sites.rootsweb.com Open in urlscan Pro
104.18.14.210 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://sites.rootsweb.com/
Effective URL:
https://sites.rootsweb.com/
Submission: On January 21 via api (January 21st 2023, 8:01:55 am UTC) from CH — Scanned from DE

Summary HTTP 23 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 12 IPs in 5 countries across 11 domains to perform 23 HTTP transactions. The main IP is 104.18.14.210, located in and belongs to CLOUDFLARENET, US. The main domain is sites.rootsweb.com. The Cisco Umbrella rank of the primary domain is 247706.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 4th 2022. Valid for: a year.

This is the only time sites.rootsweb.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	104.18.14.210 104.18.14.210	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.95.10 65.9.95.10	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	18.66.23.213 18.66.23.213	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400d:80a::2008	15169 (GOOGLE) (GOOGLE)
3	104.75.88.194 104.75.88.194	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:211... 2600:9000:211a:2600:1e:7118:9c80:93a1	() ()
2	52.36.196.217 52.36.196.217	16509 (AMAZON-02) (AMAZON-02)
1	35.190.11.84 35.190.11.84	15169 (GOOGLE) (GOOGLE)
1 3	52.30.252.118 52.30.252.118	16509 (AMAZON-02) (AMAZON-02)
1	52.215.109.101 52.215.109.101	16509 (AMAZON-02) (AMAZON-02)
2	13.37.25.97 13.37.25.97	16509 (AMAZON-02) (AMAZON-02)
1 1	54.229.62.148 54.229.62.148	16509 (AMAZON-02) (AMAZON-02)
23	12

4 104.18.14.210 (None, )

ASN13335 (CLOUDFLARENET, US)

sites.rootsweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-10.prg50.r.cloudfront.net

prod.adspsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.23.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-23-213.vie50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80a::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.75.88.194 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-194.deploy.static.akamaitechnologies.com

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211a:2600:1e:7118:9c80:93a1 (United States)

ASN- ()

geo.adspsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.36.196.217 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-36-196-217.us-west-2.compute.amazonaws.com

adspsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.11.84 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 84.11.190.35.bc.googleusercontent.com

api.lytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.30.252.118 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-252-118.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.215.109.101 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-109-101.eu-west-1.compute.amazonaws.com

ancestry-mcsp.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.37.25.97 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-37-25-97.eu-west-3.compute.amazonaws.com

ancestry.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
smetrics.ancestry.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.229.62.148 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-62-148.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 201 ancestry-mcsp.demdex.net — Cisco Umbrella Rank: 41811	6 KB
4	adspsp.com prod.adspsp.com — Cisco Umbrella Rank: 15251 geo.adspsp.com — Cisco Umbrella Rank: 62448 adspsp.com — Cisco Umbrella Rank: 13667	116 KB
4	rootsweb.com sites.rootsweb.com — Cisco Umbrella Rank: 247706	33 KB
3	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 969	80 KB
3	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190	158 KB
2	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 293	48 KB
1	ancestry.com smetrics.ancestry.com — Cisco Umbrella Rank: 36697	373 B
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 974	517 B
1	omtrdc.net ancestry.sc.omtrdc.net — Cisco Umbrella Rank: 399042	268 B
1	lytics.io api.lytics.io — Cisco Umbrella Rank: 22709	401 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 41	38 KB
23	11

	Domain	Requested by
4	sites.rootsweb.com	sites.rootsweb.com
3	dpm.demdex.net	1 redirects sites.rootsweb.com
3	tags.tiqcdn.com	sites.rootsweb.com tags.tiqcdn.com
3	securepubads.g.doubleclick.net	sites.rootsweb.com securepubads.g.doubleclick.net
2	adspsp.com	sites.rootsweb.com
2	c.amazon-adsystem.com	sites.rootsweb.com c.amazon-adsystem.com
1	smetrics.ancestry.com	sites.rootsweb.com
1	cm.everesttech.net	1 redirects
1	ancestry.sc.omtrdc.net	tags.tiqcdn.com
1	ancestry-mcsp.demdex.net	tags.tiqcdn.com
1	api.lytics.io	tags.tiqcdn.com
1	geo.adspsp.com	prod.adspsp.com
1	www.googletagmanager.com	sites.rootsweb.com
1	prod.adspsp.com	sites.rootsweb.com
23	14

This site contains links to these domains. Also see Links.

Domain
www.ancestry.com
home.rootsweb.com
corporate.ancestry.com
support.rootsweb.com
useraccount.rootsweb.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-09-04` - `2023-09-04`	a year	crt.sh
prod.adspsp.com Amazon	`2022-12-18` - `2024-01-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.tiqcdn.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-12` - `2024-01-14`	a year	crt.sh
geo.adspsp.com Amazon	`2022-12-21` - `2024-01-19`	a year	crt.sh
adspsp.com Amazon	`2022-12-17` - `2024-01-15`	a year	crt.sh
*.lytics.io DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-15` - `2023-10-16`	a year	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
*.sc.omtrdc.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-17` - `2023-03-07`	a year	crt.sh
smetrics.ancestry.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://sites.rootsweb.com/
Frame ID: A70C89D24B431A3AC21031A9D4F75B86
Requests: 19 HTTP requests in this frame

Frame: https://sites.rootsweb.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1674288000
Frame ID: E552412AEAA6910915238CCD0BC806E4
Requests: 3 HTTP requests in this frame

Frame: https://ancestry-mcsp.demdex.net/dest5.html?d_nsid=0
Frame ID: BA8DF40475BAB5E02CB01BF01980DA62
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://sites.rootsweb.com/ HTTP 307
https://sites.rootsweb.com/ Page URL

Detected technologies

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Page Statistics

23
Requests

91 %
HTTPS

23 %
IPv6

11
Domains

14
Subdomains

12
IPs

5
Countries

479 kB
Transfer

1441 kB
Size

12
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ancestry.com/s33216/t10989/grid1005/rd.ashx
Title: Ancestry.com

Search URL Search Domain Scan URL

URL: https://home.rootsweb.com/support
Title: Learn more.

Search URL Search Domain Scan URL

URL: https://corporate.ancestry.com/
Title: About Us

Search URL Search Domain Scan URL

URL: https://support.rootsweb.com/s/contactsupport
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.ancestry.com/cs/legal/copyright-policy
Title: Copyright

Search URL Search Domain Scan URL

URL: https://useraccount.rootsweb.com/websites/reportInappropriateWebsite?url=/
Title: Report Inappropriate Material

Search URL Search Domain Scan URL

URL: https://www.ancestry.com/corporate/
Title: Corporate Information

Search URL Search Domain Scan URL

URL: https://www.ancestry.com/cs/legal/privacyphilosophy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.ancestry.com/cs/legal/termsandconditions
Title: Terms and Conditions

Search URL Search Domain Scan URL

URL: https://www.ancestry.com/cs/legal/privacystatement#personal-info-categories
Title: CCPA Notice at Collection

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sites.rootsweb.com/ HTTP 307
https://sites.rootsweb.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=ED3301AC512D2A290A490D4C%40AdobeOrg&d_nsid=0&ts=1674288110725 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=ED3301AC512D2A290A490D4C%40AdobeOrg&d_nsid=0&ts=1674288110725

Request Chain 19

https://cm.everesttech.net/cm/dd?d_uuid=64970906645459953953617242170421501733 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y8ub7wAAAHqPVQN6

23 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
sites.rootsweb.com/
Redirect Chain

http://sites.rootsweb.com/
https://sites.rootsweb.com/

5 KB
3 KB

727ms
514ms

Document
text/html

104.18.14.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sites.rootsweb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.14.210 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ea85760fe8306f291118b3c6bd951a1acce3ae3e234e4e29532fb2c6c24be01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 78ce862c895abbbf-FRA
content-encoding: gzip
content-type: text/html
date: Sat, 21 Jan 2023 08:01:50 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://sites.rootsweb.com/
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK adb.5781260.min.js Show response
prod.adspsp.com/ 363 KB
116 KB 78ms
24ms Script
application/javascript 65.9.95.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.adspsp.com/adb.5781260.min.js
Requested by: Host: sites.rootsweb.com
URL: https://sites.rootsweb.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-10.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8e2800503b8b2c1f4eea992835d742fa0a7d7c1db2f32b616693dd585c8a07f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sites.rootsweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 21 Jan 2023 00:17:20 GMT
Content-Encoding: gzip
Via: 1.1 2a9856881d192b485d1bf1928e98c7ec.cloudfront.net (CloudFront)
Last-Modified: Wed, 18 Jan 2023 23:49:48 GMT
Server: AmazonS3
X-Amz-Cf-Pop: PRG50-C1
Age: 29507
ETag: W/"7ac987fcac9c306d4fe690b058b9dfa9"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: ZAZo50Xe5320EiV5bM7LoBVjPa8xqqgfDjbO5FlKOhns6OIlAUjnpA==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 72ms
21ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: sites.rootsweb.com
URL: https://sites.rootsweb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dc4b7e55acd9cfebf785fda170afd378f8f3a3b4c04a9f7c964d5da409b82fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sites.rootsweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 08:01:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27723
x-xss-protection: 0
server: sffe
etag: "1458 / 527 of 1000 / last-modified: 1674256154"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 21 Jan 2023 08:01:50 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 179 KB
45 KB 110ms
20ms Script
application/javascript 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: sites.rootsweb.com
URL: https://sites.rootsweb.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-213.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a1a74eef6e94e2e8414e313d3dac9c34b11fccf52909e9eb833ce2cf70ced650

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sites.rootsweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 07:41:47 GMT
content-encoding: gzip
via: 1.1 9ef1b108656dc6d0707b168b862883dc.cloudfront.net (CloudFront), 1.1 75373f3f77c169166bbce98d302dff7c.cloudfront.net (CloudFront)
last-modified: Thu, 19 Jan 2023 20:39:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, VIE50-P1
age: 1204
x-amz-server-side-encryption: AES256
etag: W/"09722bdf068e1f62e3d9a9e39a8dde87"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: BseXPQouUM8A4ZITLXcqHk2VUncirK905rGdqN8L8Oi-FCLrE8gKtw==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 95 KB
38 KB 136ms
49ms Script
application/javascript 2a00:1450:400d:80a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NSWCNL5

Requested by

Host: sites.rootsweb.com
URL: https://sites.rootsweb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9ae38ac4447e6a803898f0161e016b041ddd8ad3a11b12b7b10f2bccc29cc7d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sites.rootsweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 08:01:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38126
x-xss-protection: 0
last-modified: Sat, 21 Jan 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 21 Jan 2023 08:01:50 GMT

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/ancestry/rootsweb/prod/ 206 KB
61 KB 487ms
376ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/ancestry/rootsweb/prod/utag.js
Requested by: Host: sites.rootsweb.com
URL: https://sites.rootsweb.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 527eeba069f49cf98ffebb808e10118331fba5d1c33e86cd1dc04c92cd313728

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sites.rootsweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

unused62: 8096267
date: Sat, 21 Jan 2023 08:01:50 GMT
content-encoding: gzip
last-modified: Wed, 15 Dec 2021 17:17:40 GMT
server: AkamaiNetStorage
etag: "3bb7f8eb7d6fa217d341130fd9927625:1639588660.162267"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
expires: Sat, 21 Jan 2023 08:06:50 GMT

GET
H2 200 invisible.js Show response
sites.rootsweb.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame E552 39 KB
19 KB 17ms
17ms Script
application/javascript 104.18.14.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sites.rootsweb.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1674288000

Requested by

Host: sites.rootsweb.com
URL: https://sites.rootsweb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.14.210 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9d8ad6670f4daa7713facdf93190d385a43a075eca8df80da38e8d0fbda7bd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 08:01:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 78ce86301f27bbbf-FRA

GET
H2 200 pubads_impl_2023011701.js Show response
securepubads.g.doubleclick.net/gpt/ 384 KB
130 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011701.js?cb=31071687

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1187aaf2d088463fbbbaa64b5f8c3f981297c56c8ce9058084542ae4a3dc62c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sites.rootsweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 10:47:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76469
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133140
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 09:35:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 20 Jan 2024 10:47:21 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 134 B
109 B 62ms
43ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=sites.rootsweb.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

446fc13e2a46ca819512ae03e9537054eeb3f1cf99ea628dc79e5a6724ca159c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sites.rootsweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 08:01:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84
x-xss-protection: 0
expires: Sat, 21 Jan 2023 08:01:50 GMT

GET
H2 200 / Show response
geo.adspsp.com/ 4 B
337 B 436ms
328ms XHR
text/plain 2600:9000:211a:2600:1e:7118:9c80:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.adspsp.com/
Requested by: Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:2600:1e:7118:9c80:93a1 , United States, ASN (),
Reverse DNS
Software: /
Resource Hash: c6c3342285049f5853f348e007471b75ec2a5d3966dbe7fc3e908fc530bcac37

Request headers

Referer: https://sites.rootsweb.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 21 Jan 2023 08:01:50 GMT
via: 1.1 8f6bdaf52990daaab8fe7162027bdec4.cloudfront.net (CloudFront)
x-adb-procip: 2001:ac8:20:272::2e, 130.176.38.111
x-adb-rmadr: ::ffff:10.0.0.249
x-amz-cf-pop: VIE50-C2
x-cache: Miss from cloudfront
access-control-allow-origin: *
x-adb-fwdip: 2001:ac8:20:272::2e, 130.176.38.111
content-length: 4
x-amz-cf-id: awlQeT0Cq40eAeY12MLsjvs0EGsK2SBT7K7TAWySVAkUUSgeaFFFhA==

GET
H2 200 pica.js
sites.rootsweb.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame E552 22 KB
10 KB 32ms
32ms Other
application/javascript 104.18.14.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sites.rootsweb.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js

Requested by

Host: sites.rootsweb.com
URL: https://sites.rootsweb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.14.210 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c186ee4927df460b9ae69ab3a1de48846d25b3fcdf10998e064657c711678a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 08:01:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 78ce8630b82fbbbf-FRA

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 56ms
19ms XHR
application/javascript 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-213.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sites.rootsweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: 1R3b4YI9dI20q9Y7Gq1DHxVUnq3Fp2gn
content-encoding: gzip
via: 1.1 a17242a6cf9be61e0412ecea1610cbde.cloudfront.net (CloudFront)
date: Sat, 21 Jan 2023 03:33:34 GMT
x-amz-cf-pop: VIE50-P1
age: 16097
x-cache: Hit from cloudfront
last-modified: Fri, 23 Dec 2022 01:05:48 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: JpW11bT8O7b9V1Hh6rhAJ5JLIMN1SEY6W_osVfNQCbmK2hsdkAS0Og==

GET
H/1.1 204
No Content /
adspsp.com/pt/5781260/19/1/ 0
110 B 720ms
171ms Image
image/png 52.36.196.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adspsp.com/pt/5781260/19/1/?a=2,aX0,NfhdbgC9c8&aa=&b=&e=&c=https%3A%2F%2Fsites.rootsweb.com%2F&d=&f=1.ld5nwt8e.2To0&g=2Trf&u=fc484135:ld2bg1mi:391&v=18g.xc.0.xc.1.0&m=z&iD=N&i1=G&rnd=1674288110298
Requested by: Host: sites.rootsweb.com
URL: https://sites.rootsweb.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.36.196.217 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-196-217.us-west-2.compute.amazonaws.com
Software: linux /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sites.rootsweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Server: linux
Connection: keep-alive
Content-Length: 0
Content-Type: image/png

POST
H2 200 78ce862c895abbbf Show response
sites.rootsweb.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame E552 2 B
388 B 28ms
27ms XHR
text/plain 104.18.14.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sites.rootsweb.com/cdn-cgi/challenge-platform/h/g/cv/result/78ce862c895abbbf

Requested by

Host: sites.rootsweb.com
URL: https://sites.rootsweb.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1674288000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.14.210 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 21 Jan 2023 08:01:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
cf-ray: 78ce8633cd70bbbf-FRA
content-type: text/plain; charset=UTF-8

GET
H2 200 00000000-0000-0000-0000-000000000000 Show response
api.lytics.io/api/me/6578caa0cdaa8dfcd95d5e6d3de12cc8/ucdmid/ 76 B
401 B 170ms
125ms XHR
application/json 35.190.11.84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lytics.io/api/me/6578caa0cdaa8dfcd95d5e6d3de12cc8/ucdmid/00000000-0000-0000-0000-000000000000?fields=behavior_is_current_subscriber&segments=true

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ancestry/rootsweb/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.11.84 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

84.11.190.35.bc.googleusercontent.com

Software

lytics.io 6ce1d081257e9c7cf3399ec25cb288ce8ae801f5 /

Resource Hash

674d1ff7419bdf7f1dafd4a41db01a4feb1d802122213ecc456dd43f72791984

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sites.rootsweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=63072000;
content-encoding: gzip
via: 1.1 google
date: Sat, 21 Jan 2023 08:01:50 GMT
server: lytics.io 6ce1d081257e9c7cf3399ec25cb288ce8ae801f5
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://sites.rootsweb.com
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, *
content-length: 95
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=ED3301AC512D2A290A490D4C%40AdobeOrg&d_nsid=0&ts=1674288110725
https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=ED3301AC512D2A290A490D4C%40AdobeOrg&d_nsid=0&ts=1674288110725

372 B
1 KB

32ms
32ms

XHR
application/json

52.30.252.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=ED3301AC512D2A290A490D4C%40AdobeOrg&d_nsid=0&ts=1674288110725

Requested by

Host: sites.rootsweb.com
URL: https://sites.rootsweb.com/

Protocol

HTTP/1.1

Server

52.30.252.118 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-252-118.eu-west-1.compute.amazonaws.com

Software

Resource Hash

20ee7bd31e179734872e67c5060eab80071d9971eb22cd2e0e1f84df86de4ee8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sites.rootsweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v045-0665c523e.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: XBFu9Z/uSYY=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://sites.rootsweb.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 313
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v045-09e3db1c5.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: btY+trE6R5E=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://sites.rootsweb.com
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=ED3301AC512D2A290A490D4C%40AdobeOrg&d_nsid=0&ts=1674288110725
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 utag.107.js Show response
tags.tiqcdn.com/utag/ancestry/rootsweb/prod/ 54 KB
19 KB 15ms
15ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/ancestry/rootsweb/prod/utag.107.js?utv=ut4.46.202102022145
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ancestry/rootsweb/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6e9a2faa245518a10391c2eaba8a2a2496efac39f21794a4d381f02ef8bcee03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sites.rootsweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

unused62: 8096267
date: Sat, 21 Jan 2023 08:01:50 GMT
content-encoding: gzip
last-modified: Mon, 23 Nov 2020 19:41:39 GMT
server: AkamaiNetStorage
etag: "ae6f626844a5d32f045d5d129b482e7a:1606160499.319867"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 18980
expires: Sun, 05 Feb 2023 08:01:50 GMT

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
216 B 18ms
17ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=ancestry/rootsweb/202112151717&cb=1674288110755
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ancestry/rootsweb/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sites.rootsweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

unused62: 8096267
date: Sat, 21 Jan 2023 08:01:50 GMT
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type: application/x-javascript
cache-control: max-age=600
accept-ranges: bytes
content-length: 2
expires: Sat, 21 Jan 2023 08:11:50 GMT

GET
H/1.1 200
OK dest5.html Show response
ancestry-mcsp.demdex.net/ Frame BA8D 7 KB
3 KB 201ms
31ms Document
text/html 52.215.109.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ancestry-mcsp.demdex.net/dest5.html?d_nsid=0

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ancestry/rootsweb/prod/utag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.215.109.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-215-109-101.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://sites.rootsweb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-1-v045-0333db6ef.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: eeZjKyCqQ3E=
content-encoding: gzip
date: Sat, 21 Jan 2023 08:01:51 GMT
last-modified: Fri, 28 Oct 2022 11:07:23 GMT
vary: accept-encoding

GET
H2 200 id Show response
ancestry.sc.omtrdc.net/ 2 B
268 B 68ms
18ms XHR
application/x-javascript 13.37.25.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ancestry.sc.omtrdc.net/id?d_visid_ver=5.0.1&d_fieldgroup=A&mcorgid=ED3301AC512D2A290A490D4C%40AdobeOrg&mid=65169448932616456103632608046584435340&ts=1674288110960

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ancestry/rootsweb/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.37.25.97 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-37-25-97.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sites.rootsweb.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 21 Jan 2023 08:01:51 GMT
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://sites.rootsweb.com
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 2
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=Y8ub7wAAAHqPVQN6
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=64970906645459953953617242170421501733
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y8ub7wAAAHqPVQN6

42 B
942 B

32ms
32ms

Image
image/gif

52.30.252.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y8ub7wAAAHqPVQN6

Requested by

Host: sites.rootsweb.com
URL: https://sites.rootsweb.com/

Protocol

HTTP/1.1

Server

52.30.252.118 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-252-118.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sites.rootsweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v045-06cd512cb.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: aQycqM2hRMA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y8ub7wAAAHqPVQN6
Date: Sat, 21 Jan 2023 08:01:51 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 s62078801746101
smetrics.ancestry.com/b/ss/ancestry-global/1/JS-2.20.0/ 43 B
373 B 74ms
17ms Image
image/gif 13.37.25.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://smetrics.ancestry.com/b/ss/ancestry-global/1/JS-2.20.0/s62078801746101?AQB=1&ndh=1&pf=1&t=21%2F0%2F2023%208%3A1%3A51%206%200&sdid=4A524C0930A43E92-01E289D73DAFC010&mid=65169448932616456103632608046584435340&aamlh=6&ce=UTF-8&ns=ancestry&pageName=ancestry%20rootsweb%20%3A%20hostedsites%20%3A%20&g=https%3A%2F%2Fsites.rootsweb.com%2F&cc=USD&ch=rootsweb&server=rootsweb.com&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c11=00000000-0000-0000-0000-000000000000&v12=rootsweb&v13=us&v14=rootsweb&c23=nrvisitor&v23=nrvisitor&c24=not%20win%20back&c35=non%20dna%20user&v35=non%20dna%20user&v41=ancestry%20rootsweb%20%3A%20hostedsites%20%3A%20&c42=ancestry%20rootsweb%20%3A%20hostedsites&v42=ancestry%20rootsweb%20%3A%20hostedsites&c43=ancestry%20rootsweb%20%3A%20hostedsites%20%3A%20&v43=ancestry%20rootsweb%20%3A%20hostedsites%20%3A%20&c44=202301210801&v44=202301210801&c45=sites.rootsweb.com%2F&v45=sites.rootsweb.com%2F&c49=01%2F21%2F2023%201%3A01%3A50&v49=01%2F21%2F2023%201%3A01%3A50&c50=ancestry%20rootsweb%20%3A%20hostedsites%20%3A%20&v65=00000000-0000-0000-0000-000000000000&c68=sites.rootsweb.com&c73=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F109.0.5414.74%20Safari%2F537.36&v98=interactive%3C1.00s&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=ED3301AC512D2A290A490D4C%40AdobeOrg&AQE=1

Requested by

Host: sites.rootsweb.com
URL: https://sites.rootsweb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.37.25.97 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-37-25-97.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sites.rootsweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Jan 2023 08:01:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Sun, 22 Jan 2023 08:01:51 GMT
server: jag
etag: 3595506341843173376-4619363676266597175
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 20 Jan 2023 08:01:51 GMT

GET
H/1.1 204
No Content /
adspsp.com/pt/5781260/17/1/ 0
110 B 173ms
173ms Image
image/png 52.36.196.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adspsp.com/pt/5781260/17/1/?a=2,aX0,NfhdbgC9c8&aa=&b=GDPRBlockAll&e=&c=https%3A%2F%2Fsites.rootsweb.com%2F&d=&f=1.ld5nwt8e.2To0&g=2T1g3&u=fc484135:ld2bg1mi:391&v=18g.xc.0.xc.1.0&m=z&iD=N&i1=G&rnd=1674288111185
Requested by: Host: sites.rootsweb.com
URL: https://sites.rootsweb.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.36.196.217 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-196-217.us-west-2.compute.amazonaws.com
Software: linux /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sites.rootsweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Server: linux
Connection: keep-alive
Content-Length: 0
Content-Type: image/png

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rootsweb.com/	1970-01-20 18:40:48	Name: _pubcid Value: 99e366ce-e927-410b-9d47-9ee4d1615640
.rootsweb.com/	1970-01-20 09:06:14	Name: adbrgn Value: DEHE
.rootsweb.com/	1970-01-20 09:04:49	Name: __cf_bm Value: MG.JoEuaHxreV8lLbOFTLdcOXC6U7I3TIz69S5W6v6g-1674288110-0-AQFSoqBDvnDlbgQNBOTHczNFZaWc+7xjZdoymLcUXsvWpxGMvSFJhHJvWcN1qXOmkyC53hhKuQ6Vd4UXVISCVcQf14wXeLeTbtuWYW8HOZFZWbJAdFCse4Xugpo6RuHO5oic/gYfSg1DDHj0QaD91guX1U4GpKBJofgGwfq/oIC1upZ7FX8FcHGowPHby++Fdw==
.rootsweb.com/	1970-01-20 18:40:48	Name: an_split Value: 90
.rootsweb.com/	1969-12-31 23:59:59	Name: an_s_split Value: 61
.rootsweb.com/	1970-01-20 17:50:24	Name: utag_main Value: v_id:0185d3591c720014a6fc9289924503073001b06b00b08$_sn:1$_se:1$_ss:1$_st:1674289910707$ses_id:1674288110707%3Bexp-session$_pn:1%3Bexp-session$vapi_domain:rootsweb.com
.demdex.net/	1970-01-20 13:24:00	Name: demdex Value: 64970906645459953953617242170421501733
.rootsweb.com/	1969-12-31 23:59:59	Name: AMCVS_ED3301AC512D2A290A490D4C%40AdobeOrg Value: 1
.rootsweb.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.everesttech.net/	1970-01-20 17:50:24	Name: everest_g_v2 Value: g_surferid~Y8ub7wAAAHqPVQN6
.dpm.demdex.net/	1970-01-20 13:24:00	Name: dpm Value: 64970906645459953953617242170421501733
.rootsweb.com/	1970-01-20 18:40:48	Name: AMCV_ED3301AC512D2A290A490D4C%40AdobeOrg Value: 359503849%7CMCIDTS%7C19379%7CMCMID%7C65169448932616456103632608046584435340%7CMCAAMLH-1674892910%7C6%7CMCAAMB-1674892910%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1674295311s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19386%7CvVersion%7C5.0.1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adspsp.com
ancestry-mcsp.demdex.net
ancestry.sc.omtrdc.net
api.lytics.io
c.amazon-adsystem.com
cm.everesttech.net
dpm.demdex.net
geo.adspsp.com
prod.adspsp.com
securepubads.g.doubleclick.net
sites.rootsweb.com
smetrics.ancestry.com
tags.tiqcdn.com
www.googletagmanager.com
104.18.14.210
104.75.88.194
13.37.25.97
18.66.23.213
2600:9000:211a:2600:1e:7118:9c80:93a1
2a00:1450:4001:830::2002
2a00:1450:400d:80a::2008
35.190.11.84
52.215.109.101
52.30.252.118
52.36.196.217
54.229.62.148
65.9.95.10
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
20ee7bd31e179734872e67c5060eab80071d9971eb22cd2e0e1f84df86de4ee8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2c186ee4927df460b9ae69ab3a1de48846d25b3fcdf10998e064657c711678a4
3ea85760fe8306f291118b3c6bd951a1acce3ae3e234e4e29532fb2c6c24be01
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
446fc13e2a46ca819512ae03e9537054eeb3f1cf99ea628dc79e5a6724ca159c
4dc4b7e55acd9cfebf785fda170afd378f8f3a3b4c04a9f7c964d5da409b82fc
527eeba069f49cf98ffebb808e10118331fba5d1c33e86cd1dc04c92cd313728
674d1ff7419bdf7f1dafd4a41db01a4feb1d802122213ecc456dd43f72791984
6e9a2faa245518a10391c2eaba8a2a2496efac39f21794a4d381f02ef8bcee03
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
8e2800503b8b2c1f4eea992835d742fa0a7d7c1db2f32b616693dd585c8a07f2
9ae38ac4447e6a803898f0161e016b041ddd8ad3a11b12b7b10f2bccc29cc7d0
a1a74eef6e94e2e8414e313d3dac9c34b11fccf52909e9eb833ce2cf70ced650
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
c6c3342285049f5853f348e007471b75ec2a5d3966dbe7fc3e908fc530bcac37
d9d8ad6670f4daa7713facdf93190d385a43a075eca8df80da38e8d0fbda7bd3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1187aaf2d088463fbbbaa64b5f8c3f981297c56c8ce9058084542ae4a3dc62c

sites.rootsweb.com Open in urlscan Pro 104.18.14.210 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

23 Requests

91 %HTTPS

23 %IPv6

11 Domains

14 Subdomains

12 IPs

5 Countries

479 kBTransfer

1441 kBSize

12 Cookies

10 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

12 Cookies

Security Headers

Indicators

sites.rootsweb.com Open in urlscan Pro
104.18.14.210 Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

91 %
HTTPS

23 %
IPv6

11
Domains

14
Subdomains

12
IPs

5
Countries

479 kB
Transfer

1441 kB
Size

12
Cookies

23 HTTP transactions
0 data transactions