sites.rootsweb.com Open in urlscan Pro
104.18.38.32 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://sites.rootsweb.com/
Submission Tags: 0xscam
Submission: On May 03 via api (May 3rd 2024, 11:58:10 am UTC) from US — Scanned from DE

Summary HTTP 108 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 49 IPs in 8 countries across 38 domains to perform 108 HTTP transactions. The main IP is 104.18.38.32, located in and belongs to CLOUDFLARENET, US. The main domain is sites.rootsweb.com. The Cisco Umbrella rank of the primary domain is 472079.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 5th 2023. Valid for: a year.

This is the only time sites.rootsweb.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 5	104.18.38.32 104.18.38.32	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	13.35.58.11 13.35.58.11	16509 (AMAZON-02) (AMAZON-02)
2	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
3	108.138.6.136 108.138.6.136	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
3	2600:9000:235... 2600:9000:235a:4200:7:2bfb:7c00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	35.190.11.84 35.190.11.84	15169 (GOOGLE) (GOOGLE)
1 3	3.248.114.134 3.248.114.134	16509 (AMAZON-02) (AMAZON-02)
1	176.34.140.246 176.34.140.246	16509 (AMAZON-02) (AMAZON-02)
1	63.140.62.222 63.140.62.222	15224 (OMNITURE) (OMNITURE)
1 1	52.18.190.199 52.18.190.199	16509 (AMAZON-02) (AMAZON-02)
1	63.140.62.17 63.140.62.17	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.30 99.86.4.30	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:4bd8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	3.209.165.87 3.209.165.87	14618 (AMAZON-AES) (AMAZON-AES)
4	184.30.211.26 184.30.211.26	16625 (AKAMAI-AS) (AKAMAI-AS)
1	65.9.66.68 65.9.66.68	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:34ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.208.49.113 52.208.49.113	16509 (AMAZON-02) (AMAZON-02)
3	130.211.23.194 130.211.23.194	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700:20:... 2606:4700:20::ac43:4513	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.166 142.250.185.166	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::ac43:17ea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:1ad8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.143.149 18.66.143.149	16509 (AMAZON-02) (AMAZON-02)
1	37.252.171.149 37.252.171.149	29990 (ASN-APPNEX) (ASN-APPNEX)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2	2a02:fa8:8806... 2a02:fa8:8806:20::2100	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.48.195.79 52.48.195.79	16509 (AMAZON-02) (AMAZON-02)
4	2602:803:c003... 2602:803:c003:200::21	26667 (RUBICONPR...) (RUBICONPROJECT)
1	3.124.64.248 3.124.64.248	16509 (AMAZON-02) (AMAZON-02)
6	52.58.37.98 52.58.37.98	16509 (AMAZON-02) (AMAZON-02)
1	178.250.1.8 178.250.1.8	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	34.120.63.153 34.120.63.153	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700:10:... 2606:4700:10::6816:545	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
2	162.19.138.120 162.19.138.120	16276 (OVH) (OVH)
1	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	104.17.112.43 104.17.112.43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	44.241.111.109 44.241.111.109	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:3::3 2a02:2638:3::3	() ()
1	2a02:2638:3::c 2a02:2638:3::c	() ()
108	49

5 104.18.38.32 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

sites.rootsweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.35.58.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-58-11.fra60.r.cloudfront.net

prod.adspsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.6.136 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-6-136.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:235a:4200:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.11.84 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 84.11.190.35.bc.googleusercontent.com

api.lytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.248.114.134 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-114-134.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.34.140.246 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-176-34-140-246.eu-west-1.compute.amazonaws.com

ancestry-mcsp.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.62.222 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-222.data.adobedc.net

ancestry.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.190.199 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-190-199.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.62.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-17.data.adobedc.net

smetrics.ancestry.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-30.fra6.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:4bd8 (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.209.165.87 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-165-87.compute-1.amazonaws.com

prod.us-east-1.cxm-bcn.publisher-services.amazon.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.30.211.26 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-211-26.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-68.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:34ad (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.hadronid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.49.113 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-49-113.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4513 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)

id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:1ad8 (United States)

ASN13335 (CLOUDFLARENET, US)

ex.ingage.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.143.149 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-143-149.fra60.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.171.149 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:20::2100 (Singapore)

ASN41041 (VCLK-EU-SE, US)

web.hb.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
proc.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.195.79 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-195-79.eu-west-1.compute.amazonaws.com

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.64.248 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-64-248.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.58.37.98 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-37-98.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

2acc326bfade68b04555e4d426800f2b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.120 (Amsterdam, Netherlands)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.112.43 (None, )

ASN13335 (CLOUDFLARENET, US)

go.newspapers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.241.111.109 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-241-111-109.us-west-2.compute.amazonaws.com

adspsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::3 (None, )

ASN- ()

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::c (None, )

ASN- ()

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 103 2acc326bfade68b04555e4d426800f2b.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 164	127 KB
10	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 421	104 KB
6	sharethrough.com btlr.sharethrough.com — Cisco Umbrella Rank: 1051	877 B
5	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 308 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 630 aax.amazon-adsystem.com — Cisco Umbrella Rank: 419	84 KB
5	rootsweb.com 1 redirects sites.rootsweb.com — Cisco Umbrella Rank: 472079	10 KB
4	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 506	4 KB
4	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1126	106 KB
4	btloader.com btloader.com — Cisco Umbrella Rank: 876 api.btloader.com — Cisco Umbrella Rank: 958	19 KB
4	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 243 ancestry-mcsp.demdex.net — Cisco Umbrella Rank: 51687	2 KB
4	adspsp.com prod.adspsp.com — Cisco Umbrella Rank: 17476 adspsp.com — Cisco Umbrella Rank: 15894	203 KB
3	ad.gt id.hadron.ad.gt — Cisco Umbrella Rank: 1612 a.ad.gt — Cisco Umbrella Rank: 2168	5 KB
3	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 968 id5-sync.com — Cisco Umbrella Rank: 509	28 KB
3	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 1304	78 KB
3	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 205 ad.doubleclick.net — Cisco Umbrella Rank: 159	170 KB
2	criteo.net static.criteo.net	31 KB
2	gstatic.com fonts.gstatic.com	34 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	2 KB
2	criteo.com bidder.criteo.com — Cisco Umbrella Rank: 587 gum.criteo.com	197 B
2	dotomi.com web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 4332 proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 2488	679 B
2	ingage.tech ex.ingage.tech — Cisco Umbrella Rank: 9553	1 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 914	1 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1095 bcp.crwdcntrl.net — Cisco Umbrella Rank: 983	12 KB
2	amazon.dev prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 3647	128 B
1	newspapers.com go.newspapers.com — Cisco Umbrella Rank: 241680
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 885	278 B
1	media.net prebid.media.net — Cisco Umbrella Rank: 1111	1 KB
1	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 536	287 B
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 737	368 B
1	casalemedia.com htlb.casalemedia.com — Cisco Umbrella Rank: 477	545 B
1	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 465	114 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 573	259 B
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 257	1 KB
1	hadronid.net cdn.hadronid.net — Cisco Umbrella Rank: 2071	10 KB
1	ancestry.com smetrics.ancestry.com — Cisco Umbrella Rank: 49112	372 B
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1317	517 B
1	omtrdc.net ancestry.sc.omtrdc.net — Cisco Umbrella Rank: 452877	268 B
1	lytics.io api.lytics.io — Cisco Umbrella Rank: 61685	437 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	83 KB
108	38

	Domain	Requested by
14	pagead2.googlesyndication.com	securepubads.g.doubleclick.net sites.rootsweb.com pagead2.googlesyndication.com
10	cdn.ampproject.org	securepubads.g.doubleclick.net
6	btlr.sharethrough.com	prod.adspsp.com
5	sites.rootsweb.com	1 redirects sites.rootsweb.com
4	fastlane.rubiconproject.com	prod.adspsp.com
4	secure.cdn.fastclick.net	sites.rootsweb.com secure.cdn.fastclick.net
3	api.btloader.com	btloader.com
3	dpm.demdex.net	1 redirects sites.rootsweb.com
3	tags.tiqcdn.com	sites.rootsweb.com tags.tiqcdn.com
3	c.amazon-adsystem.com	sites.rootsweb.com c.amazon-adsystem.com
3	prod.adspsp.com	sites.rootsweb.com prod.adspsp.com
2	static.criteo.net	prod.adspsp.com static.criteo.net
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	securepubads.g.doubleclick.net
2	id5-sync.com	cdn.id5-sync.com
2	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
2	ex.ingage.tech	prod.adspsp.com
2	id.hadron.ad.gt	cdn.hadronid.net
2	ad-delivery.net
2	prod.us-east-1.cxm-bcn.publisher-services.amazon.dev	c.amazon-adsystem.com
2	securepubads.g.doubleclick.net	sites.rootsweb.com securepubads.g.doubleclick.net
1	gum.criteo.com	static.criteo.net
1	adspsp.com
1	go.newspapers.com	securepubads.g.doubleclick.net
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	2acc326bfade68b04555e4d426800f2b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	proc.ad.cpe.dotomi.com	secure.cdn.fastclick.net
1	a.ad.gt	cdn.hadronid.net
1	prebid.media.net	prod.adspsp.com
1	bidder.criteo.com	prod.adspsp.com
1	tlx.3lift.com	prod.adspsp.com
1	ap.lijit.com	prod.adspsp.com
1	htlb.casalemedia.com	prod.adspsp.com
1	hbopenbid.pubmatic.com	prod.adspsp.com
1	web.hb.ad.cpe.dotomi.com	prod.adspsp.com
1	rtb.openx.net	prod.adspsp.com
1	ib.adnxs.com	prod.adspsp.com
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	ad.doubleclick.net
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	cdn.id5-sync.com	sites.rootsweb.com
1	cdn.hadronid.net	sites.rootsweb.com
1	tags.crwdcntrl.net	sites.rootsweb.com
1	btloader.com	sites.rootsweb.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	smetrics.ancestry.com	sites.rootsweb.com
1	cm.everesttech.net	1 redirects
1	ancestry.sc.omtrdc.net	tags.tiqcdn.com
1	ancestry-mcsp.demdex.net	tags.tiqcdn.com
1	api.lytics.io	tags.tiqcdn.com
1	www.googletagmanager.com	sites.rootsweb.com
108	51

This site contains links to these domains. Also see Links.

Domain
www.ancestry.com
home.rootsweb.com
corporate.ancestry.com
support.rootsweb.com
useraccount.rootsweb.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-08-05` - `2024-08-03`	a year	crt.sh
prod.adspsp.com Amazon RSA 2048 M03	`2023-11-18` - `2024-12-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
tags.tiqcdn.com Amazon RSA 2048 M02	`2024-03-19` - `2025-04-17`	a year	crt.sh
*.lytics.io DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2023-09-05` - `2024-10-05`	a year	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2024-10-26`	a year	crt.sh
*.sc.omtrdc.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-07` - `2025-03-09`	a year	crt.sh
smetrics.ancestry.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-24` - `2024-08-23`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
btloader.com GTS CA 1P5	`2024-04-14` - `2024-07-13`	3 months	crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev Amazon RSA 2048 M02	`2023-11-27` - `2024-12-25`	a year	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2023-10-03` - `2024-10-03`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
hadronid.net GTS CA 1P5	`2024-03-31` - `2024-06-29`	3 months	crt.sh
id5-sync.com E1	`2024-04-06` - `2024-07-05`	3 months	crt.sh
api.btloader.com GTS CA 1D4	`2024-04-05` - `2024-07-04`	3 months	crt.sh
ad-delivery.net GTS CA 1P5	`2024-03-19` - `2024-06-17`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
id.hadron.ad.gt E1	`2024-03-27` - `2024-06-25`	3 months	crt.sh
*.ingage.tech Sectigo RSA Organization Validation Secure Server CA	`2023-07-28` - `2024-08-11`	a year	crt.sh
alt1-3ps.amazon-adsystem.com Amazon RSA 2048 M03	`2024-03-29` - `2025-04-28`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-06-09` - `2024-07-10`	a year	crt.sh
*.pubmatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-19` - `2025-04-19`	a year	crt.sh
casalemedia.com E1	`2024-04-19` - `2024-07-18`	3 months	crt.sh
*.lijit.com Amazon RSA 2048 M02	`2023-11-21` - `2024-12-19`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2024-03-04` - `2025-04-03`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2024-03-13` - `2025-04-11`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-04-15` - `2024-07-10`	3 months	crt.sh
prebid.media.net GTS CA 1D4	`2024-04-17` - `2024-07-16`	3 months	crt.sh
a.ad.gt E1	`2024-04-11` - `2024-07-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.id5-sync.com R3	`2024-05-01` - `2024-07-30`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2024-05-01` - `2024-07-30`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
newspapers.com E1	`2024-03-29` - `2024-06-27`	3 months	crt.sh
adspsp.com Amazon RSA 2048 M03	`2023-11-17` - `2024-12-15`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-04-25` - `2024-07-19`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://sites.rootsweb.com/
Frame ID: 39D70EB05D17DE889F86C295176EA6B7
Requests: 70 HTTP requests in this frame

Frame: https://sites.rootsweb.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js
Frame ID: 82CEB41F0B695BC3BAD582AEBF7ADAD8
Requests: 2 HTTP requests in this frame

Frame: https://ancestry-mcsp.demdex.net/dest5.html?d_nsid=0
Frame ID: 7A576898FF79B2ABB5858C7C00DB7670
Requests: 1 HTTP requests in this frame

Frame: https://2acc326bfade68b04555e4d426800f2b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 352960E51B8D57C1A3D2A27C51C51187
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 57AB4D5159BC89765452EBFA4E0143D5
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032404291353000/amp4ads-v0.mjs
Frame ID: B6B45D0F4D7E8BAA94CDE9120CF40930
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032404291353000/amp4ads-v0.mjs
Frame ID: B30A826CBCD2E7F48835D925E5A122AB
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstfdHKwKPbgNyhXcA_oXMsu61GByyoyNPUOqxR1C9cYzCnB6MUMccnfVR6Xl4K4H_-ZRi3S5ishZCh1ElMIuFQsZ1w3Iu9CT05m-QWXD7YCk7IILaKyaCZeKTklatWmf4nAw7ygPwHbAi0xyU0L7x62W1Eax5znDxdSFkicX8Du2jRhnzR2QwNJr6sduqzaHYsiFNswWWGDFrrHwibMtwqDzd6N3a3kSdS1ElM7-s33BqW5cZ17A20f8fe6YPnKKKvDc5EpyxyDvt94ff5KgFil38VLpK1_HpAh4o-4mqMMN6lKM8-RiqKPrLPi9VLpx_f_pbaj0bnR-TOdWHSicdjFbKbYChJR-ICkDp7J9wKuD9dRsKuCHE6Bj2pEiTmW0FkzRFgH8VAM48_UIv2UI93-FgqgjZs7XpFzdZ5uq5ldGWe7cdM&sig=Cg0ArKJSzGBl8IBkjgpoEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 845E00FFCA7EA648F98F99953C335F87
Requests: 7 HTTP requests in this frame

Frame: https://go.newspapers.com/ads/LDR-search.php?&design=grayldr&nameField=1&label=FIND%20YOUR%20ANCESTORS%20IN%20OBITUARIES%20AND%20BIRTH%20NOTICES&xid=1090&clickTag=https://pagead2.googlesyndication.com/pcs/click%253Fxai%253DAKAOjsvG8hdrDmOsH4di54EB7tyNgXYv2TqxsJgVlYwe7unywwNaYWIVAZxMMuuf72dJR-nH-f4k9A6Ni6pJC54r3hAoMthFCP3pkT79gTm6ldkztd2fc1Av4QtxT32WH2xR3_tyH7319eR6mRxIuh-bfSQGpmbbiI1ysF5jL_GRiZbFusgtLLBI2uXX-igVz55mzP8gSg5II9Df7mkJVZBQi1EtnrKi94o39M3ahS4JFyD8EeT4c_8K8NOuAEjGaoswhv2uWTKFhzPtUQGxRaT8runWlCvCw8cZWBKuAauyVFy1XilxAQQMPrLO_3Z6xgM89J_XqwgVDALQBfqdF-f8rt3ad7fD3atSg8eq5MBbXr9qY5hyB-8WwfV9VV791I5WEuZL2bDt7Vao7o0wRhO-3maN3If1HChjBicRvoW_lwAZdFdmWNc7Cw%2526sig%253DCg0ArKJSzKtk-4JLRo0zEAE%2526fbs_aeid%253D%25255Bgw_fbsaeid%25255D%2526urlfix%253D1%2526adurl%253D&t=1&utm_source=rootsweb&utm_medium=referral&utm_campaign=RW-Display
Frame ID: 9B039CA99253E8511B2708F5E44A80D7
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=sites.rootsweb.com
Frame ID: 94AF94C926E31C1CAA8F597453B8EEC5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

108
Requests

94 %
HTTPS

35 %
IPv6

38
Domains

51
Subdomains

49
IPs

8
Countries

1119 kB
Transfer

4018 kB
Size

21
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ancestry.com/s33216/t10989/grid1005/rd.ashx
Title: Ancestry.com

Search URL Search Domain Scan URL

URL: https://home.rootsweb.com/support
Title: Learn more.

Search URL Search Domain Scan URL

URL: https://corporate.ancestry.com/
Title: About Us

Search URL Search Domain Scan URL

URL: https://support.rootsweb.com/s/contactsupport
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.ancestry.com/cs/legal/copyright-policy
Title: Copyright

Search URL Search Domain Scan URL

URL: https://useraccount.rootsweb.com/websites/reportInappropriateWebsite?url=/
Title: Report Inappropriate Material

Search URL Search Domain Scan URL

URL: https://www.ancestry.com/corporate/
Title: Corporate Information

Search URL Search Domain Scan URL

URL: https://www.ancestry.com/cs/legal/privacyphilosophy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.ancestry.com/cs/legal/termsandconditions
Title: Terms and Conditions

Search URL Search Domain Scan URL

URL: https://www.ancestry.com/cs/legal/privacystatement#personal-info-categories
Title: CCPA Notice at Collection

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://sites.rootsweb.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://sites.rootsweb.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js

Request Chain 11

https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=ED3301AC512D2A290A490D4C%40AdobeOrg&d_nsid=0&ts=1714737486179 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=ED3301AC512D2A290A490D4C%40AdobeOrg&d_nsid=0&ts=1714737486179

Request Chain 17

https://cm.everesttech.net/cm/dd?d_uuid=85494133323058566041056786246073005293 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZjTRTgAAAFFEIQO5

108 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
sites.rootsweb.com/ 5 KB
2 KB 471ms
408ms Document
text/html 104.18.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sites.rootsweb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.38.32 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a74cf7bdeaa637ea1a53b622fbd1e4eaa047d216ef187c85863b0bc2174e895

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cf-cache-status: DYNAMIC
cf-ray: 87e013c509da2c4e-FRA
content-encoding: gzip
content-type: text/html
date: Fri, 03 May 2024 11:58:05 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK adb.5781260.min.js Show response
prod.adspsp.com/ 2 KB
2 KB 34ms
7ms Script
text/javascript 13.35.58.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.adspsp.com/adb.5781260.min.js
Requested by: Host: sites.rootsweb.com
URL: https://sites.rootsweb.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ff978774e984bd273256efb2220e4cc0e1252ce7f520c3af8e6305d84e27263e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 03 May 2024 11:40:01 GMT
Content-Encoding: gzip
Via: 1.1 425709fb5486bea91d36ef6c75d4ffac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P10
Age: 1087
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 17 Apr 2024 22:12:13 GMT
Server: AmazonS3
ETag: W/"dedc52b7470ca93601e116a4cf898656"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=1800
X-Amz-Cf-Id: sCXe1foZjgW0WfzX8NGeHtHAcNKMghS9u-47F7UoFIU-G2tMRNxEZQ==

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 95 KB
29 KB 154ms
77ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: sites.rootsweb.com
URL: https://sites.rootsweb.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

e1e1ee1e7fd6ae8c3bcf650d3a1a277871d4fee316f8d305fdf8c6e1884325d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 11:58:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30164
x-xss-protection: 0
server: cafe
etag: 907 / 19846 / m202404290101 / config-hash: 4048708208957689274
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 03 May 2024 11:58:06 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 303 KB
76 KB 28ms
7ms Script
application/javascript 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: sites.rootsweb.com
URL: https://sites.rootsweb.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 24ad22beeb2126f15b299eea5a709f2d3aa653509635a0df0946f3b96c1ce209

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 11:05:10 GMT
content-encoding: gzip
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront), 1.1 5c0a79476717d213b9c559bafee1c65e.cloudfront.net (CloudFront)
last-modified: Wed, 24 Apr 2024 20:29:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 3177
x-amz-server-side-encryption: AES256
etag: W/"6105a53f37b3579acb3324e9fac88e22"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: p7oH2qEbq5WEwmSD3gwCh2n8zPDNIW752rE_b4m2LFx1x7DSCRp-kg==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 231 KB
83 KB 139ms
61ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NSWCNL5

Requested by

Host: sites.rootsweb.com
URL: https://sites.rootsweb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

12538d353147de54833dc7870e3d15f9a48c7d4a8210f6b9de9e253aad21b3ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 11:58:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84186
x-xss-protection: 0
last-modified: Fri, 03 May 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 03 May 2024 11:58:06 GMT

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/ancestry/rootsweb/prod/ 206 KB
59 KB 56ms
13ms Script
application/javascript 2600:9000:235a:4200:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/ancestry/rootsweb/prod/utag.js
Requested by: Host: sites.rootsweb.com
URL: https://sites.rootsweb.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:4200:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 527eeba069f49cf98ffebb808e10118331fba5d1c33e86cd1dc04c92cd313728

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: P7Idz.e3lUkKobwYivpJ7bkaAKUSitlD
content-encoding: br
via: 1.1 32803d0ba3af70cddd7db80d2fd00608.cloudfront.net (CloudFront)
date: Fri, 03 May 2024 11:58:06 GMT
last-modified: Tue, 07 Mar 2023 02:52:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
age: 206
x-amz-server-side-encryption: AES256
etag: W/"3bb7f8eb7d6fa217d341130fd9927625"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: FfqTYhsVFec0oi-eB9x9ILAg8kViXDRYWf4ZNaVgF_bec5wr0z0ikg==

GET
H2

200

main.js Show response
sites.rootsweb.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/ Frame 82CE
Redirect Chain

https://sites.rootsweb.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://sites.rootsweb.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js

8 KB
4 KB

41ms
41ms

Script
application/javascript

104.18.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sites.rootsweb.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js

Requested by

Host: sites.rootsweb.com
URL: https://sites.rootsweb.com/

Protocol

Server

104.18.38.32 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

059fc25215bb467a58f00fd4386ed26a3744f2a928a44bcc237914172567f379

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Fri, 03 May 2024 11:58:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 87e013c7ed972c4e-FRA

Redirect headers

date: Fri, 03 May 2024 11:58:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
vary: Accept-Encoding
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 87e013c7cd672c4e-FRA
content-length: 0

GET
H/1.1 200
OK adb.5781260.cr.js Show response
prod.adspsp.com/ 178 KB
62 KB 8ms
8ms Script
text/javascript 13.35.58.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.adspsp.com/adb.5781260.cr.js?c=Cx9860e3e:lv4dazj4:21
Requested by: Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1c46f90448f9817fcec311ee3247679ecea2b1aaf4fa4ea582072596228b76d1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 17 Apr 2024 22:12:25 GMT
Content-Encoding: gzip
Via: 1.1 425709fb5486bea91d36ef6c75d4ffac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P10
Age: 1345542
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 17 Apr 2024 22:12:07 GMT
Server: AmazonS3
ETag: W/"83f7eeb6352ab06f7605e95b98334a7d"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=2592000
X-Amz-Cf-Id: YlR5PvEKw8HxmhS_4g9gKVHshKa3UhReBwVt_DAQ4AggmUZJ9CZKkQ==

GET
H/1.1 200
OK adb.5781260.pb.js Show response
prod.adspsp.com/ 439 KB
140 KB 21ms
8ms Script
text/javascript 13.35.58.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.adspsp.com/adb.5781260.pb.js?c=Cx9860e3e:lv4dazj4:21
Requested by: Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: db045f4c6b2b353f88c725c9aaa0acf2c97c6ed66c2553eb5cf40de3ba2c2826

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 17 Apr 2024 22:12:25 GMT
Content-Encoding: gzip
Via: 1.1 50d1552804e5c5074606d2b5a0eb8ef8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P10
Age: 1345542
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 17 Apr 2024 22:12:10 GMT
Server: AmazonS3
ETag: W/"37ced60be2cae5388ad8a1e78265fac3"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=2592000
X-Amz-Cf-Id: O3ZqIg4J7vmyD9EYVZKjCKqjSri7I6mAr9HWz7YBgiQNBFId0AlioQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 21ms
7ms XHR
application/javascript 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding: gzip
via: 1.1 88cabd6b8652306789c6bc8090fbcb1a.cloudfront.net (CloudFront)
date: Fri, 03 May 2024 07:59:39 GMT
x-amz-cf-pop: FRA56-P6
age: 14308
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: dylYfPjEIbJPWP6nomyiwdO7JhvpdGV2h437c9wHFyIPM2MBgua2sg==

POST
H2 200 87e013c509da2c4e Show response
sites.rootsweb.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 82CE 0
255 B 54ms
53ms XHR
text/plain 104.18.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sites.rootsweb.com/cdn-cgi/challenge-platform/h/g/jsd/r/87e013c509da2c4e

Requested by

Host: sites.rootsweb.com
URL: https://sites.rootsweb.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.38.32 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 03 May 2024 11:58:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87e013c88e812c4e-FRA
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 00000000-0000-0000-0000-000000000000 Show response
api.lytics.io/api/me/6578caa0cdaa8dfcd95d5e6d3de12cc8/ucdmid/ 76 B
437 B 186ms
128ms XHR
application/json 35.190.11.84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lytics.io/api/me/6578caa0cdaa8dfcd95d5e6d3de12cc8/ucdmid/00000000-0000-0000-0000-000000000000?fields=behavior_is_current_subscriber&segments=true

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ancestry/rootsweb/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.11.84 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

84.11.190.35.bc.googleusercontent.com

Software

lytics.io 7fe2ce502db65c2c6bc70c05aa643ee6921c97ef /

Resource Hash

674d1ff7419bdf7f1dafd4a41db01a4feb1d802122213ecc456dd43f72791984

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000;
content-encoding: gzip
via: 1.1 google
date: Fri, 03 May 2024 11:58:06 GMT
server: lytics.io 7fe2ce502db65c2c6bc70c05aa643ee6921c97ef
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://sites.rootsweb.com
x-lytics-trace: f71f245e9d58412114ac7daa3bc39fd8
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, *
content-length: 95
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=ED3301AC512D2A290A490D4C%40AdobeOrg&d_nsid=0&ts=1714737486179
https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=ED3301AC512D2A290A490D4C%40AdobeOrg&d_nsid=0&ts=1714737486179

372 B
921 B

38ms
38ms

XHR
application/json

3.248.114.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=ED3301AC512D2A290A490D4C%40AdobeOrg&d_nsid=0&ts=1714737486179

Requested by

Host: sites.rootsweb.com
URL: https://sites.rootsweb.com/

Protocol

Server

3.248.114.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-248-114-134.eu-west-1.compute.amazonaws.com

Software

Resource Hash

d096cbb399775987c7189c2d52a875250bfe705bea32a5f4de60e0b1a745ec4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://sites.rootsweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v060-0590c04e4.edge-irl1.demdex.com 7 ms
pragma: no-cache
date: Fri, 03 May 2024 11:58:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-tid: LF4L6jXNQVM=
vary: Origin
content-type: application/json;charset=utf-8
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin: https://sites.rootsweb.com
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 315
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-1-v060-0b995e30b.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Fri, 03 May 2024 11:58:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: ePoacg95TuQ=
vary: Origin
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=ED3301AC512D2A290A490D4C%40AdobeOrg&d_nsid=0&ts=1714737486179
access-control-allow-origin: https://sites.rootsweb.com
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 utag.107.js Show response
tags.tiqcdn.com/utag/ancestry/rootsweb/prod/ 54 KB
19 KB 11ms
11ms Script
application/javascript 2600:9000:235a:4200:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/ancestry/rootsweb/prod/utag.107.js?utv=ut4.46.202102022145
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ancestry/rootsweb/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:4200:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6e9a2faa245518a10391c2eaba8a2a2496efac39f21794a4d381f02ef8bcee03

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 1lywGzz8hxBSpS_GdRT4oDlZ_YIbAzeg
content-encoding: br
via: 1.1 32803d0ba3af70cddd7db80d2fd00608.cloudfront.net (CloudFront)
date: Fri, 03 May 2024 11:58:06 GMT
last-modified: Tue, 07 Mar 2023 02:52:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
age: 181
x-amz-server-side-encryption: AES256
etag: W/"ae6f626844a5d32f045d5d129b482e7a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: v881gPV5sgpaFcYSeHxtD3yVZoDfPaQccf_lAeylrPQ5i21RrgJ3JA==

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404290101/ 452 KB
141 KB 36ms
36ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404290101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

303ccf36bfa5fc56fbcad57a7893fc0eac4d5b3a3bc1e693ff1cc4029c745c0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 11:12:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2735
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 144143
x-xss-protection: 0
server: cafe
etag: 2635873822533524996
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 03 May 2025 11:12:31 GMT

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
432 B 8ms
7ms Script
application/javascript 2600:9000:235a:4200:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=ancestry/rootsweb/202112151717&cb=1714737486201
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ancestry/rootsweb/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:4200:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date: Fri, 03 May 2024 11:57:05 GMT
via: 1.1 32803d0ba3af70cddd7db80d2fd00608.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9
age: 62
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2
last-modified: Sat, 11 Mar 2023 06:57:46 GMT
server: AmazonS3
etag: "7bc0ee636b3b83484fc3b9348863bd22"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
accept-ranges: bytes
x-amz-cf-id: 8DWS9t0AE_Ln4jJ_Sy4SU9KnXcFeVALZzrIkkwhcJJkO5f6CLZErAA==

GET
H2 200 dest5.html
ancestry-mcsp.demdex.net/ Frame 7A57 0
0 99ms
32ms Document
text/html 176.34.140.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ancestry-mcsp.demdex.net/dest5.html?d_nsid=0

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ancestry/rootsweb/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

176.34.140.246 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-176-34-140-246.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://sites.rootsweb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Fri, 03 May 2024 11:58:06 GMT
dcs: dcs-prod-irl1-2-v060-0546384e6.edge-irl1.demdex.com 1 ms
expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Tue, 9 Apr 2024 12:55:52 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-tid: yktQDNajRSs=

GET
H2 200 id Show response
ancestry.sc.omtrdc.net/ 2 B
268 B 59ms
19ms XHR
application/x-javascript 63.140.62.222
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://ancestry.sc.omtrdc.net/id?d_visid_ver=5.0.1&d_fieldgroup=A&mcorgid=ED3301AC512D2A290A490D4C%40AdobeOrg&mid=85745782045409950611076622194607290692&ts=1714737486319

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ancestry/rootsweb/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.222 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-63-140-62-222.data.adobedc.net

Software

jag /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 03 May 2024 11:58:06 GMT
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://sites.rootsweb.com
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 2
x-xss-protection: 1; mode=block

GET
H2

200

ibs:dpid=411&dpuuid=ZjTRTgAAAFFEIQO5
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=85494133323058566041056786246073005293
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZjTRTgAAAFFEIQO5

42 B
717 B

33ms
32ms

Image
image/gif

3.248.114.134
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZjTRTgAAAFFEIQO5

Requested by

Host: sites.rootsweb.com
URL: https://sites.rootsweb.com/

Protocol

Server

3.248.114.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-248-114-134.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://sites.rootsweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v060-0c57507fa.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Fri, 03 May 2024 11:58:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: JupmMxiQRt0=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZjTRTgAAAFFEIQO5
Date: Fri, 03 May 2024 11:58:06 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 s19925723434870
smetrics.ancestry.com/b/ss/ancestry-global/1/JS-2.20.0/ 43 B
372 B 66ms
19ms Image
image/gif 63.140.62.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://smetrics.ancestry.com/b/ss/ancestry-global/1/JS-2.20.0/s19925723434870?AQB=1&ndh=1&pf=1&t=3%2F4%2F2024%2013%3A58%3A6%205%20-120&sdid=243678DEE9B14ED9-0347F2E6AEA7A12E&mid=85745782045409950611076622194607290692&aamlh=6&ce=UTF-8&ns=ancestry&pageName=ancestry%20rootsweb%20%3A%20hostedsites%20%3A%20&g=https%3A%2F%2Fsites.rootsweb.com%2F&cc=USD&ch=rootsweb&server=rootsweb.com&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c11=00000000-0000-0000-0000-000000000000&v12=rootsweb&v13=us&v14=rootsweb&c23=nrvisitor&v23=nrvisitor&c24=not%20win%20back&c35=non%20dna%20user&v35=non%20dna%20user&v41=ancestry%20rootsweb%20%3A%20hostedsites%20%3A%20&c42=ancestry%20rootsweb%20%3A%20hostedsites&v42=ancestry%20rootsweb%20%3A%20hostedsites&c43=ancestry%20rootsweb%20%3A%20hostedsites%20%3A%20&v43=ancestry%20rootsweb%20%3A%20hostedsites%20%3A%20&c44=202405031358&v44=202405031358&c45=sites.rootsweb.com%2F&v45=sites.rootsweb.com%2F&c49=05%2F03%2F2024%204%3A58%3A06&v49=05%2F03%2F2024%204%3A58%3A06&c50=ancestry%20rootsweb%20%3A%20hostedsites%20%3A%20&v65=00000000-0000-0000-0000-000000000000&c68=sites.rootsweb.com&c73=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F124.0.0.0%20Safari%2F537.36&v98=interactive%3C1.00s&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=ED3301AC512D2A290A490D4C%40AdobeOrg&AQE=1

Requested by

Host: sites.rootsweb.com
URL: https://sites.rootsweb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-17.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 03 May 2024 11:58:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Sat, 04 May 2024 11:58:06 GMT
server: jag
etag: 3682370712187928576-4618533994310898909
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 02 May 2024 11:58:06 GMT

GET
H2 404 favicon.ico
sites.rootsweb.com/ 9 KB
3 KB 389ms
389ms Other
text/html 104.18.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sites.rootsweb.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.38.32 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4237213aa9a683a6cc919d846d81fedbb8c83a79c2cac2b90a4e491f2af3ef98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 11:58:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: EXPIRED
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
content-type: text/html
cache-control: public, max-age=14400
cf-ray: 87e013caa9e32c4e-FRA
x-xss-protection: 1; mode=block
expires: Fri, 03 May 2024 15:58:06 GMT

GET
H2 200 3348 Show response
config.aps.amazon-adsystem.com/configs/ 531 B
796 B 49ms
8ms Script
application/javascript 99.86.4.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/3348
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-30.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: 9d497a6ffb57d6211ba499b4ca97d55b5dc60d3c97bb0fcb849a29e2ee243d68

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 11:07:55 GMT
via: 1.1 94faae20b0f122c4555025f52a2fd744.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 3012
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 531
x-amz-cf-id: 1tTKA2_Dlz3EyEyIpkEcQm7HSLcwt0DwTyrtdIMvIWuA83j4zfxiPA==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 4 KB
4 KB 8ms
7ms XHR
application/json 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3348&u=https%3A%2F%2Fsites.rootsweb.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 70adda2e5c4c62723dca2f201e0bb036ced24d01073f73049211a873aa957c75

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 06:08:51 GMT
via: 1.1 5c0a79476717d213b9c559bafee1c65e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
age: 20956
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://sites.rootsweb.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 3655
x-amz-cf-id: afTUnevJKeHGL1MYc0nyUdoY5UTGnQ-bAbwAu81oE9_Upu7ofSSt3Q==

GET
H2 200 tag Show response
btloader.com/ 54 KB
18 KB 48ms
29ms Script
application/javascript 2606:4700:10::6816:4bd8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5127716480745472&upapi=true
Requested by: Host: sites.rootsweb.com
URL: https://sites.rootsweb.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4bd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6808baa0b4784c9dbd3d74b0897da5d81d48a473b9684c59bb29d67d71ba127d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 11:58:07 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Fri, 03 May 2024 11:38:32 GMT
server: cloudflare
age: 1098
etag: "8a04a723c3ee733754ded924399f9bef"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges: bytes
cf-ray: 87e013cecf8b9177-FRA
content-length: 18564

OPTIONS
H2 200 recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 0
0 321ms
105ms Preflight 3.209.165.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.209.165.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-209-165-87.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://sites.rootsweb.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Fri, 03 May 2024 11:58:07 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 293ms
87ms Script
application/javascript 184.30.211.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: sites.rootsweb.com
URL: https://sites.rootsweb.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-211-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ba6a49b4567c1d0abb7d066626b3290cc404a5214712d90685743ee20b3ecb94

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 11:58:07 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Fri, 03 May 2024 12:13:07 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ 39 KB
12 KB 33ms
7ms Script
text/javascript 65.9.66.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: sites.rootsweb.com
URL: https://sites.rootsweb.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-68.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ff15ac47504bb557006756aaba7dc0eadcf935f9633390f379405085d9f85de8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 00:28:45 GMT
content-encoding: gzip
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
last-modified: Wed, 14 Feb 2024 17:39:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 41363
x-amz-server-side-encryption: AES256
etag: W/"0f107a0e7753aa69cd07ded21852408c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: VpG5jnWkl1i_CAd1DKlW1MwclGrSu92V2G0YEED6G2h3UOD9tx78xw==

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ 55 KB
10 KB 94ms
61ms Script
application/javascript 2606:4700:10::6816:34ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fsites.rootsweb.com%2F&ref=&_it=amazon&partner_id=708
Requested by: Host: sites.rootsweb.com
URL: https://sites.rootsweb.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:34ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ddd96839c08e8cbdd3b1f56569b6d4770021731534b98dd17dec8526bb0d151

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 11:58:07 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 07 Mar 2024 15:57:22 GMT
server: cloudflare
x-amz-request-id: GPA71GZPJYF3GMCR
age: 5169
etag: W/"4f8d7eccb8b77bff110a91871ebadcc0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=432000
cf-ray: 87e013cedef39bcb-FRA
x-amz-id-2: wVIO1wrs31x1jKRIz3dKPn3IKJaxmFZdB4TaOgRyJwNYeBol3+8I/Y1HD2dEOHBU8sCH74De62g=
expires: Tue, 26 Mar 2024 00:23:58 GMT

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 92 KB
27 KB 48ms
20ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: sites.rootsweb.com
URL: https://sites.rootsweb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5ea0b0db096a448f119be16ce2dbd9d5811db9470d79151605dd54e12bf7108

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 11:58:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 22 Apr 2024 12:18:50 GMT
server: cloudflare
x-amz-request-id: X4N5J82ZR46JG3HK
age: 486
etag: W/"886c2a9bb057542911decd57257ef59a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 87e013ceda8fbb79-FRA
x-amz-id-2: m5KxS1x4Kc1ZOSQ2CccZpOR/IJ5pWVx90844wC8XKnXKN15LrXh0FJelqi/ByqJ0qKdTdsmMLuI=

GET
H2 200 launcher-stub.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 14 KB
5 KB 378ms
173ms Script
application/javascript 184.30.211.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by: Host: sites.rootsweb.com
URL: https://sites.rootsweb.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-211-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 23124c582038a7eaba1be726331e2b46ee4d5b5dbffcafc2de19aeffb0050e4b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 11:58:07 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 18:52:26 GMT
server: Apache
etag: "38c0-5e92054540ea5-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 5252
expires: Fri, 03 May 2024 12:13:07 GMT

POST
H2 200 recordVendorsLoaded Show response
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ 0
128 B 105ms
105ms XHR
text/plain 3.209.165.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.209.165.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-209-165-87.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Fri, 03 May 2024 11:58:07 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
336 B 105ms
31ms XHR
application/json 52.208.49.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.49.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-49-113.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 6ab10007f4b421ed89e1834da2301f0e9daf9032394ad87e2e251543208c9e93

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 03 May 2024 11:58:07 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://sites.rootsweb.com
cache-control: no-cache
x-server: 10.45.17.174
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 204 state Show response
api.btloader.com/mw/ 0
101 B 161ms
125ms Fetch 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/mw/state?bt_env=prod
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5127716480745472&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Fri, 03 May 2024 11:58:07 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 px.gif
ad-delivery.net/ 43 B
915 B 54ms
22ms Image
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 11:58:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 60825
x-guploader-uploadid: ABPtcPrFopxpETV_VgTINWFPQ6T7PuKJ5v-fsjgOAXNEYKyeY6je4FtZiOmg6fznPvZChSmUT1k
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Sczd0HQS7USpewjsFgwKipva8VOUVCx%2FhRvvHn4Q1LOlNEziQBJkfCBhIhvAi4ci609jFQQfadPRs%2F%2F19%2FPHZ09YyiXCGp76tAmlQz2yOpwCtyqUtrcFWLXOnfMsIkRvPYpCaYe5Kmr7CYus9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 87e013cf3ef94dc3-FRA
expires: Thu, 02 May 2024 19:56:54 GMT

GET
H3 200 favicon.ico
ad.doubleclick.net/ 1 KB
130 B 123ms
36ms Image
image/x-icon 142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 19:37:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58824
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 May 2024 19:37:43 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
340 B 56ms
24ms Image
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.8865405555138386
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 11:58:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 60825
x-guploader-uploadid: ABPtcPrFopxpETV_VgTINWFPQ6T7PuKJ5v-fsjgOAXNEYKyeY6je4FtZiOmg6fznPvZChSmUT1k
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KjCrPW4QHXaz7ZtShvQJq0bMVNFpAXKJqjGc4N2kBiR%2Fs7S2L08SwtmT1WfmikDn8DzhOpyio7BwXafzTOWZu5stOZpOyhqku0dqPaYYbq2XjW7sxpVPdlPbK%2BODYh%2BvRRJ2RHtt5KUmf0%2BQOA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 87e013cf3efb4dc3-FRA
expires: Thu, 02 May 2024 19:56:54 GMT

GET
H2 200 hadron.json Show response
id.hadron.ad.gt/v1/ 97 B
287 B 113ms
112ms XHR
application/json 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=708&sync=0&domain=sites.rootsweb.com&url=https://sites.rootsweb.com/
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fsites.rootsweb.com%2F&ref=&_it=amazon&partner_id=708
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fd68cadc8e7d22b12588b3e8f154810fe9a4d016752adf17e3aa03e580ee9cb

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 03 May 2024 11:58:07 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: private,max-age=30
access-control-allow-credentials: true
debug: NON-OPTIONS
access-control-allow-headers: authorization
cf-ray: 87e013d05ee6048b-FRA

OPTIONS
H2 200 hadron.json
id.hadron.ad.gt/v1/ Frame 0
0 168ms
118ms Preflight
application/json 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=708&sync=0&domain=sites.rootsweb.com&url=https://sites.rootsweb.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://sites.rootsweb.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
allow: POST, OPTIONS, GET
cache-control: max-age=31536000 public, no-transform
cf-cache-status: DYNAMIC
cf-ray: 87e013cf9d9e048b-FRA
content-length: 0
content-type: application/json
date: Fri, 03 May 2024 11:58:07 GMT
debug: OPTIONS block
expires: Sat, 03 May 2025 11:58:07 GMT
server: cloudflare

OPTIONS
H2 204 openrtb
ex.ingage.tech/v1/ Frame 0
0 158ms
116ms Preflight 2606:4700::6812:1ad8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ex.ingage.tech/v1/openrtb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://sites.rootsweb.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://sites.rootsweb.com
access-control-max-age: 3600
cf-cache-status: DYNAMIC
cf-ray: 87e013d02fff3a79-FRA
content-length: 0
date: Fri, 03 May 2024 11:58:07 GMT
server: cloudflare
vary: Origin, Access-Control-Request-Headers

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 64 B
399 B 84ms
50ms XHR
text/javascript 18.66.143.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=3348&u=https%3A%2F%2Fsites.rootsweb.com%2F&pid=wpOk538pnlIj7&cb=0&ws=1600x1200&v=24.418.2211&t=3000&slots=%5B%7B%22sd%22%3A%22bottomSlotAdhesion%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22RW_728x90_btf%22%7D%2C%7B%22sd%22%3A%22rwsites-ldr-bottom%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22RW_Sites_728x90_bottom%22%7D%2C%7B%22sd%22%3A%22rwsites-ldr-top%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22RW_Sites_728x90_top%22%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&_c=1
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.143.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-143-149.fra60.r.cloudfront.net
Software: Server /
Resource Hash: d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 11:58:06 GMT
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://sites.rootsweb.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 64
x-amz-cf-id: KEkU4K5u2vvOVcJwUM4l8N4X7UW3TYWGoolALpeT_up4PyjV0eeJKA==

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 357 B
1 KB 28ms
7ms Fetch
application/json 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.pb.js?c=Cx9860e3e:lv4dazj4:21

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

6c23189a33d77356966f7dffcca004aa4063ddaabbfa688c79808ae1c296be6c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 May 2024 11:58:07 GMT
an-x-request-uuid: 4f0ab543-6b2b-4390-b7e6-33cdb1043e5b
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://sites.rootsweb.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 185.213.155.135; 185.213.155.135; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 357
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
259 B 54ms
19ms Fetch
text/plain 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.pb.js?c=Cx9860e3e:lv4dazj4:21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 44f8ada2453f6309e0e6fa2d5a36d2b933186697a9338e1469e1ed6a9a47128e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 03 May 2024 11:58:07 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: https://sites.rootsweb.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

POST
H2 204 25 Show response
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 0
216 B 152ms
15ms Fetch 2a02:fa8:8806:20::2100
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by: Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.pb.js?c=Cx9860e3e:lv4dazj4:21
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:fa8:8806:20::2100 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 May 2024 11:58:07 GMT
server: nginx
accept-ch: Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-origin: https://sites.rootsweb.com
cache-control: no-cache
access-control-allow-credentials: true
expires: 0

POST
H2 200 openrtb Show response
ex.ingage.tech/v1/ 2 KB
1 KB 282ms
250ms Fetch
application/json 2606:4700::6812:1ad8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ex.ingage.tech/v1/openrtb
Requested by: Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.pb.js?c=Cx9860e3e:lv4dazj4:21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69c855c453a6e77d0a687fa9dea8ac62b3bb42a07f269a24f70745932eb411f3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Fri, 03 May 2024 11:58:07 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://sites.rootsweb.com
access-control-allow-credentials: true
cf-ray: 87e013d1180d30f9-FRA

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
114 B 450ms
413ms Fetch 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.pb.js?c=Cx9860e3e:lv4dazj4:21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://sites.rootsweb.com
date: Fri, 03 May 2024 11:58:07 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
545 B 134ms
99ms Fetch
application/json 104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=588745
Requested by: Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.pb.js?c=Cx9860e3e:lv4dazj4:21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b7403130894780a57d45799c6f9b2045a668072e44822c43e9ca34894b0bafb

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 May 2024 11:58:07 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vlkl1Oo349VP%2F%2FmOTbsGir0t4xcC%2B94wcaekMsHbq9eNyGrxpsQnoRkposqIoqZx2sOOU9qc60DEy9tl5IY0mY1PUmyQzuw1XdanMCwI2HOZw2owKTyhLF9KWBCyMb5QX5bySvep"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://sites.rootsweb.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 87e013d02ba12c51-FRA
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 200 bid Show response
ap.lijit.com/rtb/ 93 B
368 B 224ms
91ms Fetch
application/json 52.48.195.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.26.0
Requested by: Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.pb.js?c=Cx9860e3e:lv4dazj4:21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.48.195.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-195-79.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 02ff83d1cafbc9dfdbad351fec8e79b8a9434b7b2d32583c8e3c82ae2c4760ee

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 03 May 2024 11:58:07 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://sites.rootsweb.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 97

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 497 B
1022 B 56ms
18ms Fetch
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14544&site_id=128980&zone_id=1957888&size_id=2&rf=https%3A%2F%2Fsites.rootsweb.com%2F&tg_i.domain=sites.rootsweb.com&tg_i.page=https%3A%2F%2Fsites.rootsweb.com%2F&tg_i.gpid=%2F4802%2Ftgn.rootsweb.com%2FRW_728x90_btf%23bottomSlotAdhesion&tg_i.pbadslot=%2F4802%2Ftgn.rootsweb.com%2FRW_728x90_btf%23bottomSlotAdhesion&tk_flint=pbjs_lite_v8.26.0&x_source.tid=A1&l_pb_bid_id=31abbdce2e4249d&p_screen_res=1600x1200&rp_floor=0.04&rp_secure=1&x_imp.ext.tid=536ae972-c136-4b16-b94a-a8b2840c9b7e&rp_maxbids=1&p_gpid=%2F4802%2Ftgn.rootsweb.com%2FRW_728x90_btf%23bottomSlotAdhesion&m_ch_ua=%22Google%20Chrome%22%7Cv%3D%22124%22%2C%22Not%3AA-Brand%22%7Cv%3D%228%22%2C%22Chromium%22%7Cv%3D%22124%22&m_ch_full_ver=%22Google%20Chrome%22%7Cv%3D%22124%22%2C%22Not%3AA-Brand%22%7Cv%3D%228%22%2C%22Chromium%22%7Cv%3D%22124%22&m_ch_mobile=%3F0&m_ch_platform=Win32&slots=1&rand=0.056385866477292046
Requested by: Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.pb.js?c=Cx9860e3e:lv4dazj4:21
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 6911c20d7d207f77fade5004b7821f52ffacbfcdad27ef65182a2aaf427962b0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 May 2024 11:58:07 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://sites.rootsweb.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 497
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 497 B
846 B 57ms
19ms Fetch
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14544&site_id=542800&zone_id=3359490&size_id=2&rf=https%3A%2F%2Fsites.rootsweb.com%2F&tg_i.domain=sites.rootsweb.com&tg_i.page=https%3A%2F%2Fsites.rootsweb.com%2F&tg_i.gpid=%2F4802%2Ftgn.rootsweb.com%2FRW_728x90_btf%23bottomSlotAdhesion&tg_i.pbadslot=%2F4802%2Ftgn.rootsweb.com%2FRW_728x90_btf%23bottomSlotAdhesion&tk_flint=pbjs_lite_v8.26.0&x_source.tid=A1&l_pb_bid_id=32cb22b3a736d3f&p_screen_res=1600x1200&rp_floor=0.04&rp_secure=1&x_imp.ext.tid=536ae972-c136-4b16-b94a-a8b2840c9b7e&rp_maxbids=1&p_gpid=%2F4802%2Ftgn.rootsweb.com%2FRW_728x90_btf%23bottomSlotAdhesion&m_ch_ua=%22Google%20Chrome%22%7Cv%3D%22124%22%2C%22Not%3AA-Brand%22%7Cv%3D%228%22%2C%22Chromium%22%7Cv%3D%22124%22&m_ch_full_ver=%22Google%20Chrome%22%7Cv%3D%22124%22%2C%22Not%3AA-Brand%22%7Cv%3D%228%22%2C%22Chromium%22%7Cv%3D%22124%22&m_ch_mobile=%3F0&m_ch_platform=Win32&slots=1&rand=0.7384140995223705
Requested by: Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.pb.js?c=Cx9860e3e:lv4dazj4:21
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: c4074644c39014bede116421f0e0e748572d54a00d6b0f49c35179cf28cdbb27

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 May 2024 11:58:07 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://sites.rootsweb.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 497
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 536 B
888 B 58ms
19ms Fetch
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14544&site_id=128980&zone_id=2423736&size_id=2&rf=https%3A%2F%2Fsites.rootsweb.com%2F&tg_i.domain=sites.rootsweb.com&tg_i.page=https%3A%2F%2Fsites.rootsweb.com%2F&tg_i.gpid=%2F4802%2Ftgn.rootsweb.com%2Fwebsites%2FRW_Sites_728x90_bottom%23rwsites-ldr-bottom&tg_i.pbadslot=%2F4802%2Ftgn.rootsweb.com%2Fwebsites%2FRW_Sites_728x90_bottom%23rwsites-ldr-bottom&tk_flint=pbjs_lite_v8.26.0&x_source.tid=A1&l_pb_bid_id=33a805eb91354cc&p_screen_res=1600x1200&rp_floor=0.04&rp_secure=1&x_imp.ext.tid=06d8ad60-b37d-47ad-bc8f-99a62ad2b496&rp_maxbids=1&p_gpid=%2F4802%2Ftgn.rootsweb.com%2Fwebsites%2FRW_Sites_728x90_bottom%23rwsites-ldr-bottom&m_ch_ua=%22Google%20Chrome%22%7Cv%3D%22124%22%2C%22Not%3AA-Brand%22%7Cv%3D%228%22%2C%22Chromium%22%7Cv%3D%22124%22&m_ch_full_ver=%22Google%20Chrome%22%7Cv%3D%22124%22%2C%22Not%3AA-Brand%22%7Cv%3D%228%22%2C%22Chromium%22%7Cv%3D%22124%22&m_ch_mobile=%3F0&m_ch_platform=Win32&slots=1&rand=0.040662494050564435
Requested by: Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.pb.js?c=Cx9860e3e:lv4dazj4:21
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 56913d6ccc2425e50f99d9b815ff79b629a267c4b0b39a78b0fbc5c338045bf7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 May 2024 11:58:07 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://sites.rootsweb.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 536
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 524 B
875 B 60ms
22ms Fetch
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14544&site_id=128980&zone_id=1957912&size_id=2&rf=https%3A%2F%2Fsites.rootsweb.com%2F&tg_i.domain=sites.rootsweb.com&tg_i.page=https%3A%2F%2Fsites.rootsweb.com%2F&tg_i.gpid=%2F4802%2Ftgn.rootsweb.com%2Fwebsites%2FRW_Sites_728x90_top%23rwsites-ldr-top&tg_i.pbadslot=%2F4802%2Ftgn.rootsweb.com%2Fwebsites%2FRW_Sites_728x90_top%23rwsites-ldr-top&tk_flint=pbjs_lite_v8.26.0&x_source.tid=A1&l_pb_bid_id=342422788e0a22&p_screen_res=1600x1200&rp_floor=0.04&rp_secure=1&x_imp.ext.tid=586f20c1-7d3f-4386-b7a6-b55ed738014d&rp_maxbids=1&p_gpid=%2F4802%2Ftgn.rootsweb.com%2Fwebsites%2FRW_Sites_728x90_top%23rwsites-ldr-top&m_ch_ua=%22Google%20Chrome%22%7Cv%3D%22124%22%2C%22Not%3AA-Brand%22%7Cv%3D%228%22%2C%22Chromium%22%7Cv%3D%22124%22&m_ch_full_ver=%22Google%20Chrome%22%7Cv%3D%22124%22%2C%22Not%3AA-Brand%22%7Cv%3D%228%22%2C%22Chromium%22%7Cv%3D%22124%22&m_ch_mobile=%3F0&m_ch_platform=Win32&slots=1&rand=0.1981101659319866
Requested by: Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.pb.js?c=Cx9860e3e:lv4dazj4:21
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 8b6538819fdb1a36d4dd4ffca15439d6bb559943e8fdc22066a35d99deed83da

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 May 2024 11:58:07 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://sites.rootsweb.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 524
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
287 B 132ms
110ms Fetch
application/json 3.124.64.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=8.26.0&referrer=https%3A%2F%2Fsites.rootsweb.com%2F&tmax=3000

Requested by

Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.pb.js?c=Cx9860e3e:lv4dazj4:21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.124.64.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-124-64-248.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://sites.rootsweb.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
146 B 148ms
109ms Fetch 52.58.37.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.pb.js?c=Cx9860e3e:lv4dazj4:21
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.37.98 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-37-98.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://sites.rootsweb.com
date: Fri, 03 May 2024 11:58:07 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
147 B 76ms
38ms Fetch 52.58.37.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.pb.js?c=Cx9860e3e:lv4dazj4:21
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.37.98 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-37-98.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://sites.rootsweb.com
date: Fri, 03 May 2024 11:58:07 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
146 B 81ms
43ms Fetch 52.58.37.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.pb.js?c=Cx9860e3e:lv4dazj4:21
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.37.98 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-37-98.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://sites.rootsweb.com
date: Fri, 03 May 2024 11:58:07 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
146 B 76ms
38ms Fetch 52.58.37.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.pb.js?c=Cx9860e3e:lv4dazj4:21
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.37.98 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-37-98.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://sites.rootsweb.com
date: Fri, 03 May 2024 11:58:07 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
146 B 76ms
38ms Fetch 52.58.37.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.pb.js?c=Cx9860e3e:lv4dazj4:21
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.37.98 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-37-98.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://sites.rootsweb.com
date: Fri, 03 May 2024 11:58:07 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
146 B 80ms
42ms Fetch 52.58.37.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.pb.js?c=Cx9860e3e:lv4dazj4:21
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.37.98 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-37-98.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://sites.rootsweb.com
date: Fri, 03 May 2024 11:58:07 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
197 B 57ms
19ms Fetch 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.26.0&cb=51442941809&lsavail=1

Requested by

Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.pb.js?c=Cx9860e3e:lv4dazj4:21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://sites.rootsweb.com
date: Fri, 03 May 2024 11:58:06 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 2 KB
1 KB 125ms
91ms Fetch
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU12G3DV
Requested by: Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.pb.js?c=Cx9860e3e:lv4dazj4:21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: bd66a4cb857cf0346876eb4d7c5d3fcc058b569269f40ee0187a5e1d5f24eee1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 May 2024 11:58:06 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server: envoy
content-type: application/json;charset=utf-8
access-control-allow-origin: https://sites.rootsweb.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 61
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 03 May 2024 11:58:07 GMT

GET
H2 200 country Show response
api.btloader.com/ 37 B
162 B 123ms
122ms Fetch
application/json 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country?o=5127716480745472
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5127716480745472&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 04fcb3b36a8a7bdccb4d6d19f659416dbea46e4599303c362b95cc36b079c1ce

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 11:58:07 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37

GET
H2 204 pv Show response
api.btloader.com/ 0
66 B 123ms
122ms XHR
text/plain 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=jSeD2qxTfO&w=5178858063527936&o=5127716480745472&cv=2.1.43&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fsites.rootsweb.com%2F&sid=xF4RXIxh&pm=true&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5127716480745472&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Fri, 03 May 2024 11:58:07 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 708 Show response
a.ad.gt/api/v1/u/matches/ 13 KB
4 KB 90ms
41ms Script
application/javascript 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/708?_it=amazon
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fsites.rootsweb.com%2F&ref=&_it=amazon&partner_id=708
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 002bec2933f636b3afbe28237e56bd1e3b9692038109e18fc1d504b0033bb472

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 11:58:07 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 03 May 2024 11:52:19 GMT
server: cloudflare
age: 34
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cross-origin-resource-policy: cross-origin
cf-ray: 87e013d158b99f4c-FRA

GET
H2 200 launcher.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 49 KB
17 KB 88ms
88ms Script
application/javascript 184.30.211.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-211-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7b63053a0cbd52af03fc78123ae615e9f0fa9abe36f08d42c2478ceb125a3760

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 11:58:07 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 18:52:26 GMT
server: Apache
etag: "c4b6-5e920545406d3-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17042
expires: Fri, 03 May 2024 12:13:07 GMT

GET
H2 200 launcher Show response
proc.ad.cpe.dotomi.com/cvx/client/direct/ 190 B
463 B 22ms
14ms XHR
application/json 2a02:fa8:8806:20::2100
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:fa8:8806:20::2100 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: 71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 11:58:07 GMT
server: nginx
accept-ch: Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
vary: Origin
content-type: application/json
access-control-allow-origin: https://sites.rootsweb.com
cache-control: max-age=1800
access-control-allow-credentials: true
content-length: 190
expires: Fri, 03 May 2024 12:28:07 GMT

GET
H2 200 coreid.min.js Show response
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ 229 KB
66 KB 88ms
87ms Script
application/javascript 184.30.211.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-211-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cad34f45d5aa6335f2482ce38280fb7e1101dc7346c3db0ee31af21fb35e2a4d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 11:58:07 GMT
content-encoding: gzip
last-modified: Mon, 23 Oct 2023 16:23:46 GMT
server: Apache
etag: "394d0-60864a57eaadc-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 67550
expires: Fri, 03 May 2024 12:13:07 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 203ms
130ms XHR
application/json 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202404290101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

bccedb8be5cb2c16a0544e165e9bf7ac28a2a179f3f076ec251a4f9b500b0e86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 11:58:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11932
x-xss-protection: 0

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ 148 KB
32 KB 919ms
856ms Fetch
text/plain 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=1554249875878760&correlator=1969952569141532&eid=31083176%2C31083221&output=ldjh&gdfp_req=1&vrg=202404290101&ptt=17&impl=fifs&ltd_cs=1&iu_parts=4802%2Ctgn.rootsweb.com%2CRW_728x90_btf%2Cwebsites%2CRW_Sites_728x90_bottom%2CRW_Sites_728x90_top&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2F4%2C%2F0%2F1%2F3%2F5&prev_iu_szs=728x90%2C728x90%2C728x90&ifi=1&sfv=1-0-40&eri=1&sc=1&abxe=1&dt=1714737487814&lmt=1714737487&adxs=444%2C436%2C436&adys=2110%2C60%2C8&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMTE4IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4xMTgiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjExOCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&url=https%3A%2F%2Fsites.rootsweb.com%2F&vis=1&psz=1600x-1%7C1584x0%7C1584x0&msz=728x-1%7C1584x0%7C1584x0&fws=512%2C0%2C0&ohw=0%2C0%2C0&ga_vid=1964442801.1714737488&ga_sid=1714737488&ga_hid=623123183&ga_fc=false&dlt=1714737486010&idt=301&prev_scp=amznbid%3D2%26amznp%3D2%26adb_imp%3DS202.3%2C1%26adb_bdr%3Dnone%7Camznbid%3D2%26amznp%3D2%26adb_imp%3DS145.2%2C1%26adb_bdr%3Dnone%7Camznbid%3D2%26amznp%3D2%26adb_imp%3DS146.1%2C1%26adb_bdr%3Dnone&cust_params=adb_pvd%3DiDn%252Ct0a&adks=1452699761%2C1463384779%2C2878853094&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

62a666cdba8a6a98bb81c03a0b89c1df286a14de5f2b8cfd47a5c5a2797c81ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 11:58:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32936
x-xss-protection: 0
google-lineitem-id: -1,-1,5863529026
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,56659282188
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://sites.rootsweb.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
2acc326bfade68b04555e4d426800f2b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3529 0
0 139ms
43ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2acc326bfade68b04555e4d426800f2b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://sites.rootsweb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 May 2024 11:58:07 GMT
expires: Sat, 03 May 2025 11:58:07 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 227ms
131ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 11:58:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 03 May 2024 11:58:08 GMT

GET
H2 200 bounce Show response
id5-sync.com/ 29 B
455 B 94ms
31ms Fetch
text/plain 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/bounce

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

aca701811d62eb608d12b174231be1ceae3449fe0f4bc847469ff22aab8ca9a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 11:58:08 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://sites.rootsweb.com
p3p: CP="CAO PSA OUR"
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
278 B 29ms
7ms Fetch
application/json 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

a3228e581166148bbc8835c291cfb85fda3f63815a14c8037e6b5e8ba6a3d2bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://sites.rootsweb.com
date: Fri, 03 May 2024 11:58:07 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 57AB 0
0 113ms
35ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://sites.rootsweb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 8674
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 May 2024 09:33:34 GMT
expires: Sat, 03 May 2025 09:33:34 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 v3 Show response
id5-sync.com/gm/ 319 B
517 B 30ms
29ms XHR
application/json 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/gm/v3

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

353ec08cf915ec1f77cfc3d6552579d71ae4750f8bf83a8d80a4c567bbc251f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://sites.rootsweb.com
date: Fri, 03 May 2024 11:58:08 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin
content-type: application/json

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/032404291353000/ Frame B6B4 196 KB
56 KB 172ms
38ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032404291353000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7161a29e0fb836c3dc332cf2d0c574b1a0f8860a70ffcb030555be6b3d125a9a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 30 Apr 2024 21:42:43 GMT
age: 224125
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56161
x-xss-protection: 0
server: sffe
etag: "437f59a50b299974"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 30 Apr 2025 21:42:43 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/032404291353000/v0/ Frame B6B4 15 KB
5 KB 232ms
98ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032404291353000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76a892ac14f8a5110763c6d9bd4743d66e3b69db246fd5540059b2e418f9bde3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 30 Apr 2024 21:42:43 GMT
age: 224125
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5220
x-xss-protection: 0
server: sffe
etag: "c963bf303e97982c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 30 Apr 2025 21:42:43 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/032404291353000/v0/ Frame B6B4 95 KB
28 KB 235ms
101ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032404291353000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

023740dafad6ea2c6e50968f80e4a994ccff22989518edd4344bd09f2792e4a6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 30 Apr 2024 21:42:43 GMT
age: 224125
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29041
x-xss-protection: 0
server: sffe
etag: "fdeeb42644b3bed3"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 30 Apr 2025 21:42:43 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/032404291353000/v0/ Frame B6B4 5 KB
2 KB 229ms
95ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032404291353000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f8b9d4e9dfbeb3444a0e22c3cdaf6830a8a4801b3cb4bfbfae37df03c04296d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 30 Apr 2024 21:42:43 GMT
age: 224125
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1908
x-xss-protection: 0
server: sffe
etag: "d8b0416c8df3dbc0"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 30 Apr 2025 21:42:43 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/032404291353000/v0/ Frame B6B4 40 KB
13 KB 252ms
118ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032404291353000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc493a67c97cd871696372b348c0fc224b23549edb365e1da49fd28e216c7dd7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 30 Apr 2024 21:42:43 GMT
age: 224125
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12965
x-xss-protection: 0
server: sffe
etag: "24e71630b0cb8bd1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 30 Apr 2025 21:42:43 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B6B4 18 KB
2 KB 129ms
45ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ac0de4b42abf65a70a248df54d442549060d9c7d478dbffcc975fa3b5b2eb2a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 03 May 2024 11:58:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 03 May 2024 10:41:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 03 May 2024 11:58:08 GMT

GET
DATA 200
OK truncated
/ Frame B6B4 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 74c49912f245e02dab30e284078aa453d56537650f0aae38b1e2deec39916ef2

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 en_bl.png
pagead2.googlesyndication.com/pagead/images/adchoices/ Frame B6B4 2 KB
2 KB 183ms
102ms Image
image/png 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/images/adchoices/en_bl.png

Requested by

Host: sites.rootsweb.com
URL: https://sites.rootsweb.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 22:11:44 GMT
x-content-type-options: nosniff
server: cafe
age: 49584
etag: 11660698925711390587
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2471
x-xss-protection: 0
expires: Fri, 03 May 2024 22:11:44 GMT

GET
H3 200 icon.png
pagead2.googlesyndication.com/pagead/images/adchoices/ Frame B6B4 295 B
319 B 182ms
102ms Image
image/png 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: sites.rootsweb.com
URL: https://sites.rootsweb.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 23:33:02 GMT
x-content-type-options: nosniff
server: cafe
age: 44706
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 03 May 2024 23:33:02 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/032404291353000/ Frame B30A 196 KB
0 154ms
154ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032404291353000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7161a29e0fb836c3dc332cf2d0c574b1a0f8860a70ffcb030555be6b3d125a9a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 30 Apr 2024 21:42:43 GMT
age: 224125
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56161
x-xss-protection: 0
server: sffe
etag: "437f59a50b299974"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 30 Apr 2025 21:42:43 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/032404291353000/v0/ Frame B30A 15 KB
0 55ms
55ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032404291353000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76a892ac14f8a5110763c6d9bd4743d66e3b69db246fd5540059b2e418f9bde3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 30 Apr 2024 21:42:43 GMT
age: 224125
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5220
x-xss-protection: 0
server: sffe
etag: "c963bf303e97982c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 30 Apr 2025 21:42:43 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/032404291353000/v0/ Frame B30A 95 KB
0 58ms
58ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032404291353000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

023740dafad6ea2c6e50968f80e4a994ccff22989518edd4344bd09f2792e4a6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 30 Apr 2024 21:42:43 GMT
age: 224125
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29041
x-xss-protection: 0
server: sffe
etag: "fdeeb42644b3bed3"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 30 Apr 2025 21:42:43 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/032404291353000/v0/ Frame B30A 5 KB
0 52ms
52ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032404291353000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f8b9d4e9dfbeb3444a0e22c3cdaf6830a8a4801b3cb4bfbfae37df03c04296d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 30 Apr 2024 21:42:43 GMT
age: 224125
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1908
x-xss-protection: 0
server: sffe
etag: "d8b0416c8df3dbc0"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 30 Apr 2025 21:42:43 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/032404291353000/v0/ Frame B30A 40 KB
0 75ms
75ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032404291353000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc493a67c97cd871696372b348c0fc224b23549edb365e1da49fd28e216c7dd7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 30 Apr 2024 21:42:43 GMT
age: 224125
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12965
x-xss-protection: 0
server: sffe
etag: "24e71630b0cb8bd1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 30 Apr 2025 21:42:43 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B30A 18 KB
0 110ms
110ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ac0de4b42abf65a70a248df54d442549060d9c7d478dbffcc975fa3b5b2eb2a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 11:58:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 03 May 2024 10:41:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 03 May 2024 11:58:08 GMT

GET
H3 200 en_bl.png
pagead2.googlesyndication.com/pagead/images/adchoices/ Frame B30A 2 KB
0 172ms
172ms Image
image/png 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/images/adchoices/en_bl.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 22:11:44 GMT
x-content-type-options: nosniff
server: cafe
age: 49584
etag: 11660698925711390587
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2471
x-xss-protection: 0
expires: Fri, 03 May 2024 22:11:44 GMT

GET
H3 200 icon.png
pagead2.googlesyndication.com/pagead/images/adchoices/ Frame B30A 295 B
0 171ms
171ms Image
image/png 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 23:33:02 GMT
x-content-type-options: nosniff
server: cafe
age: 44706
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 03 May 2024 23:33:02 GMT

GET
DATA 200
OK truncated
/ Frame B30A 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f60fb1881afa6a19fff2c5fc34478eb360da97edc37215bbe61e86b632f258ee

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 845E 0
0 148ms
89ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstfdHKwKPbgNyhXcA_oXMsu61GByyoyNPUOqxR1C9cYzCnB6MUMccnfVR6Xl4K4H_-ZRi3S5ishZCh1ElMIuFQsZ1w3Iu9CT05m-QWXD7YCk7IILaKyaCZeKTklatWmf4nAw7ygPwHbAi0xyU0L7x62W1Eax5znDxdSFkicX8Du2jRhnzR2QwNJr6sduqzaHYsiFNswWWGDFrrHwibMtwqDzd6N3a3kSdS1ElM7-s33BqW5cZ17A20f8fe6YPnKKKvDc5EpyxyDvt94ff5KgFil38VLpK1_HpAh4o-4mqMMN6lKM8-RiqKPrLPi9VLpx_f_pbaj0bnR-TOdWHSicdjFbKbYChJR-ICkDp7J9wKuD9dRsKuCHE6Bj2pEiTmW0FkzRFgH8VAM48_UIv2UI93-FgqgjZs7XpFzdZ5uq5ldGWe7cdM&sig=Cg0ArKJSzGBl8IBkjgpoEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: sites.rootsweb.com
URL: https://sites.rootsweb.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 11:58:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240501/r20110914/ Frame 845E 23 KB
9 KB 152ms
93ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240501/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

51586ec2d56dc12c32b65b0612d89695b3a5b7d0c91592acad6ec8a04f8701aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 09:33:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8675
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9118
x-xss-protection: 0
server: cafe
etag: 6094826908298432593
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 May 2024 09:33:33 GMT

GET
H3 403 LDR-search.php
go.newspapers.com/ads/ Frame 9B03 0
0 43ms
18ms Document
text/html 104.17.112.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.newspapers.com/ads/LDR-search.php?&design=grayldr&nameField=1&label=FIND%20YOUR%20ANCESTORS%20IN%20OBITUARIES%20AND%20BIRTH%20NOTICES&xid=1090&clickTag=https://pagead2.googlesyndication.com/pcs/click%253Fxai%253DAKAOjsvG8hdrDmOsH4di54EB7tyNgXYv2TqxsJgVlYwe7unywwNaYWIVAZxMMuuf72dJR-nH-f4k9A6Ni6pJC54r3hAoMthFCP3pkT79gTm6ldkztd2fc1Av4QtxT32WH2xR3_tyH7319eR6mRxIuh-bfSQGpmbbiI1ysF5jL_GRiZbFusgtLLBI2uXX-igVz55mzP8gSg5II9Df7mkJVZBQi1EtnrKi94o39M3ahS4JFyD8EeT4c_8K8NOuAEjGaoswhv2uWTKFhzPtUQGxRaT8runWlCvCw8cZWBKuAauyVFy1XilxAQQMPrLO_3Z6xgM89J_XqwgVDALQBfqdF-f8rt3ad7fD3atSg8eq5MBbXr9qY5hyB-8WwfV9VV791I5WEuZL2bDt7Vao7o0wRhO-3maN3If1HChjBicRvoW_lwAZdFdmWNc7Cw%2526sig%253DCg0ArKJSzKtk-4JLRo0zEAE%2526fbs_aeid%253D%25255Bgw_fbsaeid%25255D%2526urlfix%253D1%2526adurl%253D&t=1&utm_source=rootsweb&utm_medium=referral&utm_campaign=RW-Display

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.112.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://sites.rootsweb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out: N/5CAu2puUgVpFJySmDVbO+BcuoBI6DDSXjLxujkivy4Q7dc9d0T3mTZEg054UG31Tpgw3t2GLfKHq02p0iqjXyEVvoRLfYKX2NUS3gSpnmTgKAfXr0uvnfrTG+2H2le46BTEOS5k+1+58Kq/C8W4g==$zg0lOsanDldTB7na4G57HQ==
cf-mitigated: challenge
cf-ray: 87e013d91c979f29-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Fri, 03 May 2024 11:58:08 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 845E 214 KB
65 KB 96ms
38ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

3136c3bf8c811e5df165afa1f21af7f2b3bbf39bd11333a667b9fc93bf027d1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 11:33:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1474
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66344
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 03 May 2024 12:33:34 GMT

GET
H/1.1 204
No Content /
adspsp.com/pt/5781260/23/1/ 0
110 B 714ms
177ms Image
image/png 44.241.111.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adspsp.com/pt/5781260/23/1/?a=2,a2lvqmfcwiCqcfa9CQfK,r4jW8hq87t&aa=00ApmhXnGu.u11---&a2=T1.u.0.2.1d.12&a3=0,262,0,1,1,1,1,1,3,3,3,3&b=a0&b=vhh,1&b=I1,3g,1,2,:g3,4,5:,:s6:53,1,j,7,,:ri4:,:SjQ,:R2,x6,3:,:Ra,xL,a:,:Rc,yi,i:,:R3,zE,5:,:Rd,Al,x:,:Rd,AF,x:,:Rl,B9,1S:,:Rn,Cy,4:,:Rn,CO,4:,:Rb,Di,g:,:Rq,WH,6:,:Rq,WJ,6:,:R9,1qZ,2:,:R9,1Aq,2:,:Rw,1sa,35:,:R4,1zt,9::,:Crt,:b,:R2,x6,3:0,,,,0:,:b,:Ra,xL,a:0,,2d,,0:,:b,:Rc,yi,i:0,,2a,,0:,:b,:R3,zE,5:0,,u,,0:,:b,:Rd,Al,x:0,,2p,,0:,:b,:Rd,AF,x:0,,2p,,0:,:b,:Rl,B9,1S:0,,23,,0:,:b,:Rn,Cy,4:0,,U,,0:,:b,:Rn,CO,4:0,,U,,0:,:b,:Rb,Di,g:0,,2u,,0:,:b,:Rq,WH,6:0,,X,,0:,:b,:Rq,WJ,6:0,,X,,0:,:b,:R9,1qZ,2:0,,11,,0:,:b,:R9,1Aq,2:0,,11,,0:,:b,:Rw,1sa,35:0,,78,,0:,:b,:R4,1zt,9:0,,3D,,0::,:qrY,5,6:,:QHB,5,6,6,k,l,,,m,n:,:cHC:&b=I8,2l,1,9,:g3,4,a,b:,:s6:56,1,C,7,,:ri9:,:SjQ,:R2,x1,3:,:Ra,xG,a:,:Rc,yg,i:,:R3,zz,5:,:Rd,Ag,x:,:Rd,AD,x:,:Rd,AE,x:,:Rl,B4,1S:,:Rn,Ct,4:,:Rb,Dd,g:,:Rq,WH,6:,:Rq,WN,6:,:Rq,WR,6:,:R9,1qU,2:,:Rw,1sa,35:,:R4,1zv,9::,:Cru,:b,:R2,x1,3:0,,7l,,0:,:b,:Ra,xG,a:0,,2d,,0:,:b,:Rc,yg,i:0,,2a,,0:,:b,:R3,zz,5:0,,u,,0:,:b,:Rd,Ag,x:0,,2p,,0:,:b,:Rd,AD,x:0,,2p,,0:,:b,:Rd,AE,x:0,,2p,,0:,:b,:Rl,B4,1S:0,,23,,0:,:b,:Rn,Ct,4:0,,U,,0:,:b,:Rb,Dd,g:0,,2u,,0:,:b,:Rq,WH,6:0,,X,,0:,:b,:Rq,WN,6:0,,X,,0:,:b,:Rq,WR,6:0,,X,,0:,:b,:R9,1qU,2:0,,11,,0:,:b,:Rw,1sa,35:0,,78,,0:,:b,:R4,1zv,9:0,,3D,,0::,:qrY,5,7:,:QHC,5,7,6,k,l,,,m,n:,:cHC:&b=Ic,2m,1,d,:g3,4,a,e:,:s6:52,1,i,7,,:ria:,:SjQ,:R2,x5,3:,:Ra,xK,a:,:Rc,yh,i:,:R3,zD,5:,:Rd,Ak,x:,:Rl,B8,1S:,:Rn,Cx,4:,:Rb,Dh,g:,:Rq,WH,6:,:R9,1qY,2:,:Rw,1sa,35:,:R4,yW,9::,:Cru,:b,:R2,x5,3:0,,7l,,0:,:b,:Ra,xK,a:0,,2d,,0:,:b,:Rc,yh,i:0,,2a,,0:,:b,:R3,zD,5:0,,u,,0:,:b,:Rd,Ak,x:0,,2p,,0:,:b,:Rl,B8,1S:0,,23,,0:,:b,:Rn,Cx,4:0,,U,,0:,:b,:Rb,Dh,g:0,,2u,,0:,:b,:Rq,WH,6:0,,X,,0:,:b,:R9,1qY,2:0,,11,,0:,:b,:Rw,1sa,35:0,,78,,0:,:b,:R4,yW,9:0,,3D,,0::,:qrY,5,8:,:QHC,5,8,6,o,p,q,r,q,r:,:cHC:&b=GrY,1,:Kf,:kg,h::,:L1,8,c:&b=Ki,:kj:&b=Ki,:kj:&b=Ki,:kj:&bi=Uaf034GwJNSa3,bottomSlotAdhesion,4802,tgn.rootsweb.com,RW_728x90_btf,728x90,0.04,U94024GwJNSa2,rwsites-ldr-bottom,websites,RW_Sites_728x90_bottom,Ux7014GwJNSa1,rwsites-ldr-top,RW_Sites_728x90_top,adb_pvd,iDn,t0a,_amzn,2,LXVG,3jstej,2r3Xjyz,6AM8lP,2wuew,3e3Ug6,ZQszA8,6oOLKO&bt=ubIbK3l&c=https%3A%2F%2Fsites.rootsweb.com%2F&d=&f=1.lvqmfbof.2Tfc.3Tqx&g=3T2lh&u=Cx9860e3e:lv4dazj4:21&v=18g.xc.0.xc.1.0&adbj=6r5clvqmfc2n7ixb&mp=0.5&adb_cm=t0a&adb_flag=lrc&txx=Txx1&rnd=1714737488899
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.241.111.109 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-241-111-109.us-west-2.compute.amazonaws.com
Software: linux /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Server: linux
Connection: keep-alive
Content-Length: 0
Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v59/ Frame B6B4 33 KB
34 KB 114ms
36ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v59/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e563f60814c73c0f4261067bd14c15f2c7f72ed2906670ed4076ebe0d6e9244a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://sites.rootsweb.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:48:12 GMT
x-content-type-options: nosniff
age: 274197
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34184
x-xss-protection: 0
last-modified: Wed, 24 Apr 2024 23:36:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Apr 2025 07:48:12 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v59/ Frame B30A 33 KB
0 115ms
115ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v59/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e563f60814c73c0f4261067bd14c15f2c7f72ed2906670ed4076ebe0d6e9244a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://sites.rootsweb.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:48:12 GMT
x-content-type-options: nosniff
age: 274197
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34184
x-xss-protection: 0
last-modified: Wed, 24 Apr 2024 23:36:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Apr 2025 07:48:12 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 845E 0
0 69ms
69ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssq3u-SGVXVGNdyoYzvujFFLieWr-qs7N4cPTg31pAQsyAF6YHTIUC9CrgBlM80-6bsk5ITUsh66EuDnctnUfEAJPiskf2pLJzRz-1OeVOXbQ9IZF4d_Ntt-fHtvKVybQu6lu7wYan9l43g0ncubGT9xlhM-RQziOGW6t3R6S4bFtl5K9-edh0v-SpdQLEnWCLdf2NBsUdZnurCbNQt45ZN0KS4UFLSjgOi-P0dEyetfbxez8xLgPMYlBUAqTxVwDtl7vg_yUlmTATCx_GA0-1PeArsuRumv-5ZvolR3HSkFWbcerkV4kbaZGdmHnfJ2qDyjaNqe5jxX9CWjn7BGObaU6c7K1DO8SbJ57fEbhfi25UcYVAXlKUKZN5nuai45gYZJflaABKsw6VcwHEZGv6RzVYuPZgu8x8FkZ33ENfeeZidZFz3Kg&sig=Cg0ArKJSzJbJXy22ZE5jEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 11:58:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 845E 0
0 66ms
66ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 03 May 2024 11:58:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 845E 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dcfce07901432b36b8f27ebb49f807d46e524f3df9a9a1efbded41c6c32beed3

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET adview
pagead2.googlesyndication.com/pagead/ Frame B6B4 0
0

GET adview
pagead2.googlesyndication.com/pagead/ Frame B30A 0
0

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 845E 42 B
65 B 69ms
69ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstqN2LCAM_bpepUKy6Z7IEdwA7Tb-w7YSUIs7QibrKYzrOEwAoDfT4yCxo1YhKOFD_vWDHjAnirrmyzVbSIn375okkcM84wiGgMteHn12lAQoYFuLMn4bs1bGjOVVreHcyxPElygZeLI6DTFT4RlaTZnb0mqTR2GIMACwXlX1klNRs&sig=Cg0ArKJSzP1xild5S-VlEAE&id=lidar2&mcvt=1000&p=8,436,98,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240501&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2878853094&rs=4&la=0&cr=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMTE4IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4xMTgiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjExOCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ%3D%3D&vs=4&r=v&co=1067028800&rst=1714737488780&rpt=194&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 03 May 2024 11:58:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame B30A 42 B
65 B 77ms
76ms Image
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuJr7KU6pznY2-WHx19QVPuzkewjx624SwFviIJLaSyOUJEBYG96t6OefN6tZjpymNP34vhbEYsJ97BpM3eHomlVtKtBgtsiOuEIFIp-orxUgDs5vgzpZaHwa7Ib8-Uzf5x7P_nj-Fgj8-LbW4oBln8L3SyDqf8JqIH0LECz-s&sig=Cg0ArKJSzEwdLSfcpZ2fEAE&id=ampim&o=436,166&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=275&tls=1275&g=100&h=100&tt=1275&r=v&avms=ampa&uap=Win32&uapv=10.0.0&uaa=x86&uam=&uafv=124.0.6367.118&uab=64&uafvl=%5B%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22124.0.6367.118%22%7D%2C%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22124.0.6367.118%22%7D%2C%7B%22brand%22%3A%22Not-A.Brand%22%2C%22version%22%3A%2299.0.0.0%22%7D%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 03 May 2024 11:58:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame B6B4 42 B
65 B 85ms
84ms Image
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv9zJClYsJ0TVpTdo5bxhC6MXbzckM4BKA93WISQIaFN3mAo9wsru4ErGHhAZtsYXkvRJ2P21o9PikhzDFIHg_i7V5EyRWgfQ5xCdQ5oM0svPN2ZLYHTCWwUb5HEXRDPX_IVQnJu4bxUE_JZPm6u0ukYXfDQA9bcShO-elxu-I&sig=Cg0ArKJSzKN_zJHn7KTTEAE&id=ampim&o=444,1298&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=296&tls=1301&g=54.44444417953491&h=100&tt=1301&r=v&avms=ampa&uap=Win32&uapv=10.0.0&uaa=x86&uam=&uafv=124.0.6367.118&uab=64&uafvl=%5B%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22124.0.6367.118%22%7D%2C%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22124.0.6367.118%22%7D%2C%7B%22brand%22%3A%22Not-A.Brand%22%2C%22version%22%3A%2299.0.0.0%22%7D%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 03 May 2024 11:58:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.144.js Show response
static.criteo.net/js/ld/ 96 KB
31 KB 62ms
27ms Script
text/javascript 2a02:2638:3::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.144.js

Requested by

Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.pb.js?c=Cx9860e3e:lv4dazj4:21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 11:58:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-1811e"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 04 May 2024 11:58:10 GMT

GET
H2 200 syncframe
gum.criteo.com/ Frame 94AF 0
0 50ms
17ms Document
text/html 2a02:2638:3::c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=sites.rootsweb.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://sites.rootsweb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 03 May 2024 11:58:09 GMT
server: Kestrel
server-processing-duration-in-ticks: 312406
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 publishertag.prebid.144.js Show response
static.criteo.net/js/ld/ 96 KB
0 0ms
0ms XHR
text/javascript 2a02:2638:3::3

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:3::3 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sites.rootsweb.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 11:58:10 GMT
content-encoding: gzip
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-1811e"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 04 May 2024 11:58:10 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/adview?ai=CXHgyT9E0ZqmNPMHc1PIP1qGusAHL_vynd-bMgaz3DdnZHhABIKD0tBxgleKQgqAHoAHThI3zA8gBAakCoYNFb0YGsj7gAgCoAwHIAwqqBP4BT9BRT8JKrsDjCl9VtuSMoxY1CDe2RaasGEBUI_K0ibAXFF3W9c3r_SvQzBN33JX5oVDP723V-IstzUxrOFD9aZ8McExiMjQHftKDeNtLcxoWm-lmWgCf_T6AfmGIsyAQB1jhW85uNh8MZn6iqwfwouHRZK7Y7aXjxQjdbhCi6QkjuFAm3sswG7PLvwjMXZV2bMMt8ORLlYSB0YTI7MDNIvsJFjIRBgDgifK5NRKvRAmUNpcuMzW22aKAM0mtGYH6VGbLfwaSyOyCVsr9wGFCGDiPJDVVtBU0WIdVpizoE6jWxiYv2VHnXixYMVUsktRjE6ruZqOzC1zBCaFtEt3ABLGnzqXCA-AEAYgFmv2t2TGSBQQIBBgBkgUECAUYBIAHlfvyDKgH2baxAqgH1ckbqAemvhuoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAf3wrEC2AcB8gcEEIiVBtIIKgiR4YBwEAEYHTIH64uA4L-ADToIAICAgICAlChIvf3BOliSgub2tvGFA5oJHWh0dHBzOi8vb3NkaW50ZXJuYXRpb25hbC5jb20vgAoDyAsB4g0TCJ655va28YUDFUEuVQgd1pALFtgTDYgUCtAVAZgWAYAXAbIXHgocCAASFHB1Yi0xMDQ4ODUyMTE5OTEwOTAxGLSWD7IYCRICsFIYASIBAA&sigh=lHWrundkxms&uach_m=%5B%5D&ase=2&nis=5&cbvp=2

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/adview?ai=Cve8bT9E0ZquNPMHc1PIP1qGusAGgr6u-d_zRstzuEae9w-raDxABIKD0tBxgleKQgqAHoAHN2-2UKcgBAakCoYNFb0YGsj7gAgCoAwHIAwqqBJkCT9AIYFVwgYJ-W6u-_T1Wa021VPRZH9Z4PpZPnbC-92em3lc5ugXU-QaZz8W60FooCM1jyHFs1D4YM2n9JV7dz4Lx5ic8nzQtPPadpUdT_aGe-zBZqBmcjtjc9TRB5ClXvtTmKGJyc6RsX9ZXnvP7DnkDAQukzy1v-M5ippfH-0TceYfRQoO_YH2-T4RLn2MK8s7Yd6eKimapKymdwClJfS2txVpSgcfoNVPm0vRMmI_VSBBxBH2_LDA3WPEgovRPzosCFn8S5nHkea3nhE4PYbMhdjCJBW6rrmbzBkDD8pftfIvc-F_jlpbChihI-QCkJkmV4DXkNk0x3nVwN8fMZOZmCzK_5HzYrt_QWq8t6k4HdViTGc_Rv8bABJHCp63LBOAEAYgFrduQx02SBQQIBBgBkgUECAUYBIAHzZO-9AOoB9m2sQKoB9XJG6gHpr4bqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH98KxAtgHAfIHBBCxwQfSCCoIkeGAcBABGB0yB-uLgOC_gA06CACAgICAgJQoSL39wTpYkoLm9rbxhQOaCRtodHRwczovL3RlbXBvc2VhcmNoLmNvbS9kc3KACgPICwHiDRMIn7nm9rbxhQMVQS5VCB3WkAsW2BMM0BUBgBcBshceChwIABIUcHViLTEwNDg4NTIxMTk5MTA5MDEYtJYPshgJEgLlWRgBIgEA&sigh=41Qoq3T2g1k&uach_m=%5B%5D&ase=2&nis=5&cbvp=2

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202404290101&jk=1554249875878760&bg=!4OOl46zNAAY3z2SHF887ADQBe5WfOOAyuqn_Kq34xRwq5diFkBFErsQKl5notoTeTh_hnHgicOmFH7omw9Q6cz6uyxY8AgAAADJSAAAAAmgBB34ANUPggtfUtvYvKW02i7RUwj9F2bywq3BO9IfsjG57yKrYgK-oCoXtSueaf0kO9qUnCfn_mEipmQKjBkczWWsU8gUl1yUnRmFf69Kq0FQG89uX-Wyp75PvkHqH7VPm1MjGEA4YiSpsg3kRJ2NRGWUFEpoRw3U5NVeOxifoqj5ahEp4IG3ad-MXNDkuVDNSppyjAcpft9hZwB_cZrs1ikYirD4R8hijDpy6KTDEyLRx380jzgNLOwX9AVpyVnrO-nRNwh8DLuR4Nev6pxC3slHzfVJOSdMqI7K9ELoX9_MpEo2N9Dt8byHp9gpyyc4aAfZQLouy29XZEDczgbIL2inzsInwkHEt9Kp5XprhUdZ7IpHLWIcIlXYZZn4sXbE8uhOVCZLbD5Za_Rci9V7ytbvzTYr8MpH_pAddW2gllnvb_p3HMjs9k4RDjd2naMxAeV_ZAJDXv1OkgzFNQmMJI6puSGijERPpzjrn3IdNcWBmi1HvL9kYA2ZzoTvpRfw7KkeqEfkDHI9nUe0U59efmyBUsYYZ8pX4ygaVI9K641Cx3sCfHHig3LzQyAg6QPFQmzzPm4wjIrZXxETp7TF276fSWMfmp1dSJ-TsR9IrzqxaOX9MOu9Pg7WAo3qTSclfgW0IXpvrSVBRfiQQSND_KM8p7-GoNrSoR2l487rVHtGXi_dfNxwzBZSje0YarFkYWfzp_tQRxFL2Jpecfwg1AcMPYdOLMPS2d-DDo-3gXxWQAcFNmJ1-hQQk9mfVGVLYc6ep2pdebx53kErVMwLG4y2q5lPrEDYT0T6xmCKmUKTwp_jrwBvLBF-I3RzjSq3iVnh2U5qwO-f7eoqRaYZR2LflX5m1XQUC0eC3m-2Lmib4F1FNESMSESdCVunSwRH5cHWzeNfhq0wqD0EAv1iux8EAYFk0VFJLyjhi7MPpveiysVDxGhV7nqeEnmcMRyGroCyUI2Tk7PxGrhmERUE4

Verdicts & Comments Add Verdict or Comment

186 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rootsweb.com/	1970-01-20 20:18:59	Name: __cf_bm Value: uCJIGiNaC.0loFOx5AW2bW8pCHoQtYy9uH9YOQrUkIo-1714737485-1.0.1.1-QZqrNNPsaa.Ib2W4fWlGr3bWuphJLON13M99ymNW4ljPqUc8HZLxtv1wcNjXbgIzh5fOALX.TH0Ydf4tI3axyg
.rootsweb.com/	1970-01-21 05:54:57	Name: an_split Value: 86
.rootsweb.com/	1969-12-31 23:59:59	Name: an_s_split Value: 25
.rootsweb.com/	1970-01-21 05:04:33	Name: utag_main Value: v_id:018f3e5199570000061489a607f20506f001b06700b08$_sn:1$_se:1$_ss:1$_st:1714739286168$ses_id:1714737486168%3Bexp-session$_pn:1%3Bexp-session$vapi_domain:rootsweb.com
.rootsweb.com/	1970-01-21 05:04:33	Name: cf_clearance Value: _z3la6ZjKoeY9MQnyy26fbMoa9CjZ284EoBVX9oizY8-1714737486-1.0.1.1-626.LO0rK1qUQe71V2On.0bnMLi5SkyJjDOcBz7pgCXWeEgRvf6cyj0l.mIu60MS7om1nUdGgLk50Ng.V6z_eA
.rootsweb.com/	1970-01-20 22:28:33	Name: _gcl_au Value: 1.1.1540667965.1714737486
.demdex.net/	1970-01-21 00:38:09	Name: demdex Value: 85494133323058566041056786246073005293
.rootsweb.com/	1969-12-31 23:59:59	Name: AMCVS_ED3301AC512D2A290A490D4C%40AdobeOrg Value: 1
.rootsweb.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.everesttech.net/	1970-01-21 05:04:33	Name: everest_g_v2 Value: g_surferid~ZjTRTgAAAFFEIQO5
.dpm.demdex.net/	1970-01-21 00:38:09	Name: dpm Value: 85494133323058566041056786246073005293
.rootsweb.com/	1970-01-21 05:54:57	Name: AMCV_ED3301AC512D2A290A490D4C%40AdobeOrg Value: 359503849%7CMCIDTS%7C19847%7CMCMID%7C85745782045409950611076622194607290692%7CMCAAMLH-1715342286%7C6%7CMCAAMB-1715342286%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1714744686s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19854%7CvVersion%7C5.0.1
.rootsweb.com/	1970-01-20 20:18:57	Name: lotame_domain_check Value: rootsweb.com
sites.rootsweb.com/	1970-01-20 21:02:09	Name: hb_insticator_uid Value: 74c5ea51-873c-41c0-a5a7-a064ff26e6eb
.adnxs.com/	1970-01-21 05:54:57	Name: receive-cookie-deprecation Value: 1
.rubiconproject.com/	1970-01-21 05:04:33	Name: khaos Value: LVQMFD3T-17-6GNB
.rubiconproject.com/	1970-01-21 05:04:33	Name: audit Value: 1\|yQuirGeEF6D1umxH+up6Nj5APvdogVCbaTd6KyMQnav7WhEtU9POVh7SAMpstjipTQgj9or5oPdj/FgS5daV+fPzJ6cr+j5/rIDGB9ub0nyXvnqSXrQ1MyKPLRELhl3x0A+VO7RH1E0=
prebid.media.net/	1970-01-21 00:38:09	Name: receive-cookie-deprecation Value: 1
.ingage.tech/	1970-01-20 20:18:59	Name: __cf_bm Value: YMqeBiUk.fr3E9L9bBGYsOsEE44tHTrLwyhdBYk_rB0-1714737487-1.0.1.1-QFfJNJtI567fTgpSjf9rdUL_yB4j_tRZjBVBy2vUsaE0qN3gDY2.kbm51Q1FB_GCqTwiTml_f4It4pW6r0xwtw
.id5-sync.com/	1970-01-20 22:28:33	Name: id5 Value: 23b7349a-5251-771c-b48e-7098bde001b1#1714737488280#1
.rootsweb.com/	1970-01-21 00:38:09	Name: __eoi Value: ID=85f038737acb83b7:T=1714737487:RT=1714737487:S=AA-AfjYWrsO48jJez5CcnL8gVm1a

29 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://sites.rootsweb.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.rootsweb.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.rootsweb.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.rootsweb.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.rootsweb.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.rootsweb.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.rootsweb.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.rootsweb.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.rootsweb.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.rootsweb.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.rootsweb.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://sites.rootsweb.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://sites.rootsweb.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.rootsweb.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.rootsweb.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.rootsweb.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.rootsweb.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.rootsweb.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.rootsweb.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.rootsweb.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.rootsweb.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.rootsweb.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.rootsweb.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.rootsweb.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.rootsweb.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.rootsweb.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.rootsweb.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.rootsweb.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sites.rootsweb.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2acc326bfade68b04555e4d426800f2b.safeframe.googlesyndication.com
a.ad.gt
aax.amazon-adsystem.com
ad-delivery.net
ad.doubleclick.net
adspsp.com
ancestry-mcsp.demdex.net
ancestry.sc.omtrdc.net
ap.lijit.com
api.btloader.com
api.lytics.io
bcp.crwdcntrl.net
bidder.criteo.com
btloader.com
btlr.sharethrough.com
c.amazon-adsystem.com
cdn.ampproject.org
cdn.hadronid.net
cdn.id5-sync.com
cm.everesttech.net
config.aps.amazon-adsystem.com
dpm.demdex.net
ex.ingage.tech
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
go.newspapers.com
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.hadron.ad.gt
id5-sync.com
lb.eu-1-id5-sync.com
pagead2.googlesyndication.com
prebid.media.net
proc.ad.cpe.dotomi.com
prod.adspsp.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
rtb.openx.net
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
sites.rootsweb.com
smetrics.ancestry.com
static.criteo.net
tags.crwdcntrl.net
tags.tiqcdn.com
tlx.3lift.com
tpc.googlesyndication.com
web.hb.ad.cpe.dotomi.com
www.googletagmanager.com
pagead2.googlesyndication.com
104.17.112.43
104.18.36.155
104.18.38.32
108.138.6.136
13.35.58.11
130.211.23.194
141.95.98.65
142.250.185.166
162.19.138.120
172.217.18.2
176.34.140.246
178.250.1.8
18.66.143.149
184.30.211.26
185.64.189.112
216.58.206.34
2600:9000:235a:4200:7:2bfb:7c00:93a1
2602:803:c003:200::21
2606:4700:10::6816:3456
2606:4700:10::6816:34ad
2606:4700:10::6816:4bd8
2606:4700:10::6816:545
2606:4700:10::ac43:17ea
2606:4700:20::ac43:4513
2606:4700::6812:1ad8
2a00:1450:4001:800::2003
2a00:1450:4001:810::200a
2a00:1450:4001:81d::2008
2a00:1450:4001:830::2001
2a00:1450:4001:831::2001
2a02:2638:3::3
2a02:2638:3::c
2a02:fa8:8806:20::2100
3.124.64.248
3.209.165.87
3.248.114.134
34.120.63.153
35.190.11.84
35.227.252.103
37.252.171.149
44.241.111.109
52.18.190.199
52.208.49.113
52.48.195.79
52.58.37.98
63.140.62.17
63.140.62.222
65.9.66.68
99.86.4.30
002bec2933f636b3afbe28237e56bd1e3b9692038109e18fc1d504b0033bb472
023740dafad6ea2c6e50968f80e4a994ccff22989518edd4344bd09f2792e4a6
02ff83d1cafbc9dfdbad351fec8e79b8a9434b7b2d32583c8e3c82ae2c4760ee
04fcb3b36a8a7bdccb4d6d19f659416dbea46e4599303c362b95cc36b079c1ce
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
059fc25215bb467a58f00fd4386ed26a3744f2a928a44bcc237914172567f379
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
12538d353147de54833dc7870e3d15f9a48c7d4a8210f6b9de9e253aad21b3ef
1c46f90448f9817fcec311ee3247679ecea2b1aaf4fa4ea582072596228b76d1
23124c582038a7eaba1be726331e2b46ee4d5b5dbffcafc2de19aeffb0050e4b
24ad22beeb2126f15b299eea5a709f2d3aa653509635a0df0946f3b96c1ce209
2ddd96839c08e8cbdd3b1f56569b6d4770021731534b98dd17dec8526bb0d151
303ccf36bfa5fc56fbcad57a7893fc0eac4d5b3a3bc1e693ff1cc4029c745c0d
3136c3bf8c811e5df165afa1f21af7f2b3bbf39bd11333a667b9fc93bf027d1d
353ec08cf915ec1f77cfc3d6552579d71ae4750f8bf83a8d80a4c567bbc251f9
4237213aa9a683a6cc919d846d81fedbb8c83a79c2cac2b90a4e491f2af3ef98
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44f8ada2453f6309e0e6fa2d5a36d2b933186697a9338e1469e1ed6a9a47128e
4a74cf7bdeaa637ea1a53b622fbd1e4eaa047d216ef187c85863b0bc2174e895
51586ec2d56dc12c32b65b0612d89695b3a5b7d0c91592acad6ec8a04f8701aa
527eeba069f49cf98ffebb808e10118331fba5d1c33e86cd1dc04c92cd313728
56913d6ccc2425e50f99d9b815ff79b629a267c4b0b39a78b0fbc5c338045bf7
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62a666cdba8a6a98bb81c03a0b89c1df286a14de5f2b8cfd47a5c5a2797c81ae
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
674d1ff7419bdf7f1dafd4a41db01a4feb1d802122213ecc456dd43f72791984
6808baa0b4784c9dbd3d74b0897da5d81d48a473b9684c59bb29d67d71ba127d
6911c20d7d207f77fade5004b7821f52ffacbfcdad27ef65182a2aaf427962b0
69c855c453a6e77d0a687fa9dea8ac62b3bb42a07f269a24f70745932eb411f3
6ab10007f4b421ed89e1834da2301f0e9daf9032394ad87e2e251543208c9e93
6c23189a33d77356966f7dffcca004aa4063ddaabbfa688c79808ae1c296be6c
6e9a2faa245518a10391c2eaba8a2a2496efac39f21794a4d381f02ef8bcee03
70adda2e5c4c62723dca2f201e0bb036ced24d01073f73049211a873aa957c75
7161a29e0fb836c3dc332cf2d0c574b1a0f8860a70ffcb030555be6b3d125a9a
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36
74c49912f245e02dab30e284078aa453d56537650f0aae38b1e2deec39916ef2
76a892ac14f8a5110763c6d9bd4743d66e3b69db246fd5540059b2e418f9bde3
7b63053a0cbd52af03fc78123ae615e9f0fa9abe36f08d42c2478ceb125a3760
7b7403130894780a57d45799c6f9b2045a668072e44822c43e9ca34894b0bafb
7f8b9d4e9dfbeb3444a0e22c3cdaf6830a8a4801b3cb4bfbfae37df03c04296d
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8b6538819fdb1a36d4dd4ffca15439d6bb559943e8fdc22066a35d99deed83da
9d497a6ffb57d6211ba499b4ca97d55b5dc60d3c97bb0fcb849a29e2ee243d68
9fd68cadc8e7d22b12588b3e8f154810fe9a4d016752adf17e3aa03e580ee9cb
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a3228e581166148bbc8835c291cfb85fda3f63815a14c8037e6b5e8ba6a3d2bb
ac0de4b42abf65a70a248df54d442549060d9c7d478dbffcc975fa3b5b2eb2a0
aca701811d62eb608d12b174231be1ceae3449fe0f4bc847469ff22aab8ca9a5
b5ea0b0db096a448f119be16ce2dbd9d5811db9470d79151605dd54e12bf7108
ba6a49b4567c1d0abb7d066626b3290cc404a5214712d90685743ee20b3ecb94
bccedb8be5cb2c16a0544e165e9bf7ac28a2a179f3f076ec251a4f9b500b0e86
bd66a4cb857cf0346876eb4d7c5d3fcc058b569269f40ee0187a5e1d5f24eee1
c4074644c39014bede116421f0e0e748572d54a00d6b0f49c35179cf28cdbb27
cad34f45d5aa6335f2482ce38280fb7e1101dc7346c3db0ee31af21fb35e2a4d
cc493a67c97cd871696372b348c0fc224b23549edb365e1da49fd28e216c7dd7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d096cbb399775987c7189c2d52a875250bfe705bea32a5f4de60e0b1a745ec4e
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
db045f4c6b2b353f88c725c9aaa0acf2c97c6ed66c2553eb5cf40de3ba2c2826
dcfce07901432b36b8f27ebb49f807d46e524f3df9a9a1efbded41c6c32beed3
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
e1e1ee1e7fd6ae8c3bcf650d3a1a277871d4fee316f8d305fdf8c6e1884325d3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e563f60814c73c0f4261067bd14c15f2c7f72ed2906670ed4076ebe0d6e9244a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f60fb1881afa6a19fff2c5fc34478eb360da97edc37215bbe61e86b632f258ee
ff15ac47504bb557006756aaba7dc0eadcf935f9633390f379405085d9f85de8
ff978774e984bd273256efb2220e4cc0e1252ce7f520c3af8e6305d84e27263e

sites.rootsweb.com Open in urlscan Pro 104.18.38.32 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

108 Requests

94 %HTTPS

35 %IPv6

38 Domains

51 Subdomains

49 IPs

8 Countries

1119 kBTransfer

4018 kBSize

21 Cookies

10 Outgoing links

Redirected requests

108 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

sites.rootsweb.com Open in urlscan Pro
104.18.38.32 Public Scan

Screenshot
Live screenshot

Full Image

108
Requests

94 %
HTTPS

35 %
IPv6

38
Domains

51
Subdomains

49
IPs

8
Countries

1119 kB
Transfer

4018 kB
Size

21
Cookies

108 HTTP transactions
3 data transactions