urlscan.io logo urlscan.io
SecurityTrails logo

helpdesk.rootsweb.com Open in urlscan Pro
104.18.27.36  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://helpdesk.rootsweb.ancestry.com/
Effective URL: https://helpdesk.rootsweb.com/
Submission: On September 28 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 73 IPs in 10 countries across 63 domains to perform 182 HTTP transactions. The main IP is 104.18.27.36, located in and belongs to CLOUDFLARENET, US. The main domain is helpdesk.rootsweb.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 28th 2021. Valid for: a year.
This is the only time helpdesk.rootsweb.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 104.18.26.36 13335 (CLOUDFLAR...)
1 104.18.27.36 13335 (CLOUDFLAR...)
19 104.111.226.93 16625 (AKAMAI-AS)
1 143.204.98.113 16509 (AMAZON-02)
9 142.250.186.162 15169 (GOOGLE)
4 143.204.95.188 16509 (AMAZON-02)
3 143.204.101.139 16509 (AMAZON-02)
3 104.75.88.194 16625 (AKAMAI-AS)
1 143.204.98.126 16509 (AMAZON-02)
4 34.210.198.65 16509 (AMAZON-02)
1 35.190.11.84 15169 (GOOGLE)
1 3 34.240.91.113 16509 (AMAZON-02)
1 52.30.200.197 16509 (AMAZON-02)
1 15.188.95.229 16509 (AMAZON-02)
1 1 54.194.191.134 16509 (AMAZON-02)
2 34.149.20.76 15169 (GOOGLE)
1 34.107.148.139 15169 (GOOGLE)
2 52.28.203.152 16509 (AMAZON-02)
1 18.195.231.241 16509 (AMAZON-02)
1 184.31.84.150 16625 (AKAMAI-AS)
2 72.251.249.13 29791 (VOXEL-DOT...)
9 34.98.64.218 15169 (GOOGLE)
1 185.64.189.112 62713 (AS-PUBMATIC)
2 69.173.144.143 26667 (RUBICONPR...)
2 5 185.33.223.38 29990 (ASN-APPNEX)
1 89.207.16.210 41041 (VCLK-EU-SE)
1 13.36.218.177 16509 (AMAZON-02)
4 52.202.233.191 14618 (AMAZON-AES)
1 34.227.85.106 14618 (AMAZON-AES)
3 2.18.233.180 16625 (AKAMAI-AS)
2 151.101.193.194 54113 (FASTLY)
1 143.204.98.60 16509 (AMAZON-02)
4 142.250.185.226 15169 (GOOGLE)
1 216.58.212.129 15169 (GOOGLE)
1 143.204.98.45 16509 (AMAZON-02)
1 143.204.98.94 16509 (AMAZON-02)
3 104.16.18.6 13335 (CLOUDFLAR...)
2 178.250.2.146 44788 (ASN-CRITE...)
1 143.204.101.150 16509 (AMAZON-02)
1 1 3.92.246.31 14618 (AMAZON-AES)
1 2 3.220.38.221 14618 (AMAZON-AES)
1 172.217.18.106 15169 (GOOGLE)
2 208.100.17.177 32748 (STEADFAST)
1 142.250.185.232 15169 (GOOGLE)
1 151.101.66.137 54113 (FASTLY)
2 7 13.248.245.213 16509 (AMAZON-02)
1 162.247.243.147 13335 (CLOUDFLAR...)
2 104.109.78.125 16625 (AKAMAI-AS)
2 7 76.223.111.131 16509 (AMAZON-02)
9 13 142.250.181.226 15169 (GOOGLE)
1 108.174.11.69 14413 (LINKEDIN)
2 3 212.82.100.176 34010 (YAHOO-IRD)
2 4 18.156.153.73 16509 (AMAZON-02)
1 13.107.21.200 8068 (MICROSOFT...)
2 4 209.54.176.128 16509 (AMAZON-02)
1 1 64.202.112.159 22075 (AS-OUTBRAIN)
1 1 46.228.164.11 56396 (AMOBEE)
2 2 54.93.179.96 16509 (AMAZON-02)
6 6 52.215.67.80 16509 (AMAZON-02)
1 6 185.64.190.80 62713 (AS-PUBMATIC)
1 1 198.148.27.140 19189 (PULSEPOINT)
1 1 185.86.137.110 201081 (SMARTADSE...)
4 4 185.29.134.248 30419 (MEDIAMATH...)
3 3 91.228.74.133 16509 (AMAZON-02)
3 4 37.157.6.251 198622 (ADFORM)
1 2.18.232.130 16625 (AKAMAI-AS)
1 1 151.101.130.49 54113 (FASTLY)
3 69.173.144.165 26667 (RUBICONPR...)
1 35.244.174.68 15169 (GOOGLE)
4 4 69.173.144.139 26667 (RUBICONPR...)
1 87.248.118.23 34010 (YAHOO-IRD)
2 142.250.185.130 15169 (GOOGLE)
2 9 2.18.234.21 16625 (AKAMAI-AS)
1 2.18.235.93 16625 (AKAMAI-AS)
1 185.64.190.78 62713 (AS-PUBMATIC)
1 185.33.221.11 29990 (ASN-APPNEX)
1 1 52.19.99.3 16509 (AMAZON-02)
2 2 213.155.156.182 1299 (TWELVE99 ...)
1 178.250.0.163 44788 (ASN-CRITE...)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
5 185.64.189.110 62713 (AS-PUBMATIC)
3 185.64.189.114 62713 (AS-PUBMATIC)
1 1 51.79.83.225 16276 (OVH)
1 2 104.22.25.87 13335 (CLOUDFLAR...)
1 169.50.137.190 36351 (SOFTLAYER)
1 1 18.156.0.31 16509 (AMAZON-02)
2 2 63.33.204.129 16509 (AMAZON-02)
1 89.207.16.201 41041 (VCLK-EU-SE)
1 54.36.109.49 16276 (OVH)
1 34.120.133.55 15169 (GOOGLE)
1 52.48.137.92 16509 (AMAZON-02)
182 73
1    104.18.26.36 (None, )

ASN13335 (CLOUDFLARENET, US)
helpdesk.rootsweb.ancestry.com
1    104.18.27.36 (None, )

ASN13335 (CLOUDFLARENET, US)
helpdesk.rootsweb.com
19    104.111.226.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-226-93.deploy.static.akamaitechnologies.com
www.ancestrycdn.com
1    143.204.98.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-113.fra50.r.cloudfront.net
prod.adspsp.com
9    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
securepubads.g.doubleclick.net
4    143.204.95.188 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-95-188.fra50.r.cloudfront.net
c.amazon-adsystem.com
3    143.204.101.139 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-139.fra50.r.cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
3    104.75.88.194 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-194.deploy.static.akamaitechnologies.com
tags.tiqcdn.com
1    143.204.98.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-126.fra50.r.cloudfront.net
geo.adspsp.com
4    34.210.198.65 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-210-198-65.us-west-2.compute.amazonaws.com
adspsp.com
1    35.190.11.84 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 84.11.190.35.bc.googleusercontent.com
api.lytics.io
3    34.240.91.113 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-91-113.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    52.30.200.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-200-197.eu-west-1.compute.amazonaws.com
ancestry-mcsp.demdex.net
1    15.188.95.229 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
ancestry.sc.omtrdc.net
1    54.194.191.134 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-191-134.eu-west-1.compute.amazonaws.com
cm.everesttech.net
2    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
1    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
2    52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
1    18.195.231.241 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-231-241.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    184.31.84.150 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
2    72.251.249.13 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
9    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
ancestry-d.openx.net
eu-u.openx.net
us-u.openx.net
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    69.173.144.143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
5    185.33.223.38 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    89.207.16.210 (Roydon, United Kingdom)

ASN41041 (VCLK-EU-SE, US)
web.hb.ad.cpe.dotomi.com
1    13.36.218.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
smetrics.ancestry.com
4    52.202.233.191 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-233-191.compute-1.amazonaws.com
geoip.insticator.com
event.insticator.com
1    34.227.85.106 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-227-85-106.compute-1.amazonaws.com
b2c.insticator.com
3    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    151.101.193.194 (United States)

ASN54113 (FASTLY, US)
confiant-integrations.global.ssl.fastly.net
1    143.204.98.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-60.fra50.r.cloudfront.net
get.s-onetag.com
4    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
adservice.google.com
www.googletagservices.com
1    216.58.212.129 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f1.1e100.net
d4827d1996b024bc62e872a8f858bac7.safeframe.googlesyndication.com
1    143.204.98.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-45.fra50.r.cloudfront.net
onetag-geo.s-onetag.com
1    143.204.98.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-94.fra50.r.cloudfront.net
signal-beacon.s-onetag.com
3    104.16.18.6 (None, )

ASN13335 (CLOUDFLARENET, US)
go.newspapers.com
2    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    143.204.101.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-150.fra50.r.cloudfront.net
df80k0z3fi8zg.cloudfront.net
1    3.92.246.31 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-92-246-31.compute-1.amazonaws.com
px.britepool.com
2    3.220.38.221 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-38-221.compute-1.amazonaws.com
thrtle.com
1    172.217.18.106 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f106.1e100.net
ajax.googleapis.com
2    208.100.17.177 (United States)

ASN32748 (STEADFAST, US)
PTR: ip177.208-100-17.static.steadfastdns.net
ssc-cms.33across.com
1    142.250.185.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f8.1e100.net
ssl.google-analytics.com
1    151.101.66.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
7    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    162.247.243.147 (United States)

ASN13335 (CLOUDFLARENET, US)
bam-cell.nr-data.net
2    104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
7    76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
13    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
cm.g.doubleclick.net
1    108.174.11.69 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-11-69.fwd.linkedin.com
px.ads.linkedin.com
3    212.82.100.176 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: pr-bh-ing.pbp.vip.ir2.yahoo.com
pr-bh.ybp.yahoo.com
4    18.156.153.73 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-153-73.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
4    209.54.176.128 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    64.202.112.159 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
2    54.93.179.96 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-179-96.eu-central-1.compute.amazonaws.com
pm.w55c.net
6    52.215.67.80 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-67-80.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
6    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    185.86.137.110 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
4    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    91.228.74.133 (United Kingdom)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
4    37.157.6.251 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net
c1.adform.net
1    2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
3    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
4    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    87.248.118.23 (Frankfurt am Main, Germany)

ASN34010 (YAHOO-IRD, GB)
PTR: e2.ycpi.vip.deb.yahoo.com
ads.yahoo.com
2    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
pagead2.googlesyndication.com
9    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
js-sec.indexww.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
1    2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com
contextual.media.net
1    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    185.33.221.11 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
1    52.19.99.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-99-3.eu-west-1.compute.amazonaws.com
d.adroll.com
2    213.155.156.182 (Uppsala, Sweden)

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-182.teliacarrier-cust.com
d5p.de17a.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
5    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
3    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
1    51.79.83.225 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: pikafka-5.cloudy.ovh
pixel.onaudience.com
2    104.22.25.87 (None, )

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
1    169.50.137.190 (United States)

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
1    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    63.33.204.129 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-204-129.eu-west-1.compute.amazonaws.com
ads.avct.cloud
1    89.207.16.201 (Roydon, United Kingdom)

ASN41041 (VCLK-EU-SE, US)
PTR: ams04-usadmm.dotomi.com
pubmatic-match.dotomi.com
1    54.36.109.49 (France)

ASN16276 (OVH, FR)
PTR: p04.id5-sync.com
id5-sync.com
1    34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
1    52.48.137.92 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-137-92.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
Apex Domain
Subdomains		 Transfer
22 doubleclick.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
174 KB
19 pubmatic.com
hbopenbid.pubmatic.com
ads.pubmatic.com
image2.pubmatic.com
image6.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
simage4.pubmatic.com
108 KB
19 ancestrycdn.com
www.ancestrycdn.com
436 KB
11 rubiconproject.com
fastlane.rubiconproject.com
eus.rubiconproject.com
pixel.rubiconproject.com
token.rubiconproject.com
23 KB
9 openx.net
ancestry-d.openx.net
eu-u.openx.net
us-u.openx.net
2 KB
8 casalemedia.com
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
8 KB
8 3lift.com
tlx.3lift.com
eb2.3lift.com
3 KB
8 amazon-adsystem.com
c.amazon-adsystem.com
s.amazon-adsystem.com
42 KB
7 adsrvr.org
match.adsrvr.org
3 KB
7 adnxs.com
ib.adnxs.com
acdn.adnxs.com
secure.adnxs.com
22 KB
7 yahoo.com
c2shb.ssp.yahoo.com
pr-bh.ybp.yahoo.com
ads.yahoo.com
ups.analytics.yahoo.com
4 KB
6 bidr.io
match.prod.bidr.io
3 KB
6 adspsp.com
prod.adspsp.com
geo.adspsp.com
adspsp.com
94 KB
5 insticator.com
geoip.insticator.com
b2c.insticator.com
event.insticator.com
557 B
4 adform.net
c1.adform.net
2 KB
4 mathtag.com
sync.mathtag.com
2 KB
4 bidswitch.net
x.bidswitch.net
857 B
4 33across.com
ssc.33across.com
ssc-cms.33across.com
455 B
4 demdex.net
dpm.demdex.net
ancestry-mcsp.demdex.net
6 KB
4 cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
df80k0z3fi8zg.cloudfront.net Failed
233 KB
3 quantserve.com
pixel.quantserve.com
1 KB
3 criteo.com
gum.criteo.com
dis.criteo.com
970 B
3 newspapers.com
go.newspapers.com Failed
19 KB
3 googlesyndication.com
d4827d1996b024bc62e872a8f858bac7.safeframe.googlesyndication.com
pagead2.googlesyndication.com
64 B
3 s-onetag.com
get.s-onetag.com
onetag-geo.s-onetag.com
signal-beacon.s-onetag.com
17 KB
3 tiqcdn.com
tags.tiqcdn.com
80 KB
2 avct.cloud
ads.avct.cloud
894 B
2 zeotap.com
spl.zeotap.com
mwzeom.zeotap.com
892 B
2 de17a.com
d5p.de17a.com
637 B
2 indexww.com
js-sec.indexww.com
2 KB
2 rlcdn.com
id.rlcdn.com
api.rlcdn.com
332 B
2 w55c.net
pm.w55c.net
2 KB
2 thrtle.com
thrtle.com
773 B
2 googletagservices.com
www.googletagservices.com
65 KB
2 google.com
adservice.google.com
692 B
2 fastly.net
confiant-integrations.global.ssl.fastly.net
74 KB
2 dotomi.com
web.hb.ad.cpe.dotomi.com
pubmatic-match.dotomi.com
597 B
2 lijit.com
ap.lijit.com
741 B
2 media.net
prebid.media.net
contextual.media.net
9 KB
2 everesttech.net
cm.everesttech.net
sync-tm.everesttech.net
745 B
2 ancestry.com
helpdesk.rootsweb.ancestry.com
smetrics.ancestry.com
836 B
1 crwdcntrl.net
id.crwdcntrl.net
911 B
1 id5-sync.com
id5-sync.com
539 B
1 simpli.fi
um.simpli.fi
610 B
1 onaudience.com
pixel.onaudience.com
400 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 adroll.com
d.adroll.com
112 B
1 smartadserver.com
rtb-csync.smartadserver.com
757 B
1 contextweb.com
bh.contextweb.com
497 B
1 turn.com
ad.turn.com
412 B
1 zemanta.com
b1sync.zemanta.com
301 B
1 bing.com
c.bing.com
480 B
1 linkedin.com
px.ads.linkedin.com
462 B
1 nr-data.net
bam-cell.nr-data.net
930 B
1 newrelic.com
js-agent.newrelic.com
12 KB
1 britepool.com
px.britepool.com
api.britepool.com Failed
650 B
1 google-analytics.com
www.google-analytics.com Failed
ssl.google-analytics.com
21 KB
1 googleapis.com
fonts.googleapis.com Failed
ajax.googleapis.com
94 KB
1 omtrdc.net
ancestry.sc.omtrdc.net
320 B
1 lytics.io
api.lytics.io
373 B
1 rootsweb.com
helpdesk.rootsweb.com
5 KB
0 admixer.net Failed
inv-nets.admixer.net Failed
0 fontawesome.com Failed
use.fontawesome.com Failed
182 63
Domain Requested by
19 www.ancestrycdn.com helpdesk.rootsweb.com
www.ancestrycdn.com
13 cm.g.doubleclick.net 9 redirects eb2.3lift.com
eu-u.openx.net
helpdesk.rootsweb.com
9 securepubads.g.doubleclick.net helpdesk.rootsweb.com
securepubads.g.doubleclick.net
www.googletagservices.com
7 match.adsrvr.org 2 redirects eb2.3lift.com
eu-u.openx.net
helpdesk.rootsweb.com
ssum-sec.casalemedia.com
ads.pubmatic.com
7 eb2.3lift.com 2 redirects prod.adspsp.com
eb2.3lift.com
6 image2.pubmatic.com 1 redirects ads.pubmatic.com
6 match.prod.bidr.io 6 redirects
5 simage2.pubmatic.com ads.pubmatic.com
5 eu-u.openx.net prod.adspsp.com
eu-u.openx.net
5 ib.adnxs.com 2 redirects prod.adspsp.com
acdn.adnxs.com
4 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
4 token.rubiconproject.com 4 redirects
4 c1.adform.net 3 redirects ads.pubmatic.com
4 sync.mathtag.com 4 redirects
4 s.amazon-adsystem.com 2 redirects eb2.3lift.com
ssum-sec.casalemedia.com
4 x.bidswitch.net 2 redirects eb2.3lift.com
ssum-sec.casalemedia.com
4 adspsp.com helpdesk.rootsweb.com
4 c.amazon-adsystem.com helpdesk.rootsweb.com
c.amazon-adsystem.com
3 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
3 pixel.rubiconproject.com helpdesk.rootsweb.com
3 pixel.quantserve.com 3 redirects
3 us-u.openx.net eu-u.openx.net
3 pr-bh.ybp.yahoo.com 2 redirects ads.pubmatic.com
3 go.newspapers.com securepubads.g.doubleclick.net
go.newspapers.com
3 event.insticator.com d3lcz8vpax4lo2.cloudfront.net
3 ads.pubmatic.com d3lcz8vpax4lo2.cloudfront.net
prod.adspsp.com
ads.pubmatic.com
3 dpm.demdex.net 1 redirects helpdesk.rootsweb.com
3 tags.tiqcdn.com helpdesk.rootsweb.com
tags.tiqcdn.com
3 d3lcz8vpax4lo2.cloudfront.net helpdesk.rootsweb.com
d3lcz8vpax4lo2.cloudfront.net
2 ads.avct.cloud 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 js-sec.indexww.com prod.adspsp.com
ssum-sec.casalemedia.com
2 pagead2.googlesyndication.com securepubads.g.doubleclick.net
www.googletagservices.com
2 pm.w55c.net 2 redirects
2 eus.rubiconproject.com prod.adspsp.com
eus.rubiconproject.com
2 ssc-cms.33across.com prod.adspsp.com
2 thrtle.com 1 redirects helpdesk.rootsweb.com
2 gum.criteo.com ads.pubmatic.com
2 www.googletagservices.com securepubads.g.doubleclick.net
2 adservice.google.com securepubads.g.doubleclick.net
2 confiant-integrations.global.ssl.fastly.net d3lcz8vpax4lo2.cloudfront.net
confiant-integrations.global.ssl.fastly.net
2 fastlane.rubiconproject.com prod.adspsp.com
2 ap.lijit.com prod.adspsp.com
2 c2shb.ssp.yahoo.com prod.adspsp.com
2 ssc.33across.com prod.adspsp.com
1 simage4.pubmatic.com ads.pubmatic.com
1 id.crwdcntrl.net ads.pubmatic.com
1 api.rlcdn.com ads.pubmatic.com
1 id5-sync.com ads.pubmatic.com
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 ups.analytics.yahoo.com 1 redirects
1 um.simpli.fi ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 spl.zeotap.com 1 redirects
1 pixel.onaudience.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 d.adroll.com 1 redirects
1 secure.adnxs.com ssum-sec.casalemedia.com
1 image6.pubmatic.com ads.pubmatic.com
1 contextual.media.net prod.adspsp.com
1 ads.yahoo.com helpdesk.rootsweb.com
1 id.rlcdn.com helpdesk.rootsweb.com
1 sync-tm.everesttech.net 1 redirects
1 acdn.adnxs.com prod.adspsp.com
1 rtb-csync.smartadserver.com 1 redirects
1 bh.contextweb.com 1 redirects
1 ad.turn.com 1 redirects
1 b1sync.zemanta.com 1 redirects
1 c.bing.com eb2.3lift.com
1 px.ads.linkedin.com eb2.3lift.com
1 bam-cell.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com go.newspapers.com
1 ssl.google-analytics.com go.newspapers.com
1 ajax.googleapis.com go.newspapers.com
1 px.britepool.com 1 redirects
1 df80k0z3fi8zg.cloudfront.net helpdesk.rootsweb.com
d3lcz8vpax4lo2.cloudfront.net
1 signal-beacon.s-onetag.com get.s-onetag.com
1 onetag-geo.s-onetag.com get.s-onetag.com
1 d4827d1996b024bc62e872a8f858bac7.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 get.s-onetag.com d3lcz8vpax4lo2.cloudfront.net
1 b2c.insticator.com d3lcz8vpax4lo2.cloudfront.net
1 geoip.insticator.com d3lcz8vpax4lo2.cloudfront.net
1 smetrics.ancestry.com helpdesk.rootsweb.com
1 web.hb.ad.cpe.dotomi.com prod.adspsp.com
1 hbopenbid.pubmatic.com prod.adspsp.com
1 ancestry-d.openx.net prod.adspsp.com
1 htlb.casalemedia.com prod.adspsp.com
1 tlx.3lift.com prod.adspsp.com
1 prebid.media.net prod.adspsp.com
1 cm.everesttech.net 1 redirects
1 ancestry.sc.omtrdc.net tags.tiqcdn.com
1 ancestry-mcsp.demdex.net tags.tiqcdn.com
1 api.lytics.io tags.tiqcdn.com
1 geo.adspsp.com prod.adspsp.com
1 prod.adspsp.com helpdesk.rootsweb.com
1 helpdesk.rootsweb.com
1 helpdesk.rootsweb.ancestry.com 1 redirects
0 api.britepool.com Failed ads.pubmatic.com
0 inv-nets.admixer.net Failed eu-u.openx.net
0 www.google-analytics.com Failed helpdesk.rootsweb.com
0 use.fontawesome.com Failed client
0 fonts.googleapis.com Failed client
182 104

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-28 -
2022-09-27		 a year crt.sh
www.ancestry.com
GeoTrust RSA CA 2018		 2021-04-07 -
2022-04-12		 a year crt.sh
prod.adspsp.com
Amazon		 2021-02-16 -
2022-03-17		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.tiqcdn.com
DigiCert SHA2 Secure Server CA		 2021-04-19 -
2022-04-27		 a year crt.sh
geo.adspsp.com
Amazon		 2021-02-19 -
2022-03-20		 a year crt.sh
adspsp.com
Amazon		 2021-02-15 -
2022-03-16		 a year crt.sh
*.lytics.io
DigiCert ECC Secure Server CA		 2020-09-22 -
2021-10-24		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-02 -
2022-01-02		 a year crt.sh
*.sc.omtrdc.net
DigiCert SHA2 High Assurance Server CA		 2020-10-29 -
2021-11-29		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-01 -
2021-09-30		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2021-04-12 -
2022-05-05		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-30 -
2022-02-23		 6 months crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-07-13 -
2022-06-25		 a year crt.sh
smetrics.ancestry.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-20 -
2022-08-20		 a year crt.sh
*.insticator.com
Sectigo RSA Organization Validation Secure Server CA		 2021-08-11 -
2022-08-25		 a year crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-27 -
2022-05-29		 a year crt.sh
*.s-onetag.com
Amazon		 2021-02-03 -
2022-03-04		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.newspapers.com
DigiCert SHA2 High Assurance Server CA		 2019-10-08 -
2022-01-10		 2 years crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
*.thrtle.com
Go Daddy Secure Certificate Authority - G2		 2021-03-22 -
2022-04-23		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.newrelic.com
R3		 2021-09-17 -
2021-12-16		 3 months crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA		 2020-02-05 -
2022-02-08		 2 years crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2021-09-16 -
2022-03-16		 6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2021-07-06 -
2022-01-06		 6 months crt.sh
s.amazon-adsystem.com
Amazon		 2021-07-14 -
2022-06-27		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-03-11 -
2022-02-07		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-09-27 -
2021-11-17		 2 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.pbp.bf2.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-18 -
2021-11-17		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
*.id5-sync.com
R3		 2021-07-13 -
2021-10-11		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh

This page contains 22 frames:

Primary Page: https://helpdesk.rootsweb.com/
Frame ID: 14D7090B02DFCD23CE7A6DE4715F6036
Requests: 86 HTTP requests in this frame

Frame: https://ancestry-mcsp.demdex.net/dest5.html?d_nsid=0
Frame ID: E7B338942B3648E85B03C44387FA835D
Requests: 1 HTTP requests in this frame

Frame: https://b2c.insticator.com/v3/pages/usertracking
Frame ID: F121E620E93EE5F7AEC3B6BE933893AD
Requests: 1 HTTP requests in this frame

Frame: https://d4827d1996b024bc62e872a8f858bac7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4C26A1520EAE78373E5A4B2D140DE249
Requests: 1 HTTP requests in this frame

Frame: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/3fa7736e-7c0c-4cd6-8ed8-c899dd5d0a47.js
Frame ID: E8C71048A882DCE8C4F372A7FBE15076
Requests: 10 HTTP requests in this frame

Frame: https://go.newspapers.com/ads/LDR-search.php?&design=grayldr&nameField=1&label=FIND%20YOUR%20ANCESTORS%20IN%20OBITUARIES%20AND%20BIRTH%20NOTICES&xid=1090&clickTag=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjstJb8xhsMkot7d4azENRN8FxL0y_HkQF-AU803okwM8aF_7jswIe-YJwZLz0buRGfBRvOmwcheVsMY4bu05EpVH0IvEiNEovMFh_DDQJCb2G0zl8TB7aq-9tTwDd_mUix3SOBjAwugMMfk9Jv6E7B20Ozt01coFXiUgq-LYNPWyiZYhEhJOhWytMQH51NJ-lZqftctxHTA1zT6OOS3dMNSpxTjM-HhNq6OhjZ_Fb_3JDx4BsZPqc5j6TM80b_foXms2Ob-YYDY1fU_NMKGKwKU9irH0BneXRc_l1DAFX0TaO8b4NejO0qpaO5SJ8VKVWK_gEEbX-aXGJ_wQwT4%2526sai%253DAMfl-YR6N6Is98nPCpCFhhTEy7kM1xnihYgoRLtHZ_HoEyY0kbg-7TWL0ip8wmFP7q88kIHhct2h4A-FdVxYmzmkzsqZAHBwUhGpFOYLWYx7id0q12BbML8kujETNwnhmxuC%2526sig%253DCg0ArKJSzDAfzroeMGk_EAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&t=1&utm_source=rootsweb&utm_medium=referral&utm_campaign=RW-Display
Frame ID: 4894120A0B7D82BDE138DB8963E2E431
Requests: 1 HTTP requests in this frame

Frame: https://go.newspapers.com/ads/LDR-search.php?admin=1&design=whtldr&xid=109&nameField=1&label=Find%20your%20ancestors%20in%20obituaries%20and%20birth%20notices&clickTag=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjssmEqklCkJAbdY2hhqkAlnSC_PrSMR-z6X6aKWmnjr620U8vzr4eCD7ViP1E2jqDYhl3yH-9Ym6cv-WO27kS_gCrTFHDmvLVnv2rPi2A_U9gNug9Wo2n-jpc2R5JFox8_hIoD9ko5dJmWEZBqP7tZG_h68IWu-uhlJOKzVqkp67Dhsi2T2U4RSXdvDuTxqQs1X2ogqbnx31C3di0_oHBZ6bHYXh62IEeLXV3iPBtpfLB0dHr4CJoCUCE5eRDjGeMO0I5AS6cz852_95sYpxhSl9dbYAlie1_l_S_1XIU2ssVfG9NaQ0dX0NVdCm2vMpEyo7CcpdD2nM%2526sai%253DAMfl-YRV6GACML3odwupd87Qd6Qrekw1mgap12qq-ioTlmMr92yjVwS57VcnuPkoV7z4hXOlCTUQSxxuQ7lztUtOLUVSeEr5QvUBUs_pAgwCgONfN2xO9sR7t-XFSEwYaDje%2526sig%253DCg0ArKJSzK7QoQdQi-cwEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&t=1&utm_source=rootsweb&utm_medium=referral&utm_campaign=RW-Display
Frame ID: 75EEDDBE230F5DCD4DBA9C353A09FD41
Requests: 7 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dtylsEbQir7lnyaKjGFx_2&gdpr_consent=undefined&us_privacy=undefined
Frame ID: A6C22A62560D3B40571BE3A194119990
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=7840138
Frame ID: 2D335111DAB7711A58DF08F4FB51F3B2
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 60ECE674959E860D8235C2D5A9B820A6
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: D857C5887B4943F436310FD83A214A8E
Requests: 10 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=654fdc04-8cd2-4182-b6a0-cadf9a3143db&gdpr=0&us_privacy=1---
Frame ID: A9BE6C36EF0D1FA4F2DA99149ADCD5CC
Requests: 11 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=doDfPobQir7lnyaKjGFx_2&gdpr_consent=undefined&us_privacy=undefined
Frame ID: A7C295B7E6531A40AF0C8DD9909A3F9D
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 9EB172F9A7EAC361D20666B478A25CA9
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: A46E7617AE34A9DCC0C72CAEFAE8A0A8
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU12G3DV&prvid=171%2C251%2C175%2C178%2C157%2C3016%2C214%2C159%2C238%2C97%2C99%2C77%2C56%2C3012%2C222%2C3007%2C201%2C4%2C246%2C203%2C148%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Frame ID: 8FA394068B99F7F6C28BC3AE515C5802
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158092
Frame ID: 0448F0187AC7EF310B8BCD75B1BD578D
Requests: 18 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://helpdesk.rootsweb.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: BF86ECAA8D64A9A1805F48D3BD768F6C
Requests: 10 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=4A4AB557-9471-4BF3-86E1-ABA918073541
Frame ID: FBF38B935373A2470D1253212EFB7C7E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1632785843937290507
Frame ID: 3A95AB0915F59AFD02CE89606126D95B
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 1FBB7F9F9F00F3D2CB2DD9B459B082E3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7012840201690609817
Frame ID: 9B9B5D22E15AA614B8BBAC4418287B4F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://helpdesk.rootsweb.ancestry.com/ HTTP 301
    https://helpdesk.rootsweb.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <(?:iframe|img)[^>]+adnxs\.(?:net|com)
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • ^(?:https?:)?//tags\.tiqcdn\.com/
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

182
Requests

93 %
HTTPS

0 %
IPv6

63
Domains

104
Subdomains

73
IPs

10
Countries

1554 kB
Transfer

4081 kB
Size

102
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://helpdesk.rootsweb.ancestry.com/ HTTP 301
    https://helpdesk.rootsweb.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=ED3301AC512D2A290A490D4C%40AdobeOrg&d_nsid=0&ts=1632804096365 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=ED3301AC512D2A290A490D4C%40AdobeOrg&d_nsid=0&ts=1632804096365
Request Chain 38
  • https://cm.everesttech.net/cm/dd?d_uuid=02093714792959358090183183452679258279 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YVKdAAAAALCmtQQE
Request Chain 87
  • https://px.britepool.com/new?partner_id=t HTTP 302
  • https://thrtle.com/insync?vxii_pid=10054&vxii_pdid=991aa9f0-6a3e-4e35-a2cd-39d4dd76731b HTTP 302
  • https://thrtle.com/insync?vxii_pdid=991aa9f0-6a3e-4e35-a2cd-39d4dd76731b&vxii_pid=12&vxii_pid1=10054&vxii_rcid=fc8cc27d-a3b6-4c56-9ab4-e144d63e1ea7
Request Chain 103
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 107
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESENlJha_zM0re-A6Uvvtcrc0&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Request Chain 108
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTA5OTM2NjQ5NjYzMjA5ODgyODE%3D
Request Chain 110
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/10993664966320988281?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-P4_.bnpE2oT9MiVCVk1KE0vonOp5USKinaTYN59_XQ--~A&dongle=0883
Request Chain 113
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=10993664966320988281 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=10993664966320988281&dcc=t
Request Chain 114
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 115
  • https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4771&xuid=2922046216996930808&dongle=d407
Request Chain 119
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=qNoJAenC1Mv4VY5
Request Chain 120
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dopenx%26bsw_param%3Dd2066a35-9dea-49a6-978c-ff92eaeb5a99%26gdpr%3D%26consent%3D%26gdpr_pd%3D%26expires%3D7
Request Chain 121
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=2675323181109017778
Request Chain 122
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFJTF9rN0NwVG9BQUJrblUtLTdVdw&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAIL_k7CpToAABknU--7Uw&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csas%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAIL_k7CpToAABknU--7Uw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cox%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAIL_k7CpToAABknU--7Uw&pid=558502&do=add HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAIL_k7CpToAABknU--7Uw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=ox&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=5233143506942990676 HTTP 303
  • https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAIL_k7CpToAABknU--7Uw
Request Chain 123
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=77316152-9d02-4d00-904a-7aa3b5f48d12
Request Chain 124
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=Y88kMWyaITF4znRlY848M2DGIzB4zSZiN8yMFk5V
Request Chain 125
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2295547346455682215
Request Chain 128
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGCAC9E_U7ddB8YdPQyED4Q&google_cver=1
Request Chain 130
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YVKdAAAAALCmtQQE
Request Chain 132
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1UzTEVHNk8tMTEtODZDRg==
Request Chain 133
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzhlMjcxZTM2Y2JkNjNiZDA4NzU0ZGJlNTg3ZmEwODVhNGNhZWNjNg
Request Chain 135
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=c8c96152-9d02-4d00-9985-0f0b1dd5bce4
Request Chain 136
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KU3LEG6O-11-86CF&sigv=1&esig=2~cd4eb963f726f834420fc4ff9dd5436f4a20cba2
Request Chain 137
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/l0Vdd7drdHa1Jl6We2emV8n5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4655335640305871095
Request Chain 143
  • https://ssum-sec.casalemedia.com/usermatch?d=https://helpdesk.rootsweb.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https://helpdesk.rootsweb.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 146
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YVKdAvFYO8Y1u8ddI8JK4QAABKcAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEKVMTEplduD6TmtqmdgKV8k&google_cver=1
Request Chain 147
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YVKdAvFYO8Y1u8ddI8JK4QAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESED01bWFzVjVTVKAGCgx5XJ8&google_cver=1&gdpr=1
Request Chain 148
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YVKdAvFYO8Y1u8ddI8JK4QAABKcAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YVKdAvFYO8Y1u8ddI8JK4QAABKcAAAIB&dcc=t
Request Chain 150
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 152
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=1j80rtlqMa7NPmT61j4srNU2M6_NPTb9gjysjrPQ
Request Chain 155
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1632785843937290507
Request Chain 157
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7012840201690609817
Request Chain 158
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Skq1V5RxS_OG4aupGAc1QQ%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 159
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c8c96152-9d02-4d00-9985-0f0b1dd5bce4
Request Chain 160
  • https://pixel.onaudience.com/?partner=214&mapped=4A4AB557-9471-4BF3-86E1-ABA918073541 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=dbbb324f11ecf9c9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=51811291-ab9a-4a11-55e6-2bac012dfbac&reqId=ebb91d24-0ed3-4dba-4cfb-527f3bbfe8bd&zcluid=dbbb324f11ecf9c9&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEIk4UZXWqB9lMqLVAUvszLg&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=51811291-ab9a-4a11-55e6-2bac012dfbac&reqId=ebb91d24-0ed3-4dba-4cfb-527f3bbfe8bd&zcluid=dbbb324f11ecf9c9&zdid=1332
Request Chain 161
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NEE0QUI1NTctOTQ3MS00QkYzLTg2RTEtQUJBOTE4MDczNTQx&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 162
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMkYRPuu9_kvyGeb3goDNdA&google_cver=1
Request Chain 164
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3b658563-e8a3-420d-b237-4461ebd38806
Request Chain 165
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2295547346455682215
Request Chain 166
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:c8c96152-9d02-4d00-9985-0f0b1dd5bce4&gdpr=0&gdpr_consent=
Request Chain 167
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2675323181109017778&gdpr=0&gdpr_consent=
Request Chain 168
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=fWoIB3I_DQdma1hTfWsQBX5jDwZmaApUKWlosXIC
Request Chain 169
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4A4AB557-9471-4BF3-86E1-ABA918073541&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-eDL76LpE2uUPz1eGdJ1MDp_ppcWEBRQ-~A&gdpr=0&gdpr_consent=
Request Chain 171
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=cb59ad7b-d522-460e-85f4-9c981839403c&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d2066a35-9dea-49a6-978c-ff92eaeb5a99&gdpr=&gdpr_consent=&gdpr_pd=

182 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
helpdesk.rootsweb.com/
Redirect Chain
  • https://helpdesk.rootsweb.ancestry.com/
  • https://helpdesk.rootsweb.com/
14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://helpdesk.rootsweb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63b4149ada3e92ff26a2a91db0f52e43930a1c88d8c56dc4986dee823c45b372
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
helpdesk.rootsweb.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 28 Sep 2021 04:41:35 GMT
content-type
text/html; charset=utf-8
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
x-content-type-options
nosniff
x-xss-protection
1; mode=block
x-response-time
9.707222
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
set-cookie
__cf_bm=leHa_ZyPejjLrDbsiCpdJlvV95RkWSIbbQV42hG03oQ-1632804095-0-AcgCdt+35Tjj7+GOyd2fiyu+Vo0OTURyTJGx4qu5lBILjmUHGS3bSJCXjp/12ldFZfIQPjpDu/Og44LWsYT1E6U=; path=/; expires=Tue, 28-Sep-21 05:11:35 GMT; domain=.rootsweb.com; HttpOnly; Secure; SameSite=None
server
cloudflare
cf-ray
695a4cdb3f1b4a68-FRA
content-encoding
gzip

Redirect headers

date
Tue, 28 Sep 2021 04:41:35 GMT
content-length
0
location
https://helpdesk.rootsweb.com/
cache-control
max-age=300, must-revalidate
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
set-cookie
__cf_bm=Rplg.M0m6jGt16WfNf0_xv5DChMm4oqymcpfHqUY688-1632804095-0-AT4PvHS01SC/t0t6vyaJrJ/vofTldeEF4ykFHMQd/C9n/uRZNJHONUSRstim177Rk1mBtygm0sxss5w/qRzF2xg=; path=/; expires=Tue, 28-Sep-21 05:11:35 GMT; domain=.rootsweb.ancestry.com; HttpOnly; Secure; SameSite=None
server
cloudflare
cf-ray
695a4cd7bec24327-FRA
core.css
www.ancestrycdn.com/ui/1.6.4/css/ 		103 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ancestrycdn.com/ui/1.6.4/css/core.css
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.226.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-226-93.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
1f2d68f16a5426ee5e208e7a3bb18881cf77722f0c1311da72305603f3c453d0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:41:35 GMT
content-encoding
br
last-modified
Wed, 07 Oct 2020 17:05:54 GMT
server
Akamai Resource Optimizer
etag
"a9d383cd28c7f7639878a3d78fa67289:1561492121.201929"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
17399
expires
Wed, 28 Sep 2022 04:41:35 GMT
layout.css
www.ancestrycdn.com/aa-rw-home/2017/stylesheets/ 		3 KB
843 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ancestrycdn.com/aa-rw-home/2017/stylesheets/layout.css
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.226.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-226-93.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
7980569c490f4d3a42a21d1f3d8ff166d25baaf513e8d7fcbce756e75919bb69

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:41:35 GMT
content-encoding
br
last-modified
Fri, 27 Aug 2021 14:41:22 GMT
server
Akamai Resource Optimizer
etag
"34ba7bdc74a75c1bb3a5014826f69cab:1630012617.08973"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
597
expires
Wed, 28 Sep 2022 04:41:35 GMT
rwHome.css
www.ancestrycdn.com/aa-rw-home/2017/stylesheets/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ancestrycdn.com/aa-rw-home/2017/stylesheets/rwHome.css
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.226.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-226-93.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
058142ad991e52836f6d557c3d90b280b9a6ab39c2eaeb68b4a8876e802753c4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:41:35 GMT
content-encoding
br
last-modified
Fri, 27 Aug 2021 14:43:40 GMT
server
Akamai Resource Optimizer
etag
"428cbd4a949fe9544ff370da3279fa49:1630012616.954427"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
919
expires
Wed, 28 Sep 2022 04:41:35 GMT
jquery.min.js
www.ancestrycdn.com/ui-static/lib/jquery/1.11.1/ 		94 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ancestrycdn.com/ui-static/lib/jquery/1.11.1/jquery.min.js
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.226.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-226-93.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:41:35 GMT
content-encoding
br
last-modified
Mon, 29 Mar 2021 19:30:56 GMT
server
Akamai Resource Optimizer
etag
"8101d596b2b8fa35fe3a634ea342d7c3:1616097885.874898"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
29906
expires
Wed, 28 Sep 2022 04:41:35 GMT
o3.js
www.ancestrycdn.com/aa-rw-home/2017/scripts/ 		1 KB
761 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ancestrycdn.com/aa-rw-home/2017/scripts/o3.js
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.226.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-226-93.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
3213bb97e284f266249563d4b148e11a4f32f541a052d5f0c6e85fc73d7e191c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:41:35 GMT
content-encoding
br
last-modified
Thu, 26 Aug 2021 21:27:41 GMT
server
Akamai Resource Optimizer
etag
"cb071f8bbb0a2d0f1bd7c5abd44e734d:1630012616.951221"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
504
expires
Wed, 28 Sep 2022 04:41:35 GMT
header-f943f45a.min.css
www.ancestrycdn.com/shared-navigation/header/rootsweb/1.0/content/ 		235 B
389 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ancestrycdn.com/shared-navigation/header/rootsweb/1.0/content/header-f943f45a.min.css
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.226.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-226-93.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
18ddcdb24ef28edc630b9a8543b40580652c11b541930e4e7f457a0859e26920

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:41:35 GMT
content-encoding
br
last-modified
Wed, 28 Oct 2020 05:45:34 GMT
server
Akamai Resource Optimizer
etag
"a6172c82ef2e6147371c4cf05e0db291:1603862928.318216"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
143
expires
Wed, 28 Sep 2022 04:41:35 GMT
rw.gif
www.ancestrycdn.com/aa-rw-home/280/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ancestrycdn.com/aa-rw-home/280/images/rw.gif
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.226.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-226-93.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
88c28228952a3c582f5e4015146fccfa2a42c4a3f782a189cae6ea4520b7348f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:41:35 GMT
x-check-cacheable
YES
x-serial
515
etag
"72077a5bd21c4a82001cfca022959fca:1519162337.991097"
content-type
image/png
access-control-allow-origin
*
cache-control
private, no-transform, max-age=19491184
last-modified
Wed, 24 Jul 2019 18:52:21 GMT
x-akamai-ssl-client-sid
tpibHPU/MftbUjWokmkr5w==
timing-allow-origin
*
content-length
2601
server
Akamai Image Manager
expires
Wed, 11 May 2022 18:54:39 GMT
hosted.jpg
www.ancestrycdn.com/aa-rw-home/2017/images/rwHome/ 		118 KB
119 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ancestrycdn.com/aa-rw-home/2017/images/rwHome/hosted.jpg
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.226.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-226-93.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
9f60e19500513ab17705449e16e7cec14a0f266d207458dd2db5da4c4ae40a3c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:41:35 GMT
last-modified
Thu, 26 Aug 2021 21:21:39 GMT
server
Akamai Image Manager
etag
"60632ff52e9e036d880731b7d39382ea:1630012614.868791"
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=28744742
timing-allow-origin
*
content-length
121170
expires
Fri, 26 Aug 2022 21:20:37 GMT
message.jpg
www.ancestrycdn.com/aa-rw-home/2017/images/rwHome/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ancestrycdn.com/aa-rw-home/2017/images/rwHome/message.jpg
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.226.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-226-93.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
fca4c724009bbda9487719603948ffe2c8b1e3d1cf78261d7bf681ae79218065

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:41:35 GMT
last-modified
Thu, 26 Aug 2021 21:21:39 GMT
server
Akamai Image Manager
etag
"05460fbbe68d2d16c8e85b82643e8c99:1630012614.701225"
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=28744869
timing-allow-origin
*
content-length
26312
expires
Fri, 26 Aug 2022 21:22:44 GMT
core.js
www.ancestrycdn.com/ui/1.6.4/js/ 		73 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ancestrycdn.com/ui/1.6.4/js/core.js
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.226.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-226-93.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
3db9505c9ab48dcf077970bf455d5e724f5d039983d9e7a0814b52801a8ee361

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:41:35 GMT
content-encoding
br
last-modified
Tue, 14 Apr 2020 21:46:14 GMT
server
Akamai Resource Optimizer
etag
"7db2b70983f1a16cf7b97b4904364b41:1561492122.716207"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
17957
expires
Wed, 28 Sep 2022 04:41:35 GMT
banner.js
www.ancestrycdn.com/aa-rw-home/2017/scripts/ 		1 KB
736 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ancestrycdn.com/aa-rw-home/2017/scripts/banner.js
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.226.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-226-93.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
fb59c0f637a2c45cd8f4d777da358c765fd47e6c277d2dadee850f9c3870b22c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:41:35 GMT
content-encoding
br
last-modified
Fri, 27 Aug 2021 14:41:28 GMT
server
Akamai Resource Optimizer
etag
"b70bbad3da2bbee3ca33b2c7b14ea21a:1630012616.949777"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
479
expires
Wed, 28 Sep 2022 04:41:35 GMT
header-c95fc179.js
www.ancestrycdn.com/shared-navigation/header/rootsweb/1.0/content/ 		35 B
295 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ancestrycdn.com/shared-navigation/header/rootsweb/1.0/content/header-c95fc179.js
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.226.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-226-93.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
2ef11050f150e7e242a38fa3111f688f59c1dc8d6104ba0d5f6f811e891a028c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:41:35 GMT
content-encoding
br
last-modified
Sat, 10 Oct 2020 22:05:06 GMT
server
Akamai Resource Optimizer
etag
"c95fc179fe88d6b76860ca33d56395db:1602161615.66888"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
39
expires
Wed, 28 Sep 2022 04:41:35 GMT
adb.5781260.min.js
prod.adspsp.com/ 		292 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod.adspsp.com/adb.5781260.min.js
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-113.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5ebfda037beb490e6ab60a07fe13fc65c80cc01c0c7963b5d9e1f8404c5b8305

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 27 Sep 2021 15:02:45 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Sep 2021 15:01:20 GMT
Server
AmazonS3
Age
49175
ETag
W/"73cd121b8c5fbcaadfd52c23de4511e9"
Vary
Accept-Encoding
X-Edge-Origin-Shield-Skipped
0
Content-Type
application/javascript
Via
1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
m0PSlwf4sf60P10HJSnyWGi1SDv7takC3bMyPxwhI_C0sR7zScLiyw==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		73 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
d27770755c02f7a7567179dd1e9bbbc316a189b3ba57aed5932c6a4cf37f6278
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:41:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1000 / 51 of 1000 / last-modified: 1632780739"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24855
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 28 Sep 2021 04:41:35 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		133 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
975b62423e82390a1b54f47625f46f5b4451a8ea69945b2e85008a194bb55edd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
8N42zakBwOFy.ZF9LMqjmgZs3f2_X5lT
content-encoding
gzip
etag
3900a2c2d757386fb762bfd86288f882
age
565
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
server
Server
x-amz-rid
0M9QBSAM6FGBZ56FBKDD
date
Tue, 28 Sep 2021 04:32:11 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
QUTYu-ZeolKV17GIFFy4C3HRaAPDWe_FcYtLBzw-DAKUXCWViT0K9Q==
1fc9ab3f-5e87-46ab-bae6-38ff786a9ee3.js
d3lcz8vpax4lo2.cloudfront.net/ads-code/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/ads-code/1fc9ab3f-5e87-46ab-bae6-38ff786a9ee3.js
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.139 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-139.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bf04f1bb313d5c0d23cb106d2fe2f1b0bad2e317c56df482cf5b8b1c141f6ddc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
JdDJ5A8WAvRryEySPBzk5zcIQXrpmpnb
content-encoding
gzip
last-modified
Mon, 27 Sep 2021 19:37:27 GMT
server
AmazonS3
x-edge-origin-shield-skipped
0
etag
W/"5ebe6a828e08a41d4da214b214a42016"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
cache-control
max-age=60
date
Tue, 28 Sep 2021 04:41:37 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
0mlRME1oKLuQcDd6_vUTJxFj9tKfBDqOlohR3MSyovMxRld3vEG7XQ==
rw_bk.gif
www.ancestrycdn.com/aa-rw-home/2017/images/ 		88 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ancestrycdn.com/aa-rw-home/2017/images/rw_bk.gif
Requested by
Host: www.ancestrycdn.com
URL: https://www.ancestrycdn.com/aa-rw-home/2017/stylesheets/layout.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.226.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-226-93.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
b07ee248cf027745b1bf6e0e4c13e6404db9f6f64adeb54011878b26fc6744ae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ancestrycdn.com/aa-rw-home/2017/stylesheets/layout.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:41:35 GMT
x-check-cacheable
YES
x-serial
1889
etag
"cb318b2897e571ede19fbb1f511580c6:1630012612.866104"
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=28745139
last-modified
Thu, 26 Aug 2021 21:27:55 GMT
timing-allow-origin
*
content-length
88
server
Akamai Image Manager
expires
Fri, 26 Aug 2022 21:27:14 GMT
rw_actv.gif
www.ancestrycdn.com/rootsweb/201/hdr/ 		112 B
415 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ancestrycdn.com/rootsweb/201/hdr/rw_actv.gif
Requested by
Host: www.ancestrycdn.com
URL: https://www.ancestrycdn.com/shared-navigation/header/rootsweb/1.0/content/header-f943f45a.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.226.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-226-93.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
183ad2faae0222513f01b2c79661b655ba58c849d17261d9806a8a5988169f6c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ancestrycdn.com/shared-navigation/header/rootsweb/1.0/content/header-f943f45a.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:41:35 GMT
x-check-cacheable
YES
x-serial
1939
etag
"9e42faf151bd27b39f182df6682a7aed:1491864916.157111"
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=19491217
last-modified
Wed, 24 Jul 2019 18:52:39 GMT
x-akamai-ssl-client-sid
5YpU78Lz8Nngw+Hmn4cbrw==
timing-allow-origin
*
content-length
112
server
Akamai Image Manager
expires
Wed, 11 May 2022 18:55:12 GMT
worldconnect.png
www.ancestrycdn.com/aa-rw-home/2017/images/rwHome/ 		123 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ancestrycdn.com/aa-rw-home/2017/images/rwHome/worldconnect.png
Requested by
Host: www.ancestrycdn.com
URL: https://www.ancestrycdn.com/aa-rw-home/2017/stylesheets/rwHome.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.226.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-226-93.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
f87ba2d94c81d62472bac27150f1200ca3bd575f26591191c4a0aa718bd0e282

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ancestrycdn.com/aa-rw-home/2017/stylesheets/rwHome.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:41:35 GMT
last-modified
Thu, 26 Aug 2021 21:21:40 GMT
server
Akamai Image Manager
etag
"211b9284689f3c0ec40fe173d907d57c:1630012614.379527"
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=28744715
timing-allow-origin
*
content-length
126334
expires
Fri, 26 Aug 2022 21:20:10 GMT
wiki-image.jpg
www.ancestrycdn.com/aa-rw-home/2017/images/rwHome/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ancestrycdn.com/aa-rw-home/2017/images/rwHome/wiki-image.jpg
Requested by
Host: www.ancestrycdn.com
URL: https://www.ancestrycdn.com/aa-rw-home/2017/stylesheets/rwHome.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.226.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-226-93.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
b86e59e58208eb497bb565fa5649c53b6809220b2af037ceb97e59e18f82032a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ancestrycdn.com/aa-rw-home/2017/stylesheets/rwHome.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:41:35 GMT
last-modified
Thu, 26 Aug 2021 21:21:39 GMT
server
Akamai Image Manager
etag
"021fde3208ea894a15fd364febf27e75:1630012613.569998"
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=28744762
timing-allow-origin
*
content-length
33632
expires
Fri, 26 Aug 2022 21:20:57 GMT
source-sans-pro-light.woff2
www.ancestrycdn.com/ui-static/font/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.ancestrycdn.com/ui-static/font/source-sans-pro-light.woff2
Requested by
Host: www.ancestrycdn.com
URL: https://www.ancestrycdn.com/ui/1.6.4/css/core.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.226.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-226-93.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
7a77e60b17cfcabc04ef30c432d32aa878577843250c7697607c6604f80953a9

Request headers

Referer
https://www.ancestrycdn.com/ui/1.6.4/css/core.css
Origin
https://helpdesk.rootsweb.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:41:35 GMT
last-modified
Fri, 17 Jan 2020 22:49:25 GMT
server
AkamaiNetStorage
etag
"ea00729a7015a092fbe5b325f0c8d7cc:1579301365.858381"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
21028
expires
Wed, 28 Sep 2022 04:41:35 GMT
source-sans-pro-bold.woff2
www.ancestrycdn.com/ui-static/font/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.ancestrycdn.com/ui-static/font/source-sans-pro-bold.woff2
Requested by
Host: www.ancestrycdn.com
URL: https://www.ancestrycdn.com/ui/1.6.4/css/core.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.226.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-226-93.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
85b3580813fa8eb2c6c64f0690f1104f9e14fdd3b34d6916b69617955047369a

Request headers

Referer
https://www.ancestrycdn.com/ui/1.6.4/css/core.css
Origin
https://helpdesk.rootsweb.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:41:35 GMT
last-modified
Thu, 18 Mar 2021 20:02:37 GMT
server
AkamaiNetStorage
etag
"ef6add382d16b06fa4fc213a4b1c4827:1616097757.60685"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
20572
expires
Wed, 28 Sep 2022 04:41:35 GMT
source-sans-pro.woff2
www.ancestrycdn.com/ui-static/font/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.ancestrycdn.com/ui-static/font/source-sans-pro.woff2
Requested by
Host: www.ancestrycdn.com
URL: https://www.ancestrycdn.com/ui/1.6.4/css/core.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.226.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-226-93.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
1bd15eebfb666408e7db84da51d38b002142e3ab5d1fd4f6c8567f04ef753958

Request headers

Referer
https://www.ancestrycdn.com/ui/1.6.4/css/core.css
Origin
https://helpdesk.rootsweb.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:41:35 GMT
last-modified
Fri, 17 Jan 2020 22:49:27 GMT
server
AkamaiNetStorage
etag
"c8574dc422f2c20d621ceba1c252bca6:1579301367.428391"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
21044
expires
Wed, 28 Sep 2022 04:41:35 GMT
utag.js
tags.tiqcdn.com/utag/ancestry/rootsweb/prod/ 		206 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/ancestry/rootsweb/prod/utag.js
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2b3dd53e971b7924e18c11d3a017129ee1a3199d92517afa60fb8eb85e960ef0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:41:36 GMT
content-encoding
gzip
last-modified
Wed, 08 Sep 2021 16:41:52 GMT
server
AkamaiNetStorage
etag
"15560731cf548d3b2026c9c6519738c0:1631119312.141699"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
expires
Tue, 28 Sep 2021 04:46:36 GMT
/
geo.adspsp.com/ 		4 B
238 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geo.adspsp.com/
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-126.fra50.r.cloudfront.net
Software
/
Resource Hash
33c501b6204f96055ccb9ac459dc3480919bba2eb27c02f11dc2778b5d62d7b3

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Tue, 28 Sep 2021 04:41:36 GMT
via
1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
content-length
4
x-amz-cf-id
6s4dzgs6Etm75QnQahViVQLhBMEBv_KbP9yb8BBbiSuNH4mXBiglfw==
x-cache
Miss from cloudfront
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:24 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
6853
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Tue, 07 Sep 2021 22:15:56 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
S8kNCKkikutwvs4V44q0sFuZ4JNc9Ate
via
1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
DBpKExN2TYDk75VIOsmaD0fsRNDzKzAVzS4869qY81gFv0ERCRk96A==
pubads_impl_2021092702.js
securepubads.g.doubleclick.net/gpt/ 		334 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092702.js?31062914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
245f3246e232f71eb09c95d10f718bbf5b4c59e5d02e4dcac21be0e0d10712d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:41:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119122
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 20:49:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 28 Sep 2021 04:41:36 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		134 B
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=helpdesk.rootsweb.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
09a5cf78f70c2e4dc3ce16317d3c787806fed4de4ad067015224d21edaca9d05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 28 Sep 2021 04:41:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
108
x-xss-protection
0
expires
Tue, 28 Sep 2021 04:41:36 GMT
/
adspsp.com/pt/5781260/19/1/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adspsp.com/pt/5781260/19/1/?a=2,aX0,Q7z8npXvtz&aa=&b=&e=&c=https%3A%2F%2Fhelpdesk.rootsweb.com%2F&d=&f=1.ku3leem9.2T12z&g=2T16e&u=5ecf496b:ktss0asu:26r&v=18g.xc.0.15z&m=z&i1=G&rnd=1632804096119
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.210.198.65 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-210-198-65.us-west-2.compute.amazonaws.com
Software
linux /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Server
linux
Connection
keep-alive
Content-Length
0
Content-Type
image/png
4f695dd7-eba6-4797-9b21-f41a4a3abf1a.js
d3lcz8vpax4lo2.cloudfront.net/header-tags/1fc9ab3f-5e87-46ab-bae6-38ff786a9ee3/ 		332 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/header-tags/1fc9ab3f-5e87-46ab-bae6-38ff786a9ee3/4f695dd7-eba6-4797-9b21-f41a4a3abf1a.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/1fc9ab3f-5e87-46ab-bae6-38ff786a9ee3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.139 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-139.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0d239500d61e95ca8799eaa2ec23276fe4cc9940bbbb1a723a47766d43c85edf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
HCxG0XJt0HDTZFkoRmGyoaouE65pKWXR
content-encoding
gzip
last-modified
Mon, 27 Sep 2021 19:37:27 GMT
server
AmazonS3
x-edge-origin-shield-skipped
0
etag
W/"5270210841a75815062588ae11edce9f"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
cache-control
max-age=60
date
Tue, 28 Sep 2021 04:41:37 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
Pld9IDlMT0edLSaTaNtAgMU0kIPiFdPgsPTUljRhW4qI76SkuO_vQA==
00000000-0000-0000-0000-000000000000
api.lytics.io/api/me/6578caa0cdaa8dfcd95d5e6d3de12cc8/ucdmid/ 		76 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.lytics.io/api/me/6578caa0cdaa8dfcd95d5e6d3de12cc8/ucdmid/00000000-0000-0000-0000-000000000000?fields=behavior_is_current_subscriber&segments=true
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ancestry/rootsweb/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.11.84 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
84.11.190.35.bc.googleusercontent.com
Software
lytics.io 3c4656f0b4d14fbdcc4f6c867abcde48a8b9cd7f /
Resource Hash
674d1ff7419bdf7f1dafd4a41db01a4feb1d802122213ecc456dd43f72791984
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=63072000;
content-encoding
gzip
server
lytics.io 3c4656f0b4d14fbdcc4f6c867abcde48a8b9cd7f
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, *
date
Tue, 28 Sep 2021 04:41:36 GMT
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
https://helpdesk.rootsweb.com
alt-svc
clear
content-length
95
via
1.1 google
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=ED3301AC512D2A290A490D4C%40AdobeOrg&d_nsid=0&ts=1632804096365
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=ED3301AC512D2A290A490D4C%40AdobeOrg&d_nsid=0&ts=1632804096365
372 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=ED3301AC512D2A290A490D4C%40AdobeOrg&d_nsid=0&ts=1632804096365
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.91.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-91-113.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
080f5680666e824d82a2a828da3149a8a7630fa140aeb05ec8de75be6207a062
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v018-0b83a4bce.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
FX+mxDl7R2o=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://helpdesk.rootsweb.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
313
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v018-0807da26f.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Origin
https://helpdesk.rootsweb.com
X-TID
djRQuhYXSSk=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=ED3301AC512D2A290A490D4C%40AdobeOrg&d_nsid=0&ts=1632804096365
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
utag.107.js
tags.tiqcdn.com/utag/ancestry/rootsweb/prod/ 		54 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/ancestry/rootsweb/prod/utag.107.js?utv=ut4.46.202102022145
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ancestry/rootsweb/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
6e9a2faa245518a10391c2eaba8a2a2496efac39f21794a4d381f02ef8bcee03

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:41:36 GMT
content-encoding
gzip
last-modified
Mon, 23 Nov 2020 19:41:39 GMT
server
AkamaiNetStorage
etag
"ae6f626844a5d32f045d5d129b482e7a:1606160499.319867"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
18980
expires
Wed, 13 Oct 2021 04:41:36 GMT
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
202 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=ancestry/rootsweb/202109081641&cb=1632804096388
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ancestry/rootsweb/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:41:36 GMT
last-modified
Thu, 14 Apr 2016 16:57:51 GMT
server
AkamaiNetStorage
etag
"7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type
application/x-javascript
cache-control
max-age=600
accept-ranges
bytes
content-length
2
expires
Tue, 28 Sep 2021 04:51:36 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		57 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3348&u=https%3A%2F%2Fhelpdesk.rootsweb.com%2F
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
8ea9df9aa296a2eac3fe1a8b6972fecea49c7295f723cf9c93356ff9301a09ec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:23 GMT
via
1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront)
server
Server
age
6853
x-edge-origin-shield-skipped
0
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://helpdesk.rootsweb.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
content-length
57
x-amz-cf-id
P1lCKkRhbtHddw-jAojngwofTgvaF-vPEW6pJw0KkkifHuK-7_qnRw==
bid
c.amazon-adsystem.com/e/dtb/ 		64 B
538 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3348&u=https%3A%2F%2Fhelpdesk.rootsweb.com%2F&pid=N7r37HyQdWSsh&cb=0&ws=1600x1200&v=7.69.01&t=3000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%22c8bf6fa2-652a-4dd4-868f-b66bbfaf81a6%22%5D%7D%2C%22sn%22%3A%22RW_728x90_btf%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%22c8bf6fa2-652a-4dd4-868f-b66bbfaf81a6%22%5D%7D%2C%22sn%22%3A%22RW_728x90%22%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:41:36 GMT
via
1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA50-C1
x-amz-rid
SC6A1EGZ83WPX95MQAFZ
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://helpdesk.rootsweb.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
64
x-amz-cf-id
IVWAqZ3LeHItQOYRbI7ztOzgqJx7DSMtwyIfEKJorQF4sSuVj5n_NA==
dest5.html
ancestry-mcsp.demdex.net/ Frame E7B3 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ancestry-mcsp.demdex.net/dest5.html?d_nsid=0
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ancestry/rootsweb/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.200.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-200-197.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Host
ancestry-mcsp.demdex.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://helpdesk.rootsweb.com/
Accept-Encoding
gzip, deflate, br
Cookie
demdex=02093714792959358090183183452679258279
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
Content-Type
text/html;charset=UTF-8
date
Tue, 28 Sep 2021 04:41:36 GMT
DCS
dcs-prod-irl1-2-v018-0d91241d3.edge-irl1.demdex.com UNKNOWN
Expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Thu, 23 Sep 2021 12:13:53 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
vary
accept-encoding
X-TID
u6Fu5twJT2c=
Content-Length
2791
Connection
keep-alive
id
ancestry.sc.omtrdc.net/ 		2 B
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ancestry.sc.omtrdc.net/id?d_visid_ver=5.0.1&d_fieldgroup=A&mcorgid=ED3301AC512D2A290A490D4C%40AdobeOrg&mid=01973987032760998160202757857030966542&ts=1632804096536
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ancestry/rootsweb/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 28 Sep 2021 04:41:36 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-567564d5d5-krs5b
vary
Origin
x-c
main-1531.I2ae8be.M0-520
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://helpdesk.rootsweb.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-type
application/x-javascript;charset=utf-8
content-length
2
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=YVKdAAAAALCmtQQE
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=02093714792959358090183183452679258279
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YVKdAAAAALCmtQQE
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YVKdAAAAALCmtQQE
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.91.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-91-113.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v018-021a923f7.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
T+qN5Mp/S54=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YVKdAAAAALCmtQQE
Date
Tue, 28 Sep 2021 04:41:36 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
/
adspsp.com/pt/5781260/1/2/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adspsp.com/pt/5781260/1/2/?a=2,a2ku3leg07xRVxwBLOJ7,Q7z8npXvtz&aa=00tCRyuTh.gN.u11---&b=1//2-19^k8`2i.8w`1e:2@1957888^k8`2i,3@RW_728x90_bottom^k8`2i,4@543537162^k8`2i,4@543537163^k8`2i,5@20491671^k8`2i,9@829344^k8`2i,10@588745^k8`2i,16@108636^k8`2i,18@rootsweb_adhesion_728x90^k8`2i,115@rootsweb_dt_728x90_btf^k8`2i,116@817150925^k8`2i,154@dtylsEbQir7lnyaKjGFx_2^k8`2i_18^k8`2i:2@1957912^k8`2i,3@RW_728x90^k8`2i,4@543880349^k8`2i,5@20956780^k8`2i,9@623383^k8`2i,10@203712^k8`2i,16@108636^k8`2i,18@rootsweb_docking_728x90^k8`2i,115@rootsweb_dt_728x90_atf^k8`2i,116@212208145^k8`2i,154@doDfPobQir7lnyaKjGFx_2^k8`2i&bu=U25aaf6f386a81e,bottomSlotAdhesion,%2F4802%2Ftgn.rootsweb.com%2FRW_728x90_btf&bu=U3ff9725bd850a4,topSlot,%2F4802%2Ftgn.rootsweb.com%2FRW_728x90&e=&c=https%3A%2F%2Fhelpdesk.rootsweb.com%2F&d=&f=1.ku3leem9.2T12z&g=2T1i8&u=5ecf496b:ktss0asu:26r&v=18g.xc.0.1aw&m=z&i1=G&rnd=1632804096544
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.210.198.65 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-210-198-65.us-west-2.compute.amazonaws.com
Software
linux /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Server
linux
Connection
keep-alive
Content-Length
0
Content-Type
image/png
hb
ssc.33across.com/api/v1/ 		68 B
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=dtylsEbQir7lnyaKjGFx_2
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
e619d1fec4df57c5253b8d9df9429eaaa442bb8d2ddb9d831cd22093401b1e7c

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Sep 2021 04:41:36 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://helpdesk.rootsweb.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
hb
ssc.33across.com/api/v1/ 		68 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=doDfPobQir7lnyaKjGFx_2
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
3b2b2152d0532b0050dc8052f6f00c10e85f045e4661631a8211e01774bd6665

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Sep 2021 04:41:36 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://helpdesk.rootsweb.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
prebid
prebid.media.net/rtb/ 		1 KB
772 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU12G3DV
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
03fc6b29a26ab6955fd5364fa079345027b4dbf6fd9e9a06684dec4991120e37

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 04:41:36 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://helpdesk.rootsweb.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691ed017373ba9c3abb936d3a0113&pos=rootsweb_dt_728x90_btf&cmd=bid&secure=1&us_privacy=1---
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
f92778c756d7a0fe2a1906d7c0009896d8feb05d2bc765af127ed06ba3a7b17e

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 28 Sep 2021 04:41:36 GMT
Server
ATS/7.1.2.138
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://helpdesk.rootsweb.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691ed017373ba9c3abb936d3a0113&pos=rootsweb_dt_728x90_atf&cmd=bid&secure=1&us_privacy=1---
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
63e94979425caef6720afec317bd004567c3438a0dbc73adcb2c7fdd1a057739

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 28 Sep 2021 04:41:36 GMT
Server
ATS/7.1.2.138
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://helpdesk.rootsweb.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
auction
tlx.3lift.com/header/ 		19 B
268 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=5.14.0-pre&referrer=https%3A%2F%2Fhelpdesk.rootsweb.com%2F&tmax=3000&gdpr=false&us_privacy=1---
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.231.241 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-231-241.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 04:41:36 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://helpdesk.rootsweb.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cygnus
htlb.casalemedia.com/ 		26 B
379 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=588745&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22R382c1890b4748cf%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fhelpdesk.rootsweb.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A1%2C%22msi%22%3A1%2C%22mfu%22%3A0%2C%22bu%22%3A2%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A2%2C%22ren%22%3Afalse%2C%22version%22%3A%225.14.0-pre%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22BR1310beb7d2ab5c8%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A588745%2C%22sid%22%3A%22728x90%22%2C%22fl%22%3A%22x%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A588745%2C%22sid%22%3A%22320x50%22%2C%22fl%22%3A%22x%22%7D%7D%5D%7D%2C%22bidfloor%22%3A0.04%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22BR27ade3e33fb10bc%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A203712%2C%22sid%22%3A%22728x90%22%2C%22fl%22%3A%22x%22%7D%7D%5D%7D%2C%22bidfloor%22%3A0.04%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%2C%22us_privacy%22%3A%221---%22%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
162cdbdc9fce4a989a8e89c266902f242ca3a512aa771baee16d49187f9019a4

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 04:41:36 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[216.131.114.157], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://helpdesk.rootsweb.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
46
x-ak-client-geo
12
expires
Tue, 28 Sep 2021 04:41:36 GMT
bid
ap.lijit.com/rtb/ 		79 B
741 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_5.14.0-pre
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
7768376c839333815bd4ef35cc6d9f20f08f32f0d86cad1b8d7d61fd47493cac

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 28 Sep 2021 04:41:36 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://helpdesk.rootsweb.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
91
arj
ancestry-d.openx.net/w/1.0/ 		190 B
577 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ancestry-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fhelpdesk.rootsweb.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=b562e48a-933c-402a-8697-bd54f9464d75%2Cb562e48a-933c-402a-8697-bd54f9464d75%2C9b79ecfa-baa2-4b3f-a78b-66c36041655c&nocache=1632804096557&gdpr_consent=&gdpr=0&us_privacy=1---&pubcid=c8bf6fa2-652a-4dd4-868f-b66bbfaf81a6&aus=728x90%2C320x50%7C728x90%2C320x50%7C728x90&divids=bottomSlotAdhesion%2CbottomSlotAdhesion%2CtopSlot&aucs=%2C%2C&auid=543537162%2C543537163%2C543880349&aumfs=40%2C40%2C40
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.216.3 /
Resource Hash
514a436ce59832f4b759f9284ec4b8940872b4cf5614319138060f06bb96b6fc

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 04:41:36 GMT
content-encoding
gzip
server
OXGW/16.216.3
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://helpdesk.rootsweb.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
176
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
120 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://helpdesk.rootsweb.com
date
Tue, 28 Sep 2021 04:41:36 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14544&site_id=128980&zone_id=1957888&size_id=2&alt_size_ids=43&p_pos=atf&gdpr=0&us_privacy=1---&eid_pubcid.org=c8bf6fa2-652a-4dd4-868f-b66bbfaf81a6%5E1&rf=https%3A%2F%2Fhelpdesk.rootsweb.com%2F&tk_flint=pbjs_lite_v5.14.0-pre&x_source.tid=b562e48a-933c-402a-8697-bd54f9464d75&p_screen_res=1600x1200&rp_floor=0.05&rp_secure=1&rp_maxbids=1&slots=1&rand=0.17754706764338257
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
f8327c4bb0232dfbfb0378ed5ed8a02d6b9cb645c8617021aa8e0f00634d1b91

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 28 Sep 2021 04:41:36 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://helpdesk.rootsweb.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
4284
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14544&site_id=128980&zone_id=1957912&size_id=2&p_pos=atf&gdpr=0&us_privacy=1---&eid_pubcid.org=c8bf6fa2-652a-4dd4-868f-b66bbfaf81a6%5E1&rf=https%3A%2F%2Fhelpdesk.rootsweb.com%2F&tk_flint=pbjs_lite_v5.14.0-pre&x_source.tid=9b79ecfa-baa2-4b3f-a78b-66c36041655c&p_screen_res=1600x1200&rp_floor=0.05&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7973757890250708
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
a35e5139ac1fcf753ff318aca6ce0600ecee03c9560a17ac5334ed4c3d479d70

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 28 Sep 2021 04:41:36 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://helpdesk.rootsweb.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
4460
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		262 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
2d6babbecbd9a0ea851a8b3a4ffea44e5a030a555d538bf455206ba539a3a567
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 28 Sep 2021 04:41:36 GMT
X-Proxy-Origin
216.131.114.157; 216.131.114.157; 400.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
4d72cb4e-403e-4e70-be2e-994cb2eb6288
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://helpdesk.rootsweb.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
262
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		304 B
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.207.16.210 Roydon, United Kingdom, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
f45bbc52e612abc175d6f809a8f683355dee53258dfbb895c5b76767061e0acc

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 04:41:36 GMT
server
nginx
content-type
application/json
access-control-allow-origin
https://helpdesk.rootsweb.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
304
expires
0
s54125894825935
smetrics.ancestry.com/b/ss/ancestry-global/1/JS-2.20.0/ 		43 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smetrics.ancestry.com/b/ss/ancestry-global/1/JS-2.20.0/s54125894825935?AQB=1&ndh=1&pf=1&t=28%2F8%2F2021%204%3A41%3A36%202%200&sdid=2A75245FE335520A-09250ABD994208C5&mid=01973987032760998160202757857030966542&aamlh=6&ce=UTF-8&ns=ancestry&pageName=ancestry%20rootsweb%20%3A%20home%20%3A%20home&g=https%3A%2F%2Fhelpdesk.rootsweb.com%2F&cc=USD&ch=rootsweb&server=rootsweb.com&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c11=00000000-0000-0000-0000-000000000000&v12=rootsweb&v13=us&v14=rootsweb&c23=nrvisitor&v23=nrvisitor&c24=not%20win%20back&c35=non%20dna%20user&v35=non%20dna%20user&v41=ancestry%20rootsweb%20%3A%20home%20%3A%20home&c42=ancestry%20rootsweb%20%3A%20home&v42=ancestry%20rootsweb%20%3A%20home&c43=ancestry%20rootsweb%20%3A%20home%20%3A%20home&v43=ancestry%20rootsweb%20%3A%20home%20%3A%20home&c44=202109280441&v44=202109280441&c45=helpdesk.rootsweb.com%2F&v45=helpdesk.rootsweb.com%2F&c49=09%2F27%2F2021%2021%3A41%3A36&v49=09%2F27%2F2021%2021%3A41%3A36&c50=ancestry%20rootsweb%20%3A%20home%20%3A%20home&v65=00000000-0000-0000-0000-000000000000&c68=helpdesk.rootsweb.com&c73=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F93.0.4577.63%20Safari%2F537.36&v98=interactive%3C1.00s&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=ED3301AC512D2A290A490D4C%40AdobeOrg&AQE=1
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:41:36 GMT
x-content-type-options
nosniff
x-c
main-1531.I2ae8be.M0-520
p3p
CP="This is not a P3P policy"
vary
*
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Wed, 29 Sep 2021 04:41:36 GMT
server
jag
xserver
anedge-567564d5d5-hknnr
etag
3506420097140621312-4619793568247842519
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Mon, 27 Sep 2021 04:41:36 GMT
/
geoip.insticator.com/json/ 		243 B
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.insticator.com/json/
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/1fc9ab3f-5e87-46ab-bae6-38ff786a9ee3/4f695dd7-eba6-4797-9b21-f41a4a3abf1a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.233.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-233-191.compute-1.amazonaws.com
Software
/
Resource Hash
b61b713b624738d5a0427a7f89ecfdebc61588668c6357d3e5f7bdefd72c5518

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
https://helpdesk.rootsweb.com
date
Tue, 28 Sep 2021 04:41:37 GMT
access-control-allow-credentials
true
x-database-date
Mon, 27 Sep 2021 22:14:41 GMT
content-length
243
vary
Origin
content-type
application/json
usertracking
b2c.insticator.com/v3/pages/ Frame F121 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://b2c.insticator.com/v3/pages/usertracking
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/1fc9ab3f-5e87-46ab-bae6-38ff786a9ee3/4f695dd7-eba6-4797-9b21-f41a4a3abf1a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.85.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-85-106.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

:method
GET
:authority
b2c.insticator.com
:scheme
https
:path
/v3/pages/usertracking
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://helpdesk.rootsweb.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/

Response headers

date
Tue, 28 Sep 2021 04:41:37 GMT
content-type
text/html; charset=UTF-8
content-length
2821
etag
fa79a595-f734-4292-a310-6887ba49ece3
vary
Accept-Encoding,Origin
pragma
max-age=3600
cache-control
max-age=3600
content-encoding
gzip
pwt.js
ads.pubmatic.com/AdServer/js/pwt/95054/2912/ 		262 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/1fc9ab3f-5e87-46ab-bae6-38ff786a9ee3/4f695dd7-eba6-4797-9b21-f41a4a3abf1a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
108651ebf54555a00f52a70b7cf29b3465c7151214b0467738de3acb4f68ed71

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:41:36 GMT
content-encoding
gzip
last-modified
Fri, 06 Aug 2021 14:57:25 GMT
server
Apache/2.2.15 (CentOS)
etag
"1121321-4174a-5c8e540e34178"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=139305
accept-ranges
bytes
content-type
text/javascript
content-length
82482
expires
Wed, 29 Sep 2021 19:23:21 GMT
config.js
confiant-integrations.global.ssl.fastly.net/3g2pC722FKMzXRLuYXZT6L7Ud9Y/gpt_and_prebid/ 		65 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/3g2pC722FKMzXRLuYXZT6L7Ud9Y/gpt_and_prebid/config.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/1fc9ab3f-5e87-46ab-bae6-38ff786a9ee3/4f695dd7-eba6-4797-9b21-f41a4a3abf1a.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0f6513b97722b006dc971d9e1da127a9e858aef68def3811c7d671b6b9405422

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 28 Sep 2021 04:41:36 GMT
Content-Encoding
gzip
Age
4
X-Cache
HIT
Connection
keep-alive
Content-Length
15822
x-amz-id-2
QmTFK3dvw85tycb7GpTLwlQ1STbCeS+fuji6BQdbRg6zYjikmpXHiZtxkw88RF4aZXFY0vAabWs=
X-Served-By
cache-hhn4047-HHN
Last-Modified
Tue, 28 Sep 2021 04:21:47 GMT
Server
AmazonS3
X-Timer
S1632804097.812594,VS0,VE1
ETag
"d4a4b1732e9547ee8febf7942377b42b"
x-amz-request-id
MMD6MPRM9Q8106EX
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
1
tag.min.js
get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/tag.min.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/1fc9ab3f-5e87-46ab-bae6-38ff786a9ee3/4f695dd7-eba6-4797-9b21-f41a4a3abf1a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-60.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
83af3eed9bc9713193f2ad86f6214e2554ec29f8022e054dcf696a10d59ff9d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
aT8uF5QDZCsxz_FuCjV0EGzNRrUyg9DX
content-encoding
gzip
last-modified
Thu, 17 Jun 2021 18:02:42 GMT
server
AmazonS3
age
52178
etag
W/"51ed6db266476896c6fe9a06992898e2"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
text/javascript
via
1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Mon, 27 Sep 2021 14:11:59 GMT
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
ncCnJlR176oTHe15L1OMJnhk7T0cNsjyDUlZFohXKlBUKSaNRQ9-XA==
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=helpdesk.rootsweb.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092702.js?31062914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 28 Sep 2021 04:41:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		35 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2649765970415933&correlator=1628183375605422&output=ldjh&impl=fifs&eid=31062863%2C31062914%2C44748553&vrg=2021092702&ptt=17&sc=1&sfv=1-0-38&ecs=20210928&iu_parts=4802%2Ctgn.rootsweb.com%2CRW_728x90_btf%2CRW_728x90&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3&prev_iu_szs=728x90%2C728x90&fsbs=1%2C1&prev_scp=amznbid%3D2%26amznp%3D2%26adb_bdr%3Drubicon%26adb_hbc%3D0.25-0.29%26adb_adid%3D19.B5639a8feeb23369%26adb_imp%3D1%26excl_cat%3DExclude_Any_AdBridg_Bid%7Camznbid%3D2%26amznp%3D2%26adb_bdr%3Drubicon%26adb_hbc%3D0.25-0.29%26adb_adid%3D18.B670344fcae85eb9%26adb_imp%3D1%26excl_cat%3DExclude_Any_AdBridg_Bid&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1632804096&dt=1632804096808&dlt=1632804095762&idt=351&frm=20&biw=1600&bih=1200&oid=3&adxs=436%2C436&adys=1110%2C118&adks=1452699761%2C2995897494&ucis=1%7C2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fhelpdesk.rootsweb.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1%7C1600x90&msz=1600x-1%7C728x-1&ga_vid=1861062585.1632804097&ga_sid=1632804097&ga_hid=943369772&ga_fc=false&fws=516%2C4&ohw=1600%2C1600&btvi=0%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092702.js?31062914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
97aff7589fd8ea19474748b67868bdbee39ba40f0a4137568b03d250edfd9d35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:41:37 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10185
x-xss-protection
0
google-lineitem-id
5357660526,5357660526
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
56659282188,29172648588
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://helpdesk.rootsweb.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
d4827d1996b024bc62e872a8f858bac7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4C26 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://d4827d1996b024bc62e872a8f858bac7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092702.js?31062914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
d4827d1996b024bc62e872a8f858bac7.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://helpdesk.rootsweb.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 28 Sep 2021 04:41:36 GMT
expires
Wed, 28 Sep 2022 04:41:36 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
adspsp.com/pt/5781260/11/3/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adspsp.com/pt/5781260/11/3/?a=2,a2ku3leg07xRVxwBLOJ7,Q7z8npXvtz&aa=00tCRyuTh.gN.u11---&b=0,1,2,3,4,5:6,7,1,2U,8,4Q,1,1,0,9,,0.25,2a.4b.1c,0.31,0.05:d,e,,47:f,g,,2m:f,h,,2m:i,j,,2u:k,l,,2o:m,n,,39:o,p,,2X:q,r,,2g:s,t,,4b:u,v,,1u:w,x,,2Y&b=0,1,q,y,z,A:6,B,1,4c,8,4Q,1,1,0,9,,0.25,2a.4b.1c,0.31,0.05:d,C,,47:f,D,,2m:i,E,,2u:k,F,,2p:m,G,,3a:o,p,,2X:q,H,,2g:s,I,,4b:u,J,,1v:w,K,,2Y&bi=1,A2050af539e071dc,19,U25aaf6f386a81e,bottomSlotAdhesion,%2F4802%2Ftgn.rootsweb.com%2FRW_728x90_btf,2,1957888,728x90,2249%3A537123218592,31208,2249,beenverified.com,3,RW_728x90_bottom,4,543537162,543537163,5,20491671,9,829344,10,588745,16,108636,18,rootsweb_adhesion_728x90,115,rootsweb_dt_728x90_btf,116,817150925,154,dtylsEbQir7lnyaKjGFx_2,U3ff9725bd850a4,topSlot,%2F4802%2Ftgn.rootsweb.com%2FRW_728x90,1957912,RW_728x90,543880349,20956780,623383,203712,rootsweb_docking_728x90,rootsweb_dt_728x90_atf,212208145,doDfPobQir7lnyaKjGFx_2&e=&c=https%3A%2F%2Fhelpdesk.rootsweb.com%2F&d=&f=1.ku3leem9.2T12z&g=2T1pw&u=5ecf496b:ktss0asu:26r&v=18g.xc.0.1aw&m=z&i1=G&rnd=1632804096821
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.210.198.65 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-210-198-65.us-west-2.compute.amazonaws.com
Software
linux /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Server
linux
Connection
keep-alive
Content-Length
0
Content-Type
image/png
3fa7736e-7c0c-4cd6-8ed8-c899dd5d0a47.js
d3lcz8vpax4lo2.cloudfront.net/embed-code/ Frame E8C7 		353 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/embed-code/3fa7736e-7c0c-4cd6-8ed8-c899dd5d0a47.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/1fc9ab3f-5e87-46ab-bae6-38ff786a9ee3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.139 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-139.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37880b0a7b67fac8600b00237579d7bc4124a8a261ec5847c639287dab5e449e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
s0mp90gw00TVaQTK1_MEfJIwFlE0tm70
content-encoding
gzip
last-modified
Mon, 27 Sep 2021 19:37:27 GMT
server
AmazonS3
age
1868
etag
W/"7aac0216062a503646db4935f1cd75a3"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
cache-control
max-age=3600,public
date
Tue, 28 Sep 2021 04:10:29 GMT
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
9mJGGmom37_0qt65zGEgR3Lg2DXVrNr5cyfim6ojfyJ9G2i2F6wgXQ==
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202109241301/ 		180 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202109241301/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/3g2pC722FKMzXRLuYXZT6L7Ud9Y/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7e8f3dadf31ccbaff67acee0751b89dbbb7263e1afdae3e75785c6b09557f98e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 28 Sep 2021 04:41:36 GMT
Content-Encoding
gzip
Age
417
X-Cache
HIT
Connection
keep-alive
Content-Length
58813
x-amz-id-2
yAqCwwe3+OUAM9bMHsG54BvlxZnJIhliWJU0kmhJl/SWMLMqvX1yFFnCtdU+lRSpSh1JtEwWoZg=
X-Served-By
cache-hhn4047-HHN
Last-Modified
Fri, 24 Sep 2021 17:02:58 GMT
Server
AmazonS3
X-Timer
S1632804097.830635,VS0,VE0
ETag
"15e09c6918b074c608ad9d4570639c1b"
x-amz-request-id
BDNKHZACZBPB81JM
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
895
/
onetag-geo.s-onetag.com/ 		555 B
991 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-45.fra50.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:24 GMT
via
1.1 355e7d579c41c1dcc2113e41403be663.cloudfront.net (CloudFront), 1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
age
6852
x-amzn-requestid
0b009c28-9318-455f-9425-a72feeae5d33
x-edge-origin-shield-skipped
0
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-C2, FRA50-C1
x-amz-apigw-id
GWlJdGbgiYcFQ6g=
content-length
555
x-amz-cf-id
tg0i42carGfOfdO5GttPaHtC6KmAwdNLLRHeQVzaDv1SYNgUUwjTmQ==
beacon.min.js
signal-beacon.s-onetag.com/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signal-beacon.s-onetag.com/beacon.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-94.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3956abb802c9c7d9423c07d90c15ed2edeefcb4387915d92f39dc9a215ed4c00

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
GVbIsPEpPFg72l7F1mMVCBMankLtDjFa
content-encoding
gzip
etag
W/"76493270ad1ab78c38d49cb5188662be"
age
77190
x-amz-server-side-encryption
AES256
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
last-modified
Wed, 18 Aug 2021 13:18:19 GMT
server
AmazonS3
date
Mon, 27 Sep 2021 07:15:07 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
XFHaGxS3IlTAgzF6wJ-_uOTapaXgNoVyf8VVV2pOunjvQjDcc06suA==
event
event.insticator.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_embed-loaded
Protocol
H2
Server
52.202.233.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-233-191.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://helpdesk.rootsweb.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 28 Sep 2021 04:41:37 GMT
content-length
0
vary
Origin
access-control-max-age
3600
access-control-allow-origin
https://helpdesk.rootsweb.com
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-credentials
true
css
fonts.googleapis.com/ Frame E8C7 		0
0
all.css
use.fontawesome.com/releases/v5.5.0/css/ Frame E8C7 		0
0
analytics.js
www.google-analytics.com/ Frame E8C7 		0
0
/
geoip.insticator.com/json/ Frame E8C7 		0
0
event
event.insticator.com/v1/ Frame E8C7 		0
0
logo-insticator-light-opt.png
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame E8C7 		0
0
icon-check.png
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame E8C7 		0
0
graphic-ooc-opt.png
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame E8C7 		0
0
92f4b42c-ecaa-43ab-93cc-f4e3e692fbf7
d3lcz8vpax4lo2.cloudfront.net/client_logos/878d28e0-acf3-478e-a554-ae52c44ac472/ Frame E8C7 		0
0
view
securepubads.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssDn04g1UcuL_QhB-x4c_h2s6mvqke-rlof7Ud-pIRD9Hid-VSf95Ptgfcy-2HoEYqQ_Ue5J5WNkloib3qnF8HwCfvkD5UeVs8jfbROlGoU2TgEkP2mMry2uyd98OWsWh9a4lFukh5om7tn1MaT1vbHx3-qZfYXD-pbdzj3YuMrsfQnjFt6YjUbM5R6_CAJ2328bujSDCYKKTmGsF5pE6mMWEo-wRXxcbnMl_WYvpaHxoLx2-_OO-B1z1TePQ1BVqvxqR-S2MgwJIRBWXnMFH6N1nM6eJ9X6WyGWTjEYsIf71kOIt_0O6VmwKgjooDEAEYss6hykuMCSeEAtpsl9qPFX0AANanIGq2LV91DBA&sai=AMfl-YR6ravGIH_-hK3CbQ_fyWXWw1v3omb2XpwhIJGIY_l-T6c62M64sGszZhLbvPet7DaC_BBkHLLDKrSpKGiQceXmaB4MaoLFD1KsoJoTZj_zqChR8mbIsR8A1NtuI3v9&sig=Cg0ArKJSzB98XXB9jqpwEAE&urlfix=1&adurl=
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 28 Sep 2021 04:41:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 28 Sep 2021 04:41:37 GMT
LDR-search.php
go.newspapers.com/ads/ Frame 4894 		0
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092702.js?31062914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
2e2201192d8a342b5f570c4418dc4dcd2c0460243b4f9ba99c60a7c312d13e50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Tue, 28 Sep 2021 04:41:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37837
x-xss-protection
0
server
sffe
etag
"1632742272549041"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Tue, 28 Sep 2021 04:41:37 GMT
view
securepubads.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstcJSkg2Bxl9DJfm_tKJfq4KDS37YsEcQYd0zFEE00NUdokwq3aVn30O8_ZDeYr1H8X9lgZ9x6WRvm36brBSDf4yvHerx_PLwRmZVkhICCQ43st_DsV_12tX4JJWAmBD7YS-EPv7Op3BuflKl7L-SyyCn1EnK8Q1-mo_7FTf-bsUUuZUvmd9d65hx-O4jZm3kG3uM-RqHGeJwdScSJnpm_7mQWQNbc_CrpgKZ1HI659xKRwFOHm46E7vm9F1jX6o_QueUiSLnucSgOfN7fj52lE2fwdvzH5i4uKm7F474gQNSYwzJKiMa_SLxoUQYBSDHrnft92sXT4wHqPgdvO-BwT8bRVF_mEE6M&sai=AMfl-YQBs_tUlGdYksKKxkYAvmWMY6OljuEUkwVXvX-5-9CO9LRXWsoJBkDsFdos2qRsUWav_u6AQ1WhYgtP1hRnBIq6UJ1Vt1cUz73drfLFsCFd3iOP_531_ewej7uVwm5_&sig=Cg0ArKJSzDho60HAcgl0EAE&urlfix=1&adurl=
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 28 Sep 2021 04:41:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 28 Sep 2021 04:41:37 GMT
LDR-search.php
go.newspapers.com/ads/ Frame 75EE 		34 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://go.newspapers.com/ads/LDR-search.php?admin=1&design=whtldr&xid=109&nameField=1&label=Find%20your%20ancestors%20in%20obituaries%20and%20birth%20notices&clickTag=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjssmEqklCkJAbdY2hhqkAlnSC_PrSMR-z6X6aKWmnjr620U8vzr4eCD7ViP1E2jqDYhl3yH-9Ym6cv-WO27kS_gCrTFHDmvLVnv2rPi2A_U9gNug9Wo2n-jpc2R5JFox8_hIoD9ko5dJmWEZBqP7tZG_h68IWu-uhlJOKzVqkp67Dhsi2T2U4RSXdvDuTxqQs1X2ogqbnx31C3di0_oHBZ6bHYXh62IEeLXV3iPBtpfLB0dHr4CJoCUCE5eRDjGeMO0I5AS6cz852_95sYpxhSl9dbYAlie1_l_S_1XIU2ssVfG9NaQ0dX0NVdCm2vMpEyo7CcpdD2nM%2526sai%253DAMfl-YRV6GACML3odwupd87Qd6Qrekw1mgap12qq-ioTlmMr92yjVwS57VcnuPkoV7z4hXOlCTUQSxxuQ7lztUtOLUVSeEr5QvUBUs_pAgwCgONfN2xO9sR7t-XFSEwYaDje%2526sig%253DCg0ArKJSzK7QoQdQi-cwEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&t=1&utm_source=rootsweb&utm_medium=referral&utm_campaign=RW-Display
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092702.js?31062914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.18.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb4b0ebe87db059d1c7dd1742f05d2ec127a568a60748ff9f123c561a23c4e17

Request headers

:method
GET
:authority
go.newspapers.com
:scheme
https
:path
/ads/LDR-search.php?admin=1&design=whtldr&xid=109&nameField=1&label=Find%20your%20ancestors%20in%20obituaries%20and%20birth%20notices&clickTag=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjssmEqklCkJAbdY2hhqkAlnSC_PrSMR-z6X6aKWmnjr620U8vzr4eCD7ViP1E2jqDYhl3yH-9Ym6cv-WO27kS_gCrTFHDmvLVnv2rPi2A_U9gNug9Wo2n-jpc2R5JFox8_hIoD9ko5dJmWEZBqP7tZG_h68IWu-uhlJOKzVqkp67Dhsi2T2U4RSXdvDuTxqQs1X2ogqbnx31C3di0_oHBZ6bHYXh62IEeLXV3iPBtpfLB0dHr4CJoCUCE5eRDjGeMO0I5AS6cz852_95sYpxhSl9dbYAlie1_l_S_1XIU2ssVfG9NaQ0dX0NVdCm2vMpEyo7CcpdD2nM%2526sai%253DAMfl-YRV6GACML3odwupd87Qd6Qrekw1mgap12qq-ioTlmMr92yjVwS57VcnuPkoV7z4hXOlCTUQSxxuQ7lztUtOLUVSeEr5QvUBUs_pAgwCgONfN2xO9sR7t-XFSEwYaDje%2526sig%253DCg0ArKJSzK7QoQdQi-cwEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&t=1&utm_source=rootsweb&utm_medium=referral&utm_campaign=RW-Display
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://helpdesk.rootsweb.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/

Response headers

date
Tue, 28 Sep 2021 04:41:37 GMT
content-type
text/html; charset=UTF-8
set-cookie
lastXid=109; expires=Tue, 12-Oct-2021 04:41:37 GMT; Max-Age=1209600; path=/; SameSite=Lax; domain=.newspapers.com; secure; HttpOnly lastSid=109; expires=Tue, 12-Oct-2021 04:41:37 GMT; Max-Age=1209600; path=/; SameSite=Lax; domain=.newspapers.com; secure; HttpOnly
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
695a4ce7a91e5b86-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092702.js?31062914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
e5668ad294690c0def710438c8462f2eb7ece9e8ef4b7ab53cb93a45d1f8cd7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:41:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27596
x-xss-protection
0
server
sffe
etag
"1632742284803949"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Tue, 28 Sep 2021 04:41:37 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fhelpdesk.rootsweb.com%2F&domain=helpdesk.rootsweb.com&cw=1&lsw=1
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://helpdesk.rootsweb.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://helpdesk.rootsweb.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1848
date
Tue, 28 Sep 2021 04:41:37 GMT
content-encoding
gzip
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		353 B
636 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fhelpdesk.rootsweb.com%2F&domain=helpdesk.rootsweb.com&cw=1&lsw=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
57c162f0ccd4f0857aec354f9b1188e28fdb237e888ae5d38ba2f5fbac7f06b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Tue, 28 Sep 2021 04:41:36 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://helpdesk.rootsweb.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2361
expires
0
instbid-4.32.0-28-with-new-ssps.js
df80k0z3fi8zg.cloudfront.net/files/ 		366 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/instbid-4.32.0-28-with-new-ssps.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/1fc9ab3f-5e87-46ab-bae6-38ff786a9ee3/4f695dd7-eba6-4797-9b21-f41a4a3abf1a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-150.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
987f99479658144f51bb3d58724e6cad26e9c59b396c8da74781c49d3bd9072e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 21:29:16 GMT
content-encoding
gzip
last-modified
Thu, 19 Aug 2021 16:47:01 GMT
server
AmazonS3
age
25942
etag
W/"a640e887066acfceadf3b3b07de8f53a"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
x-amz-version-id
PJSv67Ye.A4D1UntOZ7xUTYFpK79cmtD
via
1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
Z64fH19K2UsBimSa0ntcE3vH3vlMsr80bZoiPF6Yw04H6AM-VbtoIw==
insync
thrtle.com/
Redirect Chain
  • https://px.britepool.com/new?partner_id=t
  • https://thrtle.com/insync?vxii_pid=10054&vxii_pdid=991aa9f0-6a3e-4e35-a2cd-39d4dd76731b
  • https://thrtle.com/insync?vxii_pdid=991aa9f0-6a3e-4e35-a2cd-39d4dd76731b&vxii_pid=12&vxii_pid1=10054&vxii_rcid=fc8cc27d-a3b6-4c56-9ab4-e144d63e1ea7
43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?vxii_pdid=991aa9f0-6a3e-4e35-a2cd-39d4dd76731b&vxii_pid=12&vxii_pid1=10054&vxii_rcid=fc8cc27d-a3b6-4c56-9ab4-e144d63e1ea7
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.38.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-38-221.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:41:38 GMT
server
p3p
CP="NOI OUR BUS UNI COM NAV"
content-length
43
strict-transport-security
max-age=63072000; includeSubDomains
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?vxii_pdid=991aa9f0-6a3e-4e35-a2cd-39d4dd76731b&vxii_pid=12&vxii_pid1=10054&vxii_rcid=fc8cc27d-a3b6-4c56-9ab4-e144d63e1ea7
date
Tue, 28 Sep 2021 04:41:37 GMT
server
content-type
text/html; charset=utf-8
content-length
182
strict-transport-security
max-age=63072000; includeSubDomains
p3p
CP="NOI OUR BUS UNI COM NAV"
/
adspsp.com/pt/5781260/12/2/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adspsp.com/pt/5781260/12/2/?a=2,a2ku3leg07xRVxwBLOJ7,Q7z8npXvtz&aa=00tCRyuTh.gN.u11---&b=2:1,19,m7db0,17pjpl7,q11h1xo,,2glt9bi,k8`2i,q11h1xo,2glt9bi,U25aaf6f386a81e,bottomSlotAdhesion,%2F4802%2Ftgn.rootsweb.com%2FRW_728x90_btf&b=2:1,18,m7db0,17pjpl7,degn3po,,2glt9bi,k8`2i,degn3po,2glt9bi,U3ff9725bd850a4,topSlot,%2F4802%2Ftgn.rootsweb.com%2FRW_728x90&e=500.1:1T20a:%20Caught%20AsyncErr:%20%20Cannot%20read%20properties%20of%20null%20(reading%20%27getBoundingClientRect%27)%20TypeError:%20Cannot%20read%20properties%20of%20null%20(reading%20%27getBoundingClientRect%27)%20%20%20%20at%20gpt.render%20(https://prod.adspsp.com/adb.5781260.min.js:2:211803)%20%20%20%20at%20https://prod.adspsp.com/adb.5781260.min.js:2:232716%20%20%20%20at%20ht...&c=https%3A%2F%2Fhelpdesk.rootsweb.com%2F&d=&f=1.ku3leem9.2T12z&g=1T24j&u=5ecf496b:ktss0asu:26r&v=18g.xc.0.2m&m=z&i1=G&rnd=1632804097348
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.210.198.65 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-210-198-65.us-west-2.compute.amazonaws.com
Software
linux /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Server
linux
Connection
keep-alive
Content-Length
0
Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssB8X9YYCEUSQd05c3e_S_qATXvsdmCnAecAwho_939Itn2fbOs-w6JQwKpH8bIgHvRmCRfA8yLCsAL8JkDH40gS1ApMqGg15NS2XA1DcxtbqcDbQptaimLOsvX71wAJ_NSAy8Gsi2yOegitA62CDmmW5-8gqFIyQkgCc-IfCQ0Ndwjd7lBSpVV6R4aGoquvvfpPrdKHiZQ1RuyJoUgi303PnPhPd8ZRGDWlQb_PPZuFLCkBdAjQ9nq_DzTgNRqFBUYynfxgwtt7LNxwaiZp8cds3htvJJdlCJOXOq7it6QXCX9woCu5mBojsJCqLZUslGVT5IToM6ExYyoPkM&sai=AMfl-YRd7veF2qebmlFIpmHyxM5DuSibZKVi-zds1ge8KfeWtnut9_y0ApYsaOLmiqBLchrX5pXukMc6OCWh4BXFZs_qSJfKQmAEP-NXonMmwt2-0xnjr37C9jpRudyAZxvF&sig=Cg0ArKJSzLJb4SkBOq-iEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 28 Sep 2021 04:41:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 28 Sep 2021 04:41:37 GMT
truncated
/ 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a7bf1ca7ac9b401cb791e14391ad32d3c615afaa57d76b8b180d1cfe3e338790

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=helpdesk.rootsweb.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092702.js?31062914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 28 Sep 2021 04:41:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		41 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2649765970415933&correlator=713521606175697&output=ldjh&impl=fifs&eid=31062863%2C31062914%2C44748553&vrg=2021092702&ptt=17&sc=1&sfv=1-0-38&ecs=20210928&iu_parts=2507246%3A4802%2Crootsweb.com_Web_300x250_3&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250%7C300x250&fsbs=1&prev_scp=h%3D4%26shb%3D1%26tg%3D0%26at%3D1%26hostname%3Dhelpdesk.rootsweb.com%26consent%3D0%26Exclude_Adx%3DN%26ib%3Dnofill%26iba%3D0%26iaid%3Dnofill%26it%3Dil&eri=1&cookie=ID%3Def90e0a94f9bc43c-2253434c64c90087%3AT%3D1632804096%3AS%3DALNI_MZ4VCgviHrEkF_hGtDUpsiJCqUJ7A&bc=31&abxe=1&lmt=1632804097&dt=1632804097620&dlt=1632804095762&idt=351&frm=20&biw=1600&bih=1200&oid=3&adxs=-9&adys=-9&adks=1509734901&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fhelpdesk.rootsweb.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=1861062585.1632804097&ga_sid=1632804097&ga_hid=943369772&ga_fc=false&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092702.js?31062914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
87e82c28793b5db8189ced24fd749522f6513f2b86981e88bcb347cdbda61f9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:41:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10657
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://helpdesk.rootsweb.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		41 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2649765970415933&correlator=1184578701397146&output=ldjh&impl=fifs&eid=31062863%2C31062914%2C44748553&vrg=2021092702&ptt=17&sc=1&sfv=1-0-38&ecs=20210928&iu_parts=2507246%3A4802%2Crootsweb.com_Web_300x250_4&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250%7C300x250&fsbs=1&prev_scp=h%3D4%26shb%3D1%26tg%3D0%26at%3D1%26hostname%3Dhelpdesk.rootsweb.com%26consent%3D0%26Exclude_Adx%3DN%26ib%3Dnofill%26iba%3D0%26iaid%3Dnofill%26it%3Dil&eri=1&cookie=ID%3Def90e0a94f9bc43c-2253434c64c90087%3AT%3D1632804096%3AS%3DALNI_MZ4VCgviHrEkF_hGtDUpsiJCqUJ7A&bc=31&abxe=1&lmt=1632804097&dt=1632804097622&dlt=1632804095762&idt=351&frm=20&biw=1600&bih=1200&oid=3&adxs=-9&adys=-9&adks=3116389915&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fhelpdesk.rootsweb.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=1861062585.1632804097&ga_sid=1632804097&ga_hid=943369772&ga_fc=false&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092702.js?31062914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
fff89499abf274f3c86d28acfb662e83078b9d64adf8f46b06b5f1a1010cd12c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:41:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10535
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://helpdesk.rootsweb.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
LDR-search.css
go.newspapers.com/c/ Frame 75EE 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://go.newspapers.com/c/LDR-search.css?ver=2019
Requested by
Host: go.newspapers.com
URL: https://go.newspapers.com/ads/LDR-search.php?admin=1&design=whtldr&xid=109&nameField=1&label=Find%20your%20ancestors%20in%20obituaries%20and%20birth%20notices&clickTag=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjssmEqklCkJAbdY2hhqkAlnSC_PrSMR-z6X6aKWmnjr620U8vzr4eCD7ViP1E2jqDYhl3yH-9Ym6cv-WO27kS_gCrTFHDmvLVnv2rPi2A_U9gNug9Wo2n-jpc2R5JFox8_hIoD9ko5dJmWEZBqP7tZG_h68IWu-uhlJOKzVqkp67Dhsi2T2U4RSXdvDuTxqQs1X2ogqbnx31C3di0_oHBZ6bHYXh62IEeLXV3iPBtpfLB0dHr4CJoCUCE5eRDjGeMO0I5AS6cz852_95sYpxhSl9dbYAlie1_l_S_1XIU2ssVfG9NaQ0dX0NVdCm2vMpEyo7CcpdD2nM%2526sai%253DAMfl-YRV6GACML3odwupd87Qd6Qrekw1mgap12qq-ioTlmMr92yjVwS57VcnuPkoV7z4hXOlCTUQSxxuQ7lztUtOLUVSeEr5QvUBUs_pAgwCgONfN2xO9sR7t-XFSEwYaDje%2526sig%253DCg0ArKJSzK7QoQdQi-cwEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&t=1&utm_source=rootsweb&utm_medium=referral&utm_campaign=RW-Display
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.18.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee2553aa0e59f769b5c41ed1d4ab2f8b8353383d2abd9e558e598791f2c66ff5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.newspapers.com/ads/LDR-search.php?admin=1&design=whtldr&xid=109&nameField=1&label=Find%20your%20ancestors%20in%20obituaries%20and%20birth%20notices&clickTag=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjssmEqklCkJAbdY2hhqkAlnSC_PrSMR-z6X6aKWmnjr620U8vzr4eCD7ViP1E2jqDYhl3yH-9Ym6cv-WO27kS_gCrTFHDmvLVnv2rPi2A_U9gNug9Wo2n-jpc2R5JFox8_hIoD9ko5dJmWEZBqP7tZG_h68IWu-uhlJOKzVqkp67Dhsi2T2U4RSXdvDuTxqQs1X2ogqbnx31C3di0_oHBZ6bHYXh62IEeLXV3iPBtpfLB0dHr4CJoCUCE5eRDjGeMO0I5AS6cz852_95sYpxhSl9dbYAlie1_l_S_1XIU2ssVfG9NaQ0dX0NVdCm2vMpEyo7CcpdD2nM%2526sai%253DAMfl-YRV6GACML3odwupd87Qd6Qrekw1mgap12qq-ioTlmMr92yjVwS57VcnuPkoV7z4hXOlCTUQSxxuQ7lztUtOLUVSeEr5QvUBUs_pAgwCgONfN2xO9sR7t-XFSEwYaDje%2526sig%253DCg0ArKJSzK7QoQdQi-cwEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&t=1&utm_source=rootsweb&utm_medium=referral&utm_campaign=RW-Display
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:41:37 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 27 Sep 2021 21:22:23 GMT
server
cloudflare
age
26
cf-polished
origSize=20498
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=60
cf-ray
695a4cea5b3905fd-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
minify
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.2/ Frame 75EE 		94 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js
Requested by
Host: go.newspapers.com
URL: https://go.newspapers.com/ads/LDR-search.php?admin=1&design=whtldr&xid=109&nameField=1&label=Find%20your%20ancestors%20in%20obituaries%20and%20birth%20notices&clickTag=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjssmEqklCkJAbdY2hhqkAlnSC_PrSMR-z6X6aKWmnjr620U8vzr4eCD7ViP1E2jqDYhl3yH-9Ym6cv-WO27kS_gCrTFHDmvLVnv2rPi2A_U9gNug9Wo2n-jpc2R5JFox8_hIoD9ko5dJmWEZBqP7tZG_h68IWu-uhlJOKzVqkp67Dhsi2T2U4RSXdvDuTxqQs1X2ogqbnx31C3di0_oHBZ6bHYXh62IEeLXV3iPBtpfLB0dHr4CJoCUCE5eRDjGeMO0I5AS6cz852_95sYpxhSl9dbYAlie1_l_S_1XIU2ssVfG9NaQ0dX0NVdCm2vMpEyo7CcpdD2nM%2526sai%253DAMfl-YRV6GACML3odwupd87Qd6Qrekw1mgap12qq-ioTlmMr92yjVwS57VcnuPkoV7z4hXOlCTUQSxxuQ7lztUtOLUVSeEr5QvUBUs_pAgwCgONfN2xO9sR7t-XFSEwYaDje%2526sig%253DCg0ArKJSzK7QoQdQi-cwEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&t=1&utm_source=rootsweb&utm_medium=referral&utm_campaign=RW-Display
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f106.1e100.net
Software
sffe /
Resource Hash
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.newspapers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:22:35 GMT
x-content-type-options
nosniff
age
451142
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95931
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Thu, 22 Sep 2022 23:22:35 GMT
newspaperslogo-sm.png
go.newspapers.com/i/ Frame 75EE 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.newspapers.com/i/newspaperslogo-sm.png
Requested by
Host: go.newspapers.com
URL: https://go.newspapers.com/ads/LDR-search.php?admin=1&design=whtldr&xid=109&nameField=1&label=Find%20your%20ancestors%20in%20obituaries%20and%20birth%20notices&clickTag=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjssmEqklCkJAbdY2hhqkAlnSC_PrSMR-z6X6aKWmnjr620U8vzr4eCD7ViP1E2jqDYhl3yH-9Ym6cv-WO27kS_gCrTFHDmvLVnv2rPi2A_U9gNug9Wo2n-jpc2R5JFox8_hIoD9ko5dJmWEZBqP7tZG_h68IWu-uhlJOKzVqkp67Dhsi2T2U4RSXdvDuTxqQs1X2ogqbnx31C3di0_oHBZ6bHYXh62IEeLXV3iPBtpfLB0dHr4CJoCUCE5eRDjGeMO0I5AS6cz852_95sYpxhSl9dbYAlie1_l_S_1XIU2ssVfG9NaQ0dX0NVdCm2vMpEyo7CcpdD2nM%2526sai%253DAMfl-YRV6GACML3odwupd87Qd6Qrekw1mgap12qq-ioTlmMr92yjVwS57VcnuPkoV7z4hXOlCTUQSxxuQ7lztUtOLUVSeEr5QvUBUs_pAgwCgONfN2xO9sR7t-XFSEwYaDje%2526sig%253DCg0ArKJSzK7QoQdQi-cwEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&t=1&utm_source=rootsweb&utm_medium=referral&utm_campaign=RW-Display
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.18.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a3e3dd419c4d28c1f0c68c8167c1689f308235d376a0f01989c05c9a4619a23

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.newspapers.com/ads/LDR-search.php?admin=1&design=whtldr&xid=109&nameField=1&label=Find%20your%20ancestors%20in%20obituaries%20and%20birth%20notices&clickTag=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjssmEqklCkJAbdY2hhqkAlnSC_PrSMR-z6X6aKWmnjr620U8vzr4eCD7ViP1E2jqDYhl3yH-9Ym6cv-WO27kS_gCrTFHDmvLVnv2rPi2A_U9gNug9Wo2n-jpc2R5JFox8_hIoD9ko5dJmWEZBqP7tZG_h68IWu-uhlJOKzVqkp67Dhsi2T2U4RSXdvDuTxqQs1X2ogqbnx31C3di0_oHBZ6bHYXh62IEeLXV3iPBtpfLB0dHr4CJoCUCE5eRDjGeMO0I5AS6cz852_95sYpxhSl9dbYAlie1_l_S_1XIU2ssVfG9NaQ0dX0NVdCm2vMpEyo7CcpdD2nM%2526sai%253DAMfl-YRV6GACML3odwupd87Qd6Qrekw1mgap12qq-ioTlmMr92yjVwS57VcnuPkoV7z4hXOlCTUQSxxuQ7lztUtOLUVSeEr5QvUBUs_pAgwCgONfN2xO9sR7t-XFSEwYaDje%2526sig%253DCg0ArKJSzK7QoQdQi-cwEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&t=1&utm_source=rootsweb&utm_medium=referral&utm_campaign=RW-Display
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:41:37 GMT
cf-cache-status
HIT
last-modified
Mon, 27 Sep 2021 21:20:33 GMT
server
cloudflare
age
26
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=60
accept-ranges
bytes
cf-ray
695a4cea9b7c05fd-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2432
/
ssc-cms.33across.com/ps/ Frame A6C2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dtylsEbQir7lnyaKjGFx_2&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.177 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip177.208-100-17.static.steadfastdns.net
Software
33XP004 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&ru=deb&id=dtylsEbQir7lnyaKjGFx_2&gdpr_consent=undefined&us_privacy=undefined
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://helpdesk.rootsweb.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/

Response headers

x-33x-status
2000208
server
33XP004
date
Tue, 28 Sep 2021 04:41:37 GMT
Cookie set beacon
ap.lijit.com/ Frame 2D33 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=7840138
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Host
ap.lijit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://helpdesk.rootsweb.com/
Accept-Encoding
gzip, deflate, br
Cookie
ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D; ljt_reader=e0ede5ce6452990813e15e9d
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/

Response headers

Server
nginx
Date
Tue, 28 Sep 2021 04:41:37 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie
ljt_reader=e0ede5ce6452990813e15e9d;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D;Path=/;Domain=.lijit.com;Expires=Wed, 28-Sep-2022 04:41:37 GMT;Max-Age=31536000;Secure;SameSite=None
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap2ams1
ga_debug.js
ssl.google-analytics.com/u/ Frame 75EE 		55 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/u/ga_debug.js
Requested by
Host: go.newspapers.com
URL: https://go.newspapers.com/ads/LDR-search.php?admin=1&design=whtldr&xid=109&nameField=1&label=Find%20your%20ancestors%20in%20obituaries%20and%20birth%20notices&clickTag=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjssmEqklCkJAbdY2hhqkAlnSC_PrSMR-z6X6aKWmnjr620U8vzr4eCD7ViP1E2jqDYhl3yH-9Ym6cv-WO27kS_gCrTFHDmvLVnv2rPi2A_U9gNug9Wo2n-jpc2R5JFox8_hIoD9ko5dJmWEZBqP7tZG_h68IWu-uhlJOKzVqkp67Dhsi2T2U4RSXdvDuTxqQs1X2ogqbnx31C3di0_oHBZ6bHYXh62IEeLXV3iPBtpfLB0dHr4CJoCUCE5eRDjGeMO0I5AS6cz852_95sYpxhSl9dbYAlie1_l_S_1XIU2ssVfG9NaQ0dX0NVdCm2vMpEyo7CcpdD2nM%2526sai%253DAMfl-YRV6GACML3odwupd87Qd6Qrekw1mgap12qq-ioTlmMr92yjVwS57VcnuPkoV7z4hXOlCTUQSxxuQ7lztUtOLUVSeEr5QvUBUs_pAgwCgONfN2xO9sR7t-XFSEwYaDje%2526sig%253DCg0ArKJSzK7QoQdQi-cwEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&t=1&utm_source=rootsweb&utm_medium=referral&utm_campaign=RW-Display
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f8.1e100.net
Software
Golfe2 /
Resource Hash
4537694480e187f6b4bb7c80b546a1febc7a717f6d672ed0eeadcccd68279959
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.newspapers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:01:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
2419
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20769
expires
Tue, 28 Sep 2021 06:01:18 GMT
event
event.insticator.com/v1/ 		0
124 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/1fc9ab3f-5e87-46ab-bae6-38ff786a9ee3/4f695dd7-eba6-4797-9b21-f41a4a3abf1a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.233.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-233-191.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Allow-Origin
*
Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
https://helpdesk.rootsweb.com
date
Tue, 28 Sep 2021 04:41:37 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
event
event.insticator.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Protocol
H2
Server
52.202.233.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-233-191.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
access-control-allow-origin,content-type
Origin
https://helpdesk.rootsweb.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 28 Sep 2021 04:41:37 GMT
content-length
0
vary
Origin
access-control-max-age
3600
access-control-allow-origin
https://helpdesk.rootsweb.com
access-control-allow-headers
access-control-allow-origin,content-type
access-control-allow-methods
POST
access-control-allow-credentials
true
nr-1210.min.js
js-agent.newrelic.com/ Frame 75EE 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1210.min.js
Requested by
Host: go.newspapers.com
URL: https://go.newspapers.com/ads/LDR-search.php?admin=1&design=whtldr&xid=109&nameField=1&label=Find%20your%20ancestors%20in%20obituaries%20and%20birth%20notices&clickTag=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjssmEqklCkJAbdY2hhqkAlnSC_PrSMR-z6X6aKWmnjr620U8vzr4eCD7ViP1E2jqDYhl3yH-9Ym6cv-WO27kS_gCrTFHDmvLVnv2rPi2A_U9gNug9Wo2n-jpc2R5JFox8_hIoD9ko5dJmWEZBqP7tZG_h68IWu-uhlJOKzVqkp67Dhsi2T2U4RSXdvDuTxqQs1X2ogqbnx31C3di0_oHBZ6bHYXh62IEeLXV3iPBtpfLB0dHr4CJoCUCE5eRDjGeMO0I5AS6cz852_95sYpxhSl9dbYAlie1_l_S_1XIU2ssVfG9NaQ0dX0NVdCm2vMpEyo7CcpdD2nM%2526sai%253DAMfl-YRV6GACML3odwupd87Qd6Qrekw1mgap12qq-ioTlmMr92yjVwS57VcnuPkoV7z4hXOlCTUQSxxuQ7lztUtOLUVSeEr5QvUBUs_pAgwCgONfN2xO9sR7t-XFSEwYaDje%2526sig%253DCg0ArKJSzK7QoQdQi-cwEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&t=1&utm_source=rootsweb&utm_medium=referral&utm_campaign=RW-Display
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5b8810ee64bade6fc49a6c0948f933337663c3df9526ed7e21694b728a15818e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.newspapers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
tUmpG8VLFN_NnT6837P9feidPwIndCMZ
content-encoding
gzip
etag
"67f7ff413fcbb9300ab2dbf1bb53180c"
x-amz-request-id
3700EJ4ZWWQ4P78Z
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
11781
x-amz-id-2
WHzeslBLMht/NaCF9kkJd18iJ6Fkr2YZAl5iGj0a1qtVGAGpwFyTtZrMMtk5xKXdIU5RYSWHiEw=
x-served-by
cache-hhn4068-HHN
last-modified
Tue, 22 Jun 2021 22:47:07 GMT
server
AmazonS3
x-timer
S1632804098.841458,VS0,VE0
date
Tue, 28 Sep 2021 04:41:37 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
10260
sync
eb2.3lift.com/ Frame 60EC
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
5d83f75d59e35edc60c1fcb217ee655bc3d1cd774a490ab2ee1767841e80f587

Request headers

:method
GET
:authority
eb2.3lift.com
:scheme
https
:path
/sync?&ld=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://helpdesk.rootsweb.com/
accept-encoding
gzip, deflate, br
cookie
tluid=10993664966320988281
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/

Response headers

date
Tue, 28 Sep 2021 04:41:37 GMT
content-type
text/html; charset=utf-8
content-length
464
set-cookie
sync=CgoIgQIQyp7V1cIvCgoI4gEQyp7V1cIvCgoI5gEQyp7V1cIvCgoIhwIQyp7V1cIvCgkICRDKntXVwi8KCQg6EMqe1dXCLwoJCAsQyp7V1cIvCgoIjAIQyp7V1cIvCgoIzgEQyp7V1cIvCgkIXxDKntXVwi8=; Max-Age=7776000; Expires=Mon, 27 Dec 2021 04:41:37 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=10993664966320988281; Max-Age=7776000; Expires=Mon, 27 Dec 2021 04:41:37 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate

Redirect headers

date
Tue, 28 Sep 2021 04:41:37 GMT
content-length
0
set-cookie
tluid=10993664966320988281; Max-Age=7776000; Expires=Mon, 27 Dec 2021 04:41:37 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
location
/sync?&ld=1
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
4bd2ba109c
bam-cell.nr-data.net/1/ Frame 75EE 		49 B
930 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/1/4bd2ba109c?a=197254878&v=1210.e2a3f80&to=ZVQAbEBTX0AFV0FaDVweN0pbHVZcS1VRQE1%2BdTAVQVdQQQdcG0MKQg%3D%3D&rst=664&ck=1&ref=https://go.newspapers.com/ads/LDR-search.php&be=457&fe=628&dc=587&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1632804097190,%22n%22:0,%22f%22:2,%22dn%22:8,%22dne%22:20,%22c%22:20,%22s%22:26,%22ce%22:37,%22rq%22:38,%22rp%22:419,%22rpe%22:420,%22dl%22:442,%22di%22:587,%22ds%22:587,%22de%22:590,%22dc%22:628,%22l%22:628,%22le%22:629%7D,%22navigation%22:%7B%7D%7D&fp=588&fcp=588&at=SRMDGghJTE4%3D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1210.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.newspapers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 28 Sep 2021 04:41:38 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
X-NewRelic-App-Data
PxQGQlVTCAQHUVBSFR0VMQFTYkEDCBADUxZRDVZkG3xWEU0YdQhAEgVCVAkDEWQcfgEVFk51XhUUUEJQCgMRQBxSFlIUChoKBlcLVnRMB05WAhtDX1oKBVNSUFMFAAVUBVJUVkBKBQNcEV0/
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
access-control-allow-credentials
true
CF-Ray
695a4cebddd34a55-FRA
usync.html
eus.rubiconproject.com/ Frame D857 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://helpdesk.rootsweb.com/
Accept-Encoding
gzip, deflate, br
Cookie
rsid=1|HsGqLFsFr/vVSy6g0MQzNQWiuYBcZJvAvCF6IsCkVVAywYaQOmrhQ6qYZbyIiI/PTx+vvVOnYX6qF0anVSaRRFrEpFc6uQw19gMkasvdREJwzG6pEKVeU6zjT6a3MjDFVf/xlH9h; ses2=128980^1; vis2=128980^1; khaos=KU3LEG6O-11-86CF; audit=1|hLZGFuTafB2N99hwWimrrMay1NhvFRO1y8N5jahKRdQKa353ZKUvRQmf2gEMxCFZ59O4vo6YizvAUJ+gL7gixayAxgfbm9J8Aizhfkn5jms=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 28 Sep 2021 04:41:37 GMT
Connection
keep-alive
Vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 60EC 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 04:41:37 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
xuid
eb2.3lift.com/ Frame 60EC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESENlJha_zM0re-A6Uvvtcrc0&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESENlJha_zM0re-A6Uvvtcrc0&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:41:37 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 28 Sep 2021 04:41:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESENlJha_zM0re-A6Uvvtcrc0&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 60EC
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTA5OTM2NjQ5NjYzMjA5ODgyODE%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTA5OTM2NjQ5NjYzMjA5ODgyODE%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 04:41:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTA5OTM2NjQ5NjYzMjA5ODgyODE%3D
date
Tue, 28 Sep 2021 04:41:37 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 60EC 		0
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=10993664966320988281&dbredirect=true&gdpr=1&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.174.11.69 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
108-174-11-69.fwd.linkedin.com
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:41:38 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-ltx1
x-li-proto
http/2
x-li-pop
prod-eda6
content-length
0
x-li-uuid
j1C3JK3iqBZAcMLpOysAAA==
xuid
eb2.3lift.com/ Frame 60EC
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/10993664966320988281?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-P4_.bnpE2oT9MiVCVk1KE0vonOp5USKinaTYN59_XQ--~A&dongle=0883
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-P4_.bnpE2oT9MiVCVk1KE0vonOp5USKinaTYN59_XQ--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:41:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Tue, 28 Sep 2021 04:41:37 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-P4_.bnpE2oT9MiVCVk1KE0vonOp5USKinaTYN59_XQ--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
x.bidswitch.net/ Frame 60EC 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=triplelift&user_id=10993664966320988281&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.156.153.73 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-153-73.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:41:37 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
c.gif
c.bing.com/ Frame 60EC 		42 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=10993664966320988281&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 04:41:37 GMT
etag
"367bb54357aad71:0"
last-modified
Wed, 15 Sep 2021 17:29:40 GMT
x-msedge-ref
Ref A: 22CFCB27ED5B47779C238BB5F03EB631 Ref B: PRG01EDGE1011 Ref C: 2021-09-28T04:41:37Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
iu3
s.amazon-adsystem.com/ Frame 60EC
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=10993664966320988281
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=10993664966320988281&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=10993664966320988281&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Tue, 28 Sep 2021 04:41:38 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
WHXTE5EFSS0B63028EFT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=10993664966320988281&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 60EC
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:41:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Tue, 28 Sep 2021 04:41:38 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame 60EC
Redirect Chain
  • https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4771&xuid=2922046216996930808&dongle=d407
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4771&xuid=2922046216996930808&dongle=d407
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:41:37 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=4771&xuid=2922046216996930808&dongle=d407
pragma
no-cache
date
Tue, 28 Sep 2021 04:41:37 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
pd
eu-u.openx.net/w/1.0/ Frame A9BE 		1006 B
857 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=654fdc04-8cd2-4182-b6a0-cadf9a3143db&gdpr=0&us_privacy=1---
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.216.3 /
Resource Hash
a066930557e37432d9bb825538f59fa94f0b11c0e5ac2174fb15e2c70e5621ec

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=10&ph=654fdc04-8cd2-4182-b6a0-cadf9a3143db&gdpr=0&us_privacy=1---
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://helpdesk.rootsweb.com/
accept-encoding
gzip, deflate, br
cookie
i=c8bf6fa2-652a-4dd4-868f-b66bbfaf81a6|1632804096
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=c8bf6fa2-652a-4dd4-868f-b66bbfaf81a6|1632804096; Version=1; Expires=Wed, 28-Sep-2022 04:41:37 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1632804097|mOgeginskin0vNomiygu; Version=1; Expires=Wed, 13-Oct-2021 04:41:37 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.216.3
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 28 Sep 2021 04:41:37 GMT
content-type
text/html
content-length
539
content-encoding
gzip
via
1.1 google
alt-svc
clear
usync.js
eus.rubiconproject.com/ Frame D857 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
7c8ae0ca81cabaf09bf56181abcb4a4f1c183bf6013d993fce44431d947f370d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 28 Sep 2021 04:41:37 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Sep 2021 16:02:15 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=69691
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9354
Expires
Wed, 29 Sep 2021 00:03:08 GMT
/
ssc-cms.33across.com/ps/ Frame A7C2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=doDfPobQir7lnyaKjGFx_2&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.177 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip177.208-100-17.static.steadfastdns.net
Software
33XP003 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&ru=deb&id=doDfPobQir7lnyaKjGFx_2&gdpr_consent=undefined&us_privacy=undefined
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://helpdesk.rootsweb.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/

Response headers

x-33x-status
2000208
server
33XP003
date
Tue, 28 Sep 2021 04:41:37 GMT
sd
eu-u.openx.net/w/1.0/ Frame A9BE
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=qNoJAenC1Mv4VY5
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=qNoJAenC1Mv4VY5
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=654fdc04-8cd2-4182-b6a0-cadf9a3143db&gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.216.3 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 04:41:38 GMT
via
1.1 google
server
OXGW/16.216.3
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 28 Sep 2021 04:41:37 GMT
Server
PingMatch/8a430fa#rel-ec2-master i-0ab67c5d8ba5329d8@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=qNoJAenC1Mv4VY5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
adxcm.aspx
inv-nets.admixer.net/ Frame A9BE
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dopenx%26bsw_param%3D...
0
0
sd
eu-u.openx.net/w/1.0/ Frame A9BE
Redirect Chain
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=2675323181109017778
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=2675323181109017778
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=654fdc04-8cd2-4182-b6a0-cadf9a3143db&gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.216.3 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 04:41:38 GMT
via
1.1 google
server
OXGW/16.216.3
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 28 Sep 2021 04:41:38 GMT
X-Proxy-Origin
216.131.114.157; 216.131.114.157; 400.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
4fbe70a7-8819-4a5f-836e-833a0cd2ae12
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=2675323181109017778
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame A9BE
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFJTF9rN0NwVG9BQUJrblUtLTdVdw&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAIL_k7CpToAABknU--7Uw&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAIL_k7CpToAABknU--7Uw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cox%26bee_sync_current_partner%3Dpp%2...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAIL_k7CpToAABknU--7Uw&pid=558502&do=add
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAIL_k7CpToAABknU--7Uw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_part...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=ox&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=5233143506942990676
  • https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAIL_k7CpToAABknU--7Uw
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAIL_k7CpToAABknU--7Uw
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=654fdc04-8cd2-4182-b6a0-cadf9a3143db&gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.216.3 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 04:41:38 GMT
via
1.1 google
server
OXGW/16.216.3
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAIL_k7CpToAABknU--7Uw
Date
Tue, 28 Sep 2021 04:41:38 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
sd
eu-u.openx.net/w/1.0/ Frame A9BE
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=77316152-9d02-4d00-904a-7aa3b5f48d12
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=77316152-9d02-4d00-904a-7aa3b5f48d12
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=654fdc04-8cd2-4182-b6a0-cadf9a3143db&gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.216.3 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 04:41:38 GMT
via
1.1 google
server
OXGW/16.216.3
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Tue, 28 Sep 2021 04:41:38 GMT
Server
MT3 3984 0e3af3b master cdg-pixel-x5 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=77316152-9d02-4d00-904a-7aa3b5f48d12
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 28 Sep 2021 04:41:37 GMT
sd
us-u.openx.net/w/1.0/ Frame A9BE
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=Y88kMWyaITF4znRlY848M2DGIzB4zSZiN8yMFk5V
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=Y88kMWyaITF4znRlY848M2DGIzB4zSZiN8yMFk5V
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=654fdc04-8cd2-4182-b6a0-cadf9a3143db&gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.216.3 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 04:41:38 GMT
via
1.1 google
server
OXGW/16.216.3
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Sep 2021 04:41:38 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=Y88kMWyaITF4znRlY848M2DGIzB4zSZiN8yMFk5V
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame A9BE
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2295547346455682215
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2295547346455682215
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=654fdc04-8cd2-4182-b6a0-cadf9a3143db&gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.216.3 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 04:41:38 GMT
via
1.1 google
server
OXGW/16.216.3
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Sep 2021 04:41:38 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2295547346455682215
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame A9BE 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=1b1350fb-ccad-7223-dc59-7e83db88b25b&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=654fdc04-8cd2-4182-b6a0-cadf9a3143db&gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 04:41:38 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame A9BE 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Mzc3YzgzMzEtMDVkYS0yYzg3LWM5YjktMjQzYTExNmE3YzNi
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=654fdc04-8cd2-4182-b6a0-cadf9a3143db&gdpr=0&us_privacy=1---
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 04:41:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame A9BE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGCAC9E_U7ddB8YdPQyED4Q&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGCAC9E_U7ddB8YdPQyED4Q&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=654fdc04-8cd2-4182-b6a0-cadf9a3143db&gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.216.3 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 04:41:38 GMT
via
1.1 google
server
OXGW/16.216.3
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Sep 2021 04:41:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGCAC9E_U7ddB8YdPQyED4Q&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 9EB1 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://helpdesk.rootsweb.com/
Accept-Encoding
gzip, deflate, br
Cookie
icu=ChgIxIc7EAoYASABKAEwgLrKigY4AUABSAEQgLrKigYYAA..; uuid2=2675323181109017778
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Wed, 29 Sep 2021 04:41:40 GMT
Date
Tue, 28 Sep 2021 04:41:38 GMT
Connection
keep-alive
Vary
Accept-Encoding
tap.php
pixel.rubiconproject.com/ Frame D857
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YVKdAAAAALCmtQQE
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YVKdAAAAALCmtQQE
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 28 Sep 2021 04:41:38 GMT
via
1.1 varnish
server
Varnish
x-timer
S1632804098.104997,VS0,VE0
x-served-by
cache-hhn4025-HHN
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YVKdAAAAALCmtQQE
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
709414.gif
id.rlcdn.com/ Frame D857 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame D857
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1UzTEVHNk8tMTEtODZDRg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1UzTEVHNk8tMTEtODZDRg==
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 04:41:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1UzTEVHNk8tMTEtODZDRg==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame D857
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzhlMjcxZTM2Y2JkNjNiZDA4NzU0ZGJlNTg3ZmEwODVhNGNhZWNjNg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzhlMjcxZTM2Y2JkNjNiZDA4NzU0ZGJlNTg3ZmEwODVhNGNhZWNjNg
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 04:41:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzhlMjcxZTM2Y2JkNjNiZDA4NzU0ZGJlNTg3ZmEwODVhNGNhZWNjNg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame D857 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 04:41:38 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame D857
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=c8c96152-9d02-4d00-9985-0f0b1dd5bce4
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=c8c96152-9d02-4d00-9985-0f0b1dd5bce4
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/gif

Redirect headers

Date
Tue, 28 Sep 2021 04:41:38 GMT
Server
MT3 3984 0e3af3b master cdg-pixel-x14 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=c8c96152-9d02-4d00-9985-0f0b1dd5bce4
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 28 Sep 2021 04:41:37 GMT
v1
ads.yahoo.com/cms/ Frame D857
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KU3LEG6O-11-86CF&sigv=1&esig=2~cd4eb963f726f834420fc4ff9dd5436f4a20cba2
0
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KU3LEG6O-11-86CF&sigv=1&esig=2~cd4eb963f726f834420fc4ff9dd5436f4a20cba2
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.118.23 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
e2.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:41:38 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KU3LEG6O-11-86CF&sigv=1&esig=2~cd4eb963f726f834420fc4ff9dd5436f4a20cba2
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame D857
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/l0Vdd7drdHa1Jl6We2emV8n5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4655335640305871095
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4655335640305871095
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/gif

Redirect headers

date
Tue, 28 Sep 2021 04:41:38 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4655335640305871095
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gfp_cw_status&domain=rootsweb.com&host=helpdesk.rootsweb.com&success=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092702.js?31062914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 04:41:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame A46E 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://helpdesk.rootsweb.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Tue, 28 Sep 2021 04:41:38 GMT
Connection
keep-alive
checksync.php
contextual.media.net/ Frame 8FA3 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU12G3DV&prvid=171%2C251%2C175%2C178%2C157%2C3016%2C214%2C159%2C238%2C97%2C99%2C77%2C56%2C3012%2C222%2C3007%2C201%2C4%2C246%2C203%2C148%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
dafb05e24547815b1ac77608a888f4f5d9a63f70de5e90bafc1dc67d5a045f40
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

:method
GET
:authority
contextual.media.net
:scheme
https
:path
/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU12G3DV&prvid=171%2C251%2C175%2C178%2C157%2C3016%2C214%2C159%2C238%2C97%2C99%2C77%2C56%2C3012%2C222%2C3007%2C201%2C4%2C246%2C203%2C148%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://helpdesk.rootsweb.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/

Response headers

server
Apache
content-type
text/html; charset=UTF-8
set-cookie
gdpr_status=1; Expires=Fri, 01 Apr 2022 04:41:38 GMT; domain=.media.net; Path=/; sameSite=none; secure=true
x-mnet-hl2
E
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=146875
expires
Wed, 29 Sep 2021 21:29:33 GMT
date
Tue, 28 Sep 2021 04:41:38 GMT
content-length
8115
async_usersync
ib.adnxs.com/ Frame 9EB1 		0
735 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Sep 2021 04:41:38 GMT
X-Proxy-Origin
216.131.114.157; 216.131.114.157; 400.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
bbdf5d32-7612-4c34-bfed-b15281014993
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0448 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158092
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?kdntuid=1&p=158092
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://helpdesk.rootsweb.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=159348
expires
Thu, 30 Sep 2021 00:57:26 GMT
date
Tue, 28 Sep 2021 04:41:38 GMT
vary
Accept-Encoding
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame BF86
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https://helpdesk.rootsweb.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https://helpdesk.rootsweb.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://helpdesk.rootsweb.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5c7bda055e4b2398f67c234ca5af31ce9fcf1dd96ce63d76507f02a11402b1a4

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Cookie
CMID=YVKdAvFYO8Y1u8ddI8JK4QAA; CMPS=3188
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|230|45|241|46|105|51|81
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1571
Expires
Tue, 28 Sep 2021 04:41:38 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 28 Sep 2021 04:41:38 GMT
Connection
keep-alive
Set-Cookie
CMID=YVKdAvFYO8Y1u8ddI8JK4QAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 28 Sep 2022 04:41:38 GMT CMPS=3188;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 27 Dec 2021 04:41:38 GMT CMPRO=1191;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 27 Dec 2021 04:41:38 GMT CMST=YVKdAmFSnQIA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 29 Sep 2021 04:41:38 GMT CMRUM3=f161529d0205a0&5161529d0205a0&6961529d0205a0&2761529d020b40&e661529d022760&2d61529d0205a0&3361529d0205a0&2e61529d0205a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 28 Sep 2022 04:41:38 GMT

Redirect headers

Server
Apache
Content-Length
344
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?d=https://helpdesk.rootsweb.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Tue, 28 Sep 2021 04:41:38 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 28 Sep 2021 04:41:38 GMT
Connection
keep-alive
Set-Cookie
CMID=YVKdAvFYO8Y1u8ddI8JK4QAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 28 Sep 2022 04:41:38 GMT CMPS=3188;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 27 Dec 2021 04:41:38 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 0448 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=35082790&p=158092&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158092
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
3a9d1a8cabc931d32a3049a2bd65b2dedb3853b43033e317b7cc8c8ad029ab8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:41:37 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
casale
match.adsrvr.org/track/cmf/ Frame BF86 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://helpdesk.rootsweb.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 04:41:38 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame BF86
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YVKdAvFYO8Y1u8ddI8JK4QAABKcAAAIB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEKVMTEplduD6TmtqmdgKV8k&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEKVMTEplduD6TmtqmdgKV8k&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://helpdesk.rootsweb.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Sep 2021 04:41:38 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 28 Sep 2021 04:41:38 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Sep 2021 04:41:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEKVMTEplduD6TmtqmdgKV8k&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame BF86
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YVKdAvFYO8Y1u8ddI8JK4QAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESED01bWFzVjVTVKAGCgx5XJ8&google_cver=1&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESED01bWFzVjVTVKAGCgx5XJ8&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://helpdesk.rootsweb.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Sep 2021 04:41:38 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 28 Sep 2021 04:41:38 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Sep 2021 04:41:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESED01bWFzVjVTVKAGCgx5XJ8&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame BF86
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YVKdAvFYO8Y1u8ddI8JK4QAABKcAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YVKdAvFYO8Y1u8ddI8JK4QAABKcAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YVKdAvFYO8Y1u8ddI8JK4QAABKcAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://helpdesk.rootsweb.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Sep 2021 04:41:38 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
STH7G211ENV0N7VMEQC6
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 28 Sep 2021 04:41:38 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
ZSV69KBZCFJT52374TW9
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YVKdAvFYO8Y1u8ddI8JK4QAABKcAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
getuid
secure.adnxs.com/ Frame BF86 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://helpdesk.rootsweb.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame BF86
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://helpdesk.rootsweb.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Sep 2021 04:41:38 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 28 Sep 2021 04:41:38 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Tue, 28 Sep 2021 04:41:38 GMT
server
nginx/1.20.0
content-length
76
sync
x.bidswitch.net/ Frame BF86 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://helpdesk.rootsweb.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.156.153.73 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-153-73.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:41:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
rum
dsum-sec.casalemedia.com/ Frame BF86
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=1j80rtlqMa7NPmT61j4srNU2M6_NPTb9gjysjrPQ
43 B
1012 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=1j80rtlqMa7NPmT61j4srNU2M6_NPTb9gjysjrPQ
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://helpdesk.rootsweb.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Sep 2021 04:41:38 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 28 Sep 2021 04:41:38 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Sep 2021 04:41:38 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=1j80rtlqMa7NPmT61j4srNU2M6_NPTb9gjysjrPQ
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame BF86 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YVKdAvFYO8Y1u8ddI8JK4QAA%261191
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://helpdesk.rootsweb.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 28 Sep 2021 04:41:38 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1056
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Tue, 28 Sep 2021 04:59:14 GMT
match
c1.adform.net/serving/cookie/ Frame FBF3 		35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=4A4AB557-9471-4BF3-86E1-ABA918073541
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158092
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?party=14&cid=4A4AB557-9471-4BF3-86E1-ABA918073541
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
C=1; uid=2295547346455682215
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 28 Sep 2021 04:41:38 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=2295547346455682215; expires=Sat, 27 Nov 2021 04:41:38 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 3A95
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1632785843937290507
42 B
210 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1632785843937290507
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158092
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1632785843937290507
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=4A4AB557-9471-4BF3-86E1-ABA918073541; chkChromeAb67Sec=1; DPSync3=1632873600%3A174%7C1633996800%3A201_197_219; SyncRTB3=1633996800%3A21_161_56_220_54_7_3_8_13_71%7C1633392000%3A223_15%7C1633651200%3A63%7C1635379200%3A203%7C1634083200%3A35; KRTBCOOKIE_699=22727-AAIL_k7CpToAABknU--7Uw; PUBMDCID=3; KRTBCOOKIE_153=19420-fWoIB3I_DQdma1hTfWsQBX5jDwZmaApUKWlosXIC&KRTB&22979-fWoIB3I_DQdma1hTfWsQBX5jDwZmaApUKWlosXIC; KRTBCOOKIE_80=22987-CAESEMkYRPuu9_kvyGeb3goDNdA&KRTB&16514-CAESEMkYRPuu9_kvyGeb3goDNdA&KRTB&23025-CAESEMkYRPuu9_kvyGeb3goDNdA; KRTBCOOKIE_57=22776-2675323181109017778; SPugT=1632804097; KRTBCOOKIE_27=16735-uid:c8c96152-9d02-4d00-9985-0f0b1dd5bce4&KRTB&16736-uid:c8c96152-9d02-4d00-9985-0f0b1dd5bce4&KRTB&23019-uid:c8c96152-9d02-4d00-9985-0f0b1dd5bce4&KRTB&23114-uid:c8c96152-9d02-4d00-9985-0f0b1dd5bce4; KRTBCOOKIE_377=6810-3b658563-e8a3-420d-b237-4461ebd38806&KRTB&22918-3b658563-e8a3-420d-b237-4461ebd38806&KRTB&23031-3b658563-e8a3-420d-b237-4461ebd38806; KRTBCOOKIE_391=22924-2295547346455682215&KRTB&23263-2295547346455682215; KRTBCOOKIE_1101=23040-7012840201690609817; PugT=1632804096
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 28 Sep 2021 04:41:38 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_336=5844-1632785843937290507; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 28-Oct-2021 04:41:38 GMT; path=/ PugT=1632804098; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 28-Oct-2021 04:41:38 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 27-Dec-2021 04:41:38 GMT; path=/
x-lat
lhrpug020:0:406
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1632785843937290507
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 1FBB 		43 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158092
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Tue, 28 Sep 2021 04:41:37 GMT
content-type
image/gif
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Tue, 28 Sep 2021 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
376715
Pug
simage2.pubmatic.com/AdServer/ Frame 9B9B
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7012840201690609817
42 B
210 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7012840201690609817
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158092
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7012840201690609817
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=4A4AB557-9471-4BF3-86E1-ABA918073541; chkChromeAb67Sec=1; DPSync3=1632873600%3A174%7C1633996800%3A201_197_219; SyncRTB3=1633996800%3A21_161_56_220_54_7_3_8_13_71%7C1633392000%3A223_15%7C1633651200%3A63%7C1635379200%3A203%7C1634083200%3A35; KRTBCOOKIE_699=22727-AAIL_k7CpToAABknU--7Uw; PugT=1632804098; PUBMDCID=3; KRTBCOOKIE_153=19420-fWoIB3I_DQdma1hTfWsQBX5jDwZmaApUKWlosXIC&KRTB&22979-fWoIB3I_DQdma1hTfWsQBX5jDwZmaApUKWlosXIC
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 28 Sep 2021 04:41:36 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_1101=23040-7012840201690609817; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 28-Oct-2021 04:41:36 GMT; path=/ PugT=1632804096; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 28-Oct-2021 04:41:36 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 27-Dec-2021 04:41:36 GMT; path=/
x-lat
amspug019:0:549
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Tue, 28 Sep 2021 04:41:38 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=7012840201690609817; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7012840201690609817
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0448
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Skq1V5RxS_OG4aupGAc1QQ%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158092
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:41:38 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=159348
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Thu, 30 Sep 2021 00:57:26 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Sep 2021 04:41:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 0448
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c8c96152-9d02-4d00-9985-0f0b1dd5bce4
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c8c96152-9d02-4d00-9985-0f0b1dd5bce4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158092
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:41:37 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Tue, 28 Sep 2021 04:41:38 GMT
Server
MT3 3984 0e3af3b master cdg-pixel-x15 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c8c96152-9d02-4d00-9985-0f0b1dd5bce4
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 28 Sep 2021 04:41:37 GMT
mw
mwzeom.zeotap.com/ Frame 0448
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=4A4AB557-9471-4BF3-86E1-ABA918073541
  • https://spl.zeotap.com/?zdid=1332&zcluid=dbbb324f11ecf9c9
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=51811291-ab9a-4a11-55e6-2bac012dfbac&reqId=ebb91d24-0ed3-4dba-4cfb-527f3bbfe8bd&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEIk4UZXWqB9lMqLVAUvszLg&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=51811291-ab9a-4a11-55e6-2bac012dfbac&reqId=ebb91d24-0ed3-4dba-4cfb-527...
95 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEIk4UZXWqB9lMqLVAUvszLg&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=51811291-ab9a-4a11-55e6-2bac012dfbac&reqId=ebb91d24-0ed3-4dba-4cfb-527f3bbfe8bd&zcluid=dbbb324f11ecf9c9&zdid=1332
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158092
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.25.87 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:41:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
695a4cf1382605e4-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 28 Sep 2021 04:41:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEIk4UZXWqB9lMqLVAUvszLg&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=51811291-ab9a-4a11-55e6-2bac012dfbac&reqId=ebb91d24-0ed3-4dba-4cfb-527f3bbfe8bd&zcluid=dbbb324f11ecf9c9&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 0448
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NEE0QUI1NTctOTQ3MS00QkYzLTg2RTEtQUJBOTE4MDczNTQx&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158092
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:41:38 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug017:0:446
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 28 Sep 2021 04:41:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 0448
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMkYRPuu9_kvyGeb3goDNdA&google_cver=1
42 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMkYRPuu9_kvyGeb3goDNdA&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158092
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:41:38 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug015:0:626
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 28 Sep 2021 04:41:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMkYRPuu9_kvyGeb3goDNdA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 0448 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158092
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:41:38 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 27 Sep 2021 04:41:38 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 0448
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3b658563-e8a3-420d-b237-4461ebd38806
42 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3b658563-e8a3-420d-b237-4461ebd38806
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158092
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:41:38 GMT
cache-control
no-store, no-cache, private
x-lat
amspug009:0:412
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 28 Sep 2021 04:41:38 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3b658563-e8a3-420d-b237-4461ebd38806
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
simage2.pubmatic.com/AdServer/ Frame 0448
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2295547346455682215
42 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2295547346455682215
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158092
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:41:37 GMT
cache-control
no-store, no-cache, private
x-lat
amspug008:0:431
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 28 Sep 2021 04:41:38 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2295547346455682215
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 0448
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:c8c96152-9d02-4d00-9985-0f0b1dd5bce4&gdpr=0&gdpr_consent=
42 B
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:c8c96152-9d02-4d00-9985-0f0b1dd5bce4&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158092
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:41:36 GMT
cache-control
no-store, no-cache, private
x-lat
amspug002:0:341
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Tue, 28 Sep 2021 04:41:38 GMT
Server
MT3 3984 0e3af3b master cdg-pixel-x26 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:c8c96152-9d02-4d00-9985-0f0b1dd5bce4&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 28 Sep 2021 04:41:37 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 0448
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2675323181109017778&gdpr=0&gdpr_consent=
42 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2675323181109017778&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158092
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:41:38 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug006:0:460
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Tue, 28 Sep 2021 04:41:38 GMT
X-Proxy-Origin
216.131.114.157; 216.131.114.157; 400.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
a1e09d3d-0610-4e11-b281-f389a97fc750
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2675323181109017778&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 0448
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=fWoIB3I_DQdma1hTfWsQBX5jDwZmaApUKWlosXIC
42 B
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=fWoIB3I_DQdma1hTfWsQBX5jDwZmaApUKWlosXIC
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158092
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:41:38 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug014:0:385
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 28 Sep 2021 04:41:38 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=fWoIB3I_DQdma1hTfWsQBX5jDwZmaApUKWlosXIC
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 0448
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4A4AB557-9471-4BF3-86E1-ABA918073541&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-eDL76LpE2uUPz1eGdJ1MDp_ppcWEBRQ-~A&gdpr=0&gdpr_consent=
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-eDL76LpE2uUPz1eGdJ1MDp_ppcWEBRQ-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158092
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:41:37 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Tue, 28 Sep 2021 04:41:38 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-eDL76LpE2uUPz1eGdJ1MDp_ppcWEBRQ-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
4A4AB557-9471-4BF3-86E1-ABA918073541
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 0448 		43 B
554 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/4A4AB557-9471-4BF3-86E1-ABA918073541?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158092
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.176 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
pr-bh-ing.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:41:38 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 0448
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=cb59ad7b-d522-460e-85f4-9c981839403c&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d2066a35-9dea-49a6-978c-ff92eaeb5a99&gdpr=&gdpr_consent=&gdpr_pd=
1 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d2066a35-9dea-49a6-978c-ff92eaeb5a99&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158092
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:41:37 GMT
cache-control
no-store, no-cache, private
x-lat
amspug006:0:375
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d2066a35-9dea-49a6-978c-ff92eaeb5a99&gdpr=&gdpr_consent=&gdpr_pd=
date
Tue, 28 Sep 2021 04:41:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame 0448 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=4A4AB557-9471-4BF3-86E1-ABA918073541&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158092
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.207.16.201 Roydon, United Kingdom, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
ams04-usadmm.dotomi.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 04:41:38 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
activeview
pagead2.googlesyndication.com/pcs/ 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsthSMJutM93C-gdT6zYyobzLd48v5iOnZuG-xZNeFYp7aE-8Q6ZPxIqfCZJe_QuhRnj4wgOBZAwJk0kbAWR8NlV_ihItMkku3jeb1dIHDpsVBitlGR6&sig=Cg0ArKJSzMsOhhw-w9n0EAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210927&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=2995897494&rs=4&met=ie&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1632804094593&rpt=2998
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 04:41:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 9EB1 		0
735 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Sep 2021 04:41:39 GMT
X-Proxy-Origin
216.131.114.157; 216.131.114.157; 400.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
f03ea7ec-c2b2-4b82-b970-d537f854b2ef
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
id
api.britepool.com/v1/britepool/ Frame 		0
0
id
api.britepool.com/v1/britepool/ 		0
0
369.json
id5-sync.com/g/v2/ 		213 B
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/369.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.49 , France, ASN16276 (OVH, FR),
Reverse DNS
p04.id5-sync.com
Software
/
Resource Hash
3fda43ad4ccc2605a02a359e0f8abd52e27f703dc294df1897541f25fffd13ab
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://helpdesk.rootsweb.com
Date
Tue, 28 Sep 2021 04:41:34 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		44 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=88
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Sep 2021 04:41:39 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://helpdesk.rootsweb.com
access-control-allow-credentials
true
alt-svc
clear
content-length
44
id
id.crwdcntrl.net/ 		154 B
911 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.137.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-137-92.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ea8f7749894a3cdab789b6dcfbdeaf72e7c71db5ad57a32a1de84b6118a9a6d6

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 04:41:39 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://helpdesk.rootsweb.com
cache-control
no-cache
x-server
10.45.25.101
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
154
expires
0
rid
match.adsrvr.org/track/ 		108 B
679 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=mp4hjl8&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
b58d3b062b0c3dc89b14750bf9e8e8cc1b53f146a18360051b8103bb5d9b7265

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Sep 2021 04:41:39 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://helpdesk.rootsweb.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Thu, 28 Oct 2021 04:41:39 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 0448 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158092&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158092
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:41:39 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fonts.googleapis.com
URL
https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700&display=swap
Domain
use.fontawesome.com
URL
https://use.fontawesome.com/releases/v5.5.0/css/all.css
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/analytics.js
Domain
geoip.insticator.com
URL
https://geoip.insticator.com/json/
Domain
event.insticator.com
URL
https://event.insticator.com/v1/event?event_name=event_embed-loaded
Domain
df80k0z3fi8zg.cloudfront.net
URL
https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/logo-insticator-light-opt.png
Domain
df80k0z3fi8zg.cloudfront.net
URL
https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/icon-check.png
Domain
df80k0z3fi8zg.cloudfront.net
URL
https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/graphic-ooc-opt.png
Domain
d3lcz8vpax4lo2.cloudfront.net
URL
https://d3lcz8vpax4lo2.cloudfront.net/client_logos/878d28e0-acf3-478e-a554-ae52c44ac472/92f4b42c-ecaa-43ab-93cc-f4e3e692fbf7
Domain
go.newspapers.com
URL
https://go.newspapers.com/ads/LDR-search.php?&design=grayldr&nameField=1&label=FIND%20YOUR%20ANCESTORS%20IN%20OBITUARIES%20AND%20BIRTH%20NOTICES&xid=1090&clickTag=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjstJb8xhsMkot7d4azENRN8FxL0y_HkQF-AU803okwM8aF_7jswIe-YJwZLz0buRGfBRvOmwcheVsMY4bu05EpVH0IvEiNEovMFh_DDQJCb2G0zl8TB7aq-9tTwDd_mUix3SOBjAwugMMfk9Jv6E7B20Ozt01coFXiUgq-LYNPWyiZYhEhJOhWytMQH51NJ-lZqftctxHTA1zT6OOS3dMNSpxTjM-HhNq6OhjZ_Fb_3JDx4BsZPqc5j6TM80b_foXms2Ob-YYDY1fU_NMKGKwKU9irH0BneXRc_l1DAFX0TaO8b4NejO0qpaO5SJ8VKVWK_gEEbX-aXGJ_wQwT4%2526sai%253DAMfl-YR6N6Is98nPCpCFhhTEy7kM1xnihYgoRLtHZ_HoEyY0kbg-7TWL0ip8wmFP7q88kIHhct2h4A-FdVxYmzmkzsqZAHBwUhGpFOYLWYx7id0q12BbML8kujETNwnhmxuC%2526sig%253DCg0ArKJSzDAfzroeMGk_EAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&t=1&utm_source=rootsweb&utm_medium=referral&utm_campaign=RW-Display
Domain
inv-nets.admixer.net
URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dopenx%26bsw_param%3Dd2066a35-9dea-49a6-978c-ff92eaeb5a99%26gdpr%3D%26consent%3D%26gdpr_pd%3D%26expires%3D7
Domain
api.britepool.com
URL
https://api.britepool.com/v1/britepool/id
Domain
api.britepool.com
URL
https://api.britepool.com/v1/britepool/id

Verdicts & Comments Add Verdict or Comment

121 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery function| OAS_AD object| Insticator function| revealServerName function| _toConsumableArray function| _classCallCheck function| _typeof function| _extends function| _createClass object| ui string| env object| Banner function| updateCookie function| getExpireDate function| readCookie object| utag_data object| AdBridg object| googletag object| pbjs string| exp_string object| PublisherCommonId string| href object| mnet number| window_x boolean| apstagLOADED object| apstag object| ggeac object| google_js_reporting_queue function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| insticatorQueue string| embedUUID function| checkAndConfirmEmbedUUID function| embedLoad function| appendEmbedElements boolean| headerTagInjected number| insticator_tg boolean| utag_condload undefined| multioptoutUrl object| utag function| e undefined| returnTLD boolean| __tealium_twc_switch function| tmsPromise function| P object| digitalData string| is_mobile string| is_tablet string| url function| addSiteEvent object| adobe function| Visitor object| s_c_il number| s_c_in object| sx function| AppMeasurement function| s_gi function| s_pgicq function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_ActivityMap number| s_objectID number| s_giq boolean| creativeVendorLibraryLoaded object| s_i_ancestry-global object| InsticatorApp string| insticatorHeaderCodeVersion object| PWT object| instBid object| ads_list object| embeds_list boolean| isPageviewSent boolean| insticatorIframeLoaded object| confiant object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| gaGlobal string| encoded_unit object| __connect boolean| inDapIF boolean| inGptIF object| dicnf number| google_srt object| viewReq function| vu object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired function| owpbjsChunk object| owpbjs object| _pbjsGlobals object| ucTag object| OWT string| partnerName string| key function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb function| instBidChunk number| __google_lidar_ function| osdlfm number| __google_lidar_adblocks_count_ function| __google_lidar_radf_

102 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIgQIQyp7V1cIvCgoI4gEQyp7V1cIvCgoI5gEQyp7V1cIvCgoIhwIQyp7V1cIvCgkICRDKntXVwi8KCQg6EMqe1dXCLwoJCAsQyp7V1cIvCgoIjAIQyp7V1cIvCgoIzgEQyp7V1cIvCgkIXxDKntXVwi8=
.rootsweb.ancestry.com/ Name: __cf_bm
Value: Rplg.M0m6jGt16WfNf0_xv5DChMm4oqymcpfHqUY688-1632804095-0-AT4PvHS01SC/t0t6vyaJrJ/vofTldeEF4ykFHMQd/C9n/uRZNJHONUSRstim177Rk1mBtygm0sxss5w/qRzF2xg=
.rootsweb.com/ Name: __cf_bm
Value: leHa_ZyPejjLrDbsiCpdJlvV95RkWSIbbQV42hG03oQ-1632804095-0-AcgCdt+35Tjj7+GOyd2fiyu+Vo0OTURyTJGx4qu5lBILjmUHGS3bSJCXjp/12ldFZfIQPjpDu/Og44LWsYT1E6U=
.rootsweb.com/ Name: _pubcid
Value: c8bf6fa2-652a-4dd4-868f-b66bbfaf81a6
.rootsweb.com/ Name: an_split
Value: 33
.rootsweb.com/ Name: an_s_split
Value: 97
.rootsweb.com/ Name: utag_main
Value: v_id:017c2ab54958001f33e030fc0ff803072001e06a00b08$_sn:1$_se:1$_ss:1$_st:1632805896345$ses_id:1632804096345%3Bexp-session$_pn:1%3Bexp-session$vapi_domain:rootsweb.com
.rootsweb.com/ Name: adbrgn
Value: US%3F%3F
.rootsweb.com/ Name: _adb
Value: a2ku3leg07xRVxwBLOJ7
.demdex.net/ Name: demdex
Value: 02093714792959358090183183452679258279
.rootsweb.com/ Name: AMCVS_ED3301AC512D2A290A490D4C%40AdobeOrg
Value: 1
.rootsweb.com/ Name: s_cc
Value: true
.openx.net/ Name: i
Value: c8bf6fa2-652a-4dd4-868f-b66bbfaf81a6|1632804096
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YVKdAAAAALCmtQQE
.lijit.com/ Name: ljtrtb
Value: eJyrrgUAAXUA%2BQ%3D%3D
.lijit.com/ Name: ljt_reader
Value: e0ede5ce6452990813e15e9d
.adnxs.com/ Name: icu
Value: ChgIxIc7EAoYASABKAEwgLrKigY4AUABSAEQgLrKigYYAA..
.adnxs.com/ Name: uuid2
Value: 2675323181109017778
.rubiconproject.com/ Name: rsid
Value: 1|HsGqLFsFr/vVSy6g0MQzNQWiuYBcZJvAvCF6IsCkVVAywYaQOmrhQ6qYZbyIiI/PTx+vvVOnYX6qF0anVSaRRFrEpFc6uQw19gMkasvdREJwzG6pEKVeU6zjT6a3MjDFVf/xlH9h
.rubiconproject.com/ Name: ses2
Value: 128980^1
.rubiconproject.com/ Name: vis2
Value: 128980^1
.dpm.demdex.net/ Name: dpm
Value: 02093714792959358090183183452679258279
.rootsweb.com/ Name: AMCV_ED3301AC512D2A290A490D4C%40AdobeOrg
Value: 359503849%7CMCIDTS%7C18899%7CMCMID%7C01973987032760998160202757857030966542%7CMCAAMLH-1633408896%7C6%7CMCAAMB-1633408896%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1632811296s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18906%7CvVersion%7C5.0.1
helpdesk.rootsweb.com/ Name: InstiSession
Value: eyJpZCI6ImFjYzU3ODJmLTFmYjQtNDdhOC05MGEyLTRlOWJlMzIzOTc3NSIsInJlZmVycmVyIjoiIiwiY2FtcGFpZ24iOnsic291cmNlIjpudWxsLCJtZWRpdW0iOm51bGwsImNhbXBhaWduIjpudWxsLCJ0ZXJtIjpudWxsLCJjb250ZW50IjpudWxsfX0=
.rubiconproject.com/ Name: khaos
Value: KU3LEG6O-11-86CF
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB2N99hwWimrrMay1NhvFRO1y8N5jahKRdQKa353ZKUvRQmf2gEMxCFZ59O4vo6YizvAUJ+gL7gixayAxgfbm9J8Aizhfkn5jms=
.doubleclick.net/ Name: IDE
Value: AHWqTUmGD57_G4SXQ2wFYf_GkrzvIFnQr5Edu3LkHOHH8FTQz7ZhJDNfGgx5no_A1gA
helpdesk.rootsweb.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
helpdesk.rootsweb.com/ Name: cto_bidid
Value: TQwzSV9oS3pFVUFIWFJxZ2Zib3J1SzBJcklFWldkSFFwd2hlSFF5cnZla3hsbHBrRkhyZjRVNDViSk5UbG16Q0RqWnkyY0tEZUYlMkJ5T29aNWhqYiUyQlVTdGx5YmclM0QlM0Q
helpdesk.rootsweb.com/ Name: cto_bundle
Value: jfW3vF81UU9pSGxwJTJCdWtZZkhTZGRUOGtEYmxYMnFxZE5KT3pMJTJGajQ5Tjl6bUhlUHVXJTJCZ1NqZXdIWlZRdlpxM3BOSVklMkY4VGN0amQlMkY0QWw4dnppbG5yWnREREwlMkZvdTZmZ3FpV2hCRU9KcnYzV0ZnZloyTmVDRW5JOXp4TXlyV09yaE5XeA
.britepool.com/ Name: _temp_bpid_
Value: 991aa9f0-6a3e-4e35-a2cd-39d4dd76731b
.3lift.com/ Name: tluid
Value: 10993664966320988281
eus.rubiconproject.com/ Name: pux
Value: 1512%3D102916%262307%3D102916%262974%3D102916%263778%3D102916%26idl%3D102916%26goog%3D102916%262249-DV360-Hosted%3D102916%26brx%3D102916%26
.turn.com/ Name: uid
Value: 2922046216996930808
.openx.net/ Name: pd
Value: v2|1632804097|mOgeginskin0vNomiygu
.bing.com/ Name: MUID
Value: 0FCBDF24E14460B60CE3CFE4E00661E1
.bidswitch.net/ Name: tuuid
Value: d2066a35-9dea-49a6-978c-ff92eaeb5a99
.bidswitch.net/ Name: c
Value: 1632804097
.bidswitch.net/ Name: tuuid_lu
Value: 1632804098
.w55c.net/ Name: wfivefivec
Value: qNoJAenC1Mv4VY5
.quantserve.com/ Name: mc
Value: 61529d02-0ef60-05823-37ab2
.w55c.net/ Name: matchopenx
Value: 5
.rootsweb.com/ Name: __gads
Value: ID=ef90e0a94f9bc43c:T=1632804096:S=ALNI_Mbvzz-JcoonA9H2Td5H0Clc81KOdw
.adform.net/ Name: C
Value: 1
.mathtag.com/ Name: uuid
Value: c8c96152-9d02-4d00-9985-0f0b1dd5bce4
.adform.net/ Name: uid
Value: 2295547346455682215
.thrtle.com/ Name: mc
Value: eyJpZCI6ImZjOGNjMjdkLWEzYjYtNGM1Ni05YWI0LWUxNDRkNjNlMWVhNyIsImwiOjE2MzI4MDQwOTgwNTksInQiOjF9
.bidr.io/ Name: bito
Value: AAIL_k7CpToAABknU--7Uw
.bidr.io/ Name: bitoIsSecure
Value: ok
.yahoo.com/ Name: A3
Value: d=AQABBAGdUmECEJUeu861l87PDSOF8pZQaWwFEgEBAQHuU2FcYQAAAAAA_eMAAA&S=AQAAAoC2rlGkC4otplor9EL1hxo
.casalemedia.com/ Name: CMID
Value: YVKdAvFYO8Y1u8ddI8JK4QAA
.casalemedia.com/ Name: CMPS
Value: 3188
.media.net/ Name: gdpr_status
Value: 1
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&76499f8c-9813-4b2e-8f05-e59f0378d873"
.linkedin.com/ Name: lidc
Value: "b=TGST04:s=T:r=T:a=T:p=T:g=2531:u=1:x=1:i=1632804098:t=1632890498:v=2:sig=AQGiK-ll15lk4YkWyjsk_-5HrVVsA8-3"
.casalemedia.com/ Name: CMPRO
Value: 1191
.casalemedia.com/ Name: CMST
Value: YVKdAmFSnQIA
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 4A4AB557-9471-4BF3-86E1-ABA918073541
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: DPSync3
Value: 1632873600%3A174%7C1633996800%3A201_197_219
.pubmatic.com/ Name: SyncRTB3
Value: 1633996800%3A21_161_56_220_54_7_3_8_13_71%7C1633392000%3A223_15%7C1633651200%3A63%7C1635379200%3A203%7C1634083200%3A35
.quantserve.com/ Name: d
Value: EJABGAGtJPijCJiTCuu4EA
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAIL_k7CpToAABknU--7Uw
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 19420-fWoIB3I_DQdma1hTfWsQBX5jDwZmaApUKWlosXIC&KRTB&22979-fWoIB3I_DQdma1hTfWsQBX5jDwZmaApUKWlosXIC
.adfarm1.adition.com/ Name: UserID1
Value: 7012840201690609817
.adsrvr.org/ Name: TDID
Value: 3b658563-e8a3-420d-b237-4461ebd38806
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEMkYRPuu9_kvyGeb3goDNdA&KRTB&16514-CAESEMkYRPuu9_kvyGeb3goDNdA&KRTB&23025-CAESEMkYRPuu9_kvyGeb3goDNdA
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwiYg7mriZGBOhAFGAUgASgCMgsImMip2Z-RgToQBTgB
.simpli.fi/ Name: suid
Value: AE4E507A40F94CF89A80A622569C08C1
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-2675323181109017778
.analytics.yahoo.com/ Name: IDSYNC
Value: 18z8~20ng
.de17a.com/ Name: guid2
Value: 1.1632785843937290507
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:c8c96152-9d02-4d00-9985-0f0b1dd5bce4&KRTB&16736-uid:c8c96152-9d02-4d00-9985-0f0b1dd5bce4&KRTB&23019-uid:c8c96152-9d02-4d00-9985-0f0b1dd5bce4&KRTB&23114-uid:c8c96152-9d02-4d00-9985-0f0b1dd5bce4
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-3b658563-e8a3-420d-b237-4461ebd38806&KRTB&22918-3b658563-e8a3-420d-b237-4461ebd38806&KRTB&23031-3b658563-e8a3-420d-b237-4461ebd38806
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-2295547346455682215&KRTB&23263-2295547346455682215
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7012840201690609817
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-1632785843937290507
.casalemedia.com/ Name: CMRUM3
Value: f161529d0205a0&5161529d0227601j80rtlqMa7NPmT61j4srNU2M6_NPTb9gjysjrPQ&6961529d0205a00&3361529d0205a0&2761529d020b40&2d61529d022760CAESED01bWFzVjVTVKAGCgx5XJ8&e661529d022760&2e61529d0205a0
ads.avct.cloud/ Name: uuid
Value: cb59ad7b-d522-460e-85f4-9c981839403c
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-d2066a35-9dea-49a6-978c-ff92eaeb5a99
.pubmatic.com/ Name: PugT
Value: 1632804097
.onaudience.com/ Name: cookie
Value: dbbb324f11ecf9c9
.onaudience.com/ Name: done_redirects219
Value: 1
.zeotap.com/ Name: zc
Value: 51811291-ab9a-4a11-55e6-2bac012dfbac
.zeotap.com/ Name: zsc
Value: W%FA%19m%D4%B5hA%A6%04y%FB%0D%BEL%A6m%A8%C8%C19YT8%27%92%DE%E4G%27%C36~%F0%150L%B3t%CA%1C%1F%A4%DB7%1E%FA%9D%897%8B.%90%E7%EFw%CF%87%E2%02%0E%5B%7B%A8%80D%00%11%F2%0E%1F%CA%EF_%28%E6%0F%EF%24F%EE%B9%A9
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 4548e8da893ee097
.smartadserver.com/ Name: pid
Value: 5233143506942990676
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AAIL_k7CpToAABknU--7Uw
helpdesk.rootsweb.com/ Name: _lr_retry_request
Value: true
helpdesk.rootsweb.com/ Name: _lr_env_src_ats
Value: false
helpdesk.rootsweb.com/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%223b658563-e8a3-420d-b237-4461ebd38806%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222021-08-28T04%3A41%3A39%22%7D
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: d21939c7aac8a1ebf55556491eda9c22
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQSDEytDS2TDZPTEy2SDRMTUozBQIzE0vD1JREy2QjIwYgSAyaywyioQAAV70KaA%3D%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIDJrLDKSgAAARBwFU"
.rootsweb.com/ Name: panoramaId_expiry
Value: 1633408899350
.rootsweb.com/ Name: _cc_id
Value: d21939c7aac8a1ebf55556491eda9c22
.rootsweb.com/ Name: panoramaId
Value: 889e0581ec4e7f75f5c112d48ef54945a702523d03ff1816ac9f239e0104ce7a
.pubmatic.com/ Name: SPugT
Value: 1632804099

8 Console Messages

Source Level URL
Text
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092702.js?31062914(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092702.js?31062914(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092702.js?31062914(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092702.js?31062914(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://api.britepool.com/v1/britepool/id
Message:
Failed to load resource: net::ERR_CONNECTION_REFUSED
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=88
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ad.turn.com
ads.avct.cloud
ads.pubmatic.com
ads.yahoo.com
adservice.google.com
adspsp.com
ajax.googleapis.com
ancestry-d.openx.net
ancestry-mcsp.demdex.net
ancestry.sc.omtrdc.net
ap.lijit.com
api.britepool.com
api.lytics.io
api.rlcdn.com
b1sync.zemanta.com
b2c.insticator.com
bam-cell.nr-data.net
bh.contextweb.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
c2shb.ssp.yahoo.com
cm.everesttech.net
cm.g.doubleclick.net
confiant-integrations.global.ssl.fastly.net
contextual.media.net
d.adroll.com
d3lcz8vpax4lo2.cloudfront.net
d4827d1996b024bc62e872a8f858bac7.safeframe.googlesyndication.com
d5p.de17a.com
df80k0z3fi8zg.cloudfront.net
dis.criteo.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
event.insticator.com
fastlane.rubiconproject.com
fonts.googleapis.com
geo.adspsp.com
geoip.insticator.com
get.s-onetag.com
go.newspapers.com
gum.criteo.com
hbopenbid.pubmatic.com
helpdesk.rootsweb.ancestry.com
helpdesk.rootsweb.com
htlb.casalemedia.com
ib.adnxs.com
id.crwdcntrl.net
id.rlcdn.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
inv-nets.admixer.net
js-agent.newrelic.com
js-sec.indexww.com
match.adsrvr.org
match.prod.bidr.io
mwzeom.zeotap.com
onetag-geo.s-onetag.com
pagead2.googlesyndication.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.media.net
prod.adspsp.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.britepool.com
rtb-csync.smartadserver.com
s.amazon-adsystem.com
secure.adnxs.com
securepubads.g.doubleclick.net
signal-beacon.s-onetag.com
simage2.pubmatic.com
simage4.pubmatic.com
smetrics.ancestry.com
spl.zeotap.com
ssc-cms.33across.com
ssc.33across.com
ssl.google-analytics.com
ssum-sec.casalemedia.com
sync-tm.everesttech.net
sync.mathtag.com
tags.tiqcdn.com
thrtle.com
tlx.3lift.com
token.rubiconproject.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
use.fontawesome.com
web.hb.ad.cpe.dotomi.com
www.ancestrycdn.com
www.google-analytics.com
www.googletagservices.com
x.bidswitch.net
api.britepool.com
d3lcz8vpax4lo2.cloudfront.net
df80k0z3fi8zg.cloudfront.net
event.insticator.com
fonts.googleapis.com
geoip.insticator.com
go.newspapers.com
inv-nets.admixer.net
use.fontawesome.com
www.google-analytics.com
104.109.78.125
104.111.226.93
104.16.18.6
104.18.26.36
104.18.27.36
104.22.25.87
104.75.88.194
108.174.11.69
13.107.21.200
13.248.245.213
13.36.218.177
142.250.181.226
142.250.185.130
142.250.185.226
142.250.185.232
142.250.186.162
143.204.101.139
143.204.101.150
143.204.95.188
143.204.98.113
143.204.98.126
143.204.98.45
143.204.98.60
143.204.98.94
15.188.95.229
151.101.130.49
151.101.193.194
151.101.66.137
162.247.243.147
169.50.137.190
172.217.18.106
178.250.0.163
178.250.2.146
18.156.0.31
18.156.153.73
18.195.231.241
184.31.84.150
185.29.134.248
185.33.221.11
185.33.223.38
185.64.189.110
185.64.189.112
185.64.189.114
185.64.190.78
185.64.190.80
185.86.137.110
198.148.27.140
2.18.232.130
2.18.233.180
2.18.234.21
2.18.235.93
208.100.17.177
209.54.176.128
212.82.100.176
213.155.156.182
216.58.212.129
3.220.38.221
3.92.246.31
34.107.148.139
34.120.133.55
34.149.20.76
34.210.198.65
34.227.85.106
34.240.91.113
34.98.64.218
35.190.11.84
35.244.174.68
37.157.6.251
46.228.164.11
51.79.83.225
52.19.99.3
52.202.233.191
52.215.67.80
52.28.203.152
52.30.200.197
52.48.137.92
54.194.191.134
54.36.109.49
54.93.179.96
63.33.204.129
64.202.112.159
69.173.144.139
69.173.144.143
69.173.144.165
72.251.249.13
76.223.111.131
85.114.159.93
87.248.118.23
89.207.16.201
89.207.16.210
91.228.74.133
03fc6b29a26ab6955fd5364fa079345027b4dbf6fd9e9a06684dec4991120e37
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
058142ad991e52836f6d557c3d90b280b9a6ab39c2eaeb68b4a8876e802753c4
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
080f5680666e824d82a2a828da3149a8a7630fa140aeb05ec8de75be6207a062
09a5cf78f70c2e4dc3ce16317d3c787806fed4de4ad067015224d21edaca9d05
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d239500d61e95ca8799eaa2ec23276fe4cc9940bbbb1a723a47766d43c85edf
0f6513b97722b006dc971d9e1da127a9e858aef68def3811c7d671b6b9405422
108651ebf54555a00f52a70b7cf29b3465c7151214b0467738de3acb4f68ed71
162cdbdc9fce4a989a8e89c266902f242ca3a512aa771baee16d49187f9019a4
183ad2faae0222513f01b2c79661b655ba58c849d17261d9806a8a5988169f6c
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18ddcdb24ef28edc630b9a8543b40580652c11b541930e4e7f457a0859e26920
1a3e3dd419c4d28c1f0c68c8167c1689f308235d376a0f01989c05c9a4619a23
1bd15eebfb666408e7db84da51d38b002142e3ab5d1fd4f6c8567f04ef753958
1f2d68f16a5426ee5e208e7a3bb18881cf77722f0c1311da72305603f3c453d0
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
245f3246e232f71eb09c95d10f718bbf5b4c59e5d02e4dcac21be0e0d10712d8
2b3dd53e971b7924e18c11d3a017129ee1a3199d92517afa60fb8eb85e960ef0
2d6babbecbd9a0ea851a8b3a4ffea44e5a030a555d538bf455206ba539a3a567
2e2201192d8a342b5f570c4418dc4dcd2c0460243b4f9ba99c60a7c312d13e50
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
2ef11050f150e7e242a38fa3111f688f59c1dc8d6104ba0d5f6f811e891a028c
3213bb97e284f266249563d4b148e11a4f32f541a052d5f0c6e85fc73d7e191c
33c501b6204f96055ccb9ac459dc3480919bba2eb27c02f11dc2778b5d62d7b3
37880b0a7b67fac8600b00237579d7bc4124a8a261ec5847c639287dab5e449e
3956abb802c9c7d9423c07d90c15ed2edeefcb4387915d92f39dc9a215ed4c00
3a9d1a8cabc931d32a3049a2bd65b2dedb3853b43033e317b7cc8c8ad029ab8a
3b2b2152d0532b0050dc8052f6f00c10e85f045e4661631a8211e01774bd6665
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3db9505c9ab48dcf077970bf455d5e724f5d039983d9e7a0814b52801a8ee361
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fda43ad4ccc2605a02a359e0f8abd52e27f703dc294df1897541f25fffd13ab
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4537694480e187f6b4bb7c80b546a1febc7a717f6d672ed0eeadcccd68279959
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
514a436ce59832f4b759f9284ec4b8940872b4cf5614319138060f06bb96b6fc
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57c162f0ccd4f0857aec354f9b1188e28fdb237e888ae5d38ba2f5fbac7f06b0
5b8810ee64bade6fc49a6c0948f933337663c3df9526ed7e21694b728a15818e
5c7bda055e4b2398f67c234ca5af31ce9fcf1dd96ce63d76507f02a11402b1a4
5d83f75d59e35edc60c1fcb217ee655bc3d1cd774a490ab2ee1767841e80f587
5ebfda037beb490e6ab60a07fe13fc65c80cc01c0c7963b5d9e1f8404c5b8305
63b4149ada3e92ff26a2a91db0f52e43930a1c88d8c56dc4986dee823c45b372
63e94979425caef6720afec317bd004567c3438a0dbc73adcb2c7fdd1a057739
674d1ff7419bdf7f1dafd4a41db01a4feb1d802122213ecc456dd43f72791984
6e9a2faa245518a10391c2eaba8a2a2496efac39f21794a4d381f02ef8bcee03
7768376c839333815bd4ef35cc6d9f20f08f32f0d86cad1b8d7d61fd47493cac
7980569c490f4d3a42a21d1f3d8ff166d25baaf513e8d7fcbce756e75919bb69
7a77e60b17cfcabc04ef30c432d32aa878577843250c7697607c6604f80953a9
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c8ae0ca81cabaf09bf56181abcb4a4f1c183bf6013d993fce44431d947f370d
7e8f3dadf31ccbaff67acee0751b89dbbb7263e1afdae3e75785c6b09557f98e
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83af3eed9bc9713193f2ad86f6214e2554ec29f8022e054dcf696a10d59ff9d2
85b3580813fa8eb2c6c64f0690f1104f9e14fdd3b34d6916b69617955047369a
87e82c28793b5db8189ced24fd749522f6513f2b86981e88bcb347cdbda61f9d
88c28228952a3c582f5e4015146fccfa2a42c4a3f782a189cae6ea4520b7348f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ea9df9aa296a2eac3fe1a8b6972fecea49c7295f723cf9c93356ff9301a09ec
975b62423e82390a1b54f47625f46f5b4451a8ea69945b2e85008a194bb55edd
97aff7589fd8ea19474748b67868bdbee39ba40f0a4137568b03d250edfd9d35
987f99479658144f51bb3d58724e6cad26e9c59b396c8da74781c49d3bd9072e
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9f60e19500513ab17705449e16e7cec14a0f266d207458dd2db5da4c4ae40a3c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a066930557e37432d9bb825538f59fa94f0b11c0e5ac2174fb15e2c70e5621ec
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a35e5139ac1fcf753ff318aca6ce0600ecee03c9560a17ac5334ed4c3d479d70
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7bf1ca7ac9b401cb791e14391ad32d3c615afaa57d76b8b180d1cfe3e338790
b07ee248cf027745b1bf6e0e4c13e6404db9f6f64adeb54011878b26fc6744ae
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b58d3b062b0c3dc89b14750bf9e8e8cc1b53f146a18360051b8103bb5d9b7265
b61b713b624738d5a0427a7f89ecfdebc61588668c6357d3e5f7bdefd72c5518
b86e59e58208eb497bb565fa5649c53b6809220b2af037ceb97e59e18f82032a
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb4b0ebe87db059d1c7dd1742f05d2ec127a568a60748ff9f123c561a23c4e17
bf04f1bb313d5c0d23cb106d2fe2f1b0bad2e317c56df482cf5b8b1c141f6ddc
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d27770755c02f7a7567179dd1e9bbbc316a189b3ba57aed5932c6a4cf37f6278
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
dafb05e24547815b1ac77608a888f4f5d9a63f70de5e90bafc1dc67d5a045f40
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5668ad294690c0def710438c8462f2eb7ece9e8ef4b7ab53cb93a45d1f8cd7c
e619d1fec4df57c5253b8d9df9429eaaa442bb8d2ddb9d831cd22093401b1e7c
ea8f7749894a3cdab789b6dcfbdeaf72e7c71db5ad57a32a1de84b6118a9a6d6
ee2553aa0e59f769b5c41ed1d4ab2f8b8353383d2abd9e558e598791f2c66ff5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f45bbc52e612abc175d6f809a8f683355dee53258dfbb895c5b76767061e0acc
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f8327c4bb0232dfbfb0378ed5ed8a02d6b9cb645c8617021aa8e0f00634d1b91
f87ba2d94c81d62472bac27150f1200ca3bd575f26591191c4a0aa718bd0e282
f92778c756d7a0fe2a1906d7c0009896d8feb05d2bc765af127ed06ba3a7b17e
fb59c0f637a2c45cd8f4d777da358c765fd47e6c277d2dadee850f9c3870b22c
fca4c724009bbda9487719603948ffe2c8b1e3d1cf78261d7bf681ae79218065
fff89499abf274f3c86d28acfb662e83078b9d64adf8f46b06b5f1a1010cd12c