-control
public, max-age=31536000
cf-cache-status
HIT
etag
"623dcd81-3ca0"
cf-ray
8ca00a727857a253-YYZ
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
15520
date
Sat, 28 Sep 2024 01:43:07 GMT
content-type
font/woff2
last-modified
Fri, 25 Mar 2022 14:11:13 GMT
vary
Accept-Encoding
server
cloudflare
arrow-triple-navy.svg
dems.ag/wp-content/themes/daga/images/ 		319 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dems.ag/wp-content/themes/daga/images/arrow-triple-navy.svg
Requested by
Host: dems.ag
URL: https://dems.ag/wp-content/themes/daga/style.css?ver=1.0.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2302443e0fb551886e9486df2ee027a958110280edb9530f64e64a7b25f09077

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dems.ag/wp-content/themes/daga/style.css?ver=1.0.1

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"623dcd81-13f"
cf-ray
8ca00a733929a253-YYZ
access-control-allow-origin
*
date
Sat, 28 Sep 2024 01:43:08 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Fri, 25 Mar 2022 14:11:13 GMT
caret-down.svg
dems.ag/wp-content/themes/daga/images/ 		130 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dems.ag/wp-content/themes/daga/images/caret-down.svg
Requested by
Host: dems.ag
URL: https://dems.ag/wp-content/themes/daga/style.css?ver=1.0.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
47247cf32c064515cfe48b9783072ab2b670ba87617c9ae171f36364bbafe0f0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dems.ag/wp-content/themes/daga/style.css?ver=1.0.1

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"623dcd81-82"
cf-ray
8ca00a73392aa253-YYZ
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sat, 28 Sep 2024 01:43:08 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Fri, 25 Mar 2022 14:11:13 GMT
arrow-triple-white.svg
dems.ag/wp-content/themes/daga/images/ 		661 B
403 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dems.ag/wp-content/themes/daga/images/arrow-triple-white.svg
Requested by
Host: dems.ag
URL: https://dems.ag/wp-content/themes/daga/style.css?ver=1.0.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9b4723e1725fca810a905f00cd53a5bb0e56901b9331973f1cd17d07712d181

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dems.ag/wp-content/themes/daga/style.css?ver=1.0.1

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"623dcd81-295"
cf-ray
8ca00a73392ba253-YYZ
access-control-allow-origin
*
date
Sat, 28 Sep 2024 01:43:08 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Fri, 25 Mar 2022 14:11:13 GMT
fbevents.js
connect.facebook.net/en_US/ 		226 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-iad3.fbcdn.net
Software
/
Resource Hash
5ebce957851eb83517851e8613f012eb45aa4ebb6142b92c30b7d9492c874e22
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
edge-control
cache-maxage=10m
date
Sat, 28 Sep 2024 01:43:08 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=42, rtx=0, c=23, mss=1232, tbw=4449, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
kscdfxzAvxyQsmpgOkcU5RNFB1owxCuvGMVsMHAl3Kefbui+vq7ZUz2nwbQpLPAsQhYz1ZzmYR9Luk3YRBf5HQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
59131
x-xss-protection
0
collect
www.google-analytics.com/j/ 		1 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2062352323&t=pageview&_s=1&dl=https%3A%2F%2Fdems.ag%2F&ul=en-ca&de=UTF-8&dt=Home%20-%20Democratic%20Attorneys%20General%20Association&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1635483130&gjid=839745363&cid=1882114669.1727487788&tid=UA-152621184-1&_gid=1758512617.1727487788&_r=1&gtm=457e49p0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101747727&jsscut=1&z=920940013
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.192.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://dems.ag/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Sep 2024 01:43:08 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://dems.ag
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
1
server
Golfe2
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-C0KC0QE7ES&gtm=45je49p0v9139033882za200&_p=1727487787512&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101671035~101747727&cid=1882114669.1727487788&ul=en-ca&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1727487788&sct=1&seg=0&dl=https%3A%2F%2Fdems.ag%2F&dt=Home%20-%20Democratic%20Attorneys%20General%20Association&en=page_view&_fv=1&_ss=1&tfd=1413
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C0KC0QE7ES&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.192.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f138.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://dems.ag
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Sep 2024 01:43:08 GMT
content-type
text/plain
server
Golfe2
a
www.googletagmanager.com/ 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-C0KC0QE7ES&v=3&t=t&pid=357764891&cv=2&rv=49p0&tc=12&tag_exp=101671035~101747727&es=1&e=gtm.init_consent&eid=-1&h=Ag&z=0
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.222.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Sat, 28 Sep 2024 01:43:08 GMT
x-xss-protection
0
content-type
text/html
server
Google Tag Manager
a
www.googletagmanager.com/ 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-C0KC0QE7ES&v=3&t=t&pid=357764891&cv=2&rv=49p0&tc=12&tag_exp=101671035~101747727&es=1&e=gtm.init&eid=0&h=Ag&tr=1ogtgasend.1ogtreferralexclusion.1ogtsessiontimeout.1ogt1pdatav2.1ccdgafirst.1setproductsettings.1ccdgaadslink.1ccdgaregscope.1ccdconversionmarking.1ccdautoredact.1ccdgalast&ti=2ogtgasend.2ogtreferralexclusion.2ogtsessiontimeout.2ogt1pdatav2.2ccdgafirst.2setproductsettings.2ccdgaadslink.2ccdgaregscope.2ccdconversionmarking.2ccdautoredact.2ccdgalast&z=0
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.222.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Sat, 28 Sep 2024 01:43:08 GMT
x-xss-protection
0
content-type
text/html
server
Google Tag Manager
a
www.googletagmanager.com/ 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-C0KC0QE7ES&v=3&t=t&pid=357764891&cv=2&rv=49p0&tc=12&tag_exp=101671035~101747727&es=1&e=gtag.config&eid=1&u=AAAAAAAAAAAAAAAAAAAAAAE&h=Ag&tr=1gct&ti=1gct&z=0
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.222.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Sat, 28 Sep 2024 01:43:08 GMT
x-xss-protection
0
content-type
text/html
server
Google Tag Manager
wp-emoji-release.min.js
dems.ag/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dems.ag/wp-includes/js/wp-emoji-release.min.js?ver=6.6.1
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"66101b16-4926"
cf-ray
8ca00a740a9eab0a-YYZ
access-control-allow-origin
*
date
Sat, 28 Sep 2024 01:43:08 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Fri, 05 Apr 2024 15:39:02 GMT
extra.min.css
static.everyaction.com/ea-actiontag/ 		78 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.everyaction.com/ea-actiontag/extra.min.css
Requested by
Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-58.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d4b7412402d8c1482f4d5de6edb0769fcd0e9d7a88dfb3d63cc617a17e44c95b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

access-control-max-age
3000
content-encoding
gzip
etag
"4c5cac5fc24947799b837e9b4c669f3a"
age
22072
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
TwN9dqDzY2BQ4nueTKxocvWEBXUPlvs-TCz4KO1Vhmt3ckQ12PnWSg==
date
Fri, 27 Sep 2024 19:35:17 GMT
content-type
text/css; charset=utf-8
last-modified
Tue, 17 Sep 2024 14:34:05 GMT
cache-control
max-age=900, s-maxage=86400, public
via
1.1 078fe53d3a4b452fe5cde4b5d9596b0e.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
14169
x-amz-cf-pop
JFK52-P1
server
AmazonS3
x-amz-server-side-encryption
AES256
vgs-collect.js
js.verygoodvault.com/vgs-collect/2.18.4/ 		134 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.verygoodvault.com/vgs-collect/2.18.4/vgs-collect.js
Requested by
Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-102.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
575b2165304d899b7001ab593aeee31b371a46aee8b899c22a87ab9313389eda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

Content-Encoding
gzip
x-amz-version-id
jfBMjoXBTwBLxrf4sD.h_N_F9QJn5gdY
ETag
W/"156be461dd96d02fce3792c020f7748a"
Age
30
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
0yvs0wBjv3pBHYY5o1EPho8vaB8bF3Yp32HaPF2EL3eRn7BxjuOiQw==
Date
Sat, 28 Sep 2024 01:42:38 GMT
Content-Type
application/javascript
Vary
Accept-Encoding
Last-Modified
Thu, 16 Mar 2023 10:29:55 GMT
Transfer-Encoding
chunked
Cache-Control
max-age=60
Connection
keep-alive
Via
1.1 560ae23eb11e8a754d4876989783ad5e.cloudfront.net (CloudFront)
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
EWR53-P1
Server
AmazonS3
x-amz-server-side-encryption
AES256
F0FbMqMdu02IxogaZwEmdA2
secure.ngpvan.com/v1/Forms/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.ngpvan.com/v1/Forms/F0FbMqMdu02IxogaZwEmdA2
Requested by
Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
9cb5ea0a834d574435a91aae73fbfce5aa5fa7fed6bdc144371f2301050d357f
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://dems.ag/

Response headers

access-control-expose-headers
Request-Context
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 28 Sep 2024 01:43:07 GMT
content-type
application/json; charset=utf-8
vary
Origin,Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
x-iinfo
13-7184841-7184843 2NNN RT(1727487788031 46) q(0 0 0 1) r(2 2)
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
cache-control
public, max-age=10
x-cdn
Imperva
access-control-allow-credentials
true
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
access-control-allow-origin
https://dems.ag
content-length
1330
x-xss-protection
1; mode=block
F0FbMqMdu02IxogaZwEmdA2
secure.ngpvan.com/v1/Forms/ 		2 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.ngpvan.com/v1/Forms/F0FbMqMdu02IxogaZwEmdA2
Requested by
Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
9cb5ea0a834d574435a91aae73fbfce5aa5fa7fed6bdc144371f2301050d357f
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://dems.ag/

Response headers

access-control-expose-headers
Request-Context
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 28 Sep 2024 01:43:07 GMT
content-type
application/json; charset=utf-8
vary
Origin,Accept-Encoding
x-frame-options
SAMEORIGIN
x-iinfo
13-7184841-7184843 2NNN RT(1727487788031 46) q(0 0 0 1) r(2 2)
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
cache-control
public, max-age=10
x-cdn
Imperva
access-control-allow-credentials
true
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
access-control-allow-origin
https://dems.ag
content-length
1330
x-xss-protection
1; mode=block
a
www.googletagmanager.com/ 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-C0KC0QE7ES&v=3&t=t&pid=357764891&cv=2&rv=49p0&tc=12&tag_exp=101671035~101747727&es=1&e=gtag.config&eid=3&u=AAAAAAAAAAAAACAAAAAAAAE&ut=Ag&h=Ag&epr=1G.2G&z=0
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.222.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Sat, 28 Sep 2024 01:43:08 GMT
x-xss-protection
0
content-type
text/html
server
Google Tag Manager
a
www.googletagmanager.com/ 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-C0KC0QE7ES&v=3&t=t&pid=357764891&cv=2&rv=49p0&tc=12&tag_exp=101671035~101747727&e=gtm.init&eid=0&u=AAAAAAAAAAAAACAAAAAAAAE&ut=Ag&h=Ag&tr=5ogtgasend.5ogtreferralexclusion.5ogtsessiontimeout.5ogt1pdatav2.5ccdgafirst.5setproductsettings.5ccdgaadslink.5ccdgaregscope.5ccdconversionmarking.5ccdautoredact.5ccdgalast&ti=2ogtgasend.2ogtreferralexclusion.2ogtsessiontimeout.2ogt1pdatav2.2ccdgafirst.2setproductsettings.2ccdgaadslink.2ccdgaregscope.2ccdconversionmarking.2ccdautoredact.2ccdgalast&z=0
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.222.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Sat, 28 Sep 2024 01:43:08 GMT
x-xss-protection
0
content-type
text/html
server
Google Tag Manager
sa.css
tags.srv.stackadapt.com/ 		65 B
203 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.css
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.234.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-234-29.compute-1.amazonaws.com
Software
/
Resource Hash
11426543cfee130862678a9b389c1360cdb41dec033dac8d6d6cc039e60a34a7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

access-control-allow-origin
*
cache-control
only-if-cached, no-transform, private, max-age=7776000
content-length
65
date
Sat, 28 Sep 2024 01:43:08 GMT
content-type
text/css
sa.jpeg
tags.srv.stackadapt.com/ 		0
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.jpeg
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.234.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-234-29.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

access-control-allow-origin
*
cache-control
only-if-cached, no-transform, private, max-age=7776000
content-length
651
date
Sat, 28 Sep 2024 01:43:08 GMT
content-type
image/jpeg
modules.0721e7cf944cf9d78a0b.js
script.hotjar.com/ 		224 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.0721e7cf944cf9d78a0b.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3929513.js?sv=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-87.jfk50.r.cloudfront.net
Software
/
Resource Hash
b59aea27fa8369f30285b9c3875597435dfce1fc0571555adcc11d210cb9bd1b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

x-robots-tag
none
content-encoding
br
etag
"ac12d2f9dbf41b678b7eb52a4d3e70f3"
age
735661
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
lfLap63JXPLcg2QPmPY0msCvA4oEdarHE4cIqd14KxMBxA805hz9Ug==
date
Thu, 19 Sep 2024 13:22:07 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 19 Sep 2024 13:21:34 GMT
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
via
1.1 e80aeefdda01afc3c41fc332ff42e7ac.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
56508
x-amz-cf-pop
JFK50-P5
683722869167845
connect.facebook.net/signals/config/ 		74 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/683722869167845?v=2.9.169&r=stable&domain=dems.ag&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-iad3.fbcdn.net
Software
/
Resource Hash
24c560d30078d2e5c2c39d319bca7f7aedffde1cea4beede8af24e6ade578166
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
edge-control
cache-maxage=10m
date
Sat, 28 Sep 2024 01:43:08 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=42, rtx=0, c=74, mss=1232, tbw=67247, tp=63, tpl=0, uplat=48, ullat=0
pragma
public
x-fb-debug
MvQYuF1uKBlHZh6Kd3k4K4OMZ6mTDJnqaXmAF40WoDutlbQXje6W8FSuLNM6Qk3CptfJlz9ZvKDc0mvKMh9u1A==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
saq_pxl
tags.srv.stackadapt.com/ 		94 B
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/saq_pxl?uid=cw3_IeIiU2oS4YDxCQsl3g&is_js=true&landing_url=https%3A%2F%2Fdems.ag%2F&t=Home%20-%20Democratic%20Attorneys%20General%20Association&tip=9Qji-wzIS-Y3BwHJRZZlyQVEiP5WWrOQJp4u1KWFJ1w&host=https%3A%2F%2Fdems.ag&sa_conv_data_css_value=%270-841ffcf2-9ddd-507d-7c7d-67cff46420bb%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd9841ffcf29ddd507d7c7d67cff46420bb9a2f1139&l_src=&l_src_d=&u_src=&u_src_d=&shop=false&sa-user-id-v3=s%253AAQAKICoUBSZYFbgBwAvTJ7UxRc9Z_ntS9PQGPqUuQOQjpz5DENYBGAQgrL7dtwYwAToEQN4Ii0IEoV9qnw.e9r%252ByKbMf3SKlK5pN8BV%252F%252ByPdaUzOmCgulU5BimQepY&sa-user-id-v2=s%253AhB_88p3dUH18fWfP9GQgu5ovETk.dgh4%252FJ%252FHbgI6Ic7UVIiZx7KWD2a6Vk9tT66pZTjnSHQ&sa-user-id=s%253A0-841ffcf2-9ddd-507d-7c7d-67cff46420bb.JPQV2GShewe44HNMyRsQUaYeFvVlT5MVHZjZjcCLFwY
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.234.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-234-29.compute-1.amazonaws.com
Software
/
Resource Hash
078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

access-control-allow-methods
GET
access-control-allow-origin
https://dems.ag
content-length
94
date
Sat, 28 Sep 2024 01:43:08 GMT
content-type
text/plain; charset=utf-8
access-control-allow-credentials
true
access-control-allow-headers
*
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?batch=1&events[0]=id%3D683722869167845%26ev%3DPageView%26dl%3Dhttps%253A%252F%252Fdems.ag%252F%26rl%3D%26if%3Dfalse%26ts%3D1727487788376%26sw%3D1600%26sh%3D1200%26v%3D2.9.169%26r%3Dstable%26ec%3D0%26o%3D4126%26fbp%3Dfb.1.1727487788373.958382025883043454%26cs_est%3Dtrue%26ler%3Dempty%26cdl%3DAPI_unavailable%26it%3D1727487788258%26coo%3Dfalse%26exp%3Df1&rqm=GET
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=40, rtx=0, c=10, mss=1316, tbw=2819, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sat, 28 Sep 2024 01:43:08 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=683722869167845&ev=PageView&dl=https%3A%2F%2Fdems.ag%2F&rl=&if=false&ts=1727487788376&sw=1600&sh=1200&v=2.9.169&r=stable&ec=0&o=4126&fbp=fb.1.1727487788373.958382025883043454&cs_est=true&ler=empty&cdl=API_unavailable&it=1727487788258&coo=false&exp=f1&rqm=FGET
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-iad3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7419503554674665126"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 28 Sep 2024 01:43:08 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
cLDLmA1VuC47RW4xE/mdaT9XakHas0bwRNGv3qnuhMenNJhSiLxIB+O6MOnhi9ZRUr8thlOzyiTshM053qijuA==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7419503554674665126", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=40, rtx=0, c=10, mss=1316, tbw=3137, tp=-1, tpl=-1, uplat=27, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
3929513
vc.hotjar.io/sessions/ 		0
230 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/3929513?s=0.25&r=0.17886979556079563
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.0721e7cf944cf9d78a0b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-52.jfk50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

via
1.1 1abf103face183cd8172f37e6ac30038.cloudfront.net (CloudFront)
access-control-allow-origin
*
cache-control
no-store
x-cache
Miss from cloudfront
x-amz-cf-id
0hdipsr42kgiBxt0I9kVxtBAq6kdjxfJ73sbOvi1fAe-iJy4q4xWzw==
date
Sat, 28 Sep 2024 01:43:08 GMT
x-amz-cf-pop
JFK50-P5
F0FbMqMdu02IxogaZwEmdA2
secure.ngpvan.com/v1/Track/ 		0
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.ngpvan.com/v1/Track/F0FbMqMdu02IxogaZwEmdA2?formSessionId=0729e5b1-63d1-436e-a6c9-ffa890f92184&bName=chrome&dType=desktop&formVersion=7/29/2024%206:01:14%20PM|4/4/2024%207:28:00%20PM&fUrl=aHR0cHM6Ly9kZW1zLmFnLw%3D%3D&fRef=
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

strict-transport-security
max-age=31536000
x-iinfo
13-7184841-7184849 NNNN CT(20 58 0) RT(1727487788031 243) q(0 0 1 -1) r(1 1) U2
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
access-control-expose-headers
Request-Context
cache-control
no-cache
pragma
no-cache
x-cdn
Imperva
x-content-type-options
nosniff
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
expires
-1
content-length
0
date
Sat, 28 Sep 2024 01:43:08 GMT
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
F0FbMqMdu02IxogaZwEmdA2
secure.ngpvan.com/v1/Track/ 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.ngpvan.com/v1/Track/F0FbMqMdu02IxogaZwEmdA2?formSessionId=a8361da5-6703-4bed-978b-23c7e768d83c&bName=chrome&dType=desktop&formVersion=7/29/2024%206:01:14%20PM|4/4/2024%207:28:00%20PM&fUrl=aHR0cHM6Ly9kZW1zLmFnLw%3D%3D&fRef=
Requested by
Host: dems.ag
URL: https://dems.ag/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

strict-transport-security
max-age=31536000
x-iinfo
13-7184841-7184849 PNNN RT(1727487788031 253) q(0 0 1 -1) r(1 1) U2
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
access-control-expose-headers
Request-Context
cache-control
no-cache
pragma
no-cache
x-cdn
Imperva
x-content-type-options
nosniff
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
expires
-1
content-length
0
date
Sat, 28 Sep 2024 01:43:07 GMT
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
favicon-32x32.png
dems.ag/wp-content/themes/daga/favicon/ 		894 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://dems.ag/wp-content/themes/daga/favicon/favicon-32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f9b2f16df3b1d83b6d59bcf981f97aa2a0a281a2941e5ab4501cdd9e0c807e6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

server
cloudflare
cache-control
public, max-age=31536000
cf-bgj
imgq:100,h2pri
etag
"623dcd81-70f"
cf-cache-status
HIT
cf-ray
8ca00a77ae5cab0a-YYZ
accept-ranges
bytes
access-control-allow-origin
*
cf-polished
origFmt=png, origSize=1807
content-length
894
date
Sat, 28 Sep 2024 01:43:08 GMT
content-type
image/webp
content-disposition
inline; filename="favicon-32x32.webp"
vary
Accept
last-modified
Fri, 25 Mar 2022 14:11:13 GMT
a
www.googletagmanager.com/ 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-C0KC0QE7ES&v=3&t=t&pid=357764891&cv=2&rv=49p0&tc=12&tag_exp=101671035~101747727&es=1&e=gtm.load&eid=12&u=AgAAAAAAAAAAACAAAAAAAAE&ut=Ag&h=Ag&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.222.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dems.ag/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Sat, 28 Sep 2024 01:43:09 GMT
x-xss-protection
0
content-type
text/html
server
Google Tag Manager

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
dems.ag
URL
blob:https://dems.ag/fa31c2ea-aafb-41a7-8d2d-9a83ba174744

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| dataLayer object| _wpemojiSettings object| google_tag_manager object| google_tag_data function| gtag string| GoogleAnalyticsObject function| ga function| saq function| _saq object| HappyForms function| hj object| _hjSettings function| _ object| Backbone object| CSSModal object| nvtag object| _gaq object| nvtag_plugins string| ans number| tnsId object| App function| fbq function| _fbq object| gaplugins object| gaGlobal object| gaData object| hjSiteSettings object| hjLazyModules function| hjBootstrap object| hjBootstrapCalled object| twemoji object| wp object| res object| saCookies string| current_window_url_param object| VgForm object| SecureForm object| VGSCollect object| formview

20 Cookies

Domain/Path Name / Value
tags.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-841ffcf2-9ddd-507d-7c7d-67cff46420bb.JPQV2GShewe44HNMyRsQUaYeFvVlT5MVHZjZjcCLFwY
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-841ffcf2-9ddd-507d-7c7d-67cff46420bb.JPQV2GShewe44HNMyRsQUaYeFvVlT5MVHZjZjcCLFwY
tags.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AhB_88p3dUH18fWfP9GQgu5ovETk.dgh4%2FJ%2FHbgI6Ic7UVIiZx7KWD2a6Vk9tT66pZTjnSHQ
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AhB_88p3dUH18fWfP9GQgu5ovETk.dgh4%2FJ%2FHbgI6Ic7UVIiZx7KWD2a6Vk9tT66pZTjnSHQ
tags.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKICoUBSZYFbgBwAvTJ7UxRc9Z_ntS9PQGPqUuQOQjpz5DENYBGAQgrL7dtwYwAToEQN4Ii0IEoV9qnw.e9r%2ByKbMf3SKlK5pN8BV%2F%2ByPdaUzOmCgulU5BimQepY
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKICoUBSZYFbgBwAvTJ7UxRc9Z_ntS9PQGPqUuQOQjpz5DENYBGAQgrL7dtwYwAToEQN4Ii0IEoV9qnw.e9r%2ByKbMf3SKlK5pN8BV%2F%2ByPdaUzOmCgulU5BimQepY
.dems.ag/ Name: _gcl_au
Value: 1.1.850236924.1727487788
.dems.ag/ Name: _gid
Value: GA1.2.1758512617.1727487788
.dems.ag/ Name: _gat_gtag_UA_152621184_1
Value: 1
.dems.ag/ Name: _ga_C0KC0QE7ES
Value: GS1.1.1727487788.1.0.1727487788.0.0.0
.dems.ag/ Name: _ga
Value: GA1.1.1882114669.1727487788
dems.ag/ Name: sa-user-id
Value: s%253A0-841ffcf2-9ddd-507d-7c7d-67cff46420bb.JPQV2GShewe44HNMyRsQUaYeFvVlT5MVHZjZjcCLFwY
dems.ag/ Name: sa-user-id-v2
Value: s%253AhB_88p3dUH18fWfP9GQgu5ovETk.dgh4%252FJ%252FHbgI6Ic7UVIiZx7KWD2a6Vk9tT66pZTjnSHQ
dems.ag/ Name: sa-user-id-v3
Value: s%253AAQAKICoUBSZYFbgBwAvTJ7UxRc9Z_ntS9PQGPqUuQOQjpz5DENYBGAQgrL7dtwYwAToEQN4Ii0IEoV9qnw.e9r%252ByKbMf3SKlK5pN8BV%252F%252ByPdaUzOmCgulU5BimQepY
.dems.ag/ Name: _fbp
Value: fb.1.1727487788373.958382025883043454
.dems.ag/ Name: _hjSessionUser_3929513
Value: eyJpZCI6IjE4NzI5YTM2LTE0Y2ItNWU3Ni1hNTQwLTA3NDQ1NDRhMjNlZCIsImNyZWF0ZWQiOjE3Mjc0ODc3ODg1MjEsImV4aXN0aW5nIjpmYWxzZX0=
.dems.ag/ Name: _hjSession_3929513
Value: eyJpZCI6ImYwNzA2N2E2LWIyMTAtNDg2Zi1hOWI3LTI1YmM3NjJhMjUwOCIsImMiOjE3Mjc0ODc3ODg1MjMsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=
.ngpvan.com/ Name: nlbi_1002065
Value: 3wDcdozAfQ/khJSv0IOYSwAAAACjuNhII21Glqle/1N61R0u
.ngpvan.com/ Name: visid_incap_1002065
Value: 5yjhiF6oRmCAsHqHPFNxtSxf92YAAAAAQUIPAAAAAABZdAIBbcW7TVb9KPjKlaGU
.ngpvan.com/ Name: incap_ses_327_1002065
Value: AR/fcVCi0D3vtIRk7ryJBCxf92YAAAAAytt2jnY9tA93QTz08d6ysA==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
democraticags.org
dems.ag
fonts.googleapis.com
fonts.gstatic.com
js.verygoodvault.com
script.hotjar.com
secure.ngpvan.com
static.everyaction.com
static.hotjar.com
tags.srv.stackadapt.com
vc.hotjar.io
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
dems.ag
104.196.131.29
13.33.252.92
141.193.213.11
142.251.174.94
157.240.229.1
157.240.229.35
172.217.197.95
172.217.222.97
18.164.96.52
18.164.96.87
18.173.219.58
3.225.234.29
45.60.31.183
52.85.61.102
74.125.192.138
078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4
0af53c307e0c24070ce7b3f2cf4d77dc60a5ed3b389c05d776b605911242ae66
11426543cfee130862678a9b389c1360cdb41dec033dac8d6d6cc039e60a34a7
120f82490e19609333eee4140b8c882dd2c8fabc938410a4539de297e6b12f85
18d5b551a742857bcf9fc62a7c5469a7b6d5142360268b3e2edd17d5a666ecfe
1f9b2f16df3b1d83b6d59bcf981f97aa2a0a281a2941e5ab4501cdd9e0c807e6
1fc5e8a20bac765f6e6c5561f28bbad7b7302bf3009b2910e0070b7b27a95fd8
2302443e0fb551886e9486df2ee027a958110280edb9530f64e64a7b25f09077
24c560d30078d2e5c2c39d319bca7f7aedffde1cea4beede8af24e6ade578166
32526bffc26a3a0a4d7283d2e971eba2a1a9102799da3ac6560ef24a95478e43
39494eaf8540d7aed130e68f3f9ec865cc25d987c174046cb4cb6f3fd4bc4be8
3fbffd71285d5ce0463e13b8158978a198849b086c26dead89c6062dbb4bfddb
47247cf32c064515cfe48b9783072ab2b670ba87617c9ae171f36364bbafe0f0
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
5296a70660209fdd79ab3fc20adfa4eded706568d708547d081374bdb8cccd72
575b2165304d899b7001ab593aeee31b371a46aee8b899c22a87ab9313389eda
5c009d46ad59d5e552af2aea6c3072d7fe5f33034a44c855e4754fa0f72cb7af
5ebce957851eb83517851e8613f012eb45aa4ebb6142b92c30b7d9492c874e22
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c6764b994fc6d19f5aa48ba15956f0731a5172c4de07d2488a1c223868b58af
6e8a1f67acae64fc684bb86352bd299bead015c7a97bf527244f7a79b2b71f79
82100ef4e139cd2c7d7d7546357853014f3659aebee8f1c7607183cac97cff70
8d0d0251614e63c66de207727d86c379393085caba768da7e9c8277c5abc43b7
8d30c239297a0e1a02b34235151a3af763158eede37271f0b450441bb02bbb82
98e596c6c2b3eee4ac1937072fea9c643794b701308b60adc36b767ee8545392
9cb5ea0a834d574435a91aae73fbfce5aa5fa7fed6bdc144371f2301050d357f
a54be57c482e85ead7bf3126b3a406f7acfbb270b59d49fc6e208391fdc4979c
a628cc5900cf4788c2ad7857a1f7987d53204ef05e71c60795b3b194a3708e7d
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b40277966ab293d963c0af593ac6a65352e3c29465929982c9c4785e487b331b
b59aea27fa8369f30285b9c3875597435dfce1fc0571555adcc11d210cb9bd1b
b9b4723e1725fca810a905f00cd53a5bb0e56901b9331973f1cd17d07712d181
bca00a0e2f0587f13b0dad426da199d19cea597c311874db16c75587948dab70
be5a87773af2ae635efc8356c8281457b310511cce556822ef0bd28a35ad8c01
cad32c58f653cd5aab042f97017dcd8e86a44cbad12adc1422e9f60af68c25d6
cd0f34c8c78b19b7a19090b79b8b81dcda22cb5ea90c6dd14f5abea5e67f3306
d4b7412402d8c1482f4d5de6edb0769fcd0e9d7a88dfb3d63cc617a17e44c95b
db04c86ad3bc46d16b82b6d9ce6b6174ec8e839b8ef5d1a875bcf2852a6e9a71
dd8d76a04d9498f127f22a1c2f03159c26995af359157335fbe339a39ed20c41
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8550116b105ab1dda412fa8d972aabc37ffde2d975369b054f85bfcb869d063
ea1ac21fa65ac3003d8b1a3fde6c30ae453782946cd8e4bc3a9643a3364cb30c
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
f825f8c1bcadeb617528a460f8bed506345bff6d0aa9596f28b87dfbbdc52d58