urlscan.io logo urlscan.io
SecurityTrails logo

helpdesk.rootsweb.com Open in urlscan Pro
45.60.65.104  Public Scan

Go To Rescan Add Verdict Report
URL: https://helpdesk.rootsweb.com/
Submission: On September 28 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 100 IPs in 10 countries across 93 domains to perform 272 HTTP transactions. The main IP is 45.60.65.104, located in United States and belongs to INCAPSULA, US. The main domain is helpdesk.rootsweb.com.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2020 on July 11th 2021. Valid for: 6 months.
This is the only time helpdesk.rootsweb.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 45.60.65.104 19551 (INCAPSULA)
19 104.111.226.93 16625 (AKAMAI-AS)
1 143.204.98.113 16509 (AMAZON-02)
9 142.250.184.194 15169 (GOOGLE)
4 143.204.95.188 16509 (AMAZON-02)
4 143.204.101.190 16509 (AMAZON-02)
3 104.75.88.194 16625 (AKAMAI-AS)
1 143.204.98.31 16509 (AMAZON-02)
4 52.39.45.181 16509 (AMAZON-02)
1 35.190.11.84 15169 (GOOGLE)
1 3 54.247.138.82 16509 (AMAZON-02)
1 64.158.223.146 41041 (VCLK-EU-SE)
2 23.37.38.181 16625 (AKAMAI-AS)
2 10 185.33.221.89 29990 (ASN-APPNEX)
9 35.244.159.8 15169 (GOOGLE)
2 185.64.189.112 62713 (AS-PUBMATIC)
3 69.173.144.143 26667 (RUBICONPR...)
4 216.52.2.39 29791 (VOXEL-DOT...)
1 18.185.169.108 16509 (AMAZON-02)
2 18.156.195.47 16509 (AMAZON-02)
1 34.107.148.139 15169 (GOOGLE)
4 34.149.20.76 15169 (GOOGLE)
1 63.32.159.255 16509 (AMAZON-02)
1 15.236.176.210 16509 (AMAZON-02)
1 1 34.249.249.121 16509 (AMAZON-02)
1 15.188.95.229 16509 (AMAZON-02)
6 34.227.85.106 14618 (AMAZON-AES)
2 52.202.233.191 14618 (AMAZON-AES)
4 2.18.233.180 16625 (AKAMAI-AS)
2 151.101.65.194 54113 (FASTLY)
1 143.204.98.60 16509 (AMAZON-02)
2 142.250.186.98 15169 (GOOGLE)
1 142.250.184.225 15169 (GOOGLE)
2 143.204.98.56 16509 (AMAZON-02)
1 143.204.98.68 16509 (AMAZON-02)
2 178.250.0.157 44788 (ASN-CRITE...)
4 143.204.101.147 16509 (AMAZON-02)
1 1 3.92.246.31 14618 (AMAZON-AES)
1 2 3.215.242.19 14618 (AMAZON-AES)
1 142.250.185.234 15169 (GOOGLE)
1 172.67.214.69 13335 (CLOUDFLAR...)
2 142.250.184.238 15169 (GOOGLE)
1 142.250.186.35 15169 (GOOGLE)
2 193.122.130.38 31898 (ORACLE-BM...)
2 162.210.196.208 30633 (LEASEWEB-...)
1 178.162.133.150 60781 (LEASEWEB-...)
1 147.75.38.124 54825 (PACKET)
1 213.19.147.42 3356 (LEVEL3)
1 3.120.57.46 16509 (AMAZON-02)
7 52.208.210.171 16509 (AMAZON-02)
2 104.16.68.69 13335 (CLOUDFLAR...)
1 172.253.120.155 15169 (GOOGLE)
2 142.250.185.162 15169 (GOOGLE)
3 104.16.19.6 13335 (CLOUDFLAR...)
1 142.250.185.74 15169 (GOOGLE)
2 185.64.189.115 62713 (AS-PUBMATIC)
2 151.101.65.108 54113 (FASTLY)
5 8 37.157.4.23 198622 (ADFORM)
2 2 213.155.156.183 1299 (TWELVE99 ...)
1 9 185.64.189.110 62713 (AS-PUBMATIC)
1 178.250.0.163 44788 (ASN-CRITE...)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
16 185.64.190.80 62713 (AS-PUBMATIC)
9 15 142.250.185.194 15169 (GOOGLE)
7 7 185.29.132.245 30419 (MEDIAMATH...)
4 185.64.189.114 62713 (AS-PUBMATIC)
4 4 51.222.80.231 16276 (OVH)
2 4 52.48.137.92 16509 (AMAZON-02)
4 11 13.248.242.197 16509 (AMAZON-02)
1 104.111.215.191 16625 (AKAMAI-AS)
2 3 159.253.128.188 36351 (SOFTLAYER)
2 2 91.228.74.226 16509 (AMAZON-02)
2 2 18.156.0.31 16509 (AMAZON-02)
2 4 212.82.100.176 34010 (YAHOO-IRD)
3 5 18.184.35.118 16509 (AMAZON-02)
1 64.158.223.137 41041 (VCLK-EU-SE)
3 17 2.18.234.21 16625 (AKAMAI-AS)
2 7 13.248.245.213 16509 (AMAZON-02)
4 4 3.123.143.157 16509 (AMAZON-02)
8 8 52.30.222.33 16509 (AMAZON-02)
1 1 185.86.138.114 201081 (SMARTADSE...)
1 1 198.148.27.139 19189 (PULSEPOINT)
4 208.100.17.178 32748 (STEADFAST)
1 108.174.11.85 14413 (LINKEDIN)
1 204.79.197.200 8068 (MICROSOFT...)
2 4 52.46.130.91 16509 (AMAZON-02)
1 1 70.42.32.127 22075 (AS-OUTBRAIN)
2 2 46.228.164.11 56396 (AMOBEE)
1 1 52.205.151.180 14618 (AMAZON-AES)
1 1 185.183.112.148 60350 (VP)
4 23.37.42.132 16625 (AKAMAI-AS)
1 142.250.184.200 15169 (GOOGLE)
1 151.101.2.137 54113 (FASTLY)
2 162.247.243.146 13335 (CLOUDFLAR...)
2 3 151.101.194.49 54113 (FASTLY)
4 7 69.173.144.138 26667 (RUBICONPR...)
1 87.248.118.23 34010 (YAHOO-IRD)
1 35.244.174.68 15169 (GOOGLE)
1 142.250.186.66 15169 (GOOGLE)
1 51.89.21.5 16276 (OVH)
1 34.120.133.55 15169 (GOOGLE)
1 152.199.22.191 15133 (EDGECAST)
1 104.26.5.103 13335 (CLOUDFLAR...)
1 104.17.120.107 13335 (CLOUDFLAR...)
2 2 52.58.57.174 16509 (AMAZON-02)
2 3 37.252.172.250 29990 (ASN-APPNEX)
1 1 162.55.6.213 24940 (HETZNER-AS)
3 3 213.19.147.45 26120 (RHYTHMONE)
1 104.26.10.209 13335 (CLOUDFLAR...)
1 63.251.232.170 29791 (VOXEL-DOT...)
1 1 188.165.4.142 16276 (OVH)
1 2 104.18.13.5 13335 (CLOUDFLAR...)
1 169.197.150.8 398989 (DEEPINTENT)
1 2 151.101.129.44 54113 (FASTLY)
2 2 38.27.122.126 174 (COGENT-174)
1 1 18.210.5.212 14618 (AMAZON-AES)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.189.229 62713 (AS-PUBMATIC)
1 2 77.243.60.138 42697 (NETIC-AS)
1 104.22.24.87 13335 (CLOUDFLAR...)
1 2 3.213.248.174 14618 (AMAZON-AES)
2 2 66.155.71.150 13768 (COGECO-PEER1)
1 1 159.65.196.12 14061 (DIGITALOC...)
1 1 34.98.107.212 15169 (GOOGLE)
1 1 54.175.176.13 14618 (AMAZON-AES)
2 99.83.181.31 ()
272 100
3    45.60.65.104 (United States)

ASN19551 (INCAPSULA, US)
helpdesk.rootsweb.com
19    104.111.226.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-226-93.deploy.static.akamaitechnologies.com
www.ancestrycdn.com
1    143.204.98.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-113.fra50.r.cloudfront.net
prod.adspsp.com
9    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
securepubads.g.doubleclick.net
4    143.204.95.188 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-95-188.fra50.r.cloudfront.net
c.amazon-adsystem.com
4    143.204.101.190 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-190.fra50.r.cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
3    104.75.88.194 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-194.deploy.static.akamaitechnologies.com
tags.tiqcdn.com
1    143.204.98.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-31.fra50.r.cloudfront.net
geo.adspsp.com
4    52.39.45.181 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-39-45-181.us-west-2.compute.amazonaws.com
adspsp.com
1    35.190.11.84 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 84.11.190.35.bc.googleusercontent.com
api.lytics.io
3    54.247.138.82 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-247-138-82.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    64.158.223.146 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
PTR: 146.vip.crm-node2.ams5.cnvr.net
web.hb.ad.cpe.dotomi.com
2    23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
10    185.33.221.89 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
9    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
ancestry-d.openx.net
eu-u.openx.net
us-u.openx.net
2    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
3    69.173.144.143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
4    216.52.2.39 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
1    18.185.169.108 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-169-108.eu-central-1.compute.amazonaws.com
tlx.3lift.com
2    18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
1    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
4    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
1    63.32.159.255 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-159-255.eu-west-1.compute.amazonaws.com
ancestry-mcsp.demdex.net
1    15.236.176.210 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
ancestry.sc.omtrdc.net
1    34.249.249.121 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-249-121.eu-west-1.compute.amazonaws.com
cm.everesttech.net
1    15.188.95.229 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
smetrics.ancestry.com
6    34.227.85.106 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-227-85-106.compute-1.amazonaws.com
geoip.insticator.com
event.insticator.com
2    52.202.233.191 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-233-191.compute-1.amazonaws.com
b2c.insticator.com
4    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    151.101.65.194 (United States)

ASN54113 (FASTLY, US)
confiant-integrations.global.ssl.fastly.net
1    143.204.98.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-60.fra50.r.cloudfront.net
get.s-onetag.com
2    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
adservice.google.com
1    142.250.184.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f1.1e100.net
bab70c4430ebeed8319c5c4854b9709b.safeframe.googlesyndication.com
2    143.204.98.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-56.fra50.r.cloudfront.net
onetag-geo.s-onetag.com
1    143.204.98.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-68.fra50.r.cloudfront.net
signal-beacon.s-onetag.com
2    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
4    143.204.101.147 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-147.fra50.r.cloudfront.net
df80k0z3fi8zg.cloudfront.net
1    3.92.246.31 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-92-246-31.compute-1.amazonaws.com
px.britepool.com
2    3.215.242.19 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-242-19.compute-1.amazonaws.com
thrtle.com
1    142.250.185.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f10.1e100.net
fonts.googleapis.com
1    172.67.214.69 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
2    142.250.184.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f14.1e100.net
www.google-analytics.com
1    142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net
fonts.gstatic.com
2    193.122.130.38 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
insticator.technoratimedia.com
2    162.210.196.208 (Arlington, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
hb.aralego.com
1    178.162.133.150 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com
apex.go.sonobi.com
1    147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    213.19.147.42 (United Kingdom)

ASN3356 (LEVEL3, US)
tag.1rx.io
1    3.120.57.46 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-57-46.eu-central-1.compute.amazonaws.com
hb.emxdgt.com
7    52.208.210.171 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
2    104.16.68.69 (None, )

ASN13335 (CLOUDFLARENET, US)
dmx.districtm.io
cdn.districtm.io
1    172.253.120.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wd-in-f155.1e100.net
stats.g.doubleclick.net
2    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
www.googletagservices.com
3    104.16.19.6 (None, )

ASN13335 (CLOUDFLARENET, US)
go.newspapers.com
1    142.250.185.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f10.1e100.net
ajax.googleapis.com
2    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
8    37.157.4.23 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    213.155.156.183 (Uppsala, Sweden)

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-183.teliacarrier-cust.com
d5p.de17a.com
9    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
16    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
15    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
cm.g.doubleclick.net
7    185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
4    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
4    51.222.80.231 (Canada)

ASN16276 (OVH, FR)
PTR: pikafka-4.cloudy.ovh
pixel.onaudience.com
4    52.48.137.92 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-137-92.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
id.crwdcntrl.net
bcp.crwdcntrl.net
11    13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
1    104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com
tags.bluekai.com
3    159.253.128.188 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
2    91.228.74.226 (United Kingdom)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
2    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
4    212.82.100.176 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: pr-bh-ing.pbp.vip.ir2.yahoo.com
pr-bh.ybp.yahoo.com
5    18.184.35.118 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-35-118.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    64.158.223.137 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
PTR: ams02-usadmm.dotomi.com
pubmatic-match.dotomi.com
17    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
js-sec.indexww.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
7    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
4    3.123.143.157 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-143-157.eu-central-1.compute.amazonaws.com
pm.w55c.net
8    52.30.222.33 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-222-33.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    185.86.138.114 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
4    208.100.17.178 (United States)

ASN32748 (STEADFAST, US)
PTR: ip178.208-100-17.static.steadfastdns.net
ssc-cms.33across.com
1    108.174.11.85 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-11-85.fwd.linkedin.com
px.ads.linkedin.com
1    204.79.197.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net
c.bing.com
4    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    70.42.32.127 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
2    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    52.205.151.180 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-151-180.compute-1.amazonaws.com
nep.advangelists.com
1    185.183.112.148 (Paris, France)

ASN60350 (VP, FR)
sync.adotmob.com
4    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    142.250.184.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f8.1e100.net
ssl.google-analytics.com
1    151.101.2.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
2    162.247.243.146 (United States)

ASN13335 (CLOUDFLARENET, US)
bam-cell.nr-data.net
3    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
7    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
1    87.248.118.23 (Frankfurt am Main, Germany)

ASN34010 (YAHOO-IRD, GB)
PTR: e2.ycpi.vip.deb.yahoo.com
ads.yahoo.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
1    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
pagead2.googlesyndication.com
1    51.89.21.5 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p38.id5-sync.com
id5-sync.com
1    34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
1    152.199.22.191 (United States)

ASN15133 (EDGECAST, US)
ad-cdn.technoratimedia.com
1    104.26.5.103 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
1    104.17.120.107 (None, )

ASN13335 (CLOUDFLARENET, US)
biddr.brealtime.com
2    52.58.57.174 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-57-174.eu-central-1.compute.amazonaws.com
ad.360yield.com
3    37.252.172.250 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
1    162.55.6.213 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.213.6.55.162.clients.your-server.de
csync.loopme.me
3    213.19.147.45 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    104.26.10.209 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
1    63.251.232.170 (United States)

ASN29791 (VOXEL-DOT-NET, US)
PTR: ams-mon-1.sys.adgear.com
cm.adgrx.com
1    188.165.4.142 (France)

ASN16276 (OVH, FR)
PTR: ip142.ip-188-165-4.eu
green.erne.co
2    104.18.13.5 (None, )

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
2    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
match.taboola.com
2    38.27.122.126 (Chestertown, United States)

ASN174 (COGENT-174, US)
match.bnmla.com
1    18.210.5.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-5-212.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
1    185.64.189.229 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
2    77.243.60.138 (Aalborg, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
1    104.22.24.87 (None, )

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    3.213.248.174 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-248-174.compute-1.amazonaws.com
a.audrte.com
2    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    159.65.196.12 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    34.98.107.212 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 212.107.98.34.bc.googleusercontent.com
ads.playground.xyz
1    54.175.176.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-176-13.compute-1.amazonaws.com
sync.ipredictive.com
2    99.83.181.31 (None, )

ASN- ()
connect-metrics-collector.s-onetag.com
signal-metrics-collector-beta.s-onetag.com
Apex Domain
Subdomains		 Transfer
38 pubmatic.com
hbopenbid.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
simage4.pubmatic.com
aud.pubmatic.com
130 KB
25 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
169 KB
19 ancestrycdn.com
www.ancestrycdn.com
436 KB
15 adnxs.com
ib.adnxs.com
acdn.adnxs.com
secure.adnxs.com
59 KB
15 casalemedia.com
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
17 KB
14 rubiconproject.com
fastlane.rubiconproject.com
eus.rubiconproject.com
pixel.rubiconproject.com
token.rubiconproject.com
35 KB
11 adsrvr.org
match.adsrvr.org
4 KB
9 yahoo.com
c2shb.ssp.yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
ads.yahoo.com
5 KB
9 openx.net
ancestry-d.openx.net
eu-u.openx.net
us-u.openx.net
2 KB
8 bidr.io
match.prod.bidr.io
3 KB
8 adform.net
c1.adform.net
4 KB
8 insticator.com
geoip.insticator.com
b2c.insticator.com
event.insticator.com
7 KB
8 33across.com
ssc.33across.com
ssc-cms.33across.com
771 B
8 3lift.com
tlx.3lift.com
eb2.3lift.com
3 KB
8 cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
df80k0z3fi8zg.cloudfront.net
246 KB
8 amazon-adsystem.com
c.amazon-adsystem.com
s.amazon-adsystem.com
42 KB
7 mathtag.com
sync.mathtag.com
4 KB
7 gumgum.com
g2.gumgum.com
rtb.gumgum.com
4 KB
6 s-onetag.com
get.s-onetag.com
onetag-geo.s-onetag.com
signal-beacon.s-onetag.com
connect-metrics-collector.s-onetag.com
signal-metrics-collector-beta.s-onetag.com
18 KB
6 adspsp.com
prod.adspsp.com
geo.adspsp.com
adspsp.com
94 KB
5 bidswitch.net
x.bidswitch.net
1 KB
4 w55c.net
pm.w55c.net
3 KB
4 indexww.com
js-sec.indexww.com
4 KB
4 crwdcntrl.net
sync.crwdcntrl.net
id.crwdcntrl.net
bcp.crwdcntrl.net
2 KB
4 onaudience.com
pixel.onaudience.com
2 KB
4 everesttech.net
cm.everesttech.net
sync-tm.everesttech.net
1 KB
4 lijit.com
ap.lijit.com
1 KB
4 demdex.net
dpm.demdex.net
ancestry-mcsp.demdex.net
6 KB
3 simpli.fi
um.simpli.fi
1 KB
3 newspapers.com
go.newspapers.com Failed
19 KB
3 1rx.io
tag.1rx.io
sync.1rx.io
1 KB
3 technoratimedia.com
insticator.technoratimedia.com
ad-cdn.technoratimedia.com
6 KB
3 google-analytics.com
www.google-analytics.com
ssl.google-analytics.com
40 KB
3 criteo.com
gum.criteo.com
dis.criteo.com
963 B
3 tiqcdn.com
tags.tiqcdn.com
80 KB
3 rootsweb.com
helpdesk.rootsweb.com
34 KB
2 sitescout.com
pixel-sync.sitescout.com
947 B
2 audrte.com
a.audrte.com
2 KB
2 semasio.net
uipglob.semasio.net
1 KB
2 fiftyt.com
visitor.fiftyt.com
1 KB
2 bnmla.com
match.bnmla.com
1 KB
2 taboola.com
trc.taboola.com
match.taboola.com
558 B
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 360yield.com
ad.360yield.com
616 B
2 rlcdn.com
id.rlcdn.com
api.rlcdn.com
332 B
2 nr-data.net
bam-cell.nr-data.net
1 KB
2 turn.com
ad.turn.com
930 B
2 quantserve.com
pixel.quantserve.com
1 KB
2 de17a.com
d5p.de17a.com
634 B
2 googletagservices.com
www.googletagservices.com
65 KB
2 districtm.io
dmx.districtm.io
cdn.districtm.io
288 B
2 aralego.com
hb.aralego.com
sync.aralego.com Failed
660 B
2 googleapis.com
fonts.googleapis.com
ajax.googleapis.com
95 KB
2 thrtle.com
thrtle.com
771 B
2 googlesyndication.com
bab70c4430ebeed8319c5c4854b9709b.safeframe.googlesyndication.com
pagead2.googlesyndication.com
4 KB
2 google.com
adservice.google.com
www.google.com Failed
692 B
2 fastly.net
confiant-integrations.global.ssl.fastly.net
74 KB
2 dotomi.com
web.hb.ad.cpe.dotomi.com
pubmatic-match.dotomi.com
597 B
1 ipredictive.com
sync.ipredictive.com
522 B
1 playground.xyz
ads.playground.xyz
485 B
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 zeotap.com
mwzeom.zeotap.com
455 B
1 stackadapt.com
sync.srv.stackadapt.com
645 B
1 deepintent.com
match.deepintent.com
44 B
1 erne.co
green.erne.co
325 B
1 adgrx.com
cm.adgrx.com
408 B
1 ad4m.at
ad4m.at
974 B
1 unrulymedia.com
sync.targeting.unrulymedia.com
535 B
1 loopme.me
csync.loopme.me
217 B
1 brealtime.com
biddr.brealtime.com
1 KB
1 aralego.net
cdn.aralego.net
1 KB
1 id5-sync.com
id5-sync.com
539 B
1 newrelic.com
js-agent.newrelic.com
12 KB
1 adotmob.com
sync.adotmob.com
689 B
1 advangelists.com
nep.advangelists.com
232 B
1 zemanta.com
b1sync.zemanta.com
301 B
1 bing.com
c.bing.com
478 B
1 linkedin.com
px.ads.linkedin.com
679 B
1 contextweb.com
bh.contextweb.com
518 B
1 smartadserver.com
rtb-csync.smartadserver.com
762 B
1 bluekai.com
tags.bluekai.com
304 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 emxdgt.com
hb.emxdgt.com
163 B
1 a-mo.net
prebid.a-mo.net
174 B
1 sonobi.com
apex.go.sonobi.com
761 B
1 gstatic.com
fonts.gstatic.com
47 KB
1 fontawesome.com
use.fontawesome.com
12 KB
1 britepool.com
px.britepool.com
api.britepool.com Failed
650 B
1 ancestry.com
smetrics.ancestry.com
421 B
1 omtrdc.net
ancestry.sc.omtrdc.net
321 B
1 media.net
prebid.media.net
256 B
1 lytics.io
api.lytics.io
373 B
0 admixer.net Failed
inv-nets.admixer.net Failed
272 93
Domain Requested by
19 www.ancestrycdn.com helpdesk.rootsweb.com
www.ancestrycdn.com
16 simage2.pubmatic.com ads.pubmatic.com
15 cm.g.doubleclick.net 9 redirects eu-u.openx.net
eb2.3lift.com
helpdesk.rootsweb.com
df80k0z3fi8zg.cloudfront.net
11 match.adsrvr.org 4 redirects eu-u.openx.net
eb2.3lift.com
ssum-sec.casalemedia.com
helpdesk.rootsweb.com
ads.pubmatic.com
df80k0z3fi8zg.cloudfront.net
10 ib.adnxs.com 2 redirects prod.adspsp.com
df80k0z3fi8zg.cloudfront.net
acdn.adnxs.com
9 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
9 image2.pubmatic.com 1 redirects ads.pubmatic.com
9 securepubads.g.doubleclick.net helpdesk.rootsweb.com
securepubads.g.doubleclick.net
www.googletagservices.com
8 match.prod.bidr.io 8 redirects
8 c1.adform.net 5 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
7 eb2.3lift.com 2 redirects prod.adspsp.com
eb2.3lift.com
7 sync.mathtag.com 7 redirects
5 rtb.gumgum.com df80k0z3fi8zg.cloudfront.net
helpdesk.rootsweb.com
ads.pubmatic.com
5 eu-u.openx.net prod.adspsp.com
eu-u.openx.net
5 x.bidswitch.net 3 redirects eb2.3lift.com
helpdesk.rootsweb.com
4 token.rubiconproject.com 4 redirects
4 eus.rubiconproject.com prod.adspsp.com
eus.rubiconproject.com
df80k0z3fi8zg.cloudfront.net
4 s.amazon-adsystem.com 2 redirects eb2.3lift.com
ssum-sec.casalemedia.com
4 ssc-cms.33across.com prod.adspsp.com
df80k0z3fi8zg.cloudfront.net
4 pm.w55c.net 4 redirects
4 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
4 js-sec.indexww.com prod.adspsp.com
ssum-sec.casalemedia.com
df80k0z3fi8zg.cloudfront.net
4 pr-bh.ybp.yahoo.com 2 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
4 pixel.onaudience.com 4 redirects
4 event.insticator.com d3lcz8vpax4lo2.cloudfront.net
4 df80k0z3fi8zg.cloudfront.net d3lcz8vpax4lo2.cloudfront.net
helpdesk.rootsweb.com
4 ads.pubmatic.com d3lcz8vpax4lo2.cloudfront.net
prod.adspsp.com
ads.pubmatic.com
df80k0z3fi8zg.cloudfront.net
4 ssc.33across.com prod.adspsp.com
df80k0z3fi8zg.cloudfront.net
4 ap.lijit.com prod.adspsp.com
df80k0z3fi8zg.cloudfront.net
4 adspsp.com helpdesk.rootsweb.com
4 d3lcz8vpax4lo2.cloudfront.net helpdesk.rootsweb.com
d3lcz8vpax4lo2.cloudfront.net
4 c.amazon-adsystem.com helpdesk.rootsweb.com
c.amazon-adsystem.com
3 secure.adnxs.com 2 redirects ssum-sec.casalemedia.com
3 pixel.rubiconproject.com helpdesk.rootsweb.com
3 sync-tm.everesttech.net 2 redirects ssum-sec.casalemedia.com
3 us-u.openx.net eu-u.openx.net
3 um.simpli.fi 2 redirects ads.pubmatic.com
3 go.newspapers.com securepubads.g.doubleclick.net
go.newspapers.com
3 fastlane.rubiconproject.com prod.adspsp.com
df80k0z3fi8zg.cloudfront.net
3 dpm.demdex.net 1 redirects helpdesk.rootsweb.com
3 tags.tiqcdn.com helpdesk.rootsweb.com
tags.tiqcdn.com
3 helpdesk.rootsweb.com helpdesk.rootsweb.com
2 pixel-sync.sitescout.com 2 redirects
2 a.audrte.com 1 redirects ads.pubmatic.com
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 visitor.fiftyt.com 2 redirects
2 match.bnmla.com 2 redirects
2 sync.1rx.io 2 redirects
2 ad.360yield.com 2 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 bam-cell.nr-data.net js-agent.newrelic.com
go.newspapers.com
2 ad.turn.com 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 pixel.quantserve.com 2 redirects
2 sync.crwdcntrl.net 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 acdn.adnxs.com prod.adspsp.com
df80k0z3fi8zg.cloudfront.net
2 image6.pubmatic.com ads.pubmatic.com
2 www.googletagservices.com securepubads.g.doubleclick.net
2 g2.gumgum.com df80k0z3fi8zg.cloudfront.net
2 hb.aralego.com df80k0z3fi8zg.cloudfront.net
2 insticator.technoratimedia.com df80k0z3fi8zg.cloudfront.net
2 www.google-analytics.com helpdesk.rootsweb.com
www.google-analytics.com
2 thrtle.com 1 redirects helpdesk.rootsweb.com
2 gum.criteo.com ads.pubmatic.com
2 onetag-geo.s-onetag.com get.s-onetag.com
signal-beacon.s-onetag.com
2 adservice.google.com securepubads.g.doubleclick.net
2 confiant-integrations.global.ssl.fastly.net d3lcz8vpax4lo2.cloudfront.net
confiant-integrations.global.ssl.fastly.net
2 b2c.insticator.com d3lcz8vpax4lo2.cloudfront.net
2 geoip.insticator.com d3lcz8vpax4lo2.cloudfront.net
2 c2shb.ssp.yahoo.com prod.adspsp.com
2 hbopenbid.pubmatic.com prod.adspsp.com
df80k0z3fi8zg.cloudfront.net
2 htlb.casalemedia.com prod.adspsp.com
df80k0z3fi8zg.cloudfront.net
1 signal-metrics-collector-beta.s-onetag.com signal-beacon.s-onetag.com
1 connect-metrics-collector.s-onetag.com get.s-onetag.com
1 bcp.crwdcntrl.net ssum-sec.casalemedia.com
1 sync.ipredictive.com 1 redirects
1 ads.playground.xyz 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 mwzeom.zeotap.com ads.pubmatic.com
1 aud.pubmatic.com ads.pubmatic.com
1 sync.srv.stackadapt.com 1 redirects
1 match.taboola.com ads.pubmatic.com
1 trc.taboola.com 1 redirects
1 match.deepintent.com ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 green.erne.co 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 ad4m.at ads.pubmatic.com
1 sync.targeting.unrulymedia.com 1 redirects
1 csync.loopme.me 1 redirects
1 cdn.districtm.io df80k0z3fi8zg.cloudfront.net
1 biddr.brealtime.com df80k0z3fi8zg.cloudfront.net
1 cdn.aralego.net df80k0z3fi8zg.cloudfront.net
1 ad-cdn.technoratimedia.com df80k0z3fi8zg.cloudfront.net
1 id.crwdcntrl.net ads.pubmatic.com
1 api.rlcdn.com ads.pubmatic.com
1 id5-sync.com ads.pubmatic.com
1 pagead2.googlesyndication.com www.googletagservices.com
1 id.rlcdn.com helpdesk.rootsweb.com
1 ads.yahoo.com helpdesk.rootsweb.com
1 js-agent.newrelic.com go.newspapers.com
1 ssl.google-analytics.com go.newspapers.com
1 sync.adotmob.com 1 redirects
1 nep.advangelists.com 1 redirects
1 b1sync.zemanta.com 1 redirects
1 c.bing.com eb2.3lift.com
1 px.ads.linkedin.com eb2.3lift.com
1 bh.contextweb.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 tags.bluekai.com ads.pubmatic.com
1 dsp.adfarm1.adition.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 ajax.googleapis.com go.newspapers.com
1 stats.g.doubleclick.net www.google-analytics.com
1 dmx.districtm.io df80k0z3fi8zg.cloudfront.net
1 hb.emxdgt.com df80k0z3fi8zg.cloudfront.net
1 tag.1rx.io df80k0z3fi8zg.cloudfront.net
1 prebid.a-mo.net df80k0z3fi8zg.cloudfront.net
1 apex.go.sonobi.com df80k0z3fi8zg.cloudfront.net
1 fonts.gstatic.com fonts.googleapis.com
1 use.fontawesome.com client
1 fonts.googleapis.com client
1 px.britepool.com 1 redirects
1 signal-beacon.s-onetag.com get.s-onetag.com
1 bab70c4430ebeed8319c5c4854b9709b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 get.s-onetag.com d3lcz8vpax4lo2.cloudfront.net
1 smetrics.ancestry.com helpdesk.rootsweb.com
1 cm.everesttech.net 1 redirects
1 ancestry.sc.omtrdc.net tags.tiqcdn.com
1 ancestry-mcsp.demdex.net tags.tiqcdn.com
1 prebid.media.net prod.adspsp.com
1 tlx.3lift.com prod.adspsp.com
1 ancestry-d.openx.net prod.adspsp.com
1 web.hb.ad.cpe.dotomi.com prod.adspsp.com
1 api.lytics.io tags.tiqcdn.com
1 geo.adspsp.com prod.adspsp.com
1 prod.adspsp.com helpdesk.rootsweb.com
0 sync.aralego.com Failed cdn.aralego.net
0 api.britepool.com Failed ads.pubmatic.com
0 inv-nets.admixer.net Failed eu-u.openx.net
0 www.google.com Failed helpdesk.rootsweb.com
272 145

This site contains no links.

Subject Issuer Validity Valid
imperva.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-07-11 -
2022-01-10		 6 months crt.sh
www.ancestry.com
GeoTrust RSA CA 2018		 2021-04-07 -
2022-04-12		 a year crt.sh
prod.adspsp.com
Amazon		 2021-02-16 -
2022-03-17		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.tiqcdn.com
DigiCert SHA2 Secure Server CA		 2021-04-19 -
2022-04-27		 a year crt.sh
geo.adspsp.com
Amazon		 2021-02-19 -
2022-03-20		 a year crt.sh
adspsp.com
Amazon		 2021-02-15 -
2022-03-16		 a year crt.sh
*.lytics.io
DigiCert ECC Secure Server CA		 2020-09-22 -
2021-10-24		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-02 -
2022-01-02		 a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-07-13 -
2022-06-25		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-30 -
2022-02-23		 6 months crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2021-04-12 -
2022-05-05		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-01 -
2021-09-30		 a year crt.sh
*.sc.omtrdc.net
DigiCert SHA2 High Assurance Server CA		 2020-10-29 -
2021-11-29		 a year crt.sh
smetrics.ancestry.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-20 -
2022-08-20		 a year crt.sh
*.insticator.com
Sectigo RSA Organization Validation Secure Server CA		 2021-08-11 -
2022-08-25		 a year crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-27 -
2022-05-29		 a year crt.sh
*.s-onetag.com
Amazon		 2021-02-03 -
2022-03-04		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
*.thrtle.com
Go Daddy Secure Certificate Authority - G2		 2021-03-22 -
2022-04-23		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-07 -
2022-07-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-23 -
2021-11-21		 2 years crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
*.a-mo.net
R3		 2021-07-16 -
2021-10-14		 3 months crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2021-06-01 -
2022-07-02		 a year crt.sh
*.emxdgt.com
Amazon		 2021-07-02 -
2022-07-31		 a year crt.sh
*.gumgum.com
Amazon		 2021-06-05 -
2022-07-04		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-17 -
2022-10-05		 a year crt.sh
districtm.io
Cloudflare Inc ECC CA-3		 2021-06-02 -
2022-06-01		 a year crt.sh
*.newspapers.com
DigiCert SHA2 High Assurance Server CA		 2019-10-08 -
2022-01-10		 2 years crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-04-25 -
2022-04-26		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.pbp.bf2.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-18 -
2021-11-17		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2021-09-16 -
2022-03-16		 6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2021-07-06 -
2022-01-06		 6 months crt.sh
s.amazon-adsystem.com
Amazon		 2021-07-14 -
2022-06-27		 a year crt.sh
*.newrelic.com
R3		 2021-09-17 -
2021-12-16		 3 months crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA		 2020-02-05 -
2022-02-08		 2 years crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-09-27 -
2021-11-17		 2 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.id5-sync.com
R3		 2021-07-13 -
2021-10-11		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2020-01-22 -
2022-03-22		 2 years crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-09 -
2022-04-10		 a year crt.sh
*.audrte.com
Amazon		 2021-01-26 -
2022-02-24		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh

This page contains 53 frames:

Primary Page: https://helpdesk.rootsweb.com/
Frame ID: DD5F0A1E3B98E7BA2DECF6980A314A17
Requests: 113 HTTP requests in this frame

Frame: https://ancestry-mcsp.demdex.net/dest5.html?d_nsid=0
Frame ID: 3E50D9053490FAB2F190DCA6C22D8086
Requests: 1 HTTP requests in this frame

Frame: https://b2c.insticator.com/v3/pages/usertracking
Frame ID: 912DFBE0E3C08A969361CC18E50D1547
Requests: 1 HTTP requests in this frame

Frame: https://bab70c4430ebeed8319c5c4854b9709b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D0CF3129BF699D82D1F1ABC32401DD66
Requests: 1 HTTP requests in this frame

Frame: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/3fa7736e-7c0c-4cd6-8ed8-c899dd5d0a47.js
Frame ID: 6F53144E1AAA1E3EA7CD2E2328268CD1
Requests: 14 HTTP requests in this frame

Frame: https://b2c.insticator.com/v3/pages/usertracking
Frame ID: EA24E91B8E62D730FFDD49167DDB1FDD
Requests: 1 HTTP requests in this frame

Frame: https://go.newspapers.com/ads/LDR-search.php?&design=grayldr&nameField=1&label=FIND%20YOUR%20ANCESTORS%20IN%20OBITUARIES%20AND%20BIRTH%20NOTICES&xid=1090&clickTag=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjstAiiwjGPIMqcJx6Q-kvTBSJSu0RqjvSy60NAU2GOgL18FW1SVCuZzHeiLfRZe9iZDIE0sR4QIh2s7L5-1iki2INdkZjLammIRlYL6WqF6VtZJZDpV7keeJTWpoz-3vLS_ihYt-S5cdRqNBjhI3WNSpDBQUx31gdxxTuBdM-TOrUb8xqBNlhqiWP2Zge3pftpNHNSc4OJendNjgf_0s4FvT9IO0Jm9ZNjktUeik7FHLKWeg5ASEIJiokcSbZhaYPUjGJAa_FuKifs7IQ39yzk04lCBzuayq3-7_q2R5wgDQxg-eNXbShK_bWReKtAnV4hXfGwek2ltNuowSdIo%2526sai%253DAMfl-YSY2dBiQWAHS5V3k5qONEAE9jO4ahLZdlBGeadfIgqc7hT3C4F0VJVCCqIQYn8YXqRQdlrMGrIU0dI_O-UhbcJZL8eRW9S0Wgq8yWpoHcrOiOP1SZxxrmA_uKmAxQk%2526sig%253DCg0ArKJSzJTfHmnNjEmmEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&t=1&utm_source=rootsweb&utm_medium=referral&utm_campaign=RW-Display
Frame ID: 7ECE23C27B4A75FBB00F7FEB37A95A79
Requests: 1 HTTP requests in this frame

Frame: https://go.newspapers.com/ads/LDR-search.php?admin=1&design=whtldr&xid=109&nameField=1&label=Find%20your%20ancestors%20in%20obituaries%20and%20birth%20notices&clickTag=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsvrBlpIEkB-tgu8Pv2fvWR8XVgFXm_wPudKjzgEQM0cpxVzzt8_CYyB-VfW29mYJEgQOja5u_5mfo6dEowsOsyezQ4Ken3s-H3IThUPffuMd-soYtqr_L8icmImG5DxuNGXYcvTrcu_WicAG3zhSpgYjpcZS92lzmXLrtwkRZrFcqNzA0MrU_jY_--FRgWsAAvANFz352kMCGcbIQKe_sQqGTpMwG2SC8TCv0iMGz8znIiX4Eke_p9A-QnEpNcNHOuSJYUJuw-IFs8qTMEQWLTNiqozELXMc9MR5IuwbQeL_9BzcKpHiZ8p_hjaAmt0sGqdr3uMMjIJ%2526sai%253DAMfl-YTux3S_ZKatkW0KYgakF0Iltqnt80Y2nqJPzkhD_ecrIxJwRI9iuKD-pIdljY9yd7yXGMQ_wZ_Wsh8g1dDyjTODw6ORMF3aKplCIj2q2kxOeCcy6SXLsRcTPkfXIns%2526sig%253DCg0ArKJSzItH4uhhmgALEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&t=1&utm_source=rootsweb&utm_medium=referral&utm_campaign=RW-Display
Frame ID: F619437DAB6EE24CC339286CC8C1D15F
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158092
Frame ID: E3DC18F7BDCCA89D9187277A35E91C17
Requests: 18 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: FF63F3D16AD9FBA6AD3D8098720991C1
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C9C0BDDC-098B-4F45-961C-165698E0E080
Frame ID: 2F952E4DEB1A10263934972DB3AFC82B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=480603322255117247
Frame ID: 1A632CF2227F4B23980FDA1E24B51A62
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 0272B44D1C659881AFF689FAD027C1D4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7012810768275404943
Frame ID: AE767DA1984DB315834BE12CF820E701
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: F29F764DBD522450499D795473C34323
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=654fdc04-8cd2-4182-b6a0-cadf9a3143db&gdpr=0&us_privacy=1---
Frame ID: EFF4148F9F03921D55F9ECC46194DFA6
Requests: 11 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://helpdesk.rootsweb.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: E7BFF6E1179B2A505A3791D28804CD4F
Requests: 10 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 5ED174B5056C92E412BB6FCBE9AC1849
Requests: 11 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=doDfPobQir7lnyaKjGFx_2&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 65A935C1FF52676448A5354F70357603
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: F1D60F5097696091619E2EEB2AB1EEC1
Requests: 10 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=7840138
Frame ID: A1027E1C8B6D83A6B41190E8C766A5E0
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dtylsEbQir7lnyaKjGFx_2&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 542B214E1C8EB28835BE535766D4D795
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Frame ID: 378D70229A49C5B9F7F447C458868254
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Frame ID: E07043FD170651ABEB54E124AADBA781
Requests: 1 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_4.32.0
Frame ID: 1BD6E3F7EC159D5A46008D4FA9510146
Requests: 1 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/sync.html
Frame ID: 10F4BB70B4713A51458A8E426561A477
Requests: 2 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=
Frame ID: B4AF98C798459A42B6F2C9DAA1350CC9
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=2f966152-823c-4e00-aa52-204b90690e66&gdpr=1&gdpr_consent=
Frame ID: A0C512E11AA3F2CF3591F224D8232475
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=aBJ8kwhX8r6yknaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 8FA08B61EADE3348C6E995C6D42E1C2C
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 8E0EC6E6DA4089658BC80F0E65F18418
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=2f966152-823c-4e00-aa52-204b90690e66&gdpr=1&gdpr_consent=
Frame ID: C5A73782587430AA868FD81FE7AF67D2
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 36250CCF452CD6465A85F394BABE498A
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A750AC66CE4710FF1855B97825CFA22F
Requests: 3 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=
Frame ID: 0E12A6DA674B6591379DD1673488C093
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: C164748CE7BDDF8C6E621FDEA4198F7B
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13406715
Frame ID: D3ED3599D065BF72CAAAE1AF00229B47
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 13C84A899540120B3B4642DD30FED03F
Requests: 14 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bn7iCOy8Sr6OrMaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 481A3A213BED72FD5AB8D689695DF697
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 1C1202C752DE698A0B70E95FB16BDA5C
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://helpdesk.rootsweb.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: FBA470F3E8CE8E6058CD654901E07D67
Requests: 10 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGorE7CpQQAADl5IWYCfQ
Frame ID: 291BC869817E7AF145DCFBE78747AEC1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: 2CBDF5B5A9990E9EC6A0B63E7AF2EE93
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ea470619-e7ea-4b12-860b-421deadd4302-003
Frame ID: BA9BE524E74A546881D694699624EF0A
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 9DA72AA2969DFA447EE731C13485AB1E
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 462E84209E7CD40270031870C4BC00FE
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=J8AL56IN286xb5Fp1ubIXjin
Frame ID: C889B72FB3993C3F28DA3C5A498CDC9F
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 680A482A76C40393D4EC9ECBDD8A882B
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 42F2E2CCD0DE1C4E25CBF59DDEB204AF
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=bdc7d523-07b7-4dbe-95cd-ad419258dd83-tuct84c07c0&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: FE01BEA70FB40E0E0FCFE4F81D4F70AE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=a43bb9d0-a5fb-4979-a724-8c905f2ae641
Frame ID: 302B36D9BF5F725A08302887016BE746
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:ard86Ruz1Mv39r5&gdpr=0&gdpr_consent=
Frame ID: B0BBE45826A116A11C7F872AF0629685
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:9EBD5614879B409988849EB083005913
Frame ID: 474ECB58E0D6EECD4840658AD00F820A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=q0XEd0ZsSM9X9DmRNkPcgNiDcpY
Frame ID: 03121A95A80EB62043D0E63F3DDBCFCA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • <(?:iframe|img)[^>]+adnxs\.(?:net|com)
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • /_Incapsula_Resource
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • ^(?:https?:)?//tags\.tiqcdn\.com/
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

272
Requests

97 %
HTTPS

0 %
IPv6

93
Domains

145
Subdomains

100
IPs

10
Countries

1775 kB
Transfer

4518 kB
Size

166
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33
  • https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=ED3301AC512D2A290A490D4C%40AdobeOrg&d_nsid=0&ts=1632797243585 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=ED3301AC512D2A290A490D4C%40AdobeOrg&d_nsid=0&ts=1632797243585
Request Chain 55
  • https://cm.everesttech.net/cm/dd?d_uuid=49762848788077139620148632807472656670 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YVKCOwAAAFN6UgQE
Request Chain 73
  • https://px.britepool.com/new?partner_id=t HTTP 302
  • https://thrtle.com/insync?vxii_pid=10054&vxii_pdid=b090411d-b1c9-47b9-a490-4cf37db2de3e HTTP 302
  • https://thrtle.com/insync?vxii_pdid=b090411d-b1c9-47b9-a490-4cf37db2de3e&vxii_pid=12&vxii_pid1=10054&vxii_rcid=ae58250c-b5b4-4611-b83a-ba28edab3a32
Request Chain 130
  • https://c1.adform.net/serving/cookie/match?party=14&cid=C9C0BDDC-098B-4F45-961C-165698E0E080 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C9C0BDDC-098B-4F45-961C-165698E0E080
Request Chain 131
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=480603322255117247
Request Chain 133
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7012810768275404943
Request Chain 134
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ycC93AmLT0WWHBZWmODggA%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 135
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=67796152-823d-4f00-99e3-e6124489ed55
Request Chain 136
  • https://pixel.onaudience.com/?partner=214&mapped=C9C0BDDC-098B-4F45-961C-165698E0E080 HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=eb121bedbb6b5b675efdd302be205b58 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=693c01a9-7168-4f7f-9cbd-deb94c159806&icm HTTP 302
  • https://pixel.onaudience.com/?partner=109&icm&cver&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
  • https://tags.bluekai.com/site/33141?&id=a284ae2e11f07fa4
Request Chain 137
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzlDMEJEREMtMDk4Qi00RjQ1LTk2MUMtMTY1Njk4RTBFMDgw&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 138
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHakVvqMBvYxSD0LqxmlrC0&google_cver=1
Request Chain 140
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=693c01a9-7168-4f7f-9cbd-deb94c159806
Request Chain 141
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6486172977607540710
Request Chain 142
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:2f966152-823c-4e00-aa52-204b90690e66&gdpr=0&gdpr_consent=
Request Chain 143
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7586480693263238495&gdpr=0&gdpr_consent=
Request Chain 144
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=MLWlxD62o5Irt6aSZ7O9zmO99sArsabBP-Kn18_Q
Request Chain 145
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C9C0BDDC-098B-4F45-961C-165698E0E080&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C9C0BDDC-098B-4F45-961C-165698E0E080&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-66GozS1E2uVct_xNXNDPeeRtTEVggv4-~A&gdpr=0&gdpr_consent=
Request Chain 147
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=7729573324024166295&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=2a886cd7-5f09-4e83-97d0-d6aabe6eacc4&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 152
  • https://ssum-sec.casalemedia.com/usermatch?d=https://helpdesk.rootsweb.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https://helpdesk.rootsweb.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 153
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 154
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=ard86Ruz1Mv39r5
Request Chain 155
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dopenx%26bsw_param%3D2a886cd7-5f09-4e83-97d0-d6aabe6eacc4%26gdpr%3D%26consent%3D%26gdpr_pd%3D%26expires%3D7
Request Chain 156
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=7586480693263238495
Request Chain 157
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHb3JFN0NwUVFBQURsNUlXWUNmUQ&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGorE7CpQQAADl5IWYCfQ&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpp%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGorE7CpQQAADl5IWYCfQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cox&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=6236395451507681141 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAGorE7CpQQAADl5IWYCfQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D6236395451507681141%26bee_sync_partners%3Dox%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?userid=6236395451507681141&bee_sync_partners=ox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AAGorE7CpQQAADl5IWYCfQ&pid=558502&do=add HTTP 303
  • https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAGorE7CpQQAADl5IWYCfQ
Request Chain 158
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=2f966152-823c-4e00-aa52-204b90690e66
Request Chain 159
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=qXEliadyI9-ycyberXA92v4hI9-yc3SCqHed9Ff3
Request Chain 160
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7729573324024166295
Request Chain 163
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJ8ZpNZE1C_epwsJpaCmREQ&google_cver=1
Request Chain 166
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEEGdqMwqbdAzeEaglH_tZRw&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Request Chain 167
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODI5ODk0Nzc4MjIzNjYxMzE4MA%3D%3D
Request Chain 169
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/8298947782236613180?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-CYVOiX5E2oQu96GzeEIbOW2Ctnlf3O5QvlYnCyQxMw--~A&dongle=0883
Request Chain 172
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=8298947782236613180 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=8298947782236613180&dcc=t
Request Chain 173
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 174
  • https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4771&xuid=4034688661224747865&dongle=d407
Request Chain 175
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YVKCPRmNryCEtQaq_wY6lAAABHcAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEOT-2dhNr7GFf9TrJylk6fE&google_cver=1
Request Chain 176
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YVKCPRmNryCEtQaq_wY6lAAABHcAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YVKCPRmNryCEtQaq_wY6lAAABHcAAAIB&dcc=t
Request Chain 177
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YVKCPRmNryCEtQaq-wY6lAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENYAlk48-0GqMm_1s93RWT0&google_cver=1&gdpr=1
Request Chain 180
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=2f966152-823c-4e00-aa52-204b90690e66&gdpr=1&gdpr_consent=
Request Chain 181
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-ce29a263-1b85-46ea-addc-ea6d01143887
Request Chain 182
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06c32204071a0b4f1a41754c&expiration=[EXPIRATION]&gdpr=1
Request Chain 191
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YVKCOwAAAFN6UgQE
Request Chain 193
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTk4MWU1MDI5NGRiOTkwMzZmMzg2MWQ4Nzc2OWI3YmY3YWU2MzNmMA
Request Chain 194
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=2f966152-823c-4e00-aa52-204b90690e66&expires=28
Request Chain 195
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KU3HBKJD-10-5X8B&sigv=1&esig=2~e31541cb9fdf658af1107adf60cbcceab4c6d1df
Request Chain 196
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/6zlnP_eZilSp4QIQk98BpMn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=393779734118516014
Request Chain 197
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1UzSEJLSkQtMTAtNVg4Qg==
Request Chain 213
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://rtb.gumgum.com/usersync?b=mmh&i=2f966152-823c-4e00-aa52-204b90690e66&gdpr=1&gdpr_consent=
Request Chain 216
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://rtb.gumgum.com/usersync?b=mmh&i=2f966152-823c-4e00-aa52-204b90690e66&gdpr=1&gdpr_consent=
Request Chain 226
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=idi&i=1f6100f2-f3e6-4096-a98f-50fdd4d102d2
Request Chain 227
  • https://id5-sync.com/s/441/9.gif?puid=&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/441/9/1.gif?puid=0&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOOzL2w94mgQFZpIn4horxEiVkXQXBi_QGAQpSCw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOOzL2w94mgQFZpIn4horxEiVkXQXBi_QGAQpSCw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/441/916/8/2.gif?puid=1f6100f2-f3e6-4096-a98f-50fdd4d102d2&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOOzL2w94mgQFZpIn4horxEiVkXQXBi_QGAQpSCw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F7%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/441/124/7/3.gif?puid=1f6100f2-f3e6-4096-a98f-50fdd4d102d2&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 301
  • https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/441/146/6/4.gif?puid=fd9ea1cd-cf0e-4367-953c-2785407064bd&gdpr=1&gdpr_consent= HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEPJSLohWmTRSx0_DqbXToDo&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEPJSLohWmTRSx0_DqbXToDo&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=7586480693263238495&opid=apx&ops=&utidl=tech:goo:CAESEPJSLohWmTRSx0_DqbXToDo&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
  • https://id5-sync.com/qp/18.gif?puid=vec%3A21086535777&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/19/4/6.gif?puid=eb121bedbb6b5b675efdd302be205b58&gdpr=1&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=463291&dpuuid=ID5-ZHMOOzL2w94mgQFZpIn4horxEiVkXQXBi_QGAQpSCw&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F160%2F3%2F7.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Request Chain 228
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://rtb.gumgum.com/usersync?b=apn&i=7586480693263238495
Request Chain 233
  • https://sync.aralego.com/idsync HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/274650e2-2ab7-43a2-83e9-d838336d094e?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-ZhPljxtE2oWGC_wVSeSgdNF3k.8zfa9f7UNwNFQ-~A&redirect= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=693c01a9-7168-4f7f-9cbd-deb94c159806 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/274650e2-2ab7-43a2-83e9-d838336d094e?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-ZhPljxtE2oWGC_wVSeSgdNF3k.8zfa9f7UNwNFQ-~A&redirect= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=693c01a9-7168-4f7f-9cbd-deb94c159806 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/274650e2-2ab7-43a2-83e9-d838336d094e?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-ZhPljxtE2oWGC_wVSeSgdNF3k.8zfa9f7UNwNFQ-~A&redirect= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=693c01a9-7168-4f7f-9cbd-deb94c159806 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/274650e2-2ab7-43a2-83e9-d838336d094e?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-ZhPljxtE2oWGC_wVSeSgdNF3k.8zfa9f7UNwNFQ-~A&redirect= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=693c01a9-7168-4f7f-9cbd-deb94c159806 HTTP 302
  • https://x.bidswitch.net/sync?ssp=ucfunnel&user_id=274650e2-2ab7-43a2-83e9-d838336d094e&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=ucfunnel&bsw_param=2a886cd7-5f09-4e83-97d0-d6aabe6eacc4&google_hm=MmE4ODZjZDctNWYwOS00ZTgzLTk3ZDAtZDZhYWJlNmVhY2M0 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEKyPBJxA2jWCyHO1xSNPHj0&google_cver=1&ssp=ucfunnel&bsw_param=2a886cd7-5f09-4e83-97d0-d6aabe6eacc4 HTTP 302
  • https://sync.aralego.com/idSync?redirect=&ucf_nid=dsp-6AABDA2D3AA6EAD1E94E9442DE6444A&ucf_user_id=2a886cd7-5f09-4e83-97d0-d6aabe6eacc4
Request Chain 234
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGorE7CpQQAADl5IWYCfQ
Request Chain 235
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Request Chain 236
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1761262881 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/693c01a9-7168-4f7f-9cbd-deb94c159806 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ea470619-e7ea-4b12-860b-421deadd4302-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-ea470619-e7ea-4b12-860b-421deadd4302-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ea470619-e7ea-4b12-860b-421deadd4302-003
Request Chain 239
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=J8AL56IN286xb5Fp1ubIXjin
Request Chain 240
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 242
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=bdc7d523-07b7-4dbe-95cd-ad419258dd83-tuct84c07c0&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 243
  • https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D HTTP 302
  • https://um.simpli.fi/match_redirect?sifi_redir=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID HTTP 302
  • https://match.bnmla.com/usersync?dspid=6&uuid=9EBD5614879B409988849EB083005913 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=a43bb9d0-a5fb-4979-a724-8c905f2ae641
Request Chain 244
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:ard86Ruz1Mv39r5&gdpr=0&gdpr_consent=
Request Chain 245
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:9EBD5614879B409988849EB083005913
Request Chain 246
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=q0XEd0ZsSM9X9DmRNkPcgNiDcpY
Request Chain 247
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=C9C0BDDC-098B-4F45-961C-165698E0E080&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=C9C0BDDC-098B-4F45-961C-165698E0E080&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=C9C0BDDC-098B-4F45-961C-165698E0E080&addseg=10,33,39
Request Chain 248
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=C9C0BDDC-098B-4F45-961C-165698E0E080&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=C9C0BDDC-098B-4F45-961C-165698E0E080&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 250
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=C9C0BDDC-098B-4F45-961C-165698E0E080 HTTP 302
  • https://a.audrte.com/p
Request Chain 251
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YVKCOwAAAFN6UgQE&gdpr=0&gdpr_consent=
Request Chain 252
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4034688661224747865&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 253
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=339f34d4-bb80-4d6b-bcff-3b08a541d525-61528240-5553&gdpr=0&gdpr_consent=
Request Chain 254
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:91a559b4-265d-4cd3-9517-9ec2ec94c1dc&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 255
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7586480693263238495
Request Chain 257
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=6b633886-2006-11ec-893b-15cf7b31d650&gdpr=0&gdpr_consent=
Request Chain 261
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAGorE7CpQQAADl5IWYCfQ&expiration=1634006848&gdpr=1
Request Chain 263
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YVKCPRmNryCEtQaq-wY6lAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENYAlk48-0GqMm_1s93RWT0&google_cver=1&gdpr=1
Request Chain 264
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=ard86Ruz1Mv39r5&gdpr=1

272 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
helpdesk.rootsweb.com/ 		14 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://helpdesk.rootsweb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.65.104 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
a5469db974a4d2d9daa13d13d00b976c8d1b16d48a12c83975a9e233969ed303
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
helpdesk.rootsweb.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 28 Sep 2021 02:47:22 GMT
content-type
text/html; charset=utf-8
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
x-content-type-options
nosniff
x-xss-protection
1; mode=block
etag
W/"38a1-3ny//sy/YyBMiaJJLLOXR49AQNg"
x-response-time
5.881728
set-cookie
visid_incap_1709660=aM7ymJNIQK+Zw+siBfBGeTmCUmEAAAAAQUIPAAAAAADbqIoFXNxZYhS2HaN3kE6w; expires=Tue, 27 Sep 2022 23:32:07 GMT; HttpOnly; path=/; Domain=.rootsweb.com nlbi_1709660=Ai0kMtSeLnNZikJS/2zClQAAAADlaTreaeBV/Lve4FBdJFI8; path=/; Domain=.rootsweb.com incap_ses_534_1709660=YXB7MV2DVz/v6XAhpyZpBzqCUmEAAAAAEu+ia6iiL8zJ/NdqaOhloQ==; path=/; Domain=.rootsweb.com
x-cdn
Imperva
x-iinfo
1005-51384356-51384357 NNNN CT(97 215 0) RT(1632797241732 0) q(0 0 3 1) r(4 4) U5
core.css
www.ancestrycdn.com/ui/1.6.4/css/ 		103 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ancestrycdn.com/ui/1.6.4/css/core.css
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.226.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-226-93.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
1f2d68f16a5426ee5e208e7a3bb18881cf77722f0c1311da72305603f3c453d0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:23 GMT
content-encoding
br
last-modified
Wed, 07 Oct 2020 17:05:54 GMT
server
Akamai Resource Optimizer
etag
"a9d383cd28c7f7639878a3d78fa67289:1561492121.201929"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
17399
expires
Wed, 28 Sep 2022 02:47:23 GMT
layout.css
www.ancestrycdn.com/aa-rw-home/2017/stylesheets/ 		3 KB
843 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ancestrycdn.com/aa-rw-home/2017/stylesheets/layout.css
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.226.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-226-93.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
7980569c490f4d3a42a21d1f3d8ff166d25baaf513e8d7fcbce756e75919bb69

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:23 GMT
content-encoding
br
last-modified
Fri, 27 Aug 2021 14:41:22 GMT
server
Akamai Resource Optimizer
etag
"34ba7bdc74a75c1bb3a5014826f69cab:1630012617.08973"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
597
expires
Wed, 28 Sep 2022 02:47:23 GMT
rwHome.css
www.ancestrycdn.com/aa-rw-home/2017/stylesheets/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ancestrycdn.com/aa-rw-home/2017/stylesheets/rwHome.css
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.226.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-226-93.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
058142ad991e52836f6d557c3d90b280b9a6ab39c2eaeb68b4a8876e802753c4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:23 GMT
content-encoding
br
last-modified
Fri, 27 Aug 2021 14:43:40 GMT
server
Akamai Resource Optimizer
etag
"428cbd4a949fe9544ff370da3279fa49:1630012616.954427"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
919
expires
Wed, 28 Sep 2022 02:47:23 GMT
jquery.min.js
www.ancestrycdn.com/ui-static/lib/jquery/1.11.1/ 		94 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ancestrycdn.com/ui-static/lib/jquery/1.11.1/jquery.min.js
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.226.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-226-93.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:23 GMT
content-encoding
br
last-modified
Mon, 29 Mar 2021 19:30:56 GMT
server
Akamai Resource Optimizer
etag
"8101d596b2b8fa35fe3a634ea342d7c3:1616097885.874898"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
29906
expires
Wed, 28 Sep 2022 02:47:23 GMT
o3.js
www.ancestrycdn.com/aa-rw-home/2017/scripts/ 		1 KB
761 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ancestrycdn.com/aa-rw-home/2017/scripts/o3.js
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.226.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-226-93.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
3213bb97e284f266249563d4b148e11a4f32f541a052d5f0c6e85fc73d7e191c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:23 GMT
content-encoding
br
last-modified
Thu, 26 Aug 2021 21:27:41 GMT
server
Akamai Resource Optimizer
etag
"cb071f8bbb0a2d0f1bd7c5abd44e734d:1630012616.951221"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
504
expires
Wed, 28 Sep 2022 02:47:23 GMT
header-f943f45a.min.css
www.ancestrycdn.com/shared-navigation/header/rootsweb/1.0/content/ 		235 B
389 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ancestrycdn.com/shared-navigation/header/rootsweb/1.0/content/header-f943f45a.min.css
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.226.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-226-93.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
18ddcdb24ef28edc630b9a8543b40580652c11b541930e4e7f457a0859e26920

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:23 GMT
content-encoding
br
last-modified
Wed, 28 Oct 2020 05:45:34 GMT
server
Akamai Resource Optimizer
etag
"a6172c82ef2e6147371c4cf05e0db291:1603862928.318216"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
143
expires
Wed, 28 Sep 2022 02:47:23 GMT
rw.gif
www.ancestrycdn.com/aa-rw-home/280/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ancestrycdn.com/aa-rw-home/280/images/rw.gif
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.226.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-226-93.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
88c28228952a3c582f5e4015146fccfa2a42c4a3f782a189cae6ea4520b7348f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:23 GMT
x-check-cacheable
YES
x-serial
515
etag
"72077a5bd21c4a82001cfca022959fca:1519162337.991097"
content-type
image/png
access-control-allow-origin
*
cache-control
private, no-transform, max-age=19498036
last-modified
Wed, 24 Jul 2019 18:52:21 GMT
x-akamai-ssl-client-sid
tpibHPU/MftbUjWokmkr5w==
timing-allow-origin
*
content-length
2601
server
Akamai Image Manager
expires
Wed, 11 May 2022 18:54:39 GMT
hosted.jpg
www.ancestrycdn.com/aa-rw-home/2017/images/rwHome/ 		118 KB
119 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ancestrycdn.com/aa-rw-home/2017/images/rwHome/hosted.jpg
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.226.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-226-93.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
9f60e19500513ab17705449e16e7cec14a0f266d207458dd2db5da4c4ae40a3c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:23 GMT
last-modified
Thu, 26 Aug 2021 21:21:39 GMT
server
Akamai Image Manager
etag
"60632ff52e9e036d880731b7d39382ea:1630012614.868791"
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=28751594
timing-allow-origin
*
content-length
121170
expires
Fri, 26 Aug 2022 21:20:37 GMT
message.jpg
www.ancestrycdn.com/aa-rw-home/2017/images/rwHome/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ancestrycdn.com/aa-rw-home/2017/images/rwHome/message.jpg
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.226.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-226-93.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
fca4c724009bbda9487719603948ffe2c8b1e3d1cf78261d7bf681ae79218065

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:23 GMT
last-modified
Thu, 26 Aug 2021 21:21:39 GMT
server
Akamai Image Manager
etag
"05460fbbe68d2d16c8e85b82643e8c99:1630012614.701225"
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=28751721
timing-allow-origin
*
content-length
26312
expires
Fri, 26 Aug 2022 21:22:44 GMT
_Incapsula_Resource
helpdesk.rootsweb.com/ 		134 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://helpdesk.rootsweb.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=2030454625
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.65.104 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
856c9a2b9752fb7a147c16bb13b07ded29e8ac98dfa95093c86098e41b8044c4

Request headers

:path
/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=2030454625
pragma
no-cache
cookie
visid_incap_1709660=aM7ymJNIQK+Zw+siBfBGeTmCUmEAAAAAQUIPAAAAAADbqIoFXNxZYhS2HaN3kE6w; nlbi_1709660=Ai0kMtSeLnNZikJS/2zClQAAAADlaTreaeBV/Lve4FBdJFI8; incap_ses_534_1709660=YXB7MV2DVz/v6XAhpyZpBzqCUmEAAAAAEu+ia6iiL8zJ/NdqaOhloQ==
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
helpdesk.rootsweb.com
referer
https://helpdesk.rootsweb.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-encoding
gzip
cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
19383
content-type
application/javascript
core.js
www.ancestrycdn.com/ui/1.6.4/js/ 		73 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ancestrycdn.com/ui/1.6.4/js/core.js
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.226.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-226-93.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
3db9505c9ab48dcf077970bf455d5e724f5d039983d9e7a0814b52801a8ee361

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:23 GMT
content-encoding
br
last-modified
Tue, 14 Apr 2020 21:46:14 GMT
server
Akamai Resource Optimizer
etag
"7db2b70983f1a16cf7b97b4904364b41:1561492122.716207"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
17957
expires
Wed, 28 Sep 2022 02:47:23 GMT
banner.js
www.ancestrycdn.com/aa-rw-home/2017/scripts/ 		1 KB
736 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ancestrycdn.com/aa-rw-home/2017/scripts/banner.js
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.226.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-226-93.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
fb59c0f637a2c45cd8f4d777da358c765fd47e6c277d2dadee850f9c3870b22c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:23 GMT
content-encoding
br
last-modified
Fri, 27 Aug 2021 14:41:28 GMT
server
Akamai Resource Optimizer
etag
"b70bbad3da2bbee3ca33b2c7b14ea21a:1630012616.949777"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
479
expires
Wed, 28 Sep 2022 02:47:23 GMT
header-c95fc179.js
www.ancestrycdn.com/shared-navigation/header/rootsweb/1.0/content/ 		35 B
295 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ancestrycdn.com/shared-navigation/header/rootsweb/1.0/content/header-c95fc179.js
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.226.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-226-93.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
2ef11050f150e7e242a38fa3111f688f59c1dc8d6104ba0d5f6f811e891a028c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:23 GMT
content-encoding
br
last-modified
Sat, 10 Oct 2020 22:05:06 GMT
server
Akamai Resource Optimizer
etag
"c95fc179fe88d6b76860ca33d56395db:1602161615.66888"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
39
expires
Wed, 28 Sep 2022 02:47:23 GMT
adb.5781260.min.js
prod.adspsp.com/ 		292 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod.adspsp.com/adb.5781260.min.js
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-113.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5ebfda037beb490e6ab60a07fe13fc65c80cc01c0c7963b5d9e1f8404c5b8305

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 27 Sep 2021 15:02:01 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Sep 2021 15:01:20 GMT
Server
AmazonS3
Age
42323
ETag
W/"73cd121b8c5fbcaadfd52c23de4511e9"
Vary
Accept-Encoding
X-Edge-Origin-Shield-Skipped
0
Content-Type
application/javascript
Via
1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
uqibd7AF0uB87N4d6O3up4INPySzJxUalbGQMlTDNIFiGYcfu-gwWQ==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		73 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
dea157dd8e89eb47239360e8a659f19b93d3ee22a685246e8a80253463428304
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1000 / 240 of 1000 / last-modified: 1632780598"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24853
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 28 Sep 2021 02:47:23 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		133 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
975b62423e82390a1b54f47625f46f5b4451a8ea69945b2e85008a194bb55edd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
8N42zakBwOFy.ZF9LMqjmgZs3f2_X5lT
content-encoding
gzip
etag
3900a2c2d757386fb762bfd86288f882
age
13
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
server
Server
x-amz-rid
0M9QBSAM6FGBZ56FBKDD
date
Tue, 28 Sep 2021 02:47:12 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
rZdNR4W1nqOY7ndHoOpjDHGLuPqTbheL9js8g9kU1dWHIzkr9BXF9g==
1fc9ab3f-5e87-46ab-bae6-38ff786a9ee3.js
d3lcz8vpax4lo2.cloudfront.net/ads-code/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/ads-code/1fc9ab3f-5e87-46ab-bae6-38ff786a9ee3.js
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.190 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-190.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bf04f1bb313d5c0d23cb106d2fe2f1b0bad2e317c56df482cf5b8b1c141f6ddc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
JdDJ5A8WAvRryEySPBzk5zcIQXrpmpnb
content-encoding
gzip
last-modified
Mon, 27 Sep 2021 19:37:27 GMT
server
AmazonS3
x-edge-origin-shield-skipped
0
etag
W/"5ebe6a828e08a41d4da214b214a42016"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
cache-control
max-age=60
date
Tue, 28 Sep 2021 02:47:24 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
aZYOQ9OeLYICXxSIJkshAjxUpth4O_915HjCWIEi_xvTEXq15YK2HA==
rw_bk.gif
www.ancestrycdn.com/aa-rw-home/2017/images/ 		88 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ancestrycdn.com/aa-rw-home/2017/images/rw_bk.gif
Requested by
Host: www.ancestrycdn.com
URL: https://www.ancestrycdn.com/aa-rw-home/2017/stylesheets/layout.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.226.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-226-93.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
b07ee248cf027745b1bf6e0e4c13e6404db9f6f64adeb54011878b26fc6744ae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ancestrycdn.com/aa-rw-home/2017/stylesheets/layout.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:23 GMT
x-check-cacheable
YES
x-serial
1889
etag
"cb318b2897e571ede19fbb1f511580c6:1630012612.866104"
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=28751991
last-modified
Thu, 26 Aug 2021 21:27:55 GMT
timing-allow-origin
*
content-length
88
server
Akamai Image Manager
expires
Fri, 26 Aug 2022 21:27:14 GMT
rw_actv.gif
www.ancestrycdn.com/rootsweb/201/hdr/ 		112 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ancestrycdn.com/rootsweb/201/hdr/rw_actv.gif
Requested by
Host: www.ancestrycdn.com
URL: https://www.ancestrycdn.com/shared-navigation/header/rootsweb/1.0/content/header-f943f45a.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.226.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-226-93.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
183ad2faae0222513f01b2c79661b655ba58c849d17261d9806a8a5988169f6c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ancestrycdn.com/shared-navigation/header/rootsweb/1.0/content/header-f943f45a.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:23 GMT
x-check-cacheable
YES
x-serial
1939
etag
"9e42faf151bd27b39f182df6682a7aed:1491864916.157111"
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=19498069
last-modified
Wed, 24 Jul 2019 18:52:39 GMT
x-akamai-ssl-client-sid
5YpU78Lz8Nngw+Hmn4cbrw==
timing-allow-origin
*
content-length
112
server
Akamai Image Manager
expires
Wed, 11 May 2022 18:55:12 GMT
worldconnect.png
www.ancestrycdn.com/aa-rw-home/2017/images/rwHome/ 		123 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ancestrycdn.com/aa-rw-home/2017/images/rwHome/worldconnect.png
Requested by
Host: www.ancestrycdn.com
URL: https://www.ancestrycdn.com/aa-rw-home/2017/stylesheets/rwHome.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.226.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-226-93.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
f87ba2d94c81d62472bac27150f1200ca3bd575f26591191c4a0aa718bd0e282

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ancestrycdn.com/aa-rw-home/2017/stylesheets/rwHome.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:23 GMT
last-modified
Thu, 26 Aug 2021 21:21:40 GMT
server
Akamai Image Manager
etag
"211b9284689f3c0ec40fe173d907d57c:1630012614.379527"
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=28751567
timing-allow-origin
*
content-length
126334
expires
Fri, 26 Aug 2022 21:20:10 GMT
wiki-image.jpg
www.ancestrycdn.com/aa-rw-home/2017/images/rwHome/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ancestrycdn.com/aa-rw-home/2017/images/rwHome/wiki-image.jpg
Requested by
Host: www.ancestrycdn.com
URL: https://www.ancestrycdn.com/aa-rw-home/2017/stylesheets/rwHome.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.226.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-226-93.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
b86e59e58208eb497bb565fa5649c53b6809220b2af037ceb97e59e18f82032a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ancestrycdn.com/aa-rw-home/2017/stylesheets/rwHome.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:23 GMT
last-modified
Thu, 26 Aug 2021 21:21:39 GMT
server
Akamai Image Manager
etag
"021fde3208ea894a15fd364febf27e75:1630012613.569998"
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=28751614
timing-allow-origin
*
content-length
33632
expires
Fri, 26 Aug 2022 21:20:57 GMT
source-sans-pro-light.woff2
www.ancestrycdn.com/ui-static/font/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.ancestrycdn.com/ui-static/font/source-sans-pro-light.woff2
Requested by
Host: www.ancestrycdn.com
URL: https://www.ancestrycdn.com/ui/1.6.4/css/core.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.226.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-226-93.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
7a77e60b17cfcabc04ef30c432d32aa878577843250c7697607c6604f80953a9

Request headers

Referer
https://www.ancestrycdn.com/ui/1.6.4/css/core.css
Origin
https://helpdesk.rootsweb.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:23 GMT
last-modified
Fri, 17 Jan 2020 22:49:25 GMT
server
AkamaiNetStorage
etag
"ea00729a7015a092fbe5b325f0c8d7cc:1579301365.858381"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
21028
expires
Wed, 28 Sep 2022 02:47:23 GMT
source-sans-pro-bold.woff2
www.ancestrycdn.com/ui-static/font/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.ancestrycdn.com/ui-static/font/source-sans-pro-bold.woff2
Requested by
Host: www.ancestrycdn.com
URL: https://www.ancestrycdn.com/ui/1.6.4/css/core.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.226.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-226-93.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
85b3580813fa8eb2c6c64f0690f1104f9e14fdd3b34d6916b69617955047369a

Request headers

Referer
https://www.ancestrycdn.com/ui/1.6.4/css/core.css
Origin
https://helpdesk.rootsweb.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:23 GMT
last-modified
Thu, 18 Mar 2021 20:02:37 GMT
server
AkamaiNetStorage
etag
"ef6add382d16b06fa4fc213a4b1c4827:1616097757.60685"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
20572
expires
Wed, 28 Sep 2022 02:47:23 GMT
source-sans-pro.woff2
www.ancestrycdn.com/ui-static/font/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.ancestrycdn.com/ui-static/font/source-sans-pro.woff2
Requested by
Host: www.ancestrycdn.com
URL: https://www.ancestrycdn.com/ui/1.6.4/css/core.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.226.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-226-93.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
1bd15eebfb666408e7db84da51d38b002142e3ab5d1fd4f6c8567f04ef753958

Request headers

Referer
https://www.ancestrycdn.com/ui/1.6.4/css/core.css
Origin
https://helpdesk.rootsweb.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:23 GMT
last-modified
Fri, 17 Jan 2020 22:49:27 GMT
server
AkamaiNetStorage
etag
"c8574dc422f2c20d621ceba1c252bca6:1579301367.428391"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
21044
expires
Wed, 28 Sep 2022 02:47:23 GMT
utag.js
tags.tiqcdn.com/utag/ancestry/rootsweb/prod/ 		206 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/ancestry/rootsweb/prod/utag.js
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2b3dd53e971b7924e18c11d3a017129ee1a3199d92517afa60fb8eb85e960ef0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:23 GMT
content-encoding
gzip
last-modified
Wed, 08 Sep 2021 16:41:52 GMT
server
AkamaiNetStorage
etag
"15560731cf548d3b2026c9c6519738c0:1631119312.141699"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
expires
Tue, 28 Sep 2021 02:52:23 GMT
_Incapsula_Resource
helpdesk.rootsweb.com/ 		1 B
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://helpdesk.rootsweb.com/_Incapsula_Resource?SWKMTFSR=1&e=0.6518344326538907
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.65.104 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/_Incapsula_Resource?SWKMTFSR=1&e=0.6518344326538907
pragma
no-cache
cookie
visid_incap_1709660=aM7ymJNIQK+Zw+siBfBGeTmCUmEAAAAAQUIPAAAAAADbqIoFXNxZYhS2HaN3kE6w; nlbi_1709660=Ai0kMtSeLnNZikJS/2zClQAAAADlaTreaeBV/Lve4FBdJFI8; incap_ses_534_1709660=YXB7MV2DVz/v6XAhpyZpBzqCUmEAAAAAEu+ia6iiL8zJ/NdqaOhloQ==; ___utmvc=bC5cCxcA2ivtcsAhO1h+dzsvj4cNw2q9G13AVjkHbFaw/OOORWSfGk7/6RNwWkyXkvOAlWUFwq2XvjDB30DNQn1iMyVYiSG+OCg8exuYayHGGGiZq4glQayewFXKJCusuf7RR73TVrQaHNnl4TG11/+23dqt4CTXbmVYCUm7BjEtwOscQk40p42qabGEzYlb+fhbW2+x9U9P7PzdLfuxmGQwBbFN+eO/GKKRZMKEpxKdHjkiDGIffd6p1MExrwpTdAYhqW0YrAxqi6b7UA+lBUBsLLMUBljiDyaytcDO4h211Kzi92g1/F4jx+SB9PEVqmHNR8gyU7P6v/Ovu8H4hBglMxnFy4FjP++YfKgHtmBqqLzjld5m94xKlRhQ4vuHVBhaI3CYWVjcIvoBGHubzL9x6KNymWab5WAS8kYhXLVS8HuP8GPRaYDlYAwLEVbdUdgizXXBDX2U9wEk/IN+28Gy9CDSgJJNsTKNsl2TNXAx5Qlt/h0g8orNOXHQGk04i1B7PfHpHK/DBQj0DNCgVQAlQ7iPyXWtAimpkRs/eTJiiG6h5V5ayYSHpokL5GtsMG7OmzT6AmcHH6t2dvggm99TSnbISaAfq1An7eNKRMKPjW5Vua3R6jrU6gcu+aEaD852jqBXoim+Y0YtAiy+Xuy93WgWB/MuppvE0mCj+0/Lc+PAeSOljb0ObzO4RbqFfFfl4tTIrtRZLkkNHiJPhtkq0VXEdsx4C5Qpv7x3HZjFpO4RWLrhluX4/bGB6nT5oOgm4jLMJ+tTSLVSP9TGMYvc4PixPNIRv601wLMXP6qC8us+1W65Qc7lfwNMvYqwkJHTHu4Q2E7kTIxK5UCsCzRihtvJVDH46dKrfI5Bt7ccawzeOjjG4JzStW7WE15sAy/zRpSMQXGh+RujGLtlwcSxyoIoHfXa9hwEGb3hMvny7GhnYE4Ezkd60bZRH5+LEru9QKJcufUfINwxkhBim+7YdsBGn3XoCvoMX7UQyv7fsnrOqS4GFaOWDuVnyQAqJzg2BIcf0zz7wGZv3iTePqZFdaEydFaJlMHDPnqEwPS7+KOY8CuL7MGypRHDnVB+jzb43KOE8hQSKjkQuqwwBrJ2BqLFoWuF9nOC9U2mJ6i2oEciRjTcVeiCi+yH6YzXCSiJHd0ZoarJ9VQghPNOP1Cl4abA/NMepP2+vSvVGHlCdB+yG3BQgE1TI67YV6J+v/Q3YOSESRXIFctgxBj0zOt/XKUqZ/bQh+nF8cHzQqqCxKiatzGeTNMTe17U2oz4Z44Fo9QKU6BMJj+k5Ltv70cfGiW41rf50zEDAlKqnBgr+bkkhUAMnsAUoUKS1p9RDWc7FlqlBkYjwVBqVkiZTYf7ww53HyQUw4Y5VIzdUJ8cVqPqYwlhEjx6/T3zNVdPM+yhOKdz9cOapm2HsU4XdlZfpoCoglkZAYDfb2Yy8koLX4mUdubxomX1/kwFsixpf2yfGkQA0/KrwLR4HQG3wJVsK/oOWr3Q3quZLLtuATvr/6ikV5M2ndCeJnyc9402YwvvikEJ3+dz2DXr2XYQqvl5stVMu/RAFpVClyMoyoPw/9lZ6tblM+M4FZY7Jc0ZyUslUmR3HY26fjjwIMAYNnnnZ5KvoNnLqW15khTxESW3XIEGTB+Qsn3CtjU8yaMlHfW12eQ1Nj/RCOf5w3s5dc2cn0TnjZBzkYtGMzALJQ3/dXVvjKFdZYpYxG6E4Qrz34uSKL9NFAjhANRI3lCay3lLvXzO2ZCSUOOHbGVSzAjIGoJEvtx1DLLSAwzqo+P99e98hRLU1xfuP23XMO7BYQPfv0T9eCjT+8znS+Zci4d8jN9By8AXJsYKew0whAvHQ11X6gnkx0c++UCKtPIkP+jlaHj6USUbwxEum/klMzxUdz2O8qFCCtOL4pZ7xEd+AFlCZRisNDjBx5GgoAclXgjNI/pEHFjF2yydUwoIzeWWLhxney6ADDEF61xCorWH1/4qjcnC3eYv0+mbnm/W3cyu/WTfOzPJUAvWl3PEwKTW1HubNbGHjp2nq+OzRu7+F/SKQjrZ4KAg8fdBBOWryjDoJ5D5rMp9RR+y1JIaqZS4kK1el3srLkE6R+9uME/na7LN2tmOqR8WZqjaI85PP8Lv2ordWaswdoyrvy4b0cZDUkGnuHDVC+8pIvoaA6mqtOEKCp/1hyNYpWFAOY5tnOzXyRLa8DdS7qNbrgXXpxYp2SgTR9UcF6HYu7hXrlJGIHRY8Ig9NzLIo5JWFuTYN4CLdeznTeaFUX2j4lqcW0jCL3ru1YeV2CejE067Mlp6gh1CU84c46YsfdahsZ/o9Q8zWVCHl4Kx9qdStfRa3+HproUTjpaR7wQVCX7vmHChcwcZEoJ+CCnzaHvCz7uQcfu5Y1AifoW/YNNjo3vET229GsPKDmJgyI5UZF+2o5aNMoWYYcv6BK0TbHas9RQM9GvCAOuXrgcoIsx+ckQZb/EgNPUDQHQV9pfru2Z9q1Nabq0LvUZvJmDhaav4oQYBZDMlqLzSlqT6YCvQ6RZwL8547ictrvjORxfyrbUsJ1NbHKH7YJyvQeLqv3jX0NaIy0pyzo2u8DkLlD5DxBrmtZ1ZaS6ufWFF71twF7UOVjl98Rick8+xOw2xPZVei+1U8bCUhW8P2toio4UrI8Z/sVCdGYUREkRIB2KgfRpdNEI45WLQsiq60OOELGRpZ2VzdD0xODQxNDMscz1hMjdmOTU4ODgyODdhMjZjYThhYThhOTc2NjgyODdhMTVmODM3NmFlYTg2MDgwNzg5NjlmODM3MzlkYWNhMTZkODg4MzhjOGI3NDg5NzE2ZQ==
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
helpdesk.rootsweb.com
referer
https://helpdesk.rootsweb.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
1
content-type
text/plain
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:24 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
x-edge-origin-shield-skipped
0
x-cache
Miss from cloudfront
access-control-allow-origin
*
last-modified
Tue, 07 Sep 2021 22:15:56 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
S8kNCKkikutwvs4V44q0sFuZ4JNc9Ate
via
1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
dHTTUf081x7EP5Uub5P9XmskTa06x-bsKt8qrUCUeyvED-nEOx9Z_w==
/
geo.adspsp.com/ 		4 B
238 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geo.adspsp.com/
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-31.fra50.r.cloudfront.net
Software
/
Resource Hash
33c501b6204f96055ccb9ac459dc3480919bba2eb27c02f11dc2778b5d62d7b3

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Tue, 28 Sep 2021 02:47:23 GMT
via
1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
content-length
4
x-amz-cf-id
zmHUJfcxhxNlyovnxRQQXTl2vhyRAl6Zo69Q7f6H65Jm4muuMtyUiA==
x-cache
Miss from cloudfront
pubads_impl_2021091501.js
securepubads.g.doubleclick.net/gpt/ 		334 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
52c41152c7916b4cf3b3a90f790faa0ba7f746603671e286531bc50407d844ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119151
x-xss-protection
0
last-modified
Wed, 15 Sep 2021 08:39:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 28 Sep 2021 02:47:23 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		134 B
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=helpdesk.rootsweb.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
09a5cf78f70c2e4dc3ce16317d3c787806fed4de4ad067015224d21edaca9d05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 28 Sep 2021 02:47:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
108
x-xss-protection
0
expires
Tue, 28 Sep 2021 02:47:23 GMT
/
adspsp.com/pt/5781260/19/1/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adspsp.com/pt/5781260/19/1/?a=2,aX0,AKZoZLmRDI&aa=&b=&e=&c=https%3A%2F%2Fhelpdesk.rootsweb.com%2F&d=&f=1.ku3hbh4m.2T2xd&g=2T30t&u=5ecf496b:ktss0asu:26r&v=18g.xc.0.15z&m=z&i1=G&rnd=1632797243332
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.39.45.181 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-39-45-181.us-west-2.compute.amazonaws.com
Software
linux /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Server
linux
Connection
keep-alive
Content-Length
0
Content-Type
image/png
4f695dd7-eba6-4797-9b21-f41a4a3abf1a.js
d3lcz8vpax4lo2.cloudfront.net/header-tags/1fc9ab3f-5e87-46ab-bae6-38ff786a9ee3/ 		332 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/header-tags/1fc9ab3f-5e87-46ab-bae6-38ff786a9ee3/4f695dd7-eba6-4797-9b21-f41a4a3abf1a.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/1fc9ab3f-5e87-46ab-bae6-38ff786a9ee3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.190 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-190.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0d239500d61e95ca8799eaa2ec23276fe4cc9940bbbb1a723a47766d43c85edf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
HCxG0XJt0HDTZFkoRmGyoaouE65pKWXR
content-encoding
gzip
last-modified
Mon, 27 Sep 2021 19:37:27 GMT
server
AmazonS3
x-edge-origin-shield-skipped
0
etag
W/"5270210841a75815062588ae11edce9f"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
cache-control
max-age=60
date
Tue, 28 Sep 2021 02:47:24 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
C9ial7HtcNKIAyEXI4pDVIZj3_l1LJysG0rO9dOBKtEFhQWUf2Y1lA==
00000000-0000-0000-0000-000000000000
api.lytics.io/api/me/6578caa0cdaa8dfcd95d5e6d3de12cc8/ucdmid/ 		76 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.lytics.io/api/me/6578caa0cdaa8dfcd95d5e6d3de12cc8/ucdmid/00000000-0000-0000-0000-000000000000?fields=behavior_is_current_subscriber&segments=true
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ancestry/rootsweb/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.11.84 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
84.11.190.35.bc.googleusercontent.com
Software
lytics.io 3c4656f0b4d14fbdcc4f6c867abcde48a8b9cd7f /
Resource Hash
674d1ff7419bdf7f1dafd4a41db01a4feb1d802122213ecc456dd43f72791984
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=63072000;
content-encoding
gzip
server
lytics.io 3c4656f0b4d14fbdcc4f6c867abcde48a8b9cd7f
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, *
date
Tue, 28 Sep 2021 02:47:23 GMT
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
https://helpdesk.rootsweb.com
alt-svc
clear
content-length
95
via
1.1 google
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=ED3301AC512D2A290A490D4C%40AdobeOrg&d_nsid=0&ts=1632797243585
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=ED3301AC512D2A290A490D4C%40AdobeOrg&d_nsid=0&ts=1632797243585
372 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=ED3301AC512D2A290A490D4C%40AdobeOrg&d_nsid=0&ts=1632797243585
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.247.138.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-247-138-82.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
32df7706c6096f135527621c4263d0b290fa55e3c9b16651c95f314bb329f2ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v018-0b6b44d4b.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
/vNY9HpkT48=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://helpdesk.rootsweb.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
312
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v018-04bb2a657.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Origin
https://helpdesk.rootsweb.com
X-TID
EHpxeq85R6Q=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=ED3301AC512D2A290A490D4C%40AdobeOrg&d_nsid=0&ts=1632797243585
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
utag.107.js
tags.tiqcdn.com/utag/ancestry/rootsweb/prod/ 		54 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/ancestry/rootsweb/prod/utag.107.js?utv=ut4.46.202102022145
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ancestry/rootsweb/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
6e9a2faa245518a10391c2eaba8a2a2496efac39f21794a4d381f02ef8bcee03

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:23 GMT
content-encoding
gzip
last-modified
Mon, 23 Nov 2020 19:41:39 GMT
server
AkamaiNetStorage
etag
"ae6f626844a5d32f045d5d129b482e7a:1606160499.319867"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
18980
expires
Wed, 13 Oct 2021 02:47:23 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		57 B
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3348&u=https%3A%2F%2Fhelpdesk.rootsweb.com%2F
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
8ea9df9aa296a2eac3fe1a8b6972fecea49c7295f723cf9c93356ff9301a09ec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:23 GMT
via
1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
server
Server
x-edge-origin-shield-skipped
0
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://helpdesk.rootsweb.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-length
57
x-amz-cf-id
jT3zIQA2tIemcQW0Q6fPT0uxALS4WR0xPzlXh83TnZMUrpirxL3Qcg==
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
202 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=ancestry/rootsweb/202109081641&cb=1632797243618
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ancestry/rootsweb/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:23 GMT
last-modified
Thu, 14 Apr 2016 16:57:51 GMT
server
AkamaiNetStorage
etag
"7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type
application/x-javascript
cache-control
max-age=600
accept-ranges
bytes
content-length
2
expires
Tue, 28 Sep 2021 02:57:23 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		64 B
535 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3348&u=https%3A%2F%2Fhelpdesk.rootsweb.com%2F&pid=GWPMGdsttAzva&cb=0&ws=1600x1200&v=7.69.01&t=3000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%228eb7f0c0-4910-4ca3-a180-476584b9fc06%22%5D%7D%2C%22sn%22%3A%22RW_728x90_btf%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%228eb7f0c0-4910-4ca3-a180-476584b9fc06%22%5D%7D%2C%22sn%22%3A%22RW_728x90%22%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:23 GMT
via
1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA50-C1
x-amz-rid
E4F2EMBR8KBKNX438221
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://helpdesk.rootsweb.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
64
x-amz-cf-id
UvSBJTcdVz_9bYXQqe3K-uoFRg9X67cjJK-DRivZ0t8XfSOfrgguCg==
/
adspsp.com/pt/5781260/1/2/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adspsp.com/pt/5781260/1/2/?a=2,a2ku3hbkcqKifegK8KSe,AKZoZLmRDI&aa=00tCRyuTh.gN.u11---&b=1//2-19^k8`2i.8w`1e:2@1957888^k8`2i,3@RW_728x90_bottom^k8`2i,4@543537162^k8`2i,4@543537163^k8`2i,5@20491671^k8`2i,9@829344^k8`2i,10@588745^k8`2i,16@108636^k8`2i,18@rootsweb_adhesion_728x90^k8`2i,115@rootsweb_dt_728x90_btf^k8`2i,116@817150925^k8`2i,154@dtylsEbQir7lnyaKjGFx_2^k8`2i_18^k8`2i:2@1957912^k8`2i,3@RW_728x90^k8`2i,4@543880349^k8`2i,5@20956780^k8`2i,9@623383^k8`2i,10@203712^k8`2i,16@108636^k8`2i,18@rootsweb_docking_728x90^k8`2i,115@rootsweb_dt_728x90_atf^k8`2i,116@212208145^k8`2i,154@doDfPobQir7lnyaKjGFx_2^k8`2i&bu=U2432a4a90e423e,bottomSlotAdhesion,%2F4802%2Ftgn.rootsweb.com%2FRW_728x90_btf&bu=U30adeff3414159,topSlot,%2F4802%2Ftgn.rootsweb.com%2FRW_728x90&e=&c=https%3A%2F%2Fhelpdesk.rootsweb.com%2F&d=&f=1.ku3hbh4m.2T2xd&g=2T3bt&u=5ecf496b:ktss0asu:26r&v=18g.xc.0.1aw&m=z&i1=G&rnd=1632797243728
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.39.45.181 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-39-45-181.us-west-2.compute.amazonaws.com
Software
linux /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Server
linux
Connection
keep-alive
Content-Length
0
Content-Type
image/png
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		304 B
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.158.223.146 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
146.vip.crm-node2.ams5.cnvr.net
Software
nginx /
Resource Hash
47b4c4499562cb06f4323402eee6d9159074dd44665a00124f299a1f6e963f6a

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 02:47:23 GMT
server
nginx
content-type
application/json
access-control-allow-origin
https://helpdesk.rootsweb.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
304
expires
0
cygnus
htlb.casalemedia.com/ 		26 B
379 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=588745&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22R3593767380b0c24%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fhelpdesk.rootsweb.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A1%2C%22msi%22%3A1%2C%22mfu%22%3A0%2C%22bu%22%3A2%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A2%2C%22ren%22%3Afalse%2C%22version%22%3A%225.14.0-pre%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22BR135b8fdee3ed596%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A588745%2C%22sid%22%3A%22728x90%22%2C%22fl%22%3A%22x%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A588745%2C%22sid%22%3A%22320x50%22%2C%22fl%22%3A%22x%22%7D%7D%5D%7D%2C%22bidfloor%22%3A0.04%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22BR27bbb2cb0242b26%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A203712%2C%22sid%22%3A%22728x90%22%2C%22fl%22%3A%22x%22%7D%7D%5D%7D%2C%22bidfloor%22%3A0.04%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%2C%22us_privacy%22%3A%221---%22%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c1115107882c6d262bbad595d39c722c43ef39d1b358bcf889b7984090056cb5

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 02:47:23 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[216.131.114.150], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://helpdesk.rootsweb.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
46
x-ak-client-geo
12
expires
Tue, 28 Sep 2021 02:47:23 GMT
prebid
ib.adnxs.com/ut/v3/ 		263 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
3e454ecd42e3569ee3b840e7cd240abc632336a7c9eee92226e1cee3443d0d4d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 28 Sep 2021 02:47:23 GMT
X-Proxy-Origin
216.131.114.150; 216.131.114.150; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
5191bcb1-9cab-4854-8598-0b35dbbbd8e1
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://helpdesk.rootsweb.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
263
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
ancestry-d.openx.net/w/1.0/ 		190 B
576 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ancestry-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fhelpdesk.rootsweb.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=04f72fbb-089d-4e37-9795-4671386396c5%2C04f72fbb-089d-4e37-9795-4671386396c5%2C127f42b0-cd8e-4557-8ae3-3f334c4beccb&nocache=1632797243737&gdpr_consent=&gdpr=0&us_privacy=1---&pubcid=8eb7f0c0-4910-4ca3-a180-476584b9fc06&aus=728x90%2C320x50%7C728x90%2C320x50%7C728x90&divids=bottomSlotAdhesion%2CbottomSlotAdhesion%2CtopSlot&aucs=%2C%2C&auid=543537162%2C543537163%2C543880349&aumfs=40%2C40%2C40
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.3 /
Resource Hash
fc466493fe46d54a59c024749afc0db9259c15d02e56512caf4f50839aa1297b

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 02:47:23 GMT
content-encoding
gzip
server
OXGW/16.216.3
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://helpdesk.rootsweb.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
176
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
120 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://helpdesk.rootsweb.com
date
Tue, 28 Sep 2021 02:47:23 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14544&site_id=128980&zone_id=1957888&size_id=2&alt_size_ids=43&p_pos=atf&gdpr=0&us_privacy=1---&eid_pubcid.org=8eb7f0c0-4910-4ca3-a180-476584b9fc06%5E1&rf=https%3A%2F%2Fhelpdesk.rootsweb.com%2F&tk_flint=pbjs_lite_v5.14.0-pre&x_source.tid=04f72fbb-089d-4e37-9795-4671386396c5&p_screen_res=1600x1200&rp_floor=0.05&rp_secure=1&rp_maxbids=1&slots=1&rand=0.38447840456238014
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
e9cb33c4737c5456510e4b4dfedc79b21a901db6a14d23648b017647c8ea875d

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 28 Sep 2021 02:47:23 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://helpdesk.rootsweb.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
4282
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14544&site_id=128980&zone_id=1957912&size_id=2&p_pos=atf&gdpr=0&us_privacy=1---&eid_pubcid.org=8eb7f0c0-4910-4ca3-a180-476584b9fc06%5E1&rf=https%3A%2F%2Fhelpdesk.rootsweb.com%2F&tk_flint=pbjs_lite_v5.14.0-pre&x_source.tid=127f42b0-cd8e-4557-8ae3-3f334c4beccb&p_screen_res=1600x1200&rp_floor=0.05&rp_secure=1&rp_maxbids=1&slots=1&rand=0.16205602840718392
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
4273f929c478a2c39e01cc08afe2d4e38197a6a7f62415c993fb0e58dc5103e2

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 28 Sep 2021 02:47:23 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://helpdesk.rootsweb.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
4273
Expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
ap.lijit.com/rtb/ 		79 B
740 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_5.14.0-pre
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
30cc59a443e44f2162692ef1b8b78e3919dc4eb968ecdccb9e0f6c0c1cdcce22

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 28 Sep 2021 02:47:23 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://helpdesk.rootsweb.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
90
auction
tlx.3lift.com/header/ 		19 B
268 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=5.14.0-pre&referrer=https%3A%2F%2Fhelpdesk.rootsweb.com%2F&tmax=3000&gdpr=false&us_privacy=1---
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.169.108 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-169-108.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 02:47:23 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://helpdesk.rootsweb.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691ed017373ba9c3abb936d3a0113&pos=rootsweb_dt_728x90_btf&cmd=bid&secure=1&us_privacy=1---
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
169c36dc159981a1aa3b7c4683a7f2c45ebf6c8db6097cb55e4eff44f718cb47

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 28 Sep 2021 02:47:23 GMT
Server
ATS/7.1.2.138
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://helpdesk.rootsweb.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691ed017373ba9c3abb936d3a0113&pos=rootsweb_dt_728x90_atf&cmd=bid&secure=1&us_privacy=1---
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
95772bfc7f7ae0ca67c30ff609d179b6793cbf874e85edd44b6daf4687fb993c

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 28 Sep 2021 02:47:23 GMT
Server
ATS/7.1.2.138
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://helpdesk.rootsweb.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
prebid
prebid.media.net/rtb/ 		32 B
256 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU12G3DV
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
dbe5b7ecbb1e59ac15de1b1ea340c9540f8d1cf1764c667aeca64a1fdd3b639c

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 02:47:23 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://helpdesk.rootsweb.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
hb
ssc.33across.com/api/v1/ 		68 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=dtylsEbQir7lnyaKjGFx_2
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
ce09d8b32ed76e27b50034fab8d45d2e21d986e392acd6b26c7c439108115c5d

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Sep 2021 02:47:23 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://helpdesk.rootsweb.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
hb
ssc.33across.com/api/v1/ 		68 B
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=doDfPobQir7lnyaKjGFx_2
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
d19a5f976883268fd260c965eb73485a651d539e1f3b58a64192251f12ae4155

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Sep 2021 02:47:23 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://helpdesk.rootsweb.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
dest5.html
ancestry-mcsp.demdex.net/ Frame 3E50 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ancestry-mcsp.demdex.net/dest5.html?d_nsid=0
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ancestry/rootsweb/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.159.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-159-255.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Host
ancestry-mcsp.demdex.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://helpdesk.rootsweb.com/
Accept-Encoding
gzip, deflate, br
Cookie
demdex=49762848788077139620148632807472656670
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
Content-Type
text/html;charset=UTF-8
date
Tue, 28 Sep 2021 02:47:23 GMT
DCS
dcs-prod-irl1-1-v018-0ce041da7.edge-irl1.demdex.com UNKNOWN
Expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Thu, 23 Sep 2021 11:45:20 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
vary
accept-encoding
X-TID
pMJ28g+8SqI=
Content-Length
2791
Connection
keep-alive
id
ancestry.sc.omtrdc.net/ 		2 B
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ancestry.sc.omtrdc.net/id?d_visid_ver=5.0.1&d_fieldgroup=A&mcorgid=ED3301AC512D2A290A490D4C%40AdobeOrg&mid=49961235599383605790165110995328253111&ts=1632797243786
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ancestry/rootsweb/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 28 Sep 2021 02:47:23 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-567564d5d5-8mx7j
vary
Origin
x-c
main-1531.I2ae8be.M0-520
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://helpdesk.rootsweb.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-type
application/x-javascript;charset=utf-8
content-length
2
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=YVKCOwAAAFN6UgQE
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=49762848788077139620148632807472656670
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YVKCOwAAAFN6UgQE
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YVKCOwAAAFN6UgQE
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.247.138.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-247-138-82.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v018-09f14af0e.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
37NobpVIRQg=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YVKCOwAAAFN6UgQE
Date
Tue, 28 Sep 2021 02:47:23 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
s48684793713504
smetrics.ancestry.com/b/ss/ancestry-global/1/JS-2.20.0/ 		43 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smetrics.ancestry.com/b/ss/ancestry-global/1/JS-2.20.0/s48684793713504?AQB=1&ndh=1&pf=1&t=28%2F8%2F2021%202%3A47%3A23%202%200&sdid=0AF028CEA268F5F2-451FB8E6FA397F6E&mid=49961235599383605790165110995328253111&aamlh=6&ce=UTF-8&ns=ancestry&pageName=ancestry%20rootsweb%20%3A%20home%20%3A%20home&g=https%3A%2F%2Fhelpdesk.rootsweb.com%2F&cc=USD&ch=rootsweb&server=rootsweb.com&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c11=00000000-0000-0000-0000-000000000000&v12=rootsweb&v13=us&v14=rootsweb&c23=nrvisitor&v23=nrvisitor&c24=not%20win%20back&c35=non%20dna%20user&v35=non%20dna%20user&v41=ancestry%20rootsweb%20%3A%20home%20%3A%20home&c42=ancestry%20rootsweb%20%3A%20home&v42=ancestry%20rootsweb%20%3A%20home&c43=ancestry%20rootsweb%20%3A%20home%20%3A%20home&v43=ancestry%20rootsweb%20%3A%20home%20%3A%20home&c44=202109280247&v44=202109280247&c45=helpdesk.rootsweb.com%2F&v45=helpdesk.rootsweb.com%2F&c49=09%2F27%2F2021%2019%3A47%3A23&v49=09%2F27%2F2021%2019%3A47%3A23&c50=ancestry%20rootsweb%20%3A%20home%20%3A%20home&v65=00000000-0000-0000-0000-000000000000&c68=helpdesk.rootsweb.com&c73=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F93.0.4577.63%20Safari%2F537.36&v98=interactive%3C1.00s&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=ED3301AC512D2A290A490D4C%40AdobeOrg&AQE=1
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:24 GMT
x-content-type-options
nosniff
x-c
main-1531.I2ae8be.M0-520
p3p
CP="This is not a P3P policy"
vary
*
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Wed, 29 Sep 2021 02:47:24 GMT
server
jag
xserver
anedge-567564d5d5-hqsng
etag
3506405382391201792-4619582649382011969
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Mon, 27 Sep 2021 02:47:24 GMT
/
geoip.insticator.com/json/ 		243 B
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.insticator.com/json/
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/1fc9ab3f-5e87-46ab-bae6-38ff786a9ee3/4f695dd7-eba6-4797-9b21-f41a4a3abf1a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.85.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-85-106.compute-1.amazonaws.com
Software
/
Resource Hash
ccf0eb0d8aea6f3561bcab2e6d8fae160618c71e663001f426dc5b41f909f85a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
https://helpdesk.rootsweb.com
date
Tue, 28 Sep 2021 02:47:24 GMT
access-control-allow-credentials
true
x-database-date
Mon, 27 Sep 2021 21:39:06 GMT
content-length
243
vary
Origin
content-type
application/json
usertracking
b2c.insticator.com/v3/pages/ Frame 912D 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b2c.insticator.com/v3/pages/usertracking
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/1fc9ab3f-5e87-46ab-bae6-38ff786a9ee3/4f695dd7-eba6-4797-9b21-f41a4a3abf1a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.233.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-233-191.compute-1.amazonaws.com
Software
/
Resource Hash
984bca55409990098cf74adc47ed650c3d22c68900739950bd14c04c9d45f8f7

Request headers

:method
GET
:authority
b2c.insticator.com
:scheme
https
:path
/v3/pages/usertracking
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://helpdesk.rootsweb.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/

Response headers

date
Tue, 28 Sep 2021 02:47:24 GMT
content-type
text/html; charset=UTF-8
content-length
2821
etag
e10d278d-4e30-4896-85ab-59c1f3827b0c
vary
Accept-Encoding,Origin
pragma
max-age=3600
cache-control
max-age=3600
content-encoding
gzip
pwt.js
ads.pubmatic.com/AdServer/js/pwt/95054/2912/ 		262 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/1fc9ab3f-5e87-46ab-bae6-38ff786a9ee3/4f695dd7-eba6-4797-9b21-f41a4a3abf1a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
108651ebf54555a00f52a70b7cf29b3465c7151214b0467738de3acb4f68ed71

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:24 GMT
content-encoding
gzip
last-modified
Fri, 06 Aug 2021 14:57:25 GMT
server
Apache/2.2.15 (CentOS)
etag
"1121321-4174a-5c8e540e34178"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=146157
accept-ranges
bytes
content-type
text/javascript
content-length
82482
expires
Wed, 29 Sep 2021 19:23:21 GMT
config.js
confiant-integrations.global.ssl.fastly.net/3g2pC722FKMzXRLuYXZT6L7Ud9Y/gpt_and_prebid/ 		65 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/3g2pC722FKMzXRLuYXZT6L7Ud9Y/gpt_and_prebid/config.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/1fc9ab3f-5e87-46ab-bae6-38ff786a9ee3/4f695dd7-eba6-4797-9b21-f41a4a3abf1a.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7ae59f68e4bd41cdf2039f5abd80120761df3f2f6da565405268f5efde3a8ccb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 28 Sep 2021 02:47:24 GMT
Content-Encoding
gzip
Age
648
X-Cache
HIT
Connection
keep-alive
Content-Length
15829
x-amz-id-2
jfLTlV5nVWflXsNS219IBrVMZ1ydt7dduRH0LhPKGP6b1QTmvVVWZOcip5EAjrdicS0YgOirvNU=
X-Served-By
cache-hhn4044-HHN
Last-Modified
Tue, 28 Sep 2021 02:11:12 GMT
Server
AmazonS3
X-Timer
S1632797244.018921,VS0,VE1
ETag
"135e0385286df1a10ac184f49be8ce64"
x-amz-request-id
6AVBP6HRK5J760J6
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
1
tag.min.js
get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/tag.min.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/1fc9ab3f-5e87-46ab-bae6-38ff786a9ee3/4f695dd7-eba6-4797-9b21-f41a4a3abf1a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-60.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
83af3eed9bc9713193f2ad86f6214e2554ec29f8022e054dcf696a10d59ff9d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
aT8uF5QDZCsxz_FuCjV0EGzNRrUyg9DX
content-encoding
gzip
last-modified
Thu, 17 Jun 2021 18:02:42 GMT
server
AmazonS3
age
45326
etag
W/"51ed6db266476896c6fe9a06992898e2"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
text/javascript
via
1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Mon, 27 Sep 2021 14:11:59 GMT
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
FIsKKu1ENa8a8fQDLwXLtbLhm0d_xBV03Ejch0F36-nXWSDwMMUnNg==
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=helpdesk.rootsweb.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 28 Sep 2021 02:47:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		35 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1261141017691274&correlator=2928611006447900&output=ldjh&impl=fifs&eid=31062920&vrg=2021091501&ptt=17&sc=1&sfv=1-0-38&ecs=20210928&iu_parts=4802%2Ctgn.rootsweb.com%2CRW_728x90_btf%2CRW_728x90&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3&prev_iu_szs=728x90%2C728x90&fsbs=1%2C1&prev_scp=amznbid%3D2%26amznp%3D2%26adb_bdr%3Drubicon%26adb_hbc%3D0.25-0.29%26adb_adid%3D19.B58e68cfc4c4bf41%26adb_imp%3D1%26excl_cat%3DExclude_Any_AdBridg_Bid%7Camznbid%3D2%26amznp%3D2%26adb_bdr%3Drubicon%26adb_hbc%3D0.25-0.29%26adb_adid%3D18.B61e21db3de0063b%26adb_imp%3D1%26excl_cat%3DExclude_Any_AdBridg_Bid&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1632797244&dt=1632797244012&dlt=1632797242966&idt=321&frm=20&biw=1600&bih=1200&oid=3&adxs=436%2C436&adys=1110%2C118&adks=1452699761%2C2995897494&ucis=1%7C2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fhelpdesk.rootsweb.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1%7C1600x90&msz=1600x-1%7C728x-1&ga_vid=792922623.1632797244&ga_sid=1632797244&ga_hid=6768264&ga_fc=false&fws=516%2C4&ohw=1600%2C1600&btvi=0%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
8d33a91846895ce984a37f1f72c611911851613eb7b76c196d4f93e9dbe8d4fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:24 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10194
x-xss-protection
0
google-lineitem-id
5357660526,5357660526
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
56659282188,29172648588
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://helpdesk.rootsweb.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
bab70c4430ebeed8319c5c4854b9709b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D0CF 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bab70c4430ebeed8319c5c4854b9709b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
bab70c4430ebeed8319c5c4854b9709b.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://helpdesk.rootsweb.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 28 Sep 2021 02:47:24 GMT
expires
Wed, 28 Sep 2022 02:47:24 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
adspsp.com/pt/5781260/11/3/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adspsp.com/pt/5781260/11/3/?a=2,a2ku3hbkcqKifegK8KSe,AKZoZLmRDI&aa=00tCRyuTh.gN.u11---&b=0,1,2,3,4,5:6,7,1,35,8,4Q,1,1,0,9,,0.29,2a.4b.1c,0.36,0.05:d,e,,4e:f,g,,21:f,h,,21:i,j,,3b:k,l,,1M:m,n,,2C:o,p,,1Q:q,r,,2J:s,t,,20:u,v,,4m:w,x,,36&b=0,1,q,y,z,A:6,B,1,36,8,4Q,1,1,0,9,,0.29,2a.4b.1c,0.36,0.05:d,C,,4e:f,D,,21:i,E,,3b:k,F,,1M:m,G,,2C:o,p,,1Q:q,H,,2J:s,I,,20:u,J,,4m:w,K,,36&bi=1,A208ef6baeb104a6,19,U2432a4a90e423e,bottomSlotAdhesion,%2F4802%2Ftgn.rootsweb.com%2FRW_728x90_btf,2,1957888,728x90,2249%3A537123218592,31208,2249,beenverified.com,3,RW_728x90_bottom,4,543537162,543537163,5,20491671,9,829344,10,588745,16,108636,18,rootsweb_adhesion_728x90,115,rootsweb_dt_728x90_btf,116,817150925,154,dtylsEbQir7lnyaKjGFx_2,U30adeff3414159,topSlot,%2F4802%2Ftgn.rootsweb.com%2FRW_728x90,1957912,RW_728x90,543880349,20956780,623383,203712,rootsweb_docking_728x90,rootsweb_dt_728x90_atf,212208145,doDfPobQir7lnyaKjGFx_2&e=&c=https%3A%2F%2Fhelpdesk.rootsweb.com%2F&d=&f=1.ku3hbh4m.2T2xd&g=2T3k0&u=5ecf496b:ktss0asu:26r&v=18g.xc.0.1aw&m=z&i1=G&rnd=1632797244023
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.39.45.181 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-39-45-181.us-west-2.compute.amazonaws.com
Software
linux /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Server
linux
Connection
keep-alive
Content-Length
0
Content-Type
image/png
/
onetag-geo.s-onetag.com/ 		555 B
985 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-56.fra50.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:24 GMT
via
1.1 355e7d579c41c1dcc2113e41403be663.cloudfront.net (CloudFront), 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2, FRA50-C1
x-amzn-requestid
0b009c28-9318-455f-9425-a72feeae5d33
x-edge-origin-shield-skipped
0
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-cache
Miss from cloudfront
x-amz-apigw-id
GWlJdGbgiYcFQ6g=
content-length
555
x-amz-cf-id
XxItlXMPfiYy7bdNigeV6iaxx51XjeQSBVM3kZXsHqD8rAww_zCegQ==
beacon.min.js
signal-beacon.s-onetag.com/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signal-beacon.s-onetag.com/beacon.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-68.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3956abb802c9c7d9423c07d90c15ed2edeefcb4387915d92f39dc9a215ed4c00

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
GVbIsPEpPFg72l7F1mMVCBMankLtDjFa
content-encoding
gzip
etag
W/"76493270ad1ab78c38d49cb5188662be"
age
70338
x-amz-server-side-encryption
AES256
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
last-modified
Wed, 18 Aug 2021 13:18:19 GMT
server
AmazonS3
date
Mon, 27 Sep 2021 07:15:07 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
D5sM6ZQG6BcZ2N_MudnILtLMBaTb87JdWGpOwn3f7_K_xXBqIK2xiA==
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202109241301/ 		180 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202109241301/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/3g2pC722FKMzXRLuYXZT6L7Ud9Y/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7e8f3dadf31ccbaff67acee0751b89dbbb7263e1afdae3e75785c6b09557f98e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 28 Sep 2021 02:47:24 GMT
Content-Encoding
gzip
Age
767
X-Cache
HIT
Connection
keep-alive
Content-Length
58813
x-amz-id-2
yAqCwwe3+OUAM9bMHsG54BvlxZnJIhliWJU0kmhJl/SWMLMqvX1yFFnCtdU+lRSpSh1JtEwWoZg=
X-Served-By
cache-hhn4044-HHN
Last-Modified
Fri, 24 Sep 2021 17:02:58 GMT
Server
AmazonS3
X-Timer
S1632797244.034306,VS0,VE0
ETag
"15e09c6918b074c608ad9d4570639c1b"
x-amz-request-id
BDNKHZACZBPB81JM
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
451
3fa7736e-7c0c-4cd6-8ed8-c899dd5d0a47.js
d3lcz8vpax4lo2.cloudfront.net/embed-code/ Frame 6F53 		353 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/embed-code/3fa7736e-7c0c-4cd6-8ed8-c899dd5d0a47.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/1fc9ab3f-5e87-46ab-bae6-38ff786a9ee3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.190 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-190.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37880b0a7b67fac8600b00237579d7bc4124a8a261ec5847c639287dab5e449e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
s0mp90gw00TVaQTK1_MEfJIwFlE0tm70
content-encoding
gzip
last-modified
Mon, 27 Sep 2021 19:37:27 GMT
server
AmazonS3
x-edge-origin-shield-skipped
0
etag
W/"7aac0216062a503646db4935f1cd75a3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
cache-control
max-age=3600,public
date
Tue, 28 Sep 2021 02:47:24 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
ImQxm4qUr9x5g_zB_A07GM4tmfB6_s-4DiSSt89-xj9ORAb9yskskw==
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fhelpdesk.rootsweb.com%2F&domain=helpdesk.rootsweb.com&cw=1&lsw=1
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://helpdesk.rootsweb.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://helpdesk.rootsweb.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1712
date
Tue, 28 Sep 2021 02:47:23 GMT
content-encoding
gzip
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		348 B
629 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fhelpdesk.rootsweb.com%2F&domain=helpdesk.rootsweb.com&cw=1&lsw=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
334d72729202ac0a862f13cd45752999afbe85f54a5dba207c656b09712370bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Tue, 28 Sep 2021 02:47:23 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://helpdesk.rootsweb.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
5625
expires
0
instbid-4.32.0-28-with-new-ssps.js
df80k0z3fi8zg.cloudfront.net/files/ 		366 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/instbid-4.32.0-28-with-new-ssps.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/1fc9ab3f-5e87-46ab-bae6-38ff786a9ee3/4f695dd7-eba6-4797-9b21-f41a4a3abf1a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.147 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-147.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
987f99479658144f51bb3d58724e6cad26e9c59b396c8da74781c49d3bd9072e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
PJSv67Ye.A4D1UntOZ7xUTYFpK79cmtD
content-encoding
gzip
last-modified
Thu, 19 Aug 2021 16:47:01 GMT
server
AmazonS3
age
85090
etag
W/"a640e887066acfceadf3b3b07de8f53a"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript
via
1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Mon, 27 Sep 2021 03:09:15 GMT
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
n6VeYurxWb1Q1rDNt0VNPhOttD1cUJ6saVP_kA54x8fJn_-cid9JfQ==
insync
thrtle.com/
Redirect Chain
  • https://px.britepool.com/new?partner_id=t
  • https://thrtle.com/insync?vxii_pid=10054&vxii_pdid=b090411d-b1c9-47b9-a490-4cf37db2de3e
  • https://thrtle.com/insync?vxii_pdid=b090411d-b1c9-47b9-a490-4cf37db2de3e&vxii_pid=12&vxii_pid1=10054&vxii_rcid=ae58250c-b5b4-4611-b83a-ba28edab3a32
43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?vxii_pdid=b090411d-b1c9-47b9-a490-4cf37db2de3e&vxii_pid=12&vxii_pid1=10054&vxii_rcid=ae58250c-b5b4-4611-b83a-ba28edab3a32
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.242.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-242-19.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:24 GMT
server
p3p
CP="NOI OUR BUS UNI COM NAV"
content-length
43
strict-transport-security
max-age=63072000; includeSubDomains
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?vxii_pdid=b090411d-b1c9-47b9-a490-4cf37db2de3e&vxii_pid=12&vxii_pid1=10054&vxii_rcid=ae58250c-b5b4-4611-b83a-ba28edab3a32
date
Tue, 28 Sep 2021 02:47:24 GMT
server
content-type
text/html; charset=utf-8
content-length
182
strict-transport-security
max-age=63072000; includeSubDomains
p3p
CP="NOI OUR BUS UNI COM NAV"
/
onetag-geo.s-onetag.com/ 		555 B
984 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-56.fra50.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:24 GMT
via
1.1 355e7d579c41c1dcc2113e41403be663.cloudfront.net (CloudFront), 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2, FRA50-C1
x-amzn-requestid
0b009c28-9318-455f-9425-a72feeae5d33
x-edge-origin-shield-skipped
0
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-cache
Hit from cloudfront
x-amz-apigw-id
GWlJdGbgiYcFQ6g=
content-length
555
x-amz-cf-id
vpCCA_49Sxq3pBTk2SPTSE0xcNFHav-2ZILUfJjHO6xdmHeiFYzjPA==
event
event.insticator.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_embed-loaded
Protocol
H2
Server
34.227.85.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-85-106.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://helpdesk.rootsweb.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 28 Sep 2021 02:47:24 GMT
content-length
0
vary
Origin
access-control-max-age
3600
access-control-allow-origin
https://helpdesk.rootsweb.com
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-credentials
true
css
fonts.googleapis.com/ Frame 6F53 		4 KB
993 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f10.1e100.net
Software
ESF /
Resource Hash
f69d27c7a2ebdd689a2f7c9cf02972ee25a1bdc0a867c47eafaa8806138ea514
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 28 Sep 2021 01:21:27 GMT
server
ESF
date
Tue, 28 Sep 2021 02:47:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 28 Sep 2021 02:47:24 GMT
all.css
use.fontawesome.com/releases/v5.5.0/css/ Frame 6F53 		50 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.5.0/css/all.css
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.214.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7195187
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
MD3GMCQYFN06YZRS
x-amz-id-2
M8iB2geQM+VAl9F3BJAFVCru64KH+29PFSn4ekUgyTp3mpoPLxzUsE/ptYS021nP0A6GUDoyyPk=
last-modified
Wed, 30 Jun 2021 15:43:32 GMT
server
cloudflare
etag
W/"1cc6c92172d124fbd305ba3d8e263333"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uBQ%2BJy1jwsNN1OyQAR0SacQeC1BUQUB9jhDWn3dvkpm9N4ZWI8uoxBQuTuYpbUPZBFg92pS6kaaXvJnwYXcNBGcAV%2BLNNCi651X7Km302HxSnJEQztCa%2BF8%2BlCqexs3w%2FC%2BSrtL3"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
6959a5986a53411f-PRG
analytics.js
www.google-analytics.com/ Frame 6F53 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
6924
date
Tue, 28 Sep 2021 00:52:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Tue, 28 Sep 2021 02:52:00 GMT
/
geoip.insticator.com/json/ Frame 6F53 		243 B
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.insticator.com/json/
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/3fa7736e-7c0c-4cd6-8ed8-c899dd5d0a47.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.85.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-85-106.compute-1.amazonaws.com
Software
/
Resource Hash
ccf0eb0d8aea6f3561bcab2e6d8fae160618c71e663001f426dc5b41f909f85a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
https://helpdesk.rootsweb.com
date
Tue, 28 Sep 2021 02:47:24 GMT
access-control-allow-credentials
true
x-database-date
Mon, 27 Sep 2021 22:14:41 GMT
content-length
243
vary
Origin
content-type
application/json
event
event.insticator.com/v1/ Frame 6F53 		0
124 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_embed-loaded
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/3fa7736e-7c0c-4cd6-8ed8-c899dd5d0a47.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.85.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-85-106.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://helpdesk.rootsweb.com
date
Tue, 28 Sep 2021 02:47:24 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
logo-insticator-light-opt.png
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame 6F53 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/logo-insticator-light-opt.png
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.147 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-147.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b943ac9eb37bac5937d3fdec8a4295e7e330f8c1ff4b481fb2810d3ae4bca8dd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
LybvWmHpQaY5Dv6QaV2YBIQ2Sd9s.sSg
via
1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
last-modified
Fri, 23 Oct 2020 18:52:01 GMT
server
AmazonS3
age
41316
etag
"b5cc01468ea9b242e6354798d28874df"
x-edge-origin-shield-skipped
0
content-type
image/png
date
Mon, 27 Sep 2021 15:18:49 GMT
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
2129
x-amz-cf-id
pUgv-Q-peIV0Mz2KArNFXk4kQ48zBKZ0cv06REKcVrZzddizkw4wTw==
icon-check.png
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame 6F53 		649 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/icon-check.png
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.147 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-147.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
151c4c52c25dd28c33321aaaeabe879c4814087d4eaf7545d93f5d81d4d1c4f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
hmsI6iaZVJVbWmWfdDEj8IUq8AjvoEjw
via
1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
last-modified
Fri, 04 May 2018 18:57:56 GMT
server
AmazonS3
age
32611
etag
"b673377b664a0b33454c267d911fcfc1"
x-edge-origin-shield-skipped
0
content-type
image/png
date
Mon, 27 Sep 2021 17:43:54 GMT
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
649
x-amz-cf-id
5KNtA8b4Pao0ksrfDdo6sjJl0e53hZxuZA1wm_UlTozA_5uv25OjZA==
graphic-ooc-opt.png
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame 6F53 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/graphic-ooc-opt.png
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.147 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-147.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
695ce10188e5306fcbf679b7cc125b6eac681d124a85a5908bbd8d0079a47e9a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
GZ0IFDbK8RIsE9458iK2I_SZ3u3QhPXn
via
1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
last-modified
Fri, 23 Oct 2020 18:52:01 GMT
server
AmazonS3
age
29610
etag
"3b5c1361f893cc23b07c2f3cc48cee32"
x-edge-origin-shield-skipped
0
content-type
image/png
date
Mon, 27 Sep 2021 18:33:55 GMT
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
4833
x-amz-cf-id
IH0vzPyC2sBXQUK9JYw-m7UTA6N0aNVH4Z7KHS8QwTh0ahBH9bphxg==
92f4b42c-ecaa-43ab-93cc-f4e3e692fbf7
d3lcz8vpax4lo2.cloudfront.net/client_logos/878d28e0-acf3-478e-a554-ae52c44ac472/ Frame 6F53 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/client_logos/878d28e0-acf3-478e-a554-ae52c44ac472/92f4b42c-ecaa-43ab-93cc-f4e3e692fbf7
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.190 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-190.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eddc9bd014102546ff89072b922724a4bac18283c2176617eb7f07ee0389d05a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
IRKdJuE4ZB2wow1DYRCyQ12UF.r_VoHI
via
1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
last-modified
Thu, 23 Apr 2020 17:31:40 GMT
server
AmazonS3
x-edge-origin-shield-skipped
0
etag
"9d42915d75fd36e4db47ef436ab9582c"
x-cache
Hit from cloudfront
content-type
application/octet-stream
cache-control
max-age=3600,public
date
Tue, 28 Sep 2021 02:47:24 GMT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
4248
x-amz-cf-id
ITBIUubYT4XuHCttYDSKuvaTPpww4iLd4cXaQDjjBXMo6pE4XqXUEA==
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v11/ Frame 6F53 		46 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v11/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
4c95d706475a153fe4bc12a4aae383e5bf845cba076d95d76f413f51424802ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://helpdesk.rootsweb.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 24 Sep 2021 08:09:22 GMT
x-content-type-options
nosniff
age
326282
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47452
x-xss-protection
0
last-modified
Wed, 18 Aug 2021 17:39:43 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 24 Sep 2022 08:09:22 GMT
insticator
insticator.technoratimedia.com/openrtb/bids/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://insticator.technoratimedia.com/openrtb/bids/insticator?src=prebid_prebid_4.32.0
Protocol
H2
Server
193.122.130.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://helpdesk.rootsweb.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 28 Sep 2021 02:47:24 GMT
access-control-allow-headers
content-type
access-control-allow-origin
https://helpdesk.rootsweb.com
access-control-allow-credentials
true
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
742605832
age
0
via
1.1 varnish
prebid
ib.adnxs.com/ut/v3/ 		260 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-4.32.0-28-with-new-ssps.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
827b43634e59fc5cfb5968fc598610ffbe8767a1018b721718aae0cd9f07a749
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 28 Sep 2021 02:47:24 GMT
X-Proxy-Origin
216.131.114.150; 216.131.114.150; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
e49935e3-80eb-4e34-9b6e-77e4026025a8
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://helpdesk.rootsweb.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
260
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ 		24 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=331963&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2246257d1d4338b5%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fhelpdesk.rootsweb.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A2%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A2%2C%22ren%22%3Afalse%2C%22version%22%3A%224.32.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22insticator.com%22%2C%22sid%22%3A%22878d28e0-acf3-478e-a554-ae52c44ac472%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2250651a65a3d34a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22331963%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%226af6d8d96d7903%22%2C%22ext%22%3A%7B%22siteID%22%3A%22331963%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-4.32.0-28-with-new-ssps.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
42263293892018047a19900afe1626f29c90ec2995258433cb18243fdb850d1d

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 02:47:24 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[216.131.114.150], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://helpdesk.rootsweb.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
44
x-ak-client-geo
12
expires
Tue, 28 Sep 2021 02:47:24 GMT
header
hb.aralego.com/ 		0
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-E2B24BADBEB6ADDDC7A3E24DAB39484A&tdid=&schain=1.0%2C1!insticator.com%2C878d28e0-acf3-478e-a554-ae52c44ac472%2C1%2C%2C%2C&fp=undefined&pubcid=8eb7f0c0-4910-4ca3-a180-476584b9fc06&host=helpdesk.rootsweb.com&u=https%3A%2F%2Fhelpdesk.rootsweb.com&xr=0&ucfUid=274650e2-2ab7-43a2-83e9-d838336d094e&w=300&h=250
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-4.32.0-28-with-new-ssps.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Arlington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://helpdesk.rootsweb.com
date
Tue, 28 Sep 2021 02:47:24 GMT
access-control-allow-credentials
true
connection
close
header
hb.aralego.com/ 		0
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-E2B24BADBEB6ADDDC7A3E24DAB39484A&tdid=&schain=1.0%2C1!insticator.com%2C878d28e0-acf3-478e-a554-ae52c44ac472%2C1%2C%2C%2C&fp=undefined&pubcid=8eb7f0c0-4910-4ca3-a180-476584b9fc06&host=helpdesk.rootsweb.com&u=https%3A%2F%2Fhelpdesk.rootsweb.com&xr=0&ucfUid=274650e2-2ab7-43a2-83e9-d838336d094e&w=300&h=250
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-4.32.0-28-with-new-ssps.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Arlington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://helpdesk.rootsweb.com
date
Tue, 28 Sep 2021 02:47:24 GMT
access-control-allow-credentials
true
connection
close
trinity.json
apex.go.sonobi.com/ 		116 B
761 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2211af487e3a7e2f4%22%3A%22e8585794c64f3829395b%7C300x250%22%2C%22122885f61ee3b35%22%3A%229c690a0935031ece41b7%7C300x250%22%7D&ref=https%3A%2F%2Fhelpdesk.rootsweb.com%2F&s=1e4fcef3-ed1f-4326-aae4-4b39c69a4d9e&pv=afd4b49c-9dfd-4001-9b09-e3476001bfee&vp=desktop&lib_name=prebid&lib_v=4.32.0&us=50&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22insticator.com%22%2C%22sid%22%3A%22878d28e0-acf3-478e-a554-ae52c44ac472%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22pubcid%22%3A%228eb7f0c0-4910-4ca3-a180-476584b9fc06%22%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%228eb7f0c0-4910-4ca3-a180-476584b9fc06%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-4.32.0-28-with-new-ssps.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
91b89d09c816f5eee0e2132877cbdaafdfc8bd477f74167020523ee414c75738
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 28 Sep 2021 02:47:24 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-132
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://helpdesk.rootsweb.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
141
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		28 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-4.32.0-28-with-new-ssps.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
c1ebd4e726be81a3ed0e634ca004da151a7d12d39e9c3f542f42345c2bd3c257
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 28 Sep 2021 02:47:24 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
216.131.114.150; 216.131.114.150; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
7613a3cb-2406-4197-8ca2-8d2dfb8b9180
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://helpdesk.rootsweb.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/ 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-4.32.0-28-with-new-ssps.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Tue, 28 Sep 2021 02:47:24 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://helpdesk.rootsweb.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		350 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17062&site_id=159042&zone_id=1775044%3B1775046&size_id=15&rp_schain=1.0,1!insticator.com,878d28e0-acf3-478e-a554-ae52c44ac472,1,,,&eid_pubcid.org=8eb7f0c0-4910-4ca3-a180-476584b9fc06%5E1&rf=https%3A%2F%2Fhelpdesk.rootsweb.com%2F&tk_flint=pbjs_lite_v4.32.0&x_source.tid=ba2a7add-784a-44c7-baa8-1dca80ee07e4%3Bfafae2b5-900d-4b0d-ba04-dd4ff42afb2b&p_screen_res=1600x1200&rp_secure=1&slots=2&rand=0.17864863073155135
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-4.32.0-28-with-new-ssps.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
517316ff6d19d0f7bf60d294685b6940de6c3b14fe508883174c77e1a53a8539

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 28 Sep 2021 02:47:24 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://helpdesk.rootsweb.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
350
Expires
Wed, 17 Sep 1975 21:32:10 GMT
mvo
tag.1rx.io/rmp/213651/0/ 		0
177 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/213651/0/mvo?z=1r&hbv=4.32,2.1
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-4.32.0-28-with-new-ssps.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://helpdesk.rootsweb.com
pragma
no-cache
date
Tue, 28 Sep 2021 02:47:24 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
bid
ap.lijit.com/rtb/ 		94 B
752 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.32.0
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-4.32.0-28-with-new-ssps.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
dc15042f85f92a2da33736e489946cfb22419d936f40dcc5038bdaf5deb57b26

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 28 Sep 2021 02:47:24 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://helpdesk.rootsweb.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
/
hb.emxdgt.com/ 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=3000&ts=1632797244285&src=pbjs
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-4.32.0-28-with-new-ssps.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.57.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-57-46.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://helpdesk.rootsweb.com
date
Tue, 28 Sep 2021 02:47:24 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
hb
ssc.33across.com/api/v1/ 		66 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aBJ8kwhX8r6yknaKkv7mNO
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-4.32.0-28-with-new-ssps.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
a5a9b6f5b34e210eb13a7e9c629b4271f1321d40307d5d9aa62a605cbc727baa

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Sep 2021 02:47:24 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://helpdesk.rootsweb.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
hb
ssc.33across.com/api/v1/ 		66 B
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bn7iCOy8Sr6OrMaKlId8sQ
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-4.32.0-28-with-new-ssps.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
0d2db31949c4839afb25f7fdc0111b4bc98bdfaefab118321bfb40eb66e49f31

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Sep 2021 02:47:24 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://helpdesk.rootsweb.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
prebid
ib.adnxs.com/ut/v3/ 		11 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-4.32.0-28-with-new-ssps.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
09837eddceb4220be832ed371358dd8adf23fb68ca598dcbefc8cfa8ce81ba45
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 28 Sep 2021 02:47:24 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
216.131.114.150; 216.131.114.150; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
c6b386a5-9350-463e-82ee-a10417323a75
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://helpdesk.rootsweb.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
imp
g2.gumgum.com/hbid/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=19315&pi=3&bf=300x250&schain=1.0%2C1!insticator.com%2C878d28e0-acf3-478e-a554-ae52c44ac472%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fhelpdesk.rootsweb.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.32.0%22%7D&ogu=null&ns=10240
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-4.32.0-28-with-new-ssps.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1008c935fd70611ffd4492772e27b6c3cd9183e44464b6cb04c6ffcbdac07255

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 02:47:24 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://helpdesk.rootsweb.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
imp
g2.gumgum.com/hbid/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=59264&pi=3&bf=300x250&schain=1.0%2C1!insticator.com%2C878d28e0-acf3-478e-a554-ae52c44ac472%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fhelpdesk.rootsweb.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.32.0%22%7D&ogu=null&ns=10240
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-4.32.0-28-with-new-ssps.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
841e672f6c34697e80e26c054a5732afbe20040bc0e32b793d0065369bd73398

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 02:47:24 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://helpdesk.rootsweb.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
insticator
insticator.technoratimedia.com/openrtb/bids/ 		47 B
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://insticator.technoratimedia.com/openrtb/bids/insticator?src=prebid_prebid_4.32.0
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-4.32.0-28-with-new-ssps.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.130.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
edbced3faaa65b01a475fd96cb1f2a642a1238e307761096e92172dda7815a0f

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 28 Sep 2021 02:47:24 GMT
content-encoding
gzip
server
nginx
age
0
vary
Accept-Encoding
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
text/plain
access-control-allow-origin
https://helpdesk.rootsweb.com
access-control-allow-credentials
true
x-varnish
756924638
content-length
73
via
1.1 varnish
v1
dmx.districtm.io/b/ 		0
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-4.32.0-28-with-new-ssps.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Sep 2021 02:47:24 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://helpdesk.rootsweb.com
access-control-allow-credentials
true
cf-ray
6959a5991b1b061c-FRA
access-control-allow-headers
Content-Type, Origin
translator
hbopenbid.pubmatic.com/ 		0
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-4.32.0-28-with-new-ssps.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://helpdesk.rootsweb.com
date
Tue, 28 Sep 2021 02:47:23 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
collect
www.google-analytics.com/j/ Frame 6F53 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1288089844&t=pageview&_s=1&dl=about%3A%2F%2F%2Fblank&dp=%2F1fc9ab3f-5e87-46ab-bae6-38ff786a9ee3&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x350&je=0&_u=YEBAAGABAAAAAC~&jid=299498936&gjid=1073698245&cid=1066705517.1632797244&tid=UA-123718506-11&_gid=153673938.1632797244&_r=1&_slc=1&z=1806384523
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 02:47:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://helpdesk.rootsweb.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
usertracking
b2c.insticator.com/v3/pages/ Frame EA24 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b2c.insticator.com/v3/pages/usertracking
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/3fa7736e-7c0c-4cd6-8ed8-c899dd5d0a47.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.233.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-233-191.compute-1.amazonaws.com
Software
/
Resource Hash
984bca55409990098cf74adc47ed650c3d22c68900739950bd14c04c9d45f8f7

Request headers

:method
GET
:authority
b2c.insticator.com
:scheme
https
:path
/v3/pages/usertracking
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 28 Sep 2021 02:47:24 GMT
content-type
text/html; charset=UTF-8
content-length
2821
etag
41635f5c-9b4a-4951-bd88-9ae5469c7bfc
vary
Accept-Encoding,Origin
pragma
max-age=3600
cache-control
max-age=3600
content-encoding
gzip
collect
stats.g.doubleclick.net/j/ Frame 6F53 		2 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-123718506-11&cid=1066705517.1632797244&jid=299498936&gjid=1073698245&_gid=153673938.1632797244&_u=YEBAAGAAAAAAAC~&z=1500859118
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.120.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wd-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 28 Sep 2021 02:47:24 GMT
content-type
text/plain
access-control-allow-origin
https://helpdesk.rootsweb.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ Frame 6F53 		0
0
view
securepubads.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstgoc3wChrSa1HN8TiqVaM3sIlNMPydmqUP3cJLpwuvxOwbsFfsdPCGu7mNcV58Q31K0vxSQ2m0e3zxa-CsR8fGrFecpz-wZgxXmkrQz9VEPDUJ_TDvT-vM8VCKKNURXKJkXcjdRC5ubbgEf30ck6ChpWTe_aUhKFrKyh2XMfWKekfLrq-jmn0qEak-csFPMCnV2LVg0AQwTQ2NJcmShz3IBuQM6k_ROv-Reg4KnB_J4ukpNEbnbLh-ZzWWvAtTkBCLuRWYdlqrm2MrfAonlFYUAbjPuvoVXlWHKE6nW89UAUsL_s7QW7-KRFIpHDCLIp6Ykft5p3-PdiZh7sp91e60wzMysl3fGxNeytFluQ&sai=AMfl-YRX5J1P2YOxqZU1ZBfR0uELJJvhp4ymPEieSjeFV5idBjUd_J8qJ6Uqk-Uho7RDhuzinthr6AnTnm6s_yJOmKak8KreOTUMb9IA_6mcSyS7lQ-DTx-Di9rC1JkCFtU&sig=Cg0ArKJSzEDgxbrx7gRXEAE&urlfix=1&adurl=
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 28 Sep 2021 02:47:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 28 Sep 2021 02:47:24 GMT
LDR-search.php
go.newspapers.com/ads/ Frame 7ECE 		0
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ 		122 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
2e2201192d8a342b5f570c4418dc4dcd2c0460243b4f9ba99c60a7c312d13e50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Tue, 28 Sep 2021 02:47:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37837
x-xss-protection
0
server
sffe
etag
"1632742272549041"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Tue, 28 Sep 2021 02:47:24 GMT
view
securepubads.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvwFbw-bNPP_nuF36Tki_YHt-PlqwM90zEuOlpox9Irx6JCJTJAD2-HoWTeoXWAIp-vC3y03PCy6U_mimtLkklAk3JZk3IvoiRpY8VtQFiVrxJjk11Nhvr4aGi8Zuu57o-fBB1fAwPezjKnrGH_hSz_ojBQjLB4bLrNOF_IOQ6SP62bK2KezQ5FaETBERYNqUF2fM4okWIj7ELVxcUgoA_ZqpHZmlXkM-CRHI9-lwRhjM4eHSeBpVECnnRM6h3kq3mZmfBX4MH8P87weK-wo5sJiIMjJYJ3AZnim41r9ifflAsbtofgqnd-oK4f8gn7UpaG81h0RQlixj0x2Q-CJpVuFhg1MbeLddY&sai=AMfl-YSNvVAWHro-F6KjCNSvWALm0c1r6yeitWYlopSepdcyOBssYcGFiNe5TtoZ96RUbZvTr2PBsea1gejcWLkheqa61j__kuY-HLcsbLxcKqt0ecXGH1RRlChzkQ8aztk&sig=Cg0ArKJSzJhvl2eG3tVbEAE&urlfix=1&adurl=
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 28 Sep 2021 02:47:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 28 Sep 2021 02:47:24 GMT
LDR-search.php
go.newspapers.com/ads/ Frame F619 		34 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://go.newspapers.com/ads/LDR-search.php?admin=1&design=whtldr&xid=109&nameField=1&label=Find%20your%20ancestors%20in%20obituaries%20and%20birth%20notices&clickTag=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsvrBlpIEkB-tgu8Pv2fvWR8XVgFXm_wPudKjzgEQM0cpxVzzt8_CYyB-VfW29mYJEgQOja5u_5mfo6dEowsOsyezQ4Ken3s-H3IThUPffuMd-soYtqr_L8icmImG5DxuNGXYcvTrcu_WicAG3zhSpgYjpcZS92lzmXLrtwkRZrFcqNzA0MrU_jY_--FRgWsAAvANFz352kMCGcbIQKe_sQqGTpMwG2SC8TCv0iMGz8znIiX4Eke_p9A-QnEpNcNHOuSJYUJuw-IFs8qTMEQWLTNiqozELXMc9MR5IuwbQeL_9BzcKpHiZ8p_hjaAmt0sGqdr3uMMjIJ%2526sai%253DAMfl-YTux3S_ZKatkW0KYgakF0Iltqnt80Y2nqJPzkhD_ecrIxJwRI9iuKD-pIdljY9yd7yXGMQ_wZ_Wsh8g1dDyjTODw6ORMF3aKplCIj2q2kxOeCcy6SXLsRcTPkfXIns%2526sig%253DCg0ArKJSzItH4uhhmgALEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&t=1&utm_source=rootsweb&utm_medium=referral&utm_campaign=RW-Display
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.19.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b81bdcb8ef23921e078fa298d1eb9966f6d2c4be1b4b8636fa6cc853d5a4f1b

Request headers

:method
GET
:authority
go.newspapers.com
:scheme
https
:path
/ads/LDR-search.php?admin=1&design=whtldr&xid=109&nameField=1&label=Find%20your%20ancestors%20in%20obituaries%20and%20birth%20notices&clickTag=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsvrBlpIEkB-tgu8Pv2fvWR8XVgFXm_wPudKjzgEQM0cpxVzzt8_CYyB-VfW29mYJEgQOja5u_5mfo6dEowsOsyezQ4Ken3s-H3IThUPffuMd-soYtqr_L8icmImG5DxuNGXYcvTrcu_WicAG3zhSpgYjpcZS92lzmXLrtwkRZrFcqNzA0MrU_jY_--FRgWsAAvANFz352kMCGcbIQKe_sQqGTpMwG2SC8TCv0iMGz8znIiX4Eke_p9A-QnEpNcNHOuSJYUJuw-IFs8qTMEQWLTNiqozELXMc9MR5IuwbQeL_9BzcKpHiZ8p_hjaAmt0sGqdr3uMMjIJ%2526sai%253DAMfl-YTux3S_ZKatkW0KYgakF0Iltqnt80Y2nqJPzkhD_ecrIxJwRI9iuKD-pIdljY9yd7yXGMQ_wZ_Wsh8g1dDyjTODw6ORMF3aKplCIj2q2kxOeCcy6SXLsRcTPkfXIns%2526sig%253DCg0ArKJSzItH4uhhmgALEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&t=1&utm_source=rootsweb&utm_medium=referral&utm_campaign=RW-Display
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://helpdesk.rootsweb.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/

Response headers

date
Tue, 28 Sep 2021 02:47:24 GMT
content-type
text/html; charset=UTF-8
set-cookie
lastXid=109; expires=Tue, 12-Oct-2021 02:47:24 GMT; Max-Age=1209600; path=/; SameSite=Lax; domain=.newspapers.com; secure; HttpOnly lastSid=109; expires=Tue, 12-Oct-2021 02:47:24 GMT; Max-Age=1209600; path=/; SameSite=Lax; domain=.newspapers.com; secure; HttpOnly
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6959a59a6c6e4a7f-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
e5668ad294690c0def710438c8462f2eb7ece9e8ef4b7ab53cb93a45d1f8cd7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27596
x-xss-protection
0
server
sffe
etag
"1632742284803949"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Tue, 28 Sep 2021 02:47:24 GMT
view
securepubads.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsud6wTzPy6aAH8yTBz9AmuHNvlZQC3KwqqnTUBTGpoKI5DcqtddMq4CwEVM_YLpWw4d5HdGKoEG8TGdM0q5I7cqbu8SSy1uIpBaaQnodLgB0nUNSyYVLpgb-GbkVMTdzEg3ygGDL4lA6_Ss4_Gp29IuMTbjxwwLodFmBWZeUqDGDexRhXzKrx09-9hqYp3POxlo-2z4-8ofpyF7evopCRxuhernpWCrBqJUhHYKRhdTsVCGKewHvGXb7trDCQMRTPzbghm3zxMz7qHAq-fKi3MfJD2em-eekSyCivpgbWkbXjZd7mmWs7N2xhqRveYKfW5p4AMR8DV4Qeycgx8&sai=AMfl-YRqt0kjzHBpeAK0uYe4anjLA3A8t7PrU1tlCRxRkt6N4H3HAnf8JHYRqbZP-0Afx8TKlcHMRUNEtvDY0fJBlrFppFJxMLZEYf0WsKe58B9zRje7Wh0nu_samRafcp4&sig=Cg0ArKJSzBp7wXme2_IUEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 28 Sep 2021 02:47:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 28 Sep 2021 02:47:24 GMT
truncated
/ 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
17fccaf63b7706097ee7de08275cd3d4f1ac11662219b7c84b99020ca8a19b59

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
/
adspsp.com/pt/5781260/12/2/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adspsp.com/pt/5781260/12/2/?a=2,a2ku3hbkcqKifegK8KSe,AKZoZLmRDI&aa=00tCRyuTh.gN.u11---&b=2:1,19,m7db0,17pjpl7,q11h1xo,,2glt9bi,k8`2i,q11h1xo,2glt9bi,U2432a4a90e423e,bottomSlotAdhesion,%2F4802%2Ftgn.rootsweb.com%2FRW_728x90_btf&b=2:1,18,m7db0,17pjpl7,degn3po,,2glt9bi,k8`2i,degn3po,2glt9bi,U30adeff3414159,topSlot,%2F4802%2Ftgn.rootsweb.com%2FRW_728x90&e=500.1:1T3xc:%20Caught%20AsyncErr:%20%20Cannot%20read%20properties%20of%20null%20(reading%20%27getBoundingClientRect%27)%20TypeError:%20Cannot%20read%20properties%20of%20null%20(reading%20%27getBoundingClientRect%27)%20%20%20%20at%20gpt.render%20(https://prod.adspsp.com/adb.5781260.min.js:2:211803)%20%20%20%20at%20https://prod.adspsp.com/adb.5781260.min.js:2:232716%20%20%20%20at%20ht...&c=https%3A%2F%2Fhelpdesk.rootsweb.com%2F&d=&f=1.ku3hbh4m.2T2xd&g=2T40h&u=5ecf496b:ktss0asu:26r&v=18g.xc.0.2m&m=z&i1=G&rnd=1632797244615
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.39.45.181 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-39-45-181.us-west-2.compute.amazonaws.com
Software
linux /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Server
linux
Connection
keep-alive
Content-Length
0
Content-Type
image/png
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=helpdesk.rootsweb.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 28 Sep 2021 02:47:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		16 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1261141017691274&correlator=1347989529968951&output=ldjh&impl=fifs&eid=676982961%2C31062920&vrg=2021091501&ptt=17&sc=1&sfv=1-0-38&ecs=20210928&iu_parts=2507246%3A4802%2Crootsweb.com_Web_300x250_3&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250%7C300x250&fsbs=1&prev_scp=h%3D2%26shb%3D1%26tg%3D0%26ics%3D300x250%26iba%3D00001%26iaid%3D509d53757289899%26ib%3Dappnexus%26p%3DBTF%26at%3D1%26hostname%3Dhelpdesk.rootsweb.com%26consent%3D0%26Exclude_Adx%3DN%26it%3Dil&eri=1&cookie=ID%3D25976c3da691b58b-2293df5c64c900c2%3AT%3D1632797244%3AS%3DALNI_MZpchZZ1w6N918nsRIhiL2H5cPrcA&bc=31&abxe=1&lmt=1632797244&dt=1632797244948&dlt=1632797242966&idt=321&frm=20&biw=1600&bih=1200&oid=3&adxs=-9&adys=-9&adks=1509734901&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fhelpdesk.rootsweb.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=792922623.1632797244&ga_sid=1632797244&ga_hid=6768264&ga_fc=false&ga_cid=1066705517.1632797244&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
4e5efe49b88ffe795ea15327e190e25594889da7d60f32c04dc7d13e824885e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:25 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7799
x-xss-protection
0
google-lineitem-id
5748769097
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138357457290
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://helpdesk.rootsweb.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		16 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1261141017691274&correlator=2377671960388860&output=ldjh&impl=fifs&eid=676982961%2C31062920&vrg=2021091501&ptt=17&sc=1&sfv=1-0-38&ecs=20210928&iu_parts=2507246%3A4802%2Crootsweb.com_Web_300x250_4&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250%7C300x250&fsbs=1&prev_scp=h%3D2%26shb%3D1%26tg%3D0%26ics%3D300x250%26iba%3D00002%26iaid%3D51241ba5e209c1e%26ib%3Dappnexus%26p%3DBTF%26at%3D1%26hostname%3Dhelpdesk.rootsweb.com%26consent%3D0%26Exclude_Adx%3DN%26it%3Dil&eri=1&cookie=ID%3D25976c3da691b58b-2293df5c64c900c2%3AT%3D1632797244%3AS%3DALNI_MZpchZZ1w6N918nsRIhiL2H5cPrcA&bc=31&abxe=1&lmt=1632797244&dt=1632797244950&dlt=1632797242966&idt=321&frm=20&biw=1600&bih=1200&oid=3&adxs=-9&adys=-9&adks=3116389915&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fhelpdesk.rootsweb.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=792922623.1632797244&ga_sid=1632797244&ga_hid=6768264&ga_fc=false&ga_cid=1066705517.1632797244&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
c01cb65570391c2b589d14997af9cb1cc9113c52196580b23b7ef5b5924c7758
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:25 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7804
x-xss-protection
0
google-lineitem-id
5748769100
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138357457272
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://helpdesk.rootsweb.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
LDR-search.css
go.newspapers.com/c/ Frame F619 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://go.newspapers.com/c/LDR-search.css?ver=2019
Requested by
Host: go.newspapers.com
URL: https://go.newspapers.com/ads/LDR-search.php?admin=1&design=whtldr&xid=109&nameField=1&label=Find%20your%20ancestors%20in%20obituaries%20and%20birth%20notices&clickTag=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsvrBlpIEkB-tgu8Pv2fvWR8XVgFXm_wPudKjzgEQM0cpxVzzt8_CYyB-VfW29mYJEgQOja5u_5mfo6dEowsOsyezQ4Ken3s-H3IThUPffuMd-soYtqr_L8icmImG5DxuNGXYcvTrcu_WicAG3zhSpgYjpcZS92lzmXLrtwkRZrFcqNzA0MrU_jY_--FRgWsAAvANFz352kMCGcbIQKe_sQqGTpMwG2SC8TCv0iMGz8znIiX4Eke_p9A-QnEpNcNHOuSJYUJuw-IFs8qTMEQWLTNiqozELXMc9MR5IuwbQeL_9BzcKpHiZ8p_hjaAmt0sGqdr3uMMjIJ%2526sai%253DAMfl-YTux3S_ZKatkW0KYgakF0Iltqnt80Y2nqJPzkhD_ecrIxJwRI9iuKD-pIdljY9yd7yXGMQ_wZ_Wsh8g1dDyjTODw6ORMF3aKplCIj2q2kxOeCcy6SXLsRcTPkfXIns%2526sig%253DCg0ArKJSzItH4uhhmgALEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&t=1&utm_source=rootsweb&utm_medium=referral&utm_campaign=RW-Display
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.19.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee2553aa0e59f769b5c41ed1d4ab2f8b8353383d2abd9e558e598791f2c66ff5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.newspapers.com/ads/LDR-search.php?admin=1&design=whtldr&xid=109&nameField=1&label=Find%20your%20ancestors%20in%20obituaries%20and%20birth%20notices&clickTag=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsvrBlpIEkB-tgu8Pv2fvWR8XVgFXm_wPudKjzgEQM0cpxVzzt8_CYyB-VfW29mYJEgQOja5u_5mfo6dEowsOsyezQ4Ken3s-H3IThUPffuMd-soYtqr_L8icmImG5DxuNGXYcvTrcu_WicAG3zhSpgYjpcZS92lzmXLrtwkRZrFcqNzA0MrU_jY_--FRgWsAAvANFz352kMCGcbIQKe_sQqGTpMwG2SC8TCv0iMGz8znIiX4Eke_p9A-QnEpNcNHOuSJYUJuw-IFs8qTMEQWLTNiqozELXMc9MR5IuwbQeL_9BzcKpHiZ8p_hjaAmt0sGqdr3uMMjIJ%2526sai%253DAMfl-YTux3S_ZKatkW0KYgakF0Iltqnt80Y2nqJPzkhD_ecrIxJwRI9iuKD-pIdljY9yd7yXGMQ_wZ_Wsh8g1dDyjTODw6ORMF3aKplCIj2q2kxOeCcy6SXLsRcTPkfXIns%2526sig%253DCg0ArKJSzItH4uhhmgALEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&t=1&utm_source=rootsweb&utm_medium=referral&utm_campaign=RW-Display
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:25 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 27 Sep 2021 21:22:23 GMT
server
cloudflare
cf-polished
origSize=20498
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=60
cf-ray
6959a59d180b4e37-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
minify
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.2/ Frame F619 		94 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js
Requested by
Host: go.newspapers.com
URL: https://go.newspapers.com/ads/LDR-search.php?admin=1&design=whtldr&xid=109&nameField=1&label=Find%20your%20ancestors%20in%20obituaries%20and%20birth%20notices&clickTag=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsvrBlpIEkB-tgu8Pv2fvWR8XVgFXm_wPudKjzgEQM0cpxVzzt8_CYyB-VfW29mYJEgQOja5u_5mfo6dEowsOsyezQ4Ken3s-H3IThUPffuMd-soYtqr_L8icmImG5DxuNGXYcvTrcu_WicAG3zhSpgYjpcZS92lzmXLrtwkRZrFcqNzA0MrU_jY_--FRgWsAAvANFz352kMCGcbIQKe_sQqGTpMwG2SC8TCv0iMGz8znIiX4Eke_p9A-QnEpNcNHOuSJYUJuw-IFs8qTMEQWLTNiqozELXMc9MR5IuwbQeL_9BzcKpHiZ8p_hjaAmt0sGqdr3uMMjIJ%2526sai%253DAMfl-YTux3S_ZKatkW0KYgakF0Iltqnt80Y2nqJPzkhD_ecrIxJwRI9iuKD-pIdljY9yd7yXGMQ_wZ_Wsh8g1dDyjTODw6ORMF3aKplCIj2q2kxOeCcy6SXLsRcTPkfXIns%2526sig%253DCg0ArKJSzItH4uhhmgALEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&t=1&utm_source=rootsweb&utm_medium=referral&utm_campaign=RW-Display
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f10.1e100.net
Software
sffe /
Resource Hash
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.newspapers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:22:35 GMT
x-content-type-options
nosniff
age
444290
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95931
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Thu, 22 Sep 2022 23:22:35 GMT
newspaperslogo-sm.png
go.newspapers.com/i/ Frame F619 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.newspapers.com/i/newspaperslogo-sm.png
Requested by
Host: go.newspapers.com
URL: https://go.newspapers.com/ads/LDR-search.php?admin=1&design=whtldr&xid=109&nameField=1&label=Find%20your%20ancestors%20in%20obituaries%20and%20birth%20notices&clickTag=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsvrBlpIEkB-tgu8Pv2fvWR8XVgFXm_wPudKjzgEQM0cpxVzzt8_CYyB-VfW29mYJEgQOja5u_5mfo6dEowsOsyezQ4Ken3s-H3IThUPffuMd-soYtqr_L8icmImG5DxuNGXYcvTrcu_WicAG3zhSpgYjpcZS92lzmXLrtwkRZrFcqNzA0MrU_jY_--FRgWsAAvANFz352kMCGcbIQKe_sQqGTpMwG2SC8TCv0iMGz8znIiX4Eke_p9A-QnEpNcNHOuSJYUJuw-IFs8qTMEQWLTNiqozELXMc9MR5IuwbQeL_9BzcKpHiZ8p_hjaAmt0sGqdr3uMMjIJ%2526sai%253DAMfl-YTux3S_ZKatkW0KYgakF0Iltqnt80Y2nqJPzkhD_ecrIxJwRI9iuKD-pIdljY9yd7yXGMQ_wZ_Wsh8g1dDyjTODw6ORMF3aKplCIj2q2kxOeCcy6SXLsRcTPkfXIns%2526sig%253DCg0ArKJSzItH4uhhmgALEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&t=1&utm_source=rootsweb&utm_medium=referral&utm_campaign=RW-Display
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.19.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a3e3dd419c4d28c1f0c68c8167c1689f308235d376a0f01989c05c9a4619a23

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.newspapers.com/ads/LDR-search.php?admin=1&design=whtldr&xid=109&nameField=1&label=Find%20your%20ancestors%20in%20obituaries%20and%20birth%20notices&clickTag=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsvrBlpIEkB-tgu8Pv2fvWR8XVgFXm_wPudKjzgEQM0cpxVzzt8_CYyB-VfW29mYJEgQOja5u_5mfo6dEowsOsyezQ4Ken3s-H3IThUPffuMd-soYtqr_L8icmImG5DxuNGXYcvTrcu_WicAG3zhSpgYjpcZS92lzmXLrtwkRZrFcqNzA0MrU_jY_--FRgWsAAvANFz352kMCGcbIQKe_sQqGTpMwG2SC8TCv0iMGz8znIiX4Eke_p9A-QnEpNcNHOuSJYUJuw-IFs8qTMEQWLTNiqozELXMc9MR5IuwbQeL_9BzcKpHiZ8p_hjaAmt0sGqdr3uMMjIJ%2526sai%253DAMfl-YTux3S_ZKatkW0KYgakF0Iltqnt80Y2nqJPzkhD_ecrIxJwRI9iuKD-pIdljY9yd7yXGMQ_wZ_Wsh8g1dDyjTODw6ORMF3aKplCIj2q2kxOeCcy6SXLsRcTPkfXIns%2526sig%253DCg0ArKJSzItH4uhhmgALEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&t=1&utm_source=rootsweb&utm_medium=referral&utm_campaign=RW-Display
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:25 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 27 Sep 2021 21:20:33 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=60
accept-ranges
bytes
cf-ray
6959a59d98724e37-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2432
event
event.insticator.com/v1/ 		0
124 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/1fc9ab3f-5e87-46ab-bae6-38ff786a9ee3/4f695dd7-eba6-4797-9b21-f41a4a3abf1a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.85.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-85-106.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Allow-Origin
*
Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
https://helpdesk.rootsweb.com
date
Tue, 28 Sep 2021 02:47:25 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
event
event.insticator.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Protocol
H2
Server
34.227.85.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-85-106.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
access-control-allow-origin,content-type
Origin
https://helpdesk.rootsweb.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 28 Sep 2021 02:47:25 GMT
content-length
0
vary
Origin
access-control-max-age
3600
access-control-allow-origin
https://helpdesk.rootsweb.com
access-control-allow-headers
access-control-allow-origin,content-type
access-control-allow-methods
POST
access-control-allow-credentials
true
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E3DC 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158092
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?kdntuid=1&p=158092
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://helpdesk.rootsweb.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=166201
expires
Thu, 30 Sep 2021 00:57:26 GMT
date
Tue, 28 Sep 2021 02:47:25 GMT
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame E3DC 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=85955161&p=158092&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158092
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
eaa0147e5d85f2b51a0fd168cf5b6ce9d49e08d1604ac44d524432c036cd8990

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:24 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
async_usersync.html
acdn.adnxs.com/dmp/ Frame FF63 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://helpdesk.rootsweb.com/
Accept-Encoding
gzip, deflate, br
Cookie
uuid2=7586480693263238495; icu=ChgIxIc7EAoYASABKAEwu4TKigY4AUABSAEKGAi86UsQChgBIAEoATC8hMqKBjgBQAFIARC8hMqKBhgB
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Sun, 26 Sep 2021 04:19:43 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Tue, 28 Sep 2021 02:47:25 GMT
Age
80859
X-Served-By
cache-lga21975-LGA, cache-hhn4069-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1, 1165075
X-Timer
S1632797245.087574,VS0,VE0
Vary
Accept-Encoding
match
c1.adform.net/serving/cookie/ Frame 2F95
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=C9C0BDDC-098B-4F45-961C-165698E0E080
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C9C0BDDC-098B-4F45-961C-165698E0E080
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C9C0BDDC-098B-4F45-961C-165698E0E080
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158092
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?CC=1&party=14&cid=C9C0BDDC-098B-4F45-961C-165698E0E080
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
C=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 28 Sep 2021 02:47:25 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=7729573324024166295; expires=Sat, 27 Nov 2021 02:47:25 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Tue, 28 Sep 2021 02:47:25 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C9C0BDDC-098B-4F45-961C-165698E0E080
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
C=1; expires=Thu, 28 Oct 2021 02:47:25 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 1A63
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=480603322255117247
42 B
209 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=480603322255117247
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158092
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=480603322255117247
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=C9C0BDDC-098B-4F45-961C-165698E0E080; chkChromeAb67Sec=1; DPSync3=1632873600%3A174%7C1633996800%3A201_197_219; SyncRTB3=1634083200%3A35%7C1633996800%3A21_8_71_161_56_220_13_54_7_3%7C1635379200%3A203%7C1633392000%3A15_223%7C1633651200%3A63
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 28 Sep 2021 02:47:23 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_336=5844-480603322255117247; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 28-Oct-2021 02:47:23 GMT; path=/ PugT=1632797243; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 28-Oct-2021 02:47:23 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 27-Dec-2021 02:47:23 GMT; path=/
x-lat
amspug011:0:426
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=480603322255117247
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 0272 		43 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158092
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Tue, 28 Sep 2021 02:47:24 GMT
content-type
image/gif
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Tue, 28 Sep 2021 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
488294
Pug
simage2.pubmatic.com/AdServer/ Frame AE76
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7012810768275404943
42 B
519 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7012810768275404943
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158092
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7012810768275404943
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=C9C0BDDC-098B-4F45-961C-165698E0E080; chkChromeAb67Sec=1; DPSync3=1632873600%3A174%7C1633996800%3A201_197_219; SyncRTB3=1634083200%3A35%7C1633996800%3A21_8_71_161_56_220_13_54_7_3%7C1635379200%3A203%7C1633392000%3A15_223%7C1633651200%3A63
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 28 Sep 2021 02:47:25 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_1101=23040-7012810768275404943; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 28-Oct-2021 02:47:25 GMT; path=/ PugT=1632797245; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 28-Oct-2021 02:47:25 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 27-Dec-2021 02:47:25 GMT; path=/
x-lat
lhrpug010:0:455
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Tue, 28 Sep 2021 02:47:25 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=7012810768275404943; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7012810768275404943
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E3DC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ycC93AmLT0WWHBZWmODggA%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158092
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:25 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=166201
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Thu, 30 Sep 2021 00:57:26 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Sep 2021 02:47:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame E3DC
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=67796152-823d-4f00-99e3-e6124489ed55
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=67796152-823d-4f00-99e3-e6124489ed55
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158092
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:23 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Tue, 28 Sep 2021 02:47:25 GMT
Server
MT3 3984 0e3af3b master zrh-pixel-x30 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=67796152-823d-4f00-99e3-e6124489ed55
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 28 Sep 2021 02:47:24 GMT
33141
tags.bluekai.com/site/ Frame E3DC
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=C9C0BDDC-098B-4F45-961C-165698E0E080
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=eb121bedbb6b5b675efdd302be205b58
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=693c01a9-7168-4f7f-9cbd-deb94c159806&icm
  • https://pixel.onaudience.com/?partner=109&icm&cver&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
  • https://tags.bluekai.com/site/33141?&id=a284ae2e11f07fa4
62 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/33141?&id=a284ae2e11f07fa4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158092
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 28 Sep 2021 02:47:26 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
Content-Type
image/gif

Redirect headers

location
https://tags.bluekai.com/site/33141?&id=a284ae2e11f07fa4
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame E3DC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzlDMEJEREMtMDk4Qi00RjQ1LTk2MUMtMTY1Njk4RTBFMDgw&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158092
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:24 GMT
cache-control
no-store, no-cache, private
x-lat
amspug008:0:366
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 28 Sep 2021 02:47:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame E3DC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHakVvqMBvYxSD0LqxmlrC0&google_cver=1
42 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHakVvqMBvYxSD0LqxmlrC0&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158092
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:23 GMT
cache-control
no-store, no-cache, private
x-lat
amspug014:0:421
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 28 Sep 2021 02:47:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHakVvqMBvYxSD0LqxmlrC0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame E3DC 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158092
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
bc.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:25 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 27 Sep 2021 02:47:25 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame E3DC
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=693c01a9-7168-4f7f-9cbd-deb94c159806
42 B
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=693c01a9-7168-4f7f-9cbd-deb94c159806
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158092
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:25 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug012:0:484
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 28 Sep 2021 02:47:25 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=693c01a9-7168-4f7f-9cbd-deb94c159806
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
simage2.pubmatic.com/AdServer/ Frame E3DC
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6486172977607540710
42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6486172977607540710
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158092
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:25 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug011:0:417
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 28 Sep 2021 02:47:25 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6486172977607540710
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame E3DC
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:2f966152-823c-4e00-aa52-204b90690e66&gdpr=0&gdpr_consent=
42 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:2f966152-823c-4e00-aa52-204b90690e66&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158092
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:25 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug009:0:352
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Tue, 28 Sep 2021 02:47:25 GMT
Server
MT3 3984 0e3af3b master zrh-pixel-x13 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:2f966152-823c-4e00-aa52-204b90690e66&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 28 Sep 2021 02:47:24 GMT
Pug
image2.pubmatic.com/AdServer/ Frame E3DC
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7586480693263238495&gdpr=0&gdpr_consent=
42 B
519 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7586480693263238495&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158092
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:24 GMT
cache-control
no-store, no-cache, private
x-lat
amspug009:0:360
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Tue, 28 Sep 2021 02:47:25 GMT
X-Proxy-Origin
216.131.114.150; 216.131.114.150; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
21aad488-8d99-4f4c-9ac7-6f99141fa3a2
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7586480693263238495&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame E3DC
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=MLWlxD62o5Irt6aSZ7O9zmO99sArsabBP-Kn18_Q
42 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=MLWlxD62o5Irt6aSZ7O9zmO99sArsabBP-Kn18_Q
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158092
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:24 GMT
cache-control
no-store, no-cache, private
x-lat
amspug012:0:436
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 28 Sep 2021 02:47:25 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=MLWlxD62o5Irt6aSZ7O9zmO99sArsabBP-Kn18_Q
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame E3DC
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C9C0BDDC-098B-4F45-961C-165698E0E080&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C9C0BDDC-098B-4F45-961C-165698E0E080&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-66GozS1E2uVct_xNXNDPeeRtTEVggv4-~A&gdpr=0&gdpr_consent=
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-66GozS1E2uVct_xNXNDPeeRtTEVggv4-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158092
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:23 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Tue, 28 Sep 2021 02:47:25 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-66GozS1E2uVct_xNXNDPeeRtTEVggv4-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
C9C0BDDC-098B-4F45-961C-165698E0E080
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame E3DC 		43 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/C9C0BDDC-098B-4F45-961C-165698E0E080?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158092
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.176 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
pr-bh-ing.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:25 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame E3DC
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=7729573324024166295&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=2a886cd7-5f09-4e83-97d0-d6aabe6eacc4&gdpr=&gdpr_consent=&gdpr_pd=
1 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=2a886cd7-5f09-4e83-97d0-d6aabe6eacc4&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158092
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:25 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug015:0:2549
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=2a886cd7-5f09-4e83-97d0-d6aabe6eacc4&gdpr=&gdpr_consent=&gdpr_pd=
date
Tue, 28 Sep 2021 02:47:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame E3DC 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=C9C0BDDC-098B-4F45-961C-165698E0E080&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158092
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.158.223.137 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
ams02-usadmm.dotomi.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 02:47:25 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
async_usersync
ib.adnxs.com/ Frame FF63 		0
735 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Sep 2021 02:47:25 GMT
X-Proxy-Origin
216.131.114.150; 216.131.114.150; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
508fdbe8-688a-4963-b7fc-655e8e33fce2
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame F29F 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://helpdesk.rootsweb.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Tue, 28 Sep 2021 02:47:25 GMT
Connection
keep-alive
pd
eu-u.openx.net/w/1.0/ Frame EFF4 		1006 B
859 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=654fdc04-8cd2-4182-b6a0-cadf9a3143db&gdpr=0&us_privacy=1---
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.3 /
Resource Hash
1c0ed67e4e6fe4ab3e1191502ce021b2a93f76b6820455f97b7387c08a7e52b6

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=10&ph=654fdc04-8cd2-4182-b6a0-cadf9a3143db&gdpr=0&us_privacy=1---
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://helpdesk.rootsweb.com/
accept-encoding
gzip, deflate, br
cookie
i=8eb7f0c0-4910-4ca3-a180-476584b9fc06|1632797243
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=8eb7f0c0-4910-4ca3-a180-476584b9fc06|1632797243; Version=1; Expires=Wed, 28-Sep-2022 02:47:25 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1632797245|mOgeginskin0vNomiygu; Version=1; Expires=Wed, 13-Oct-2021 02:47:25 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.216.3
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 28 Sep 2021 02:47:25 GMT
content-type
text/html
content-length
542
content-encoding
gzip
via
1.1 google
alt-svc
clear
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame E7BF
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https://helpdesk.rootsweb.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https://helpdesk.rootsweb.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://helpdesk.rootsweb.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ee218226cf011b71b60668de2628fd4cc0b34371be618ad3b7c3305eac754b9a

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Cookie
CMID=YVKCPRmNryCEtQaq-wY6lAAA; CMPS=3181
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|241|45|39|111|3|195|13
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1879
Expires
Tue, 28 Sep 2021 02:47:25 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 28 Sep 2021 02:47:25 GMT
Connection
keep-alive
Set-Cookie
CMID=YVKCPRmNryCEtQaq-wY6lAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 28 Sep 2022 02:47:25 GMT CMPS=3181;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 27 Dec 2021 02:47:25 GMT CMPRO=1143;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 27 Dec 2021 02:47:25 GMT CMST=YVKCPWFSgj0A;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 29 Sep 2021 02:47:25 GMT CMRUM3=276152823d0b40&6f6152823d05a0&2d6152823d05a0&c36152823d05a00&0d6152823d05a0&f16152823d05a0&036152823d05a0&e66152823d2760;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 28 Sep 2022 02:47:25 GMT

Redirect headers

Server
Apache
Content-Length
344
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?d=https://helpdesk.rootsweb.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Tue, 28 Sep 2021 02:47:25 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 28 Sep 2021 02:47:25 GMT
Connection
keep-alive
Set-Cookie
CMID=YVKCPRmNryCEtQaq-wY6lAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 28 Sep 2022 02:47:25 GMT CMPS=3181;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 27 Dec 2021 02:47:25 GMT
sync
eb2.3lift.com/ Frame 5ED1
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
dcfb1b9612d2daa775df33c8f8171b7bff9d05741e0e1d2f3253709f2efa00d8

Request headers

:method
GET
:authority
eb2.3lift.com
:scheme
https
:path
/sync?&ld=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://helpdesk.rootsweb.com/
accept-encoding
gzip, deflate, br
cookie
tluid=8298947782236613180
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/

Response headers

date
Tue, 28 Sep 2021 02:47:25 GMT
content-type
text/html; charset=utf-8
content-length
463
set-cookie
sync=CgoIgQIQxP6y0sIvCgoI4gEQxP6y0sIvCgoI5gEQxP6y0sIvCgoIhwIQxP6y0sIvCgkICRDE_rLSwi8KCQg6EMT-stLCLwoJCAsQxP6y0sIvCgoIjAIQxP6y0sIvCgoIzgEQxP6y0sIvCgkIXxDE_rLSwi8=; Max-Age=7776000; Expires=Mon, 27 Dec 2021 02:47:25 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=8298947782236613180; Max-Age=7776000; Expires=Mon, 27 Dec 2021 02:47:25 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate

Redirect headers

date
Tue, 28 Sep 2021 02:47:25 GMT
content-length
0
set-cookie
tluid=8298947782236613180; Max-Age=7776000; Expires=Mon, 27 Dec 2021 02:47:25 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
location
/sync?&ld=1
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sd
eu-u.openx.net/w/1.0/ Frame EFF4
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=ard86Ruz1Mv39r5
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=ard86Ruz1Mv39r5
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=654fdc04-8cd2-4182-b6a0-cadf9a3143db&gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.3 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 02:47:25 GMT
via
1.1 google
server
OXGW/16.216.3
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 28 Sep 2021 02:47:24 GMT
Server
PingMatch/8a430fa#rel-ec2-master i-0ab67c5d8ba5329d8@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=ard86Ruz1Mv39r5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
adxcm.aspx
inv-nets.admixer.net/ Frame EFF4
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dopenx%26bsw_param%3D...
0
0
sd
eu-u.openx.net/w/1.0/ Frame EFF4
Redirect Chain
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=7586480693263238495
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=7586480693263238495
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=654fdc04-8cd2-4182-b6a0-cadf9a3143db&gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.3 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 02:47:25 GMT
via
1.1 google
server
OXGW/16.216.3
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 28 Sep 2021 02:47:25 GMT
X-Proxy-Origin
216.131.114.150; 216.131.114.150; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
c84ebda8-9c80-45b7-9e08-37058884f962
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=7586480693263238495
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame EFF4
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHb3JFN0NwUVFBQURsNUlXWUNmUQ&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGorE7CpQQAADl5IWYCfQ&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGorE7CpQQAADl5IWYCfQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_curre...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cox&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=6236395451507681141
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAGorE7CpQQAADl5IWYCfQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D6236395451507681141%26bee_sync_partners%3Dox%26bee_sync...
  • https://match.prod.bidr.io/cookie-sync?userid=6236395451507681141&bee_sync_partners=ox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AAGorE7CpQQAADl5IWYCfQ&pid=558502&d...
  • https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAGorE7CpQQAADl5IWYCfQ
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAGorE7CpQQAADl5IWYCfQ
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=654fdc04-8cd2-4182-b6a0-cadf9a3143db&gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.3 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 02:47:26 GMT
via
1.1 google
server
OXGW/16.216.3
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAGorE7CpQQAADl5IWYCfQ
Date
Tue, 28 Sep 2021 02:47:26 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
sd
eu-u.openx.net/w/1.0/ Frame EFF4
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=2f966152-823c-4e00-aa52-204b90690e66
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=2f966152-823c-4e00-aa52-204b90690e66
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=654fdc04-8cd2-4182-b6a0-cadf9a3143db&gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.3 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 02:47:25 GMT
via
1.1 google
server
OXGW/16.216.3
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Tue, 28 Sep 2021 02:47:25 GMT
Server
MT3 3984 0e3af3b master zrh-pixel-x31 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=2f966152-823c-4e00-aa52-204b90690e66
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 28 Sep 2021 02:47:24 GMT
sd
us-u.openx.net/w/1.0/ Frame EFF4
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=qXEliadyI9-ycyberXA92v4hI9-yc3SCqHed9Ff3
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=qXEliadyI9-ycyberXA92v4hI9-yc3SCqHed9Ff3
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=654fdc04-8cd2-4182-b6a0-cadf9a3143db&gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.3 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 02:47:25 GMT
via
1.1 google
server
OXGW/16.216.3
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Sep 2021 02:47:25 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=qXEliadyI9-ycyberXA92v4hI9-yc3SCqHed9Ff3
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame EFF4
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7729573324024166295
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7729573324024166295
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=654fdc04-8cd2-4182-b6a0-cadf9a3143db&gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.3 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 02:47:25 GMT
via
1.1 google
server
OXGW/16.216.3
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Sep 2021 02:47:25 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7729573324024166295
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame EFF4 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=5d1bcf99-e097-7354-fb56-8f8de09ecffb&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=654fdc04-8cd2-4182-b6a0-cadf9a3143db&gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 02:47:25 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame EFF4 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzE3NDFjNTMtMjllMC0yZGYwLWVlYjYtZDUzNDJhN2MwMTli
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=654fdc04-8cd2-4182-b6a0-cadf9a3143db&gdpr=0&us_privacy=1---
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 02:47:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame EFF4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJ8ZpNZE1C_epwsJpaCmREQ&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJ8ZpNZE1C_epwsJpaCmREQ&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=654fdc04-8cd2-4182-b6a0-cadf9a3143db&gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.3 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 02:47:25 GMT
via
1.1 google
server
OXGW/16.216.3
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Sep 2021 02:47:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJ8ZpNZE1C_epwsJpaCmREQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ssc-cms.33across.com/ps/ Frame 65A9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=doDfPobQir7lnyaKjGFx_2&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.178 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip178.208-100-17.static.steadfastdns.net
Software
33XP004 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&ru=deb&id=doDfPobQir7lnyaKjGFx_2&gdpr_consent=undefined&us_privacy=undefined
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://helpdesk.rootsweb.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/

Response headers

x-33x-status
2000208
server
33XP004
date
Tue, 28 Sep 2021 02:47:25 GMT
generic
match.adsrvr.org/track/cmf/ Frame 5ED1 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 02:47:25 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
xuid
eb2.3lift.com/ Frame 5ED1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEEGdqMwqbdAzeEaglH_tZRw&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEEGdqMwqbdAzeEaglH_tZRw&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 28 Sep 2021 02:47:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEEGdqMwqbdAzeEaglH_tZRw&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5ED1
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODI5ODk0Nzc4MjIzNjYxMzE4MA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODI5ODk0Nzc4MjIzNjYxMzE4MA%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 02:47:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODI5ODk0Nzc4MjIzNjYxMzE4MA%3D%3D
date
Tue, 28 Sep 2021 02:47:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 5ED1 		0
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=8298947782236613180&dbredirect=true&gdpr=1&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.174.11.85 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
108-174-11-85.fwd.linkedin.com
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:25 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
server
Play
linkedin-action
1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lva1
x-li-proto
http/2
x-li-pop
prod-edc2
content-length
0
x-li-uuid
SWeioHHcqBZgv0xwlCsAAA==
xuid
eb2.3lift.com/ Frame 5ED1
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/8298947782236613180?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-CYVOiX5E2oQu96GzeEIbOW2Ctnlf3O5QvlYnCyQxMw--~A&dongle=0883
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-CYVOiX5E2oQu96GzeEIbOW2Ctnlf3O5QvlYnCyQxMw--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Tue, 28 Sep 2021 02:47:25 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-CYVOiX5E2oQu96GzeEIbOW2Ctnlf3O5QvlYnCyQxMw--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
x.bidswitch.net/ Frame 5ED1 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=triplelift&user_id=8298947782236613180&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.35.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-35-118.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
c.gif
c.bing.com/ Frame 5ED1 		42 B
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=8298947782236613180&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 02:47:24 GMT
etag
"367bb54357aad71:0"
last-modified
Wed, 15 Sep 2021 17:29:40 GMT
x-msedge-ref
Ref A: B676B66A6BA645AB933F034530A1BAA6 Ref B: PRG01EDGE0716 Ref C: 2021-09-28T02:47:25Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
iu3
s.amazon-adsystem.com/ Frame 5ED1
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=8298947782236613180
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=8298947782236613180&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=8298947782236613180&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Tue, 28 Sep 2021 02:47:25 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
QFBEV4RPB2QN29VBTJS3
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=8298947782236613180&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 5ED1
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Tue, 28 Sep 2021 02:47:25 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame 5ED1
Redirect Chain
  • https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4771&xuid=4034688661224747865&dongle=d407
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4771&xuid=4034688661224747865&dongle=d407
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=4771&xuid=4034688661224747865&dongle=d407
pragma
no-cache
date
Tue, 28 Sep 2021 02:47:25 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame E7BF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YVKCPRmNryCEtQaq_wY6lAAABHcAAAIB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEOT-2dhNr7GFf9TrJylk6fE&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEOT-2dhNr7GFf9TrJylk6fE&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://helpdesk.rootsweb.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Sep 2021 02:47:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 28 Sep 2021 02:47:25 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Sep 2021 02:47:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEOT-2dhNr7GFf9TrJylk6fE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame E7BF
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YVKCPRmNryCEtQaq_wY6lAAABHcAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YVKCPRmNryCEtQaq_wY6lAAABHcAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YVKCPRmNryCEtQaq_wY6lAAABHcAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://helpdesk.rootsweb.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Sep 2021 02:47:25 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
EXEX2N5EKGYCS6E5SYB8
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 28 Sep 2021 02:47:25 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
QXGTQJCAWRHW5GQ3G5FN
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YVKCPRmNryCEtQaq_wY6lAAABHcAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame E7BF
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YVKCPRmNryCEtQaq-wY6lAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENYAlk48-0GqMm_1s93RWT0&google_cver=1&gdpr=1
43 B
1000 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENYAlk48-0GqMm_1s93RWT0&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://helpdesk.rootsweb.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Sep 2021 02:47:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 28 Sep 2021 02:47:25 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Sep 2021 02:47:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENYAlk48-0GqMm_1s93RWT0&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame E7BF 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://helpdesk.rootsweb.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 02:47:25 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
match
c1.adform.net/serving/cookie/ Frame E7BF 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://helpdesk.rootsweb.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 02:47:25 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame E7BF
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=2f966152-823c-4e00-aa52-204b90690e66&gdpr=1&gdpr_consent=
43 B
1009 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=2f966152-823c-4e00-aa52-204b90690e66&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://helpdesk.rootsweb.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Sep 2021 02:47:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 28 Sep 2021 02:47:25 GMT

Redirect headers

Date
Tue, 28 Sep 2021 02:47:25 GMT
Server
MT3 3984 0e3af3b master zrh-pixel-x4 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=2f966152-823c-4e00-aa52-204b90690e66&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 28 Sep 2021 02:47:24 GMT
crum
dsum-sec.casalemedia.com/ Frame E7BF
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-ce29a263-1b85-46ea-addc-ea6d01143887
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-ce29a263-1b85-46ea-addc-ea6d01143887
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://helpdesk.rootsweb.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Sep 2021 02:47:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 28 Sep 2021 02:47:25 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-ce29a263-1b85-46ea-addc-ea6d01143887
date
Tue, 28 Sep 2021 02:47:25 GMT
server
Apache-Coyote/1.1
content-length
0
crum
dsum-sec.casalemedia.com/ Frame E7BF
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06c32204071a0b4f1a41754c&expiration=[EXPIRATION]&gdpr=1
43 B
997 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06c32204071a0b4f1a41754c&expiration=[EXPIRATION]&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://helpdesk.rootsweb.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Sep 2021 02:47:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 28 Sep 2021 02:47:25 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06c32204071a0b4f1a41754c&expiration=[EXPIRATION]&gdpr=1
Date
Tue, 28 Sep 2021 02:47:25 GMT
Access-Control-Allow-Credentials
true
X-Powered-By
Express
Content-Length
0
Vary
Origin
htw-pixel.gif
js-sec.indexww.com/ht/ Frame E7BF 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YVKCPRmNryCEtQaq-wY6lAAA%261143
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://helpdesk.rootsweb.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 28 Sep 2021 02:47:25 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1157
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Tue, 28 Sep 2021 03:06:42 GMT
usync.html
eus.rubiconproject.com/ Frame F1D6 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://helpdesk.rootsweb.com/
Accept-Encoding
gzip, deflate, br
Cookie
rsid=1|HsGqLFsFr/vVSy6g0MQzNQWiuYBcZJvAvCF6IsCkVVAywYaQOmrhQ6qYZbyIiI/PTx+vvVOnYX6qF0anVSaRRFrEpFc6uQw19gMkasvdREJwzG6pEKVeU6zjT6a3MjDFVf/xlH9h; ses2=128980^1; vis2=128980^1; khaos=KU3HBKJD-10-5X8B; ses15=; vis15=159042^1; audit=1|hLZGFuTafB3d5xdaYKaEZfWt1ylCKbKsv2FR2LKygIBJ6iWvDrmSSwmf2gEMxCFZ59O4vo6YizvAUJ+gL7gixayAxgfbm9J8Aizhfkn5jms=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Fri, 24 Sep 2021 19:54:05 GMT
ETag
"40333-119-5ccc31c0f3140"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 28 Sep 2021 02:47:25 GMT
Connection
keep-alive
Vary
Accept-Encoding
ga_debug.js
ssl.google-analytics.com/u/ Frame F619 		55 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/u/ga_debug.js
Requested by
Host: go.newspapers.com
URL: https://go.newspapers.com/ads/LDR-search.php?admin=1&design=whtldr&xid=109&nameField=1&label=Find%20your%20ancestors%20in%20obituaries%20and%20birth%20notices&clickTag=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsvrBlpIEkB-tgu8Pv2fvWR8XVgFXm_wPudKjzgEQM0cpxVzzt8_CYyB-VfW29mYJEgQOja5u_5mfo6dEowsOsyezQ4Ken3s-H3IThUPffuMd-soYtqr_L8icmImG5DxuNGXYcvTrcu_WicAG3zhSpgYjpcZS92lzmXLrtwkRZrFcqNzA0MrU_jY_--FRgWsAAvANFz352kMCGcbIQKe_sQqGTpMwG2SC8TCv0iMGz8znIiX4Eke_p9A-QnEpNcNHOuSJYUJuw-IFs8qTMEQWLTNiqozELXMc9MR5IuwbQeL_9BzcKpHiZ8p_hjaAmt0sGqdr3uMMjIJ%2526sai%253DAMfl-YTux3S_ZKatkW0KYgakF0Iltqnt80Y2nqJPzkhD_ecrIxJwRI9iuKD-pIdljY9yd7yXGMQ_wZ_Wsh8g1dDyjTODw6ORMF3aKplCIj2q2kxOeCcy6SXLsRcTPkfXIns%2526sig%253DCg0ArKJSzItH4uhhmgALEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&t=1&utm_source=rootsweb&utm_medium=referral&utm_campaign=RW-Display
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f8.1e100.net
Software
Golfe2 /
Resource Hash
4537694480e187f6b4bb7c80b546a1febc7a717f6d672ed0eeadcccd68279959
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.newspapers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 01:13:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
5654
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20769
expires
Tue, 28 Sep 2021 03:13:11 GMT
Cookie set beacon
ap.lijit.com/ Frame A102 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=7840138
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Host
ap.lijit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://helpdesk.rootsweb.com/
Accept-Encoding
gzip, deflate, br
Cookie
ljt_reader=75e01605ad8bc204ff562757
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/

Response headers

Server
nginx
Date
Tue, 28 Sep 2021 02:47:25 GMT
Set-Cookie
ljt_reader=75e01605ad8bc204ff562757;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap7ams1
usync.js
eus.rubiconproject.com/ Frame F1D6 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
02c30f3e7aec710c498ae4fc38c2290024901d2be6b163d8532557befd238125

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 28 Sep 2021 02:47:25 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Sep 2021 19:54:05 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=76562
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9280
Expires
Wed, 29 Sep 2021 00:03:27 GMT
nr-1210.min.js
js-agent.newrelic.com/ Frame F619 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1210.min.js
Requested by
Host: go.newspapers.com
URL: https://go.newspapers.com/ads/LDR-search.php?admin=1&design=whtldr&xid=109&nameField=1&label=Find%20your%20ancestors%20in%20obituaries%20and%20birth%20notices&clickTag=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsvrBlpIEkB-tgu8Pv2fvWR8XVgFXm_wPudKjzgEQM0cpxVzzt8_CYyB-VfW29mYJEgQOja5u_5mfo6dEowsOsyezQ4Ken3s-H3IThUPffuMd-soYtqr_L8icmImG5DxuNGXYcvTrcu_WicAG3zhSpgYjpcZS92lzmXLrtwkRZrFcqNzA0MrU_jY_--FRgWsAAvANFz352kMCGcbIQKe_sQqGTpMwG2SC8TCv0iMGz8znIiX4Eke_p9A-QnEpNcNHOuSJYUJuw-IFs8qTMEQWLTNiqozELXMc9MR5IuwbQeL_9BzcKpHiZ8p_hjaAmt0sGqdr3uMMjIJ%2526sai%253DAMfl-YTux3S_ZKatkW0KYgakF0Iltqnt80Y2nqJPzkhD_ecrIxJwRI9iuKD-pIdljY9yd7yXGMQ_wZ_Wsh8g1dDyjTODw6ORMF3aKplCIj2q2kxOeCcy6SXLsRcTPkfXIns%2526sig%253DCg0ArKJSzItH4uhhmgALEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&t=1&utm_source=rootsweb&utm_medium=referral&utm_campaign=RW-Display
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5b8810ee64bade6fc49a6c0948f933337663c3df9526ed7e21694b728a15818e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.newspapers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
tUmpG8VLFN_NnT6837P9feidPwIndCMZ
content-encoding
gzip
etag
"67f7ff413fcbb9300ab2dbf1bb53180c"
x-amz-request-id
VW8CCHGKR4ZK6Z03
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
11781
x-amz-id-2
MncX4xvX6G/3ZCVU9xhgX1JCQw12l3nC4XnJi5uFxOrjvkq6VeBL/9/vLuSPh4OyPAeJ00ESZNY=
x-served-by
cache-fra19136-FRA
last-modified
Tue, 22 Jun 2021 22:47:07 GMT
server
AmazonS3
x-timer
S1632797245.457018,VS0,VE0
date
Tue, 28 Sep 2021 02:47:25 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
1911
/
ssc-cms.33across.com/ps/ Frame 542B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dtylsEbQir7lnyaKjGFx_2&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.5781260.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.178 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip178.208-100-17.static.steadfastdns.net
Software
33XP005 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&ru=deb&id=dtylsEbQir7lnyaKjGFx_2&gdpr_consent=undefined&us_privacy=undefined
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://helpdesk.rootsweb.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/

Response headers

x-33x-status
2000208
server
33XP005
date
Tue, 28 Sep 2021 02:47:24 GMT
4bd2ba109c
bam-cell.nr-data.net/1/ Frame F619 		49 B
925 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/1/4bd2ba109c?a=197254878&v=1210.e2a3f80&to=ZVQAbEBTX0AFV0FaDVweN0pbHVZcS1VRQE1%2BdTAVQVdQQQdcG0MKQg%3D%3D&rst=967&ck=1&ref=https://go.newspapers.com/ads/LDR-search.php&be=463&fe=937&dc=879&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1632797244500,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:23,%22c%22:23,%22s%22:29,%22ce%22:40,%22rq%22:40,%22rp%22:423,%22rpe%22:424,%22dl%22:454,%22di%22:879,%22ds%22:879,%22de%22:881,%22dc%22:937,%22l%22:937,%22le%22:938%7D,%22navigation%22:%7B%7D%7D&fp=881&fcp=881&at=SRMDGghJTE4%3D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1210.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.newspapers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 28 Sep 2021 02:47:25 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
X-NewRelic-App-Data
PxQGQlVTCAQHUVBSFR0VMQFTYkEDCBADUxZRDVZkG3xWEU0YdQhAEgVCVAkDEWQcfgEVFk51XhUUUEJQCgMRQBxSFlIUCxoCB1YAUHRMB05WAhtDBwVeUlJRVFQAAgQHVVVUAEBKBQNcEV0/
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
access-control-allow-credentials
true
CF-Ray
6959a5a04cfe1f45-FRA
tap.php
pixel.rubiconproject.com/ Frame F1D6
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YVKCOwAAAFN6UgQE
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YVKCOwAAAFN6UgQE
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 28 Sep 2021 02:47:25 GMT
via
1.1 varnish
server
Varnish
x-timer
S1632797246.565385,VS0,VE0
x-served-by
cache-hhn4067-HHN
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YVKCOwAAAFN6UgQE
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rubicon
match.adsrvr.org/track/cmf/ Frame F1D6 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 02:47:25 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame F1D6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTk4MWU1MDI5NGRiOTkwMzZmMzg2MWQ4Nzc2OWI3YmY3YWU2MzNmMA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTk4MWU1MDI5NGRiOTkwMzZmMzg2MWQ4Nzc2OWI3YmY3YWU2MzNmMA
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 02:47:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTk4MWU1MDI5NGRiOTkwMzZmMzg2MWQ4Nzc2OWI3YmY3YWU2MzNmMA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame F1D6
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=2f966152-823c-4e00-aa52-204b90690e66&expires=28
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=2f966152-823c-4e00-aa52-204b90690e66&expires=28
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/gif

Redirect headers

Date
Tue, 28 Sep 2021 02:47:25 GMT
Server
MT3 3984 0e3af3b master zrh-pixel-x29 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=2f966152-823c-4e00-aa52-204b90690e66&expires=28
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 28 Sep 2021 02:47:24 GMT
v1
ads.yahoo.com/cms/ Frame F1D6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KU3HBKJD-10-5X8B&sigv=1&esig=2~e31541cb9fdf658af1107adf60cbcceab4c6d1df
0
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KU3HBKJD-10-5X8B&sigv=1&esig=2~e31541cb9fdf658af1107adf60cbcceab4c6d1df
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.118.23 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
e2.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:25 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KU3HBKJD-10-5X8B&sigv=1&esig=2~e31541cb9fdf658af1107adf60cbcceab4c6d1df
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame F1D6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/6zlnP_eZilSp4QIQk98BpMn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=393779734118516014
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=393779734118516014
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/gif

Redirect headers

date
Tue, 28 Sep 2021 02:47:25 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=393779734118516014
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F1D6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1UzSEJLSkQtMTAtNVg4Qg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1UzSEJLSkQtMTAtNVg4Qg==
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 02:47:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1UzSEJLSkQtMTAtNVg4Qg==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
709414.gif
id.rlcdn.com/ Frame F1D6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ 		42 B
518 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv8x79ZcyFoqdvyPD7TNh6VvoLaCbJAl44_YqqwdC-FQvZKsjWTgsszlMz4H4qUB7Ta_DaVdBcjyjinR39jAk-DqZ40X2jg8zVNcJWvigO1MKaBhBCy&sig=Cg0ArKJSzDnzsbqYVcI6EAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210927&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=2995897494&rs=4&met=ie&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1632797239415&rpt=5195
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 02:47:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
id
api.britepool.com/v1/britepool/ Frame 		0
0
id
api.britepool.com/v1/britepool/ 		0
0
369.json
id5-sync.com/g/v2/ 		213 B
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/369.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.21.5 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p38.id5-sync.com
Software
/
Resource Hash
18a31fbeeb95d076ad5b1db1df7653e1e1c2efb6fcc84e3a44543416697e9f4e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://helpdesk.rootsweb.com
Date
Tue, 28 Sep 2021 02:46:55 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		44 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=88
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Sep 2021 02:47:26 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://helpdesk.rootsweb.com
access-control-allow-credentials
true
alt-svc
clear
content-length
44
id
id.crwdcntrl.net/ 		154 B
827 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.137.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-137-92.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
46a1dec5da0845a1327cb894a2cd173084e547a8eae7fc546ae73c0ec32fba78

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 02:47:26 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://helpdesk.rootsweb.com
cache-control
no-cache
x-server
10.45.9.18
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
154
expires
0
rid
match.adsrvr.org/track/ 		108 B
692 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=mp4hjl8&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
2b64e70f5935821d8822dd61869f53832ae538bc2c3921d454ec3659f0175ac1

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Sep 2021 02:47:26 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://helpdesk.rootsweb.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Thu, 28 Oct 2021 02:47:26 GMT
async_usersync
ib.adnxs.com/ Frame FF63 		0
735 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Sep 2021 02:47:26 GMT
X-Proxy-Origin
216.131.114.150; 216.131.114.150; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
1d8fe204-93ad-450c-b550-98be130ad2b8
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame E3DC 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158092&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158092
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:25 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
generic
match.adsrvr.org/track/cmf/ Frame 378D 		70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-4.32.0-28-with-new-ssps.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

:method
GET
:authority
match.adsrvr.org
:scheme
https
:path
/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://helpdesk.rootsweb.com/
accept-encoding
gzip, deflate, br
cookie
TDID=693c01a9-7168-4f7f-9cbd-deb94c159806; TDCPM=CAESFwoIcHVibWF0aWMSCwiUg7Leio2BOhAFGAEgASgCMgsIqt3ij6GNgToQBTgBWgd4a3N3OWxhYAI.
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/

Response headers

date
Tue, 28 Sep 2021 02:47:27 GMT
content-type
image/gif
content-length
70
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
generic
match.adsrvr.org/track/cmf/ Frame E070 		70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-4.32.0-28-with-new-ssps.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

:method
GET
:authority
match.adsrvr.org
:scheme
https
:path
/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://helpdesk.rootsweb.com/
accept-encoding
gzip, deflate, br
cookie
TDID=693c01a9-7168-4f7f-9cbd-deb94c159806; TDCPM=CAESFwoIcHVibWF0aWMSCwiUg7Leio2BOhAFGAEgASgCMgsIqt3ij6GNgToQBTgBWgd4a3N3OWxhYAI.
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/

Response headers

date
Tue, 28 Sep 2021 02:47:27 GMT
content-type
image/gif
content-length
70
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usersync.html
ad-cdn.technoratimedia.com/html/ Frame 1BD6 		17 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_4.32.0
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-4.32.0-28-with-new-ssps.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.191 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frd/E2F8) /
Resource Hash
62f3a786e694b5c0ea068b3267e019ec7de62fb98fbebffdfbd425f1cd99a86e

Request headers

:method
GET
:authority
ad-cdn.technoratimedia.com
:scheme
https
:path
/html/usersync.html?src=prebid_prebid_4.32.0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://helpdesk.rootsweb.com/
accept-encoding
gzip, deflate, br
cookie
tads_uid=GDPR
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/

Response headers

content-encoding
gzip
accept-ranges
bytes
access-control-allow-origin
*
age
675
cache-control
max-age=900
content-type
text/html; charset=UTF-8
date
Tue, 28 Sep 2021 02:47:27 GMT
etag
"450f-5c7a90520f640"
expires
Tue, 28 Sep 2021 03:02:27 GMT
last-modified
Wed, 21 Jul 2021 21:40:33 GMT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
server
ECAcc (frd/E2F8)
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-varnish
597848687
content-length
5566
sync.html
cdn.aralego.net/ucfad/cookie/ Frame 10F4 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/sync.html
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-4.32.0-28-with-new-ssps.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4cc2c709011178c06e10f7c74ba463f3e4df26d12c2b11809287f6a9a352f50

Request headers

:method
GET
:authority
cdn.aralego.net
:scheme
https
:path
/ucfad/cookie/sync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://helpdesk.rootsweb.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/

Response headers

date
Tue, 28 Sep 2021 02:47:28 GMT
content-type
text/html
last-modified
Wed, 16 Dec 2020 08:30:52 GMT
access-control-allow-credentials
true
cache-control
max-age=14400
cf-cache-status
HIT
age
6138
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uoKUhQEF4Sp30yWCfJuIefM1xLO80ypev5q%2BIu%2F01L7rvHXYStRFBr7Nlivg9%2F3aetO48%2FfNTZPBwuO1hV0A%2Fuzw5SfhDpvS0eakiwdoJfvZJSBmIbXnvH98UbAkWGN%2B3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6959a5b009cdf9ce-PRG
content-encoding
br
pixel
cm.g.doubleclick.net/ Frame B4AF 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-4.32.0-28-with-new-ssps.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

:method
GET
:authority
cm.g.doubleclick.net
:scheme
https
:path
/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://helpdesk.rootsweb.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUmc5vw_KmttPci1escrQSx5iPOs4rBr8BvYUxa6yLXbh_3MTsIcVxGneP4GAb8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/

Response headers

content-type
image/png
date
Tue, 28 Sep 2021 02:47:27 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
usersync
rtb.gumgum.com/ Frame A0C5
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://rtb.gumgum.com/usersync?b=mmh&i=2f966152-823c-4e00-aa52-204b90690e66&gdpr=1&gdpr_consent=
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=mmh&i=2f966152-823c-4e00-aa52-204b90690e66&gdpr=1&gdpr_consent=
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-4.32.0-28-with-new-ssps.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=mmh&i=2f966152-823c-4e00-aa52-204b90690e66&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://helpdesk.rootsweb.com/
accept-encoding
gzip, deflate, br
cookie
cs=true; loc=SfolTs1ZIlPB8MVKEK8IyKSvg4rUpAiO8hszRu6MQdzACEQ3JcDkYSa8DRCNeggG96g1Q-uOHK3zZq5_4672GqW4NdQcQCkgP6We6E0PKG0; vst=e_28595d69-a7e3-449f-9a66-69546d178ccf
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/

Response headers

date
Tue, 28 Sep 2021 02:47:28 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Tue, 28 Sep 2021 02:47:27 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Server
MT3 3984 0e3af3b master zrh-pixel-x3 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://rtb.gumgum.com/usersync?b=mmh&i=2f966152-823c-4e00-aa52-204b90690e66&gdpr=1&gdpr_consent=
Expires
Tue, 28 Sep 2021 02:47:26 GMT
/
ssc-cms.33across.com/ps/ Frame 8FA0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=aBJ8kwhX8r6yknaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-4.32.0-28-with-new-ssps.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.178 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip178.208-100-17.static.steadfastdns.net
Software
33XP001 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&ru=deb&id=aBJ8kwhX8r6yknaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://helpdesk.rootsweb.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/

Response headers

x-33x-status
2000208
server
33XP001
date
Tue, 28 Sep 2021 02:47:27 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame 8E0E 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-4.32.0-28-with-new-ssps.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://helpdesk.rootsweb.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Tue, 28 Sep 2021 02:47:27 GMT
Connection
keep-alive
usersync
rtb.gumgum.com/ Frame C5A7
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://rtb.gumgum.com/usersync?b=mmh&i=2f966152-823c-4e00-aa52-204b90690e66&gdpr=1&gdpr_consent=
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=mmh&i=2f966152-823c-4e00-aa52-204b90690e66&gdpr=1&gdpr_consent=
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-4.32.0-28-with-new-ssps.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=mmh&i=2f966152-823c-4e00-aa52-204b90690e66&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://helpdesk.rootsweb.com/
accept-encoding
gzip, deflate, br
cookie
cs=true; loc=SfolTs1ZIlPB8MVKEK8IyKSvg4rUpAiO8hszRu6MQdzACEQ3JcDkYSa8DRCNeggG96g1Q-uOHK3zZq5_4672GqW4NdQcQCkgP6We6E0PKG0; vst=e_28595d69-a7e3-449f-9a66-69546d178ccf
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/

Response headers

date
Tue, 28 Sep 2021 02:47:28 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Tue, 28 Sep 2021 02:47:27 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Server
MT3 3984 0e3af3b master zrh-pixel-x31 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://rtb.gumgum.com/usersync?b=mmh&i=2f966152-823c-4e00-aa52-204b90690e66&gdpr=1&gdpr_consent=
Expires
Tue, 28 Sep 2021 02:47:26 GMT
check.html
biddr.brealtime.com/ Frame 3625 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-4.32.0-28-with-new-ssps.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.120.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Host
biddr.brealtime.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://helpdesk.rootsweb.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/

Response headers

Date
Tue, 28 Sep 2021 02:47:28 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
Dt294QpawtNR10fmt04i/E9z//OMSi9w/VEk3jrbZgYkkUJUkpy+PD6nufgStLb0aV63ozhzeoQ=
x-amz-request-id
HWSTNQVGK70Z6EFW
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status
HIT
Age
2898
Expires
Tue, 28 Sep 2021 02:48:28 GMT
Cache-Control
public, max-age=60
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
6959a5b02c83d6d5-FRA
Content-Encoding
gzip
async_usersync.html
acdn.adnxs.com/dmp/ Frame A750 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-4.32.0-28-with-new-ssps.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://helpdesk.rootsweb.com/
Accept-Encoding
gzip, deflate, br
Cookie
uuid2=7586480693263238495; icu=ChgIxIc7EAoYASABKAEwu4TKigY4AUABSAEKGAi86UsQChgBIAEoATC8hMqKBjgBQAFIARC8hMqKBhgB
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Sun, 26 Sep 2021 04:19:43 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Tue, 28 Sep 2021 02:47:27 GMT
Age
80862
X-Served-By
cache-lga21975-LGA, cache-hhn4069-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1, 1165092
X-Timer
S1632797248.961935,VS0,VE0
Vary
Accept-Encoding
pixel
cm.g.doubleclick.net/ Frame 0E12 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-4.32.0-28-with-new-ssps.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

:method
GET
:authority
cm.g.doubleclick.net
:scheme
https
:path
/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://helpdesk.rootsweb.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUmc5vw_KmttPci1escrQSx5iPOs4rBr8BvYUxa6yLXbh_3MTsIcVxGneP4GAb8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/

Response headers

content-type
image/png
date
Tue, 28 Sep 2021 02:47:27 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
index.html
cdn.districtm.io/ids/ Frame C164 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-4.32.0-28-with-new-ssps.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cdn.districtm.io
:scheme
https
:path
/ids/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://helpdesk.rootsweb.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/

Response headers

date
Tue, 28 Sep 2021 02:47:27 GMT
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin
access-control-allow-methods
GET, HEAD, POST, OPTIONS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
6959a5afec38061c-FRA
Cookie set beacon
ap.lijit.com/ Frame D3ED 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13406715
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-4.32.0-28-with-new-ssps.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Host
ap.lijit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://helpdesk.rootsweb.com/
Accept-Encoding
gzip, deflate, br
Cookie
ljt_reader=75e01605ad8bc204ff562757
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/

Response headers

Server
nginx
Date
Tue, 28 Sep 2021 02:47:27 GMT
Set-Cookie
ljt_reader=75e01605ad8bc204ff562757;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap7ams1
showad.js
ads.pubmatic.com/AdServer/js/ Frame 13C8 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-4.32.0-28-with-new-ssps.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://helpdesk.rootsweb.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=C9C0BDDC-098B-4F45-961C-165698E0E080; chkChromeAb67Sec=1; DPSync3=1632873600%3A174%7C1633996800%3A201_197_219; SyncRTB3=1634083200%3A35%7C1633996800%3A21_8_71_161_56_220_13_54_7_3%7C1635379200%3A203%7C1633392000%3A15_223%7C1633651200%3A63; KRTBCOOKIE_57=22776-7586480693263238495; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEHakVvqMBvYxSD0LqxmlrC0&KRTB&16514-CAESEHakVvqMBvYxSD0LqxmlrC0&KRTB&23025-CAESEHakVvqMBvYxSD0LqxmlrC0; KRTBCOOKIE_336=5844-480603322255117247; KRTBCOOKIE_1101=23040-7012810768275404943; KRTBCOOKIE_27=16735-uid:2f966152-823c-4e00-aa52-204b90690e66&KRTB&16736-uid:2f966152-823c-4e00-aa52-204b90690e66&KRTB&23019-uid:2f966152-823c-4e00-aa52-204b90690e66&KRTB&23114-uid:2f966152-823c-4e00-aa52-204b90690e66; KRTBCOOKIE_377=6810-693c01a9-7168-4f7f-9cbd-deb94c159806&KRTB&22918-693c01a9-7168-4f7f-9cbd-deb94c159806&KRTB&23031-693c01a9-7168-4f7f-9cbd-deb94c159806; KRTBCOOKIE_391=22924-6486172977607540710&KRTB&23263-6486172977607540710; KRTBCOOKIE_153=19420-MLWlxD62o5Irt6aSZ7O9zmO99sArsabBP-Kn18_Q&KRTB&22979-MLWlxD62o5Irt6aSZ7O9zmO99sArsabBP-Kn18_Q; KRTBCOOKIE_466=16530-2a886cd7-5f09-4e83-97d0-d6aabe6eacc4; KRTBCOOKIE_699=22727-AAGorE7CpQQAADl5IWYCfQ; PugT=1632797244; SPugT=1632797245
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=31171
expires
Tue, 28 Sep 2021 11:26:58 GMT
date
Tue, 28 Sep 2021 02:47:27 GMT
vary
Accept-Encoding
/
ssc-cms.33across.com/ps/ Frame 481A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bn7iCOy8Sr6OrMaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-4.32.0-28-with-new-ssps.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.178 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip178.208-100-17.static.steadfastdns.net
Software
33XP004 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&ru=deb&id=bn7iCOy8Sr6OrMaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://helpdesk.rootsweb.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/

Response headers

x-33x-status
2000208
server
33XP004
date
Tue, 28 Sep 2021 02:47:27 GMT
usync.html
eus.rubiconproject.com/ Frame 1C12 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-4.32.0-28-with-new-ssps.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://helpdesk.rootsweb.com/
Accept-Encoding
gzip, deflate, br
Cookie
rsid=1|HsGqLFsFr/vVSy6g0MQzNQWiuYBcZJvAvCF6IsCkVVAywYaQOmrhQ6qYZbyIiI/PTx+vvVOnYX6qF0anVSaRRFrEpFc6uQw19gMkasvdREJwzG6pEKVeU6zjT6a3MjDFVf/xlH9h; ses2=128980^1; vis2=128980^1; khaos=KU3HBKJD-10-5X8B; ses15=; vis15=159042^1; audit=1|hLZGFuTafB3d5xdaYKaEZfWt1ylCKbKsv2FR2LKygIBJ6iWvDrmSSwmf2gEMxCFZ59O4vo6YizvAUJ+gL7gixayAxgfbm9J8Aizhfkn5jms=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Fri, 24 Sep 2021 19:54:05 GMT
ETag
"40333-119-5ccc31c0f3140"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 28 Sep 2021 02:47:27 GMT
Connection
keep-alive
Vary
Accept-Encoding
sync
x.bidswitch.net/ 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=gumgum2&user_id=&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.35.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-35-118.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
usersync
rtb.gumgum.com/
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://rtb.gumgum.com/usersync?b=idi&i=1f6100f2-f3e6-4096-a98f-50fdd4d102d2
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=idi&i=1f6100f2-f3e6-4096-a98f-50fdd4d102d2
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 02:47:28 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=idi&i=1f6100f2-f3e6-4096-a98f-50fdd4d102d2
date
Tue, 28 Sep 2021 02:47:28 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
ibs:dpid=463291&dpuuid=ID5-ZHMOOzL2w94mgQFZpIn4horxEiVkXQXBi_QGAQpSCw&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F160%2F3%2F7.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr...
dpm.demdex.net/
Redirect Chain
  • https://id5-sync.com/s/441/9.gif?puid=&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/441/441/9/1.gif?puid=0&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOOzL2w94mgQFZpIn4horxEiVkXQXBi_QGAQpSCw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3Fpuid%3...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOOzL2w94mgQFZpIn4horxEiVkXQXBi_QGAQpSCw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3F...
  • https://id5-sync.com/cq/441/916/8/2.gif?puid=1f6100f2-f3e6-4096-a98f-50fdd4d102d2&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOOzL2w94mgQFZpIn4horxEiVkXQXBi_QGAQpSCw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F7%2F3.gif%3Fpuid%3D...
  • https://id5-sync.com/cq/441/124/7/3.gif?puid=1f6100f2-f3e6-4096-a98f-50fdd4d102d2&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/441/146/6/4.gif?puid=fd9ea1cd-cf0e-4367-953c-2785407064bd&gdpr=1&gdpr_consent=
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEPJSLohWmTRSx0_DqbXToDo&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0Rv...
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=7586480693263238495&opid=apx&ops=&utidl=tech:goo:CAESEPJSLohWmTRSx0_DqbXToDo&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0a...
  • https://id5-sync.com/qp/18.gif?puid=vec%3A21086535777&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/441/19/4/6.gif?puid=eb121bedbb6b5b675efdd302be205b58&gdpr=1&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=463291&dpuuid=ID5-ZHMOOzL2w94mgQFZpIn4horxEiVkXQXBi_QGAQpSCw&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F160%2F3%2F7.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr...
0
0
usersync
rtb.gumgum.com/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
  • https://rtb.gumgum.com/usersync?b=apn&i=7586480693263238495
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=apn&i=7586480693263238495
Requested by
Host: helpdesk.rootsweb.com
URL: https://helpdesk.rootsweb.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://helpdesk.rootsweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 02:47:28 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 28 Sep 2021 02:47:27 GMT
X-Proxy-Origin
216.131.114.150; 216.131.114.150; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
7404efe1-ad3a-4826-a262-203613248bb1
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.gumgum.com/usersync?b=apn&i=7586480693263238495
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame A750 		0
735 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Sep 2021 02:47:28 GMT
X-Proxy-Origin
216.131.114.150; 216.131.114.150; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
92169757-086c-47ab-9446-9bc8fcd96ccc
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame FBA4 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://helpdesk.rootsweb.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5b06d90bbe1a6f3bc6ca035d8bea5b58dedc33dd66eef54e1c68501125a5fca1

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Cookie
CMID=YVKCPRmNryCEtQaq-wY6lAAA; CMPS=3181; CMPRO=1143; CMST=YVKCPWFSgj0A; CMRUM3=036152823d05a0&f16152823d05a0&c36152823d2760av-ce29a263-1b85-46ea-addc-ea6d01143887&0d6152823d276006c32204071a0b4f1a41754c&e66152823d2760&276152823d0b40&2d6152823d05a0&6f6152823d05a0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
73|46|88|130|221|45|47|111
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1713
Expires
Tue, 28 Sep 2021 02:47:28 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 28 Sep 2021 02:47:28 GMT
Connection
keep-alive
Set-Cookie
CMID=YVKCPRmNryCEtQaq-wY6lAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 28 Sep 2022 02:47:28 GMT CMPS=3181;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 27 Dec 2021 02:47:28 GMT CMPRO=1143;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 27 Dec 2021 02:47:28 GMT CMST=YVKCPWFSgkAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 29 Sep 2021 02:47:28 GMT CMRUM3=276152823d0b40&8261528240a8c0&dd615282402760&6f6152824005a0&2d6152824005a0&c36152823d2760av-ce29a263-1b85-46ea-addc-ea6d01143887&0d6152823d276006c32204071a0b4f1a41754c&f16152823d05a0&036152823d05a0&586152824005a0&2e6152824005a0&2f6152824005a0&496152824005a0&e66152823d2760;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 28 Sep 2022 02:47:28 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 13C8 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=51654636&p=95054&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
2af377295412a005d253988778eea53ded927c5d307f49745bd8c4eae282d1ff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:26 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usync.js
eus.rubiconproject.com/ Frame 1C12 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
02c30f3e7aec710c498ae4fc38c2290024901d2be6b163d8532557befd238125

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 28 Sep 2021 02:47:28 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Sep 2021 19:54:05 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=76559
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9280
Expires
Wed, 29 Sep 2021 00:03:27 GMT
idSync
sync.aralego.com/ Frame 10F4
Redirect Chain
  • https://sync.aralego.com/idsync?
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/274650e2-2ab7-43a2-83e9-d838336d094e?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-ZhPljxtE2oWGC_wVSeSgdNF3k.8zfa9f7UNwNFQ-~A&redirect=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=693c01a9-7168-4f7f-9cbd-deb94c159806
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/274650e2-2ab7-43a2-83e9-d838336d094e?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-ZhPljxtE2oWGC_wVSeSgdNF3k.8zfa9f7UNwNFQ-~A&redirect=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=693c01a9-7168-4f7f-9cbd-deb94c159806
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/274650e2-2ab7-43a2-83e9-d838336d094e?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-ZhPljxtE2oWGC_wVSeSgdNF3k.8zfa9f7UNwNFQ-~A&redirect=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=693c01a9-7168-4f7f-9cbd-deb94c159806
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/274650e2-2ab7-43a2-83e9-d838336d094e?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-ZhPljxtE2oWGC_wVSeSgdNF3k.8zfa9f7UNwNFQ-~A&redirect=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=693c01a9-7168-4f7f-9cbd-deb94c159806
  • https://x.bidswitch.net/sync?ssp=ucfunnel&user_id=274650e2-2ab7-43a2-83e9-d838336d094e&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=ucfunnel&bsw_param=2a886cd7-5f09-4e83-97d0-d6aabe6eacc4&google_hm=MmE4ODZjZDctNWYwOS00ZTgzLTk3ZDAtZDZhYWJlNmVhY2M0
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEKyPBJxA2jWCyHO1xSNPHj0&google_cver=1&ssp=ucfunnel&bsw_param=2a886cd7-5f09-4e83-97d0-d6aabe6eacc4
  • https://sync.aralego.com/idSync?redirect=&ucf_nid=dsp-6AABDA2D3AA6EAD1E94E9442DE6444A&ucf_user_id=2a886cd7-5f09-4e83-97d0-d6aabe6eacc4
0
0
Pug
image2.pubmatic.com/AdServer/ Frame 291B
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGorE7CpQQAADl5IWYCfQ
42 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGorE7CpQQAADl5IWYCfQ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGorE7CpQQAADl5IWYCfQ
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=C9C0BDDC-098B-4F45-961C-165698E0E080; KRTBCOOKIE_57=22776-7586480693263238495; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEHakVvqMBvYxSD0LqxmlrC0&KRTB&16514-CAESEHakVvqMBvYxSD0LqxmlrC0&KRTB&23025-CAESEHakVvqMBvYxSD0LqxmlrC0; KRTBCOOKIE_336=5844-480603322255117247; KRTBCOOKIE_1101=23040-7012810768275404943; KRTBCOOKIE_27=16735-uid:2f966152-823c-4e00-aa52-204b90690e66&KRTB&16736-uid:2f966152-823c-4e00-aa52-204b90690e66&KRTB&23019-uid:2f966152-823c-4e00-aa52-204b90690e66&KRTB&23114-uid:2f966152-823c-4e00-aa52-204b90690e66; KRTBCOOKIE_377=6810-693c01a9-7168-4f7f-9cbd-deb94c159806&KRTB&22918-693c01a9-7168-4f7f-9cbd-deb94c159806&KRTB&23031-693c01a9-7168-4f7f-9cbd-deb94c159806; KRTBCOOKIE_391=22924-6486172977607540710&KRTB&23263-6486172977607540710; KRTBCOOKIE_153=19420-MLWlxD62o5Irt6aSZ7O9zmO99sArsabBP-Kn18_Q&KRTB&22979-MLWlxD62o5Irt6aSZ7O9zmO99sArsabBP-Kn18_Q; KRTBCOOKIE_466=16530-2a886cd7-5f09-4e83-97d0-d6aabe6eacc4; KRTBCOOKIE_699=22727-AAGorE7CpQQAADl5IWYCfQ; PugT=1632797244; SPugT=1632797245; chkChromeAb67Sec=2; DPSync3=1632873600%3A174%7C1633996800%3A219_221_226_227_235_201_197; SyncRTB3=1633392000%3A2_15_223%7C1637971200%3A69%7C1634083200%3A35%7C1633996800%3A220_3_189_81_233_21_71_161_22_204_104_13_234_230_7_55_165_99_57_8_56_166_176_222_5_54_88_231%7C1635379200%3A203%7C1633651200%3A63
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 28 Sep 2021 02:47:27 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_699=22727-AAGorE7CpQQAADl5IWYCfQ; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 28-Oct-2021 02:47:27 GMT; path=/ PugT=1632797247; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 28-Oct-2021 02:47:27 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 27-Dec-2021 02:47:27 GMT; path=/
x-lat
amspug001:0:502
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Date
Tue, 28 Sep 2021 02:47:28 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGorE7CpQQAADl5IWYCfQ
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame 2CBD
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
0
88 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=C9C0BDDC-098B-4F45-961C-165698E0E080; KRTBCOOKIE_57=22776-7586480693263238495; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEHakVvqMBvYxSD0LqxmlrC0&KRTB&16514-CAESEHakVvqMBvYxSD0LqxmlrC0&KRTB&23025-CAESEHakVvqMBvYxSD0LqxmlrC0; KRTBCOOKIE_336=5844-480603322255117247; KRTBCOOKIE_1101=23040-7012810768275404943; KRTBCOOKIE_27=16735-uid:2f966152-823c-4e00-aa52-204b90690e66&KRTB&16736-uid:2f966152-823c-4e00-aa52-204b90690e66&KRTB&23019-uid:2f966152-823c-4e00-aa52-204b90690e66&KRTB&23114-uid:2f966152-823c-4e00-aa52-204b90690e66; KRTBCOOKIE_377=6810-693c01a9-7168-4f7f-9cbd-deb94c159806&KRTB&22918-693c01a9-7168-4f7f-9cbd-deb94c159806&KRTB&23031-693c01a9-7168-4f7f-9cbd-deb94c159806; KRTBCOOKIE_391=22924-6486172977607540710&KRTB&23263-6486172977607540710; KRTBCOOKIE_153=19420-MLWlxD62o5Irt6aSZ7O9zmO99sArsabBP-Kn18_Q&KRTB&22979-MLWlxD62o5Irt6aSZ7O9zmO99sArsabBP-Kn18_Q; KRTBCOOKIE_466=16530-2a886cd7-5f09-4e83-97d0-d6aabe6eacc4; KRTBCOOKIE_699=22727-AAGorE7CpQQAADl5IWYCfQ; SPugT=1632797245; chkChromeAb67Sec=2; DPSync3=1632873600%3A174%7C1633996800%3A219_221_226_227_235_201_197; SyncRTB3=1633392000%3A2_15_223%7C1637971200%3A69%7C1634083200%3A35%7C1633996800%3A220_3_189_81_233_21_71_161_22_204_104_13_234_230_7_55_165_99_57_8_56_166_176_222_5_54_88_231%7C1635379200%3A203%7C1633651200%3A63; KRTBCOOKIE_107=1471-uid:ard86Ruz1Mv39r5; KRTBCOOKIE_218=22978-YVKCOwAAAFN6UgQE&KRTB&23194-YVKCOwAAAFN6UgQE&KRTB&23209-YVKCOwAAAFN6UgQE&KRTB&23244-YVKCOwAAAFN6UgQE; KRTBCOOKIE_22=14911-4034688661224747865; PugT=1632797247
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 28 Sep 2021 02:47:28 GMT
content-type
text/html; charset=utf-8
x-lat
lhrpug006:2:301
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
content-encoding
gzip

Redirect headers

set-cookie
viewer_token=069f3ac7-73a3-4554-aaa1-9afcd6f28ef0; path=/; domain=csync.loopme.me; Expires=Thu, 28-Oct-2021 02:47:28 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
content-length
0
date
Tue, 28 Sep 2021 02:47:28 GMT
server
_
Pug
simage2.pubmatic.com/AdServer/ Frame BA9B
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1761262881
  • https://sync.1rx.io/usersync/tradedesk/693c01a9-7168-4f7f-9cbd-deb94c159806
  • https://sync.targeting.unrulymedia.com/csync/RX-ea470619-e7ea-4b12-860b-421deadd4302-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ea470619-e7ea-4b12-860b-421deadd4302-003
42 B
268 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ea470619-e7ea-4b12-860b-421deadd4302-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ea470619-e7ea-4b12-860b-421deadd4302-003
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=C9C0BDDC-098B-4F45-961C-165698E0E080; KRTBCOOKIE_57=22776-7586480693263238495; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEHakVvqMBvYxSD0LqxmlrC0&KRTB&16514-CAESEHakVvqMBvYxSD0LqxmlrC0&KRTB&23025-CAESEHakVvqMBvYxSD0LqxmlrC0; KRTBCOOKIE_336=5844-480603322255117247; KRTBCOOKIE_1101=23040-7012810768275404943; KRTBCOOKIE_27=16735-uid:2f966152-823c-4e00-aa52-204b90690e66&KRTB&16736-uid:2f966152-823c-4e00-aa52-204b90690e66&KRTB&23019-uid:2f966152-823c-4e00-aa52-204b90690e66&KRTB&23114-uid:2f966152-823c-4e00-aa52-204b90690e66; KRTBCOOKIE_377=6810-693c01a9-7168-4f7f-9cbd-deb94c159806&KRTB&22918-693c01a9-7168-4f7f-9cbd-deb94c159806&KRTB&23031-693c01a9-7168-4f7f-9cbd-deb94c159806; KRTBCOOKIE_391=22924-6486172977607540710&KRTB&23263-6486172977607540710; KRTBCOOKIE_153=19420-MLWlxD62o5Irt6aSZ7O9zmO99sArsabBP-Kn18_Q&KRTB&22979-MLWlxD62o5Irt6aSZ7O9zmO99sArsabBP-Kn18_Q; KRTBCOOKIE_466=16530-2a886cd7-5f09-4e83-97d0-d6aabe6eacc4; KRTBCOOKIE_699=22727-AAGorE7CpQQAADl5IWYCfQ; SPugT=1632797245; chkChromeAb67Sec=2; DPSync3=1632873600%3A174%7C1633996800%3A219_221_226_227_235_201_197; SyncRTB3=1633392000%3A2_15_223%7C1637971200%3A69%7C1634083200%3A35%7C1633996800%3A220_3_189_81_233_21_71_161_22_204_104_13_234_230_7_55_165_99_57_8_56_166_176_222_5_54_88_231%7C1635379200%3A203%7C1633651200%3A63; KRTBCOOKIE_107=1471-uid:ard86Ruz1Mv39r5; KRTBCOOKIE_218=22978-YVKCOwAAAFN6UgQE&KRTB&23194-YVKCOwAAAFN6UgQE&KRTB&23209-YVKCOwAAAFN6UgQE&KRTB&23244-YVKCOwAAAFN6UgQE; KRTBCOOKIE_22=14911-4034688661224747865; PugT=1632797247; KRTBCOOKIE_409=22966-J8AL56IN286xb5Fp1ubIXjin; KRTBCOOKIE_188=3189-339f34d4-bb80-4d6b-bcff-3b08a541d525-61528240-5553
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 28 Sep 2021 02:47:28 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_594=17105-RX-ea470619-e7ea-4b12-860b-421deadd4302-003&KRTB&17107-RX-ea470619-e7ea-4b12-860b-421deadd4302-003; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 27-Dec-2021 02:47:28 GMT; path=/ PugT=1632797248; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 28-Oct-2021 02:47:28 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 27-Dec-2021 02:47:28 GMT; path=/
x-lat
lhrpug012:0:489
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Tengine
date
Tue, 28 Sep 2021 02:47:28 GMT
content-type
text/html
set-cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-ea470619-e7ea-4b12-860b-421deadd4302-003%22%7D; path=/; expires=Wed, 28 Sep 2022 02:47:28 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ea470619-e7ea-4b12-860b-421deadd4302-003
etag
RXea470619e7ea4b12860b421deadd4302003
dpe
ad4m.at/ad/ Frame 9DA7 		42 B
974 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Tue, 28 Sep 2021 02:47:28 GMT
content-type
image/gif
content-length
42
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-7b12
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6959a5b14ef92784-PRG
bridge
cm.adgrx.com/ Frame 462E 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.170 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
ams-mon-1.sys.adgear.com
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Date
Tue, 28 Sep 2021 02:47:28 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-2
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Pug
image2.pubmatic.com/AdServer/ Frame C889
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=J8AL56IN286xb5Fp1ubIXjin
42 B
216 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=J8AL56IN286xb5Fp1ubIXjin
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=J8AL56IN286xb5Fp1ubIXjin
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=C9C0BDDC-098B-4F45-961C-165698E0E080; KRTBCOOKIE_57=22776-7586480693263238495; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEHakVvqMBvYxSD0LqxmlrC0&KRTB&16514-CAESEHakVvqMBvYxSD0LqxmlrC0&KRTB&23025-CAESEHakVvqMBvYxSD0LqxmlrC0; KRTBCOOKIE_336=5844-480603322255117247; KRTBCOOKIE_1101=23040-7012810768275404943; KRTBCOOKIE_27=16735-uid:2f966152-823c-4e00-aa52-204b90690e66&KRTB&16736-uid:2f966152-823c-4e00-aa52-204b90690e66&KRTB&23019-uid:2f966152-823c-4e00-aa52-204b90690e66&KRTB&23114-uid:2f966152-823c-4e00-aa52-204b90690e66; KRTBCOOKIE_377=6810-693c01a9-7168-4f7f-9cbd-deb94c159806&KRTB&22918-693c01a9-7168-4f7f-9cbd-deb94c159806&KRTB&23031-693c01a9-7168-4f7f-9cbd-deb94c159806; KRTBCOOKIE_391=22924-6486172977607540710&KRTB&23263-6486172977607540710; KRTBCOOKIE_153=19420-MLWlxD62o5Irt6aSZ7O9zmO99sArsabBP-Kn18_Q&KRTB&22979-MLWlxD62o5Irt6aSZ7O9zmO99sArsabBP-Kn18_Q; KRTBCOOKIE_466=16530-2a886cd7-5f09-4e83-97d0-d6aabe6eacc4; KRTBCOOKIE_699=22727-AAGorE7CpQQAADl5IWYCfQ; SPugT=1632797245; chkChromeAb67Sec=2; DPSync3=1632873600%3A174%7C1633996800%3A219_221_226_227_235_201_197; SyncRTB3=1633392000%3A2_15_223%7C1637971200%3A69%7C1634083200%3A35%7C1633996800%3A220_3_189_81_233_21_71_161_22_204_104_13_234_230_7_55_165_99_57_8_56_166_176_222_5_54_88_231%7C1635379200%3A203%7C1633651200%3A63; KRTBCOOKIE_107=1471-uid:ard86Ruz1Mv39r5; KRTBCOOKIE_218=22978-YVKCOwAAAFN6UgQE&KRTB&23194-YVKCOwAAAFN6UgQE&KRTB&23209-YVKCOwAAAFN6UgQE&KRTB&23244-YVKCOwAAAFN6UgQE; KRTBCOOKIE_22=14911-4034688661224747865; PugT=1632797247
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 28 Sep 2021 02:47:27 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_409=22966-J8AL56IN286xb5Fp1ubIXjin; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 28-Oct-2021 02:47:27 GMT; path=/ PugT=1632797247; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 28-Oct-2021 02:47:27 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 27-Dec-2021 02:47:27 GMT; path=/
x-lat
amspug006:0:399
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Tue, 28 Sep 2021 02:47:28 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie
u=J8AL56IN286xb5Fp1ubIXjin; Max-Age=31536000; Domain=.erne.co; Path=/; Secure; SameSite=None
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=J8AL56IN286xb5Fp1ubIXjin
strict-transport-security
max-age=0; includeSubDomains;
i.match
s.tribalfusion.com/z/ Frame 680A
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
419 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
ANON_ID=aqnoeUmMZaEpDXqwsMQjkCTrH2gPTunQriLGRGXko
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Tue, 28 Sep 2021 02:47:28 GMT
content-type
image/gif; charset=utf-8
content-length
43
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=a9nseFs2aF9pAJsbYLnZatmBCBjXWB1HSDSKdQtQdWZdHU5w24TZdV6u9ZcxDp2TQiKr5s6gTLPRMj2ZdjtCPM3wZb; path=/; domain=.tribalfusion.com; expires=Mon, 27-Dec-2021 02:47:28 GMT; SameSite=None; Secure; ANON_ID_old=a9nseFs2aF9pAJsbYLnZatmBCBjXWB1HSDSKdQtQdWZdHU5w24TZdV6u9ZcxDp2TQiKr5s6gTLPRMj2ZdjtCPM3wZb; path=/; domain=.tribalfusion.com; expires=Mon, 27-Dec-2021 02:47:28 GMT;
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6959a5b28f581752-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Tue, 28 Sep 2021 02:47:28 GMT
content-type
text/html
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
1101
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=aqnoeUmMZaEpDXqwsMQjkCTrH2gPTunQriLGRGXko; path=/; domain=.tribalfusion.com; expires=Mon, 27-Dec-2021 02:47:28 GMT; SameSite=None; Secure; ANON_ID_old=aqnoeUmMZaEpDXqwsMQjkCTrH2gPTunQriLGRGXko; path=/; domain=.tribalfusion.com; expires=Mon, 27-Dec-2021 02:47:28 GMT;
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6959a5b14e9a1752-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
141
match.deepintent.com/usersync/ Frame 42F2 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.deepintent.com
:scheme
https
:path
/usersync/141?gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

content-length
0
date
Tue, 28 Sep 2021 02:47:27 GMT
server
a
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame FE01
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=bdc7d523-07b7-4dbe-95cd-ad419258dd83-tuct84c07c0&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=bdc7d523-07b7-4dbe-95cd-ad419258dd83-tuct84c07c0&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.taboola.com
:scheme
https
:path
/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=bdc7d523-07b7-4dbe-95cd-ad419258dd83-tuct84c07c0&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
t_gid=bdc7d523-07b7-4dbe-95cd-ad419258dd83-tuct84c07c0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Tue, 28 Sep 2021 02:47:28 GMT
via
1.1 varnish
x-served-by
cache-hhn4078-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1632797248.233516,VS0,VE9
content-length
0

Redirect headers

server
nginx
set-cookie
t_gid=bdc7d523-07b7-4dbe-95cd-ad419258dd83-tuct84c07c0;Version=1;Path=/;Domain=.taboola.com;Expires=Wed, 28-Sep-2022 02:47:28 GMT;Max-Age=31536000;Secure;SameSite=None
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=bdc7d523-07b7-4dbe-95cd-ad419258dd83-tuct84c07c0&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Tue, 28 Sep 2021 02:47:28 GMT
via
1.1 varnish
x-served-by
cache-hhn4078-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1632797248.191349,VS0,VE8
x-vcl-time-ms
8
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 302B
Redirect Chain
  • https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
  • https://um.simpli.fi/match_redirect?sifi_redir=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID
  • https://match.bnmla.com/usersync?dspid=6&uuid=9EBD5614879B409988849EB083005913
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=a43bb9d0-a5fb-4979-a724-8c905f2ae641
42 B
110 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=a43bb9d0-a5fb-4979-a724-8c905f2ae641
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=a43bb9d0-a5fb-4979-a724-8c905f2ae641
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=C9C0BDDC-098B-4F45-961C-165698E0E080; KRTBCOOKIE_57=22776-7586480693263238495; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEHakVvqMBvYxSD0LqxmlrC0&KRTB&16514-CAESEHakVvqMBvYxSD0LqxmlrC0&KRTB&23025-CAESEHakVvqMBvYxSD0LqxmlrC0; KRTBCOOKIE_336=5844-480603322255117247; KRTBCOOKIE_1101=23040-7012810768275404943; KRTBCOOKIE_27=16735-uid:2f966152-823c-4e00-aa52-204b90690e66&KRTB&16736-uid:2f966152-823c-4e00-aa52-204b90690e66&KRTB&23019-uid:2f966152-823c-4e00-aa52-204b90690e66&KRTB&23114-uid:2f966152-823c-4e00-aa52-204b90690e66; KRTBCOOKIE_377=6810-693c01a9-7168-4f7f-9cbd-deb94c159806&KRTB&22918-693c01a9-7168-4f7f-9cbd-deb94c159806&KRTB&23031-693c01a9-7168-4f7f-9cbd-deb94c159806; KRTBCOOKIE_391=22924-6486172977607540710&KRTB&23263-6486172977607540710; KRTBCOOKIE_153=19420-MLWlxD62o5Irt6aSZ7O9zmO99sArsabBP-Kn18_Q&KRTB&22979-MLWlxD62o5Irt6aSZ7O9zmO99sArsabBP-Kn18_Q; KRTBCOOKIE_466=16530-2a886cd7-5f09-4e83-97d0-d6aabe6eacc4; KRTBCOOKIE_699=22727-AAGorE7CpQQAADl5IWYCfQ; SPugT=1632797245; chkChromeAb67Sec=2; DPSync3=1632873600%3A174%7C1633996800%3A219_221_226_227_235_201_197; SyncRTB3=1633392000%3A2_15_223%7C1637971200%3A69%7C1634083200%3A35%7C1633996800%3A220_3_189_81_233_21_71_161_22_204_104_13_234_230_7_55_165_99_57_8_56_166_176_222_5_54_88_231%7C1635379200%3A203%7C1633651200%3A63; KRTBCOOKIE_107=1471-uid:ard86Ruz1Mv39r5; KRTBCOOKIE_218=22978-YVKCOwAAAFN6UgQE&KRTB&23194-YVKCOwAAAFN6UgQE&KRTB&23209-YVKCOwAAAFN6UgQE&KRTB&23244-YVKCOwAAAFN6UgQE; KRTBCOOKIE_22=14911-4034688661224747865; KRTBCOOKIE_409=22966-J8AL56IN286xb5Fp1ubIXjin; KRTBCOOKIE_188=3189-339f34d4-bb80-4d6b-bcff-3b08a541d525-61528240-5553; KRTBCOOKIE_594=17105-RX-ea470619-e7ea-4b12-860b-421deadd4302-003&KRTB&17107-RX-ea470619-e7ea-4b12-860b-421deadd4302-003; PugT=1632797248; KRTBCOOKIE_860=16335-q0XEd0ZsSM9X9DmRNkPcgNiDcpY
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 28 Sep 2021 02:47:28 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 27-Dec-2021 02:47:28 GMT; path=/
x-lat
lhrpug003:0:412
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Tue, 28 Sep 2021 02:47:28 GMT
Content-Length
0
Connection
keep-alive
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=a43bb9d0-a5fb-4979-a724-8c905f2ae641
Pug
simage2.pubmatic.com/AdServer/ Frame B0BB
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:ard86Ruz1Mv39r5&gdpr=0&gdpr_consent=
42 B
387 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:ard86Ruz1Mv39r5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:ard86Ruz1Mv39r5&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=C9C0BDDC-098B-4F45-961C-165698E0E080; KRTBCOOKIE_57=22776-7586480693263238495; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEHakVvqMBvYxSD0LqxmlrC0&KRTB&16514-CAESEHakVvqMBvYxSD0LqxmlrC0&KRTB&23025-CAESEHakVvqMBvYxSD0LqxmlrC0; KRTBCOOKIE_336=5844-480603322255117247; KRTBCOOKIE_1101=23040-7012810768275404943; KRTBCOOKIE_27=16735-uid:2f966152-823c-4e00-aa52-204b90690e66&KRTB&16736-uid:2f966152-823c-4e00-aa52-204b90690e66&KRTB&23019-uid:2f966152-823c-4e00-aa52-204b90690e66&KRTB&23114-uid:2f966152-823c-4e00-aa52-204b90690e66; KRTBCOOKIE_377=6810-693c01a9-7168-4f7f-9cbd-deb94c159806&KRTB&22918-693c01a9-7168-4f7f-9cbd-deb94c159806&KRTB&23031-693c01a9-7168-4f7f-9cbd-deb94c159806; KRTBCOOKIE_391=22924-6486172977607540710&KRTB&23263-6486172977607540710; KRTBCOOKIE_153=19420-MLWlxD62o5Irt6aSZ7O9zmO99sArsabBP-Kn18_Q&KRTB&22979-MLWlxD62o5Irt6aSZ7O9zmO99sArsabBP-Kn18_Q; KRTBCOOKIE_466=16530-2a886cd7-5f09-4e83-97d0-d6aabe6eacc4; KRTBCOOKIE_699=22727-AAGorE7CpQQAADl5IWYCfQ; PugT=1632797244; SPugT=1632797245; chkChromeAb67Sec=2; DPSync3=1632873600%3A174%7C1633996800%3A219_221_226_227_235_201_197; SyncRTB3=1633392000%3A2_15_223%7C1637971200%3A69%7C1634083200%3A35%7C1633996800%3A220_3_189_81_233_21_71_161_22_204_104_13_234_230_7_55_165_99_57_8_56_166_176_222_5_54_88_231%7C1635379200%3A203%7C1633651200%3A63
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 28 Sep 2021 02:47:28 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_107=1471-uid:ard86Ruz1Mv39r5; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 27-Dec-2021 02:47:28 GMT; path=/ PugT=1632797248; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 28-Oct-2021 02:47:28 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 27-Dec-2021 02:47:28 GMT; path=/
x-lat
lhrpug015:0:444
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Cache-Control
no-cache, must-revalidate
Date
Tue, 28 Sep 2021 02:47:28 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:ard86Ruz1Mv39r5&gdpr=0&gdpr_consent=
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Pragma
no-cache
Server
PingMatch/8a430fa#rel-ec2-master i-0066ec59cc187b8a7@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Set-Cookie
wfivefivec=ard86Ruz1Mv39r5; Domain=.w55c.net; Expires=Fri, 28-Oct-2022 02:47:28 GMT; Path=/; SameSite=None; Secure matchpubmatic=5; Domain=.w55c.net; Expires=Thu, 28-Oct-2021 02:47:28 GMT; Path=/; SameSite=None; Secure
Strict-Transport-Security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame 474E
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:9EBD5614879B409988849EB083005913
1 B
69 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:9EBD5614879B409988849EB083005913
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:9EBD5614879B409988849EB083005913
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=C9C0BDDC-098B-4F45-961C-165698E0E080; KRTBCOOKIE_57=22776-7586480693263238495; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEHakVvqMBvYxSD0LqxmlrC0&KRTB&16514-CAESEHakVvqMBvYxSD0LqxmlrC0&KRTB&23025-CAESEHakVvqMBvYxSD0LqxmlrC0; KRTBCOOKIE_336=5844-480603322255117247; KRTBCOOKIE_1101=23040-7012810768275404943; KRTBCOOKIE_27=16735-uid:2f966152-823c-4e00-aa52-204b90690e66&KRTB&16736-uid:2f966152-823c-4e00-aa52-204b90690e66&KRTB&23019-uid:2f966152-823c-4e00-aa52-204b90690e66&KRTB&23114-uid:2f966152-823c-4e00-aa52-204b90690e66; KRTBCOOKIE_377=6810-693c01a9-7168-4f7f-9cbd-deb94c159806&KRTB&22918-693c01a9-7168-4f7f-9cbd-deb94c159806&KRTB&23031-693c01a9-7168-4f7f-9cbd-deb94c159806; KRTBCOOKIE_391=22924-6486172977607540710&KRTB&23263-6486172977607540710; KRTBCOOKIE_153=19420-MLWlxD62o5Irt6aSZ7O9zmO99sArsabBP-Kn18_Q&KRTB&22979-MLWlxD62o5Irt6aSZ7O9zmO99sArsabBP-Kn18_Q; KRTBCOOKIE_466=16530-2a886cd7-5f09-4e83-97d0-d6aabe6eacc4; KRTBCOOKIE_699=22727-AAGorE7CpQQAADl5IWYCfQ; PugT=1632797244; SPugT=1632797245; chkChromeAb67Sec=2; DPSync3=1632873600%3A174%7C1633996800%3A219_221_226_227_235_201_197; SyncRTB3=1633392000%3A2_15_223%7C1637971200%3A69%7C1634083200%3A35%7C1633996800%3A220_3_189_81_233_21_71_161_22_204_104_13_234_230_7_55_165_99_57_8_56_166_176_222_5_54_88_231%7C1635379200%3A203%7C1633651200%3A63
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 28 Sep 2021 02:47:28 GMT
content-type
text/html; charset=utf-8
content-length
1
set-cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 27-Dec-2021 02:47:28 GMT; path=/
x-lat
lhrpug017:0:398
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Tue, 28 Sep 2021 02:47:28 GMT
content-type
text/html
content-length
142
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:9EBD5614879B409988849EB083005913
expires
Mon, 27 Sep 2021 02:47:28 GMT
cache-control
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Pug
simage2.pubmatic.com/AdServer/ Frame 0312
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=q0XEd0ZsSM9X9DmRNkPcgNiDcpY
42 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=q0XEd0ZsSM9X9DmRNkPcgNiDcpY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=q0XEd0ZsSM9X9DmRNkPcgNiDcpY
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=C9C0BDDC-098B-4F45-961C-165698E0E080; KRTBCOOKIE_57=22776-7586480693263238495; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEHakVvqMBvYxSD0LqxmlrC0&KRTB&16514-CAESEHakVvqMBvYxSD0LqxmlrC0&KRTB&23025-CAESEHakVvqMBvYxSD0LqxmlrC0; KRTBCOOKIE_336=5844-480603322255117247; KRTBCOOKIE_1101=23040-7012810768275404943; KRTBCOOKIE_27=16735-uid:2f966152-823c-4e00-aa52-204b90690e66&KRTB&16736-uid:2f966152-823c-4e00-aa52-204b90690e66&KRTB&23019-uid:2f966152-823c-4e00-aa52-204b90690e66&KRTB&23114-uid:2f966152-823c-4e00-aa52-204b90690e66; KRTBCOOKIE_377=6810-693c01a9-7168-4f7f-9cbd-deb94c159806&KRTB&22918-693c01a9-7168-4f7f-9cbd-deb94c159806&KRTB&23031-693c01a9-7168-4f7f-9cbd-deb94c159806; KRTBCOOKIE_391=22924-6486172977607540710&KRTB&23263-6486172977607540710; KRTBCOOKIE_153=19420-MLWlxD62o5Irt6aSZ7O9zmO99sArsabBP-Kn18_Q&KRTB&22979-MLWlxD62o5Irt6aSZ7O9zmO99sArsabBP-Kn18_Q; KRTBCOOKIE_466=16530-2a886cd7-5f09-4e83-97d0-d6aabe6eacc4; KRTBCOOKIE_699=22727-AAGorE7CpQQAADl5IWYCfQ; SPugT=1632797245; chkChromeAb67Sec=2; DPSync3=1632873600%3A174%7C1633996800%3A219_221_226_227_235_201_197; SyncRTB3=1633392000%3A2_15_223%7C1637971200%3A69%7C1634083200%3A35%7C1633996800%3A220_3_189_81_233_21_71_161_22_204_104_13_234_230_7_55_165_99_57_8_56_166_176_222_5_54_88_231%7C1635379200%3A203%7C1633651200%3A63; KRTBCOOKIE_107=1471-uid:ard86Ruz1Mv39r5; KRTBCOOKIE_218=22978-YVKCOwAAAFN6UgQE&KRTB&23194-YVKCOwAAAFN6UgQE&KRTB&23209-YVKCOwAAAFN6UgQE&KRTB&23244-YVKCOwAAAFN6UgQE; KRTBCOOKIE_22=14911-4034688661224747865; KRTBCOOKIE_409=22966-J8AL56IN286xb5Fp1ubIXjin; KRTBCOOKIE_188=3189-339f34d4-bb80-4d6b-bcff-3b08a541d525-61528240-5553; KRTBCOOKIE_594=17105-RX-ea470619-e7ea-4b12-860b-421deadd4302-003&KRTB&17107-RX-ea470619-e7ea-4b12-860b-421deadd4302-003; PugT=1632797248
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 28 Sep 2021 02:47:28 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_860=16335-q0XEd0ZsSM9X9DmRNkPcgNiDcpY; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 27-Dec-2021 02:47:28 GMT; path=/ PugT=1632797248; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 28-Oct-2021 02:47:28 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 27-Dec-2021 02:47:28 GMT; path=/
x-lat
lhrpug005:0:461
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Content-Type
text/html; charset=utf-8
Date
Tue, 28 Sep 2021 02:47:28 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=q0XEd0ZsSM9X9DmRNkPcgNiDcpY
Set-Cookie
sa-user-id=s%3A0-ab45c477-466c-48cf-57f4-39913643dc80.R3jOYscWLJwoXxQa19VYzISSJhUU9XY3bxs2uCuCZIw; Max-Age=31536000; Secure; SameSite=None sa-user-id-v2=s%3A0-ab45c477-466c-48cf-57f4-39913643dc80%24ip%24216.131.114.150.y91ogSnqSHlfUJS6WaLDjfMVYJKMEZ8JvUmoqcz1NKo; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length
159
Connection
keep-alive
Artemis
aud.pubmatic.com/AdServer/ Frame 13C8
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=C9C0BDDC-098B-4F45-961C-165698E0E080&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=C9C0BDDC-098B-4F45-961C-165698E0E080&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=C9C0BDDC-098B-4F45-961C-165698E0E080&addseg=10,33,39
43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=C9C0BDDC-098B-4F45-961C-165698E0E080&addseg=10,33,39
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.229 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:28 GMT
content-length
43
content-type
text/plain; charset=utf-8

Redirect headers

date
Tue, 28 Sep 2021 02:47:28 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=C9C0BDDC-098B-4F45-961C-165698E0E080&addseg=10,33,39
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
141
info2
uipglob.semasio.net/pubmatic/1/ Frame 13C8
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=C9C0BDDC-098B-4F45-961C-165698E0E080&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=C9C0BDDC-098B-4F45-961C-165698E0E080&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=C9C0BDDC-098B-4F45-961C-165698E0E080&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 02:47:27 GMT
frontend-id
14
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Sep 2021 02:47:27 GMT
frontend-id
2
location
/pubmatic/1/info2?sType=sync&sExtCookieId=C9C0BDDC-098B-4F45-961C-165698E0E080&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 13C8 		95 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=C9C0BDDC-098B-4F45-961C-165698E0E080
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.24.87 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:28 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6959a5b128ea4eb0-FRA
access-control-allow-headers
*
content-length
95
p
a.audrte.com/ Frame 13C8
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=C9C0BDDC-098B-4F45-961C-165698E0E080
  • https://a.audrte.com/p
68 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.248.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-248-174.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 28 Sep 2021 02:47:28 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Tue, 28 Sep 2021 02:47:28 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 13C8
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YVKCOwAAAFN6UgQE&gdpr=0&gdpr_consent=
1 B
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YVKCOwAAAFN6UgQE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:28 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug005:0:486
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 28 Sep 2021 02:47:28 GMT
via
1.1 varnish
server
Varnish
x-timer
S1632797248.165721,VS0,VE0
x-served-by
cache-hhn4067-HHN
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YVKCOwAAAFN6UgQE&gdpr=0&gdpr_consent=
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
simage2.pubmatic.com/AdServer/ Frame 13C8
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4034688661224747865&gdpr=0&gdpr_consent=&us_privacy=
1 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4034688661224747865&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:28 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug004:0:458
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4034688661224747865&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 28 Sep 2021 02:47:27 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
image2.pubmatic.com/AdServer/ Frame 13C8
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=339f34d4-bb80-4d6b-bcff-3b08a541d525-61528240-5553&gdpr=0&gdpr_consent=
42 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=339f34d4-bb80-4d6b-bcff-3b08a541d525-61528240-5553&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:27 GMT
cache-control
no-store, no-cache, private
x-lat
amspug019:0:384
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 28 Sep 2021 02:47:27 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=339f34d4-bb80-4d6b-bcff-3b08a541d525-61528240-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 13C8
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:91a559b4-265d-4cd3-9517-9ec2ec94c1dc&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:91a559b4-265d-4cd3-9517-9ec2ec94c1dc&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:28 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug007:0:426
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:91a559b4-265d-4cd3-9517-9ec2ec94c1dc&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Tue, 28 Sep 2021 02:47:28 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame 13C8
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7586480693263238495
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7586480693263238495
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:28 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug009:0:312
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Tue, 28 Sep 2021 02:47:28 GMT
X-Proxy-Origin
216.131.114.150; 216.131.114.150; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
acdfea42-eadd-45b4-9931-a89740bf8b08
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7586480693263238495
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
d1ba4609
rtb.gumgum.com/getuid/ Frame 13C8 		35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 02:47:28 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 13C8
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=6b633886-2006-11ec-893b-15cf7b31d650&gdpr=0&gdpr_consent=
1 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=6b633886-2006-11ec-893b-15cf7b31d650&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:28 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug004:0:543
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=6b633886-2006-11ec-893b-15cf7b31d650&gdpr=0&gdpr_consent=
Date
Tue, 28 Sep 2021 02:47:27 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
6b633887-2006-11ec-893b-15cf7b31d650
YVKCPRmNryCEtQaq_wY6lAAABHcAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame FBA4 		43 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YVKCPRmNryCEtQaq_wY6lAAABHcAAAIB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://helpdesk.rootsweb.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.176 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
pr-bh-ing.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:28 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
getuid
secure.adnxs.com/ Frame FBA4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://helpdesk.rootsweb.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame FBA4 		85 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://helpdesk.rootsweb.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 02:47:28 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1632797248.187052,VS0,VE92
x-served-by
cache-hhn4067-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/png
content-length
85
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame FBA4
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAGorE7CpQQAADl5IWYCfQ&expiration=1634006848&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAGorE7CpQQAADl5IWYCfQ&expiration=1634006848&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://helpdesk.rootsweb.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Sep 2021 02:47:28 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 28 Sep 2021 02:47:28 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAGorE7CpQQAADl5IWYCfQ&expiration=1634006848&gdpr=1
Date
Tue, 28 Sep 2021 02:47:28 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
tpid=YVKCPRmNryCEtQaq-wY6lAAA%261143
bcp.crwdcntrl.net/map/c=6725/tp=INDX/ Frame FBA4 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YVKCPRmNryCEtQaq-wY6lAAA%261143?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://helpdesk.rootsweb.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.137.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-137-92.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 02:47:28 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.31.202
content-type
image/gif
content-length
49
expires
0
crum
dsum-sec.casalemedia.com/ Frame FBA4
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YVKCPRmNryCEtQaq-wY6lAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENYAlk48-0GqMm_1s93RWT0&google_cver=1&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENYAlk48-0GqMm_1s93RWT0&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://helpdesk.rootsweb.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Sep 2021 02:47:28 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 28 Sep 2021 02:47:28 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Sep 2021 02:47:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENYAlk48-0GqMm_1s93RWT0&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame FBA4
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=ard86Ruz1Mv39r5&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=ard86Ruz1Mv39r5&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://helpdesk.rootsweb.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Sep 2021 02:47:28 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 28 Sep 2021 02:47:28 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 28 Sep 2021 02:47:28 GMT
Server
PingMatch/8a430fa#rel-ec2-master i-0f1a9d8b7eed06fb2@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=ard86Ruz1Mv39r5&gdpr=1
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
match
c1.adform.net/serving/cookie/ Frame FBA4 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://helpdesk.rootsweb.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 02:47:28 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
htw-pixel.gif
js-sec.indexww.com/ht/ Frame FBA4 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YVKCPRmNryCEtQaq-wY6lAAA%261143
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://helpdesk.rootsweb.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 28 Sep 2021 02:47:28 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1154
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Tue, 28 Sep 2021 03:06:42 GMT
async_usersync
ib.adnxs.com/ Frame A750 		0
735 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Sep 2021 02:47:29 GMT
X-Proxy-Origin
216.131.114.150; 216.131.114.150; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
2b0091ce-d58a-470c-83f0-55fa39304bfe
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 13C8 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=95054&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 02:47:28 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
metrics
connect-metrics-collector.s-onetag.com/ 		0
73 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://connect-metrics-collector.s-onetag.com/metrics
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.181.31 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 28 Sep 2021 02:47:35 GMT
content-length
0
vary
Origin
metrics
signal-metrics-collector-beta.s-onetag.com/ 		0
72 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://signal-metrics-collector-beta.s-onetag.com/metrics
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.181.31 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://helpdesk.rootsweb.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 28 Sep 2021 02:47:35 GMT
content-length
0
vary
Origin
4bd2ba109c
bam-cell.nr-data.net/events/1/ Frame F619 		24 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/events/1/4bd2ba109c?a=197254878&v=1210.e2a3f80&to=ZVQAbEBTX0AFV0FaDVweN0pbHVZcS1VRQE1%2BdTAVQVdQQQdcG0MKQg%3D%3D&rst=10967&ck=1&ref=https://go.newspapers.com/ads/LDR-search.php
Requested by
Host: go.newspapers.com
URL: https://go.newspapers.com/ads/LDR-search.php?admin=1&design=whtldr&xid=109&nameField=1&label=Find%20your%20ancestors%20in%20obituaries%20and%20birth%20notices&clickTag=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsvrBlpIEkB-tgu8Pv2fvWR8XVgFXm_wPudKjzgEQM0cpxVzzt8_CYyB-VfW29mYJEgQOja5u_5mfo6dEowsOsyezQ4Ken3s-H3IThUPffuMd-soYtqr_L8icmImG5DxuNGXYcvTrcu_WicAG3zhSpgYjpcZS92lzmXLrtwkRZrFcqNzA0MrU_jY_--FRgWsAAvANFz352kMCGcbIQKe_sQqGTpMwG2SC8TCv0iMGz8znIiX4Eke_p9A-QnEpNcNHOuSJYUJuw-IFs8qTMEQWLTNiqozELXMc9MR5IuwbQeL_9BzcKpHiZ8p_hjaAmt0sGqdr3uMMjIJ%2526sai%253DAMfl-YTux3S_ZKatkW0KYgakF0Iltqnt80Y2nqJPzkhD_ecrIxJwRI9iuKD-pIdljY9yd7yXGMQ_wZ_Wsh8g1dDyjTODw6ORMF3aKplCIj2q2kxOeCcy6SXLsRcTPkfXIns%2526sig%253DCg0ArKJSzItH4uhhmgALEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&t=1&utm_source=rootsweb&utm_medium=referral&utm_campaign=RW-Display
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://go.newspapers.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
text/plain

Response headers

Date
Tue, 28 Sep 2021 02:47:35 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://go.newspapers.com
access-control-allow-credentials
true
Connection
keep-alive
CF-Ray
6959a5debc001f45-FRA
Content-Length
24

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google.com
URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-123718506-11&cid=1066705517.1632797244&jid=299498936&_u=YEBAAGAAAAAAAC~&z=930216100
Domain
go.newspapers.com
URL
https://go.newspapers.com/ads/LDR-search.php?&design=grayldr&nameField=1&label=FIND%20YOUR%20ANCESTORS%20IN%20OBITUARIES%20AND%20BIRTH%20NOTICES&xid=1090&clickTag=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjstAiiwjGPIMqcJx6Q-kvTBSJSu0RqjvSy60NAU2GOgL18FW1SVCuZzHeiLfRZe9iZDIE0sR4QIh2s7L5-1iki2INdkZjLammIRlYL6WqF6VtZJZDpV7keeJTWpoz-3vLS_ihYt-S5cdRqNBjhI3WNSpDBQUx31gdxxTuBdM-TOrUb8xqBNlhqiWP2Zge3pftpNHNSc4OJendNjgf_0s4FvT9IO0Jm9ZNjktUeik7FHLKWeg5ASEIJiokcSbZhaYPUjGJAa_FuKifs7IQ39yzk04lCBzuayq3-7_q2R5wgDQxg-eNXbShK_bWReKtAnV4hXfGwek2ltNuowSdIo%2526sai%253DAMfl-YSY2dBiQWAHS5V3k5qONEAE9jO4ahLZdlBGeadfIgqc7hT3C4F0VJVCCqIQYn8YXqRQdlrMGrIU0dI_O-UhbcJZL8eRW9S0Wgq8yWpoHcrOiOP1SZxxrmA_uKmAxQk%2526sig%253DCg0ArKJSzJTfHmnNjEmmEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&t=1&utm_source=rootsweb&utm_medium=referral&utm_campaign=RW-Display
Domain
inv-nets.admixer.net
URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dopenx%26bsw_param%3D2a886cd7-5f09-4e83-97d0-d6aabe6eacc4%26gdpr%3D%26consent%3D%26gdpr_pd%3D%26expires%3D7
Domain
api.britepool.com
URL
https://api.britepool.com/v1/britepool/id
Domain
api.britepool.com
URL
https://api.britepool.com/v1/britepool/id
Domain
dpm.demdex.net
URL
https://dpm.demdex.net/ibs:dpid=463291&dpuuid=ID5-ZHMOOzL2w94mgQFZpIn4horxEiVkXQXBi_QGAQpSCw&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F160%2F3%2F7.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Domain
sync.aralego.com
URL
https://sync.aralego.com/idSync?redirect=&ucf_nid=dsp-6AABDA2D3AA6EAD1E94E9442DE6444A&ucf_user_id=2a886cd7-5f09-4e83-97d0-d6aabe6eacc4

Verdicts & Comments Add Verdict or Comment

137 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery function| OAS_AD object| Insticator function| revealServerName function| _toConsumableArray function| _classCallCheck function| _typeof function| _extends function| _createClass object| ui string| env object| Banner function| updateCookie function| getExpireDate function| readCookie object| utag_data boolean| apstagLOADED object| apstag object| AdBridg object| googletag object| pbjs string| exp_string object| PublisherCommonId string| href object| mnet number| window_x object| ggeac object| google_js_reporting_queue function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| insticatorQueue string| embedUUID function| checkAndConfirmEmbedUUID function| embedLoad function| appendEmbedElements boolean| headerTagInjected number| insticator_tg boolean| utag_condload undefined| multioptoutUrl object| utag function| e undefined| returnTLD boolean| __tealium_twc_switch function| tmsPromise function| P object| digitalData string| is_mobile string| is_tablet string| url function| addSiteEvent object| adobe function| Visitor object| s_c_il number| s_c_in object| sx function| AppMeasurement function| s_gi function| s_pgicq function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_ActivityMap number| s_objectID number| s_giq boolean| creativeVendorLibraryLoaded object| s_i_ancestry-global object| InsticatorApp string| insticatorHeaderCodeVersion object| PWT object| instBid object| ads_list object| embeds_list boolean| isPageviewSent boolean| insticatorIframeLoaded object| confiant object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| gaGlobal string| encoded_unit object| __connect function| owpbjsChunk object| owpbjs object| _pbjsGlobals object| ucTag object| OWT string| partnerName string| key function| instBidChunk boolean| inDapIF boolean| inGptIF object| dicnf number| google_srt object| viewReq function| vu object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired number| __google_lidar_ function| osdlfm number| __google_lidar_adblocks_count_ function| __google_lidar_radf_ function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb

166 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIgQIQxP6y0sIvCgoI4gEQxP6y0sIvCgoI5gEQxP6y0sIvCgoIhwIQxP6y0sIvCgkICRDE_rLSwi8KCQg6EMT-stLCLwoJCAsQxP6y0sIvCgoIjAIQxP6y0sIvCgoIzgEQxP6y0sIvCgkIXxDE_rLSwi8=
.rootsweb.com/ Name: visid_incap_1709660
Value: aM7ymJNIQK+Zw+siBfBGeTmCUmEAAAAAQUIPAAAAAADbqIoFXNxZYhS2HaN3kE6w
.rootsweb.com/ Name: nlbi_1709660
Value: Ai0kMtSeLnNZikJS/2zClQAAAADlaTreaeBV/Lve4FBdJFI8
.rootsweb.com/ Name: incap_ses_534_1709660
Value: YXB7MV2DVz/v6XAhpyZpBzqCUmEAAAAAEu+ia6iiL8zJ/NdqaOhloQ==
helpdesk.rootsweb.com/ Name: ___utmvc
Value: bC5cCxcA2ivtcsAhO1h+dzsvj4cNw2q9G13AVjkHbFaw/OOORWSfGk7/6RNwWkyXkvOAlWUFwq2XvjDB30DNQn1iMyVYiSG+OCg8exuYayHGGGiZq4glQayewFXKJCusuf7RR73TVrQaHNnl4TG11/+23dqt4CTXbmVYCUm7BjEtwOscQk40p42qabGEzYlb+fhbW2+x9U9P7PzdLfuxmGQwBbFN+eO/GKKRZMKEpxKdHjkiDGIffd6p1MExrwpTdAYhqW0YrAxqi6b7UA+lBUBsLLMUBljiDyaytcDO4h211Kzi92g1/F4jx+SB9PEVqmHNR8gyU7P6v/Ovu8H4hBglMxnFy4FjP++YfKgHtmBqqLzjld5m94xKlRhQ4vuHVBhaI3CYWVjcIvoBGHubzL9x6KNymWab5WAS8kYhXLVS8HuP8GPRaYDlYAwLEVbdUdgizXXBDX2U9wEk/IN+28Gy9CDSgJJNsTKNsl2TNXAx5Qlt/h0g8orNOXHQGk04i1B7PfHpHK/DBQj0DNCgVQAlQ7iPyXWtAimpkRs/eTJiiG6h5V5ayYSHpokL5GtsMG7OmzT6AmcHH6t2dvggm99TSnbISaAfq1An7eNKRMKPjW5Vua3R6jrU6gcu+aEaD852jqBXoim+Y0YtAiy+Xuy93WgWB/MuppvE0mCj+0/Lc+PAeSOljb0ObzO4RbqFfFfl4tTIrtRZLkkNHiJPhtkq0VXEdsx4C5Qpv7x3HZjFpO4RWLrhluX4/bGB6nT5oOgm4jLMJ+tTSLVSP9TGMYvc4PixPNIRv601wLMXP6qC8us+1W65Qc7lfwNMvYqwkJHTHu4Q2E7kTIxK5UCsCzRihtvJVDH46dKrfI5Bt7ccawzeOjjG4JzStW7WE15sAy/zRpSMQXGh+RujGLtlwcSxyoIoHfXa9hwEGb3hMvny7GhnYE4Ezkd60bZRH5+LEru9QKJcufUfINwxkhBim+7YdsBGn3XoCvoMX7UQyv7fsnrOqS4GFaOWDuVnyQAqJzg2BIcf0zz7wGZv3iTePqZFdaEydFaJlMHDPnqEwPS7+KOY8CuL7MGypRHDnVB+jzb43KOE8hQSKjkQuqwwBrJ2BqLFoWuF9nOC9U2mJ6i2oEciRjTcVeiCi+yH6YzXCSiJHd0ZoarJ9VQghPNOP1Cl4abA/NMepP2+vSvVGHlCdB+yG3BQgE1TI67YV6J+v/Q3YOSESRXIFctgxBj0zOt/XKUqZ/bQh+nF8cHzQqqCxKiatzGeTNMTe17U2oz4Z44Fo9QKU6BMJj+k5Ltv70cfGiW41rf50zEDAlKqnBgr+bkkhUAMnsAUoUKS1p9RDWc7FlqlBkYjwVBqVkiZTYf7ww53HyQUw4Y5VIzdUJ8cVqPqYwlhEjx6/T3zNVdPM+yhOKdz9cOapm2HsU4XdlZfpoCoglkZAYDfb2Yy8koLX4mUdubxomX1/kwFsixpf2yfGkQA0/KrwLR4HQG3wJVsK/oOWr3Q3quZLLtuATvr/6ikV5M2ndCeJnyc9402YwvvikEJ3+dz2DXr2XYQqvl5stVMu/RAFpVClyMoyoPw/9lZ6tblM+M4FZY7Jc0ZyUslUmR3HY26fjjwIMAYNnnnZ5KvoNnLqW15khTxESW3XIEGTB+Qsn3CtjU8yaMlHfW12eQ1Nj/RCOf5w3s5dc2cn0TnjZBzkYtGMzALJQ3/dXVvjKFdZYpYxG6E4Qrz34uSKL9NFAjhANRI3lCay3lLvXzO2ZCSUOOHbGVSzAjIGoJEvtx1DLLSAwzqo+P99e98hRLU1xfuP23XMO7BYQPfv0T9eCjT+8znS+Zci4d8jN9By8AXJsYKew0whAvHQ11X6gnkx0c++UCKtPIkP+jlaHj6USUbwxEum/klMzxUdz2O8qFCCtOL4pZ7xEd+AFlCZRisNDjBx5GgoAclXgjNI/pEHFjF2yydUwoIzeWWLhxney6ADDEF61xCorWH1/4qjcnC3eYv0+mbnm/W3cyu/WTfOzPJUAvWl3PEwKTW1HubNbGHjp2nq+OzRu7+F/SKQjrZ4KAg8fdBBOWryjDoJ5D5rMp9RR+y1JIaqZS4kK1el3srLkE6R+9uME/na7LN2tmOqR8WZqjaI85PP8Lv2ordWaswdoyrvy4b0cZDUkGnuHDVC+8pIvoaA6mqtOEKCp/1hyNYpWFAOY5tnOzXyRLa8DdS7qNbrgXXpxYp2SgTR9UcF6HYu7hXrlJGIHRY8Ig9NzLIo5JWFuTYN4CLdeznTeaFUX2j4lqcW0jCL3ru1YeV2CejE067Mlp6gh1CU84c46YsfdahsZ/o9Q8zWVCHl4Kx9qdStfRa3+HproUTjpaR7wQVCX7vmHChcwcZEoJ+CCnzaHvCz7uQcfu5Y1AifoW/YNNjo3vET229GsPKDmJgyI5UZF+2o5aNMoWYYcv6BK0TbHas9RQM9GvCAOuXrgcoIsx+ckQZb/EgNPUDQHQV9pfru2Z9q1Nabq0LvUZvJmDhaav4oQYBZDMlqLzSlqT6YCvQ6RZwL8547ictrvjORxfyrbUsJ1NbHKH7YJyvQeLqv3jX0NaIy0pyzo2u8DkLlD5DxBrmtZ1ZaS6ufWFF71twF7UOVjl98Rick8+xOw2xPZVei+1U8bCUhW8P2toio4UrI8Z/sVCdGYUREkRIB2KgfRpdNEI45WLQsiq60OOELGRpZ2VzdD0xODQxNDMscz1hMjdmOTU4ODgyODdhMjZjYThhYThhOTc2NjgyODdhMTVmODM3NmFlYTg2MDgwNzg5NjlmODM3MzlkYWNhMTZkODg4MzhjOGI3NDg5NzE2ZQ==
.rootsweb.com/ Name: _pubcid
Value: 8eb7f0c0-4910-4ca3-a180-476584b9fc06
.rootsweb.com/ Name: an_split
Value: 29
.rootsweb.com/ Name: an_s_split
Value: 55
.rootsweb.com/ Name: utag_main
Value: v_id:017c2a4cb8ae009c90a454db9e8003072001e06a00b08$_sn:1$_se:1$_ss:1$_st:1632799043567$ses_id:1632797243567%3Bexp-session$_pn:1%3Bexp-session$vapi_domain:rootsweb.com
.rootsweb.com/ Name: adbrgn
Value: US%3F%3F
.rootsweb.com/ Name: _adb
Value: a2ku3hbkcqKifegK8KSe
.demdex.net/ Name: demdex
Value: 49762848788077139620148632807472656670
.rootsweb.com/ Name: AMCVS_ED3301AC512D2A290A490D4C%40AdobeOrg
Value: 1
.lijit.com/ Name: ljt_reader
Value: 75e01605ad8bc204ff562757
.openx.net/ Name: i
Value: 8eb7f0c0-4910-4ca3-a180-476584b9fc06|1632797243
.rubiconproject.com/ Name: rsid
Value: 1|HsGqLFsFr/vVSy6g0MQzNQWiuYBcZJvAvCF6IsCkVVAywYaQOmrhQ6qYZbyIiI/PTx+vvVOnYX6qF0anVSaRRFrEpFc6uQw19gMkasvdREJwzG6pEKVeU6zjT6a3MjDFVf/xlH9h
.rubiconproject.com/ Name: ses2
Value: 128980^1
.rubiconproject.com/ Name: vis2
Value: 128980^1
.rubiconproject.com/ Name: khaos
Value: KU3HBKJD-10-5X8B
.rootsweb.com/ Name: s_cc
Value: true
.adnxs.com/ Name: uuid2
Value: 7586480693263238495
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YVKCOwAAAFN6UgQE
helpdesk.rootsweb.com/ Name: InstiSession
Value: eyJpZCI6IjQyZmRhYTU1LTk2YmYtNDk3Yi1hMmVjLTk2MDQ3MDIzNzY3ZiIsInJlZmVycmVyIjoiIiwiY2FtcGFpZ24iOnsic291cmNlIjpudWxsLCJtZWRpdW0iOm51bGwsImNhbXBhaWduIjpudWxsLCJ0ZXJtIjpudWxsLCJjb250ZW50IjpudWxsfX0=
.dpm.demdex.net/ Name: dpm
Value: 49762848788077139620148632807472656670
.rootsweb.com/ Name: AMCV_ED3301AC512D2A290A490D4C%40AdobeOrg
Value: 359503849%7CMCIDTS%7C18899%7CMCMID%7C49961235599383605790165110995328253111%7CMCAAMLH-1633402043%7C6%7CMCAAMB-1633402043%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1632804443s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18906%7CvVersion%7C5.0.1
helpdesk.rootsweb.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
helpdesk.rootsweb.com/ Name: cto_bidid
Value: swZmBV9zMWJ4NDZ4QThBRFptZVRLZlhVJTJCMktDSEZzemZEc2JSeGpUcTlhJTJGTjlHdk9nYWZzbFp0bUR4UEFHcSUyRjR3R1k3RjBnV2tyOGUwR3ZRU0cwTlBYWjJIQSUzRCUzRA
helpdesk.rootsweb.com/ Name: cto_bundle
Value: LWQfal9qN2JHWFN4QjNYRnB0bTd5WWJnR1NCeUlxMjNBa290SG9iS05WVDdDVlZSWkx4MTNzaENKSTk5NVQwMVpSYUtBTnh2QXFVcUUzJTJGa1JpJTJCUFlRekYzb1NJYzQlMkZSRk1xeDFLY013cUt2aDNrdWtkVGVUNVJpSjRSSTMyR3hUYXZuZQ
helpdesk.rootsweb.com/ Name: ucf_uid
Value: 274650e2-2ab7-43a2-83e9-d838336d094e
helpdesk.rootsweb.com/ Name: _ga
Value: GA1.1.1066705517.1632797244
helpdesk.rootsweb.com/ Name: _gid
Value: GA1.1.153673938.1632797244
helpdesk.rootsweb.com/ Name: _gat
Value: 1
.rubiconproject.com/ Name: ses15
Value:
.rubiconproject.com/ Name: vis15
Value: 159042^1
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB3d5xdaYKaEZfWt1ylCKbKsv2FR2LKygIBJ6iWvDrmSSwmf2gEMxCFZ59O4vo6YizvAUJ+gL7gixayAxgfbm9J8Aizhfkn5jms=
.go.sonobi.com/ Name: HAPLB5A
Value: s56132|YVKCP
.gumgum.com/ Name: cs
Value: true
.gumgum.com/ Name: loc
Value: SfolTs1ZIlPB8MVKEK8IyKSvg4rUpAiO8hszRu6MQdzACEQ3JcDkYSa8DRCNeggG96g1Q-uOHK3zZq5_4672GqW4NdQcQCkgP6We6E0PKG0
.gumgum.com/ Name: vst
Value: e_28595d69-a7e3-449f-9a66-69546d178ccf
.adnxs.com/ Name: icu
Value: ChgIxIc7EAoYASABKAEwu4TKigY4AUABSAEKGAi86UsQChgBIAEoATC8hMqKBjgBQAFIARC8hMqKBhgB
.britepool.com/ Name: _temp_bpid_
Value: b090411d-b1c9-47b9-a490-4cf37db2de3e
.doubleclick.net/ Name: IDE
Value: AHWqTUmc5vw_KmttPci1escrQSx5iPOs4rBr8BvYUxa6yLXbh_3MTsIcVxGneP4GAb8
.aralego.com/ Name: sspid
Value: 274650e2-2ab7-43a2-83e9-d838336d094e
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.thrtle.com/ Name: mc
Value: eyJpZCI6ImFlNTgyNTBjLWI1YjQtNDYxMS1iODNhLWJhMjhlZGFiM2EzMiIsImwiOjE2MzI3OTcyNDQ4ODEsInQiOjF9
.pubmatic.com/ Name: KADUSERCOOKIE
Value: C9C0BDDC-098B-4F45-961C-165698E0E080
.adfarm1.adition.com/ Name: UserID1
Value: 7012810768275404943
.adform.net/ Name: C
Value: 1
.mathtag.com/ Name: uuid
Value: 2f966152-823c-4e00-aa52-204b90690e66
.simpli.fi/ Name: suid
Value: 9EBD5614879B409988849EB083005913
.adform.net/ Name: uid
Value: 7729573324024166295
.de17a.com/ Name: guid2
Value: 1.480603322255117247
.adsrvr.org/ Name: TDID
Value: 693c01a9-7168-4f7f-9cbd-deb94c159806
.rootsweb.com/ Name: __gads
Value: ID=25976c3da691b58b:T=1632797244:S=ALNI_MZn5bFdeztP0Vs37ufW77fNnBvzAQ
.openx.net/ Name: pd
Value: v2|1632797245|mOgeginskin0vNomiygu
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-7586480693263238495
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEHakVvqMBvYxSD0LqxmlrC0&KRTB&16514-CAESEHakVvqMBvYxSD0LqxmlrC0&KRTB&23025-CAESEHakVvqMBvYxSD0LqxmlrC0
.casalemedia.com/ Name: CMID
Value: YVKCPRmNryCEtQaq-wY6lAAA
.casalemedia.com/ Name: CMPS
Value: 3181
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-480603322255117247
.quantserve.com/ Name: d
Value: EMkBCwGtJPijAA
.quantserve.com/ Name: mc
Value: 6152823d-36da7-8e9f6-5679f
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7012810768275404943
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:2f966152-823c-4e00-aa52-204b90690e66&KRTB&16736-uid:2f966152-823c-4e00-aa52-204b90690e66&KRTB&23019-uid:2f966152-823c-4e00-aa52-204b90690e66&KRTB&23114-uid:2f966152-823c-4e00-aa52-204b90690e66
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-693c01a9-7168-4f7f-9cbd-deb94c159806&KRTB&22918-693c01a9-7168-4f7f-9cbd-deb94c159806&KRTB&23031-693c01a9-7168-4f7f-9cbd-deb94c159806
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-6486172977607540710&KRTB&23263-6486172977607540710
.3lift.com/ Name: tluid
Value: 8298947782236613180
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 19420-MLWlxD62o5Irt6aSZ7O9zmO99sArsabBP-Kn18_Q&KRTB&22979-MLWlxD62o5Irt6aSZ7O9zmO99sArsabBP-Kn18_Q
.casalemedia.com/ Name: CMPRO
Value: 1143
.analytics.yahoo.com/ Name: IDSYNC
Value: 18z8~20ne
.w55c.net/ Name: wfivefivec
Value: ard86Ruz1Mv39r5
.w55c.net/ Name: matchopenx
Value: 5
.bidswitch.net/ Name: c
Value: 1632797245
.bidswitch.net/ Name: tuuid_lu
Value: 1632797245
.bidswitch.net/ Name: tuuid
Value: 2a886cd7-5f09-4e83-97d0-d6aabe6eacc4
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-2a886cd7-5f09-4e83-97d0-d6aabe6eacc4
.adotmob.com/ Name: uid
Value: 06c32204071a0b4f1a41754c
.adotmob.com/ Name: uuid
Value: 06c32204071a0b4f1a41754c
.adotmob.com/ Name: partners
Value: IX%3A1632797245350
.yahoo.com/ Name: A3
Value: d=AQABBD2CUmECEJsJEiFzpSUdcEGkrJdY-5YFEgEBAQHTU2FcYQAAAAAA_eMAAA&S=AQAAAsp-tMceu--Kqwc7EhzPsfo
.turn.com/ Name: uid
Value: 4034688661224747865
.onaudience.com/ Name: cookie
Value: 630599ed6a7d25d8
.onaudience.com/ Name: done_redirects104
Value: 1
.bidr.io/ Name: bito
Value: AAGorE7CpQQAADl5IWYCfQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.bing.com/ Name: MUID
Value: 136598D2678A6ABD0AAC881266CF6B4E
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAGorE7CpQQAADl5IWYCfQ
.mathtag.com/ Name: mt_mop
Value: 9:1632797245
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: eb121bedbb6b5b675efdd302be205b58
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&ed4f0f5a-b95d-433b-8832-f3615d534197"
.linkedin.com/ Name: lidc
Value: "b=VGST02:s=V:r=V:a=V:p=V:g=2451:u=1:x=1:i=1632797245:t=1632883645:v=2:sig=AQGbFQXaZpM4oagpPIzupsa56k3AuXx6"
.onaudience.com/ Name: done_redirects147
Value: 1
.smartadserver.com/ Name: pid
Value: 6236395451507681141
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AAGorE7CpQQAADl5IWYCfQ
.onaudience.com/ Name: done_redirects109
Value: 1
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: f5298c863dbe9e79
helpdesk.rootsweb.com/ Name: _lr_retry_request
Value: true
helpdesk.rootsweb.com/ Name: _lr_env_src_ats
Value: false
helpdesk.rootsweb.com/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%22693c01a9-7168-4f7f-9cbd-deb94c159806%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222021-08-28T02%3A47%3A26%22%7D
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQSE0yNDJMSk1JSjJLMk0yMzdNTUtJMTYwSko1MjBNMrVgAILEoCY7EA0FAG%2FZCwQ%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIDGqyA1JQAAASTAF0"
.rootsweb.com/ Name: panoramaId_expiry
Value: 1633402046131
.rootsweb.com/ Name: _cc_id
Value: eb121bedbb6b5b675efdd302be205b58
.rootsweb.com/ Name: panoramaId
Value: c05fb96912c7d9140247cb5f8a3916d53938956ca77c4ef730856bdd061ab056
.pubmatic.com/ Name: SPugT
Value: 1632797245
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.id5-sync.com/ Name: id5
Value: fcd5913f-ddd0-4953-8742-f1e67ffe93d0#1632797217630#2
.360yield.com/ Name: tuuid_lu
Value: 1632797248
.360yield.com/ Name: tuuid
Value: 1f6100f2-f3e6-4096-a98f-50fdd4d102d2
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: DPSync3
Value: 1632873600%3A174%7C1633996800%3A219_221_226_227_235_201_197
.pubmatic.com/ Name: SyncRTB3
Value: 1633392000%3A2_15_223%7C1637971200%3A69%7C1634083200%3A35%7C1633996800%3A220_3_189_81_233_21_71_161_22_204_104_13_234_230_7_55_165_99_57_8_56_166_176_222_5_54_88_231%7C1635379200%3A203%7C1633651200%3A63
.casalemedia.com/ Name: CMST
Value: YVKCPWFSgkAA
.360yield.com/ Name: um
Value: !79,ShmH674AHCOvDnh3zKQoCHoNk6G-2DqD7cmeUpWALckc5Jd5v3Gnc.JnQuCGwvONWupF2S9RyDLG7k5f,1640573248!313,ShmH650ltWyjS2Ngk9qHjOUiee7qmFU-PZrA-AaELuBcg8Us3sIqCdEzq6h.VXx8HiH-LqIYH4Io0M.9,1640573248
.360yield.com/ Name: umeh
Value: !79,0,1695005248,-1!313,0,1695005248,-1
.w55c.net/ Name: matchpubmatic
Value: 5
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:ard86Ruz1Mv39r5
.w55c.net/ Name: matchcasale
Value: 5
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 22978-YVKCOwAAAFN6UgQE&KRTB&23194-YVKCOwAAAFN6UgQE&KRTB&23209-YVKCOwAAAFN6UgQE&KRTB&23244-YVKCOwAAAFN6UgQE
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-4034688661224747865
.taboola.com/ Name: t_gid
Value: bdc7d523-07b7-4dbe-95cd-ad419258dd83-tuct84c07c0
.zeotap.com/ Name: zc
Value: 82e13bb6-661b-4baf-4109-ef04a3ccfd23
.erne.co/ Name: u
Value: J8AL56IN286xb5Fp1ubIXjin
ads.playground.xyz/ Name: connect.sid
Value: s%3AStKH_tpXl0JB6ARMXGL76KhJjWCjAum0.f35qtkztaAvXCPzM6oSNSnmv5LXLIAvWDdBfq1flsOc
.sitescout.com/ Name: ssi
Value: 339f34d4-bb80-4d6b-bcff-3b08a541d525#1632797248225
.adsby.bidtheatre.com/ Name: __kuid
Value: 91a559b4-265d-4cd3-9517-9ec2ec94c1dc.402011248
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-J8AL56IN286xb5Fp1ubIXjin
.fiftyt.com/ Name: fifid
Value: 113622b9-b14c-4540-70db-4cfb3c4c4939
.fiftyt.com/ Name: cs
Value: MTYzMjc5NzI0OHxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fIDTi_f4upZnKOkeF93DC2bJEInDyNE5Q3wuVh1gXxeo
.casalemedia.com/ Name: CMRUM3
Value: 496152824005a0&2f6152824005a0&e66152823d2760&586152824005a0&2e6152824005a0&036152823d05a0&f16152823d05a0&c36152823d2760av-ce29a263-1b85-46ea-addc-ea6d01143887&0d6152823d276006c32204071a0b4f1a41754c&2d615282402760CAESENYAlk48-0GqMm_1s93RWT0&6f6152824005a0&dd615282402760&276152823d0b40&8261528240a8c0
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwiUg7Leio2BOhAFGAEgASgCMgsIyJmqqKGNgToQBTgBWgthZGNvbmR1Y3RvcmAC
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-ea470619-e7ea-4b12-860b-421deadd4302-003%22%7D
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTYzMjc5NzI0ODI1NH0
.fiftyt.com/ Name: fppm
Value: 20210928024728
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-339f34d4-bb80-4d6b-bcff-3b08a541d525-61528240-5553
.semasio.net/ Name: SEUNCY
Value: EBD43369A1EB15A8
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-ea470619-e7ea-4b12-860b-421deadd4302-003%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-ea470619-e7ea-4b12-860b-421deadd4302-003&KRTB&17107-RX-ea470619-e7ea-4b12-860b-421deadd4302-003
.pubmatic.com/ Name: PugT
Value: 1632797248
ads.avct.cloud/ Name: uuid
Value: fd9ea1cd-cf0e-4367-953c-2785407064bd
.bnmla.com/ Name: rx_sspurl_10738
Value: https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3Da43bb9d0-a5fb-4979-a724-8c905f2ae641
.bnmla.com/ Name: rx_uuid
Value: a43bb9d0-a5fb-4979-a724-8c905f2ae641
.bnmla.com/ Name: rx_maxage_10738
Value: 1634093248
.bnmla.com/ Name: rx_sspid_10738
Value: 6
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-ab45c477-466c-48cf-57f4-39913643dc80.R3jOYscWLJwoXxQa19VYzISSJhUU9XY3bxs2uCuCZIw
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A0-ab45c477-466c-48cf-57f4-39913643dc80%24ip%24216.131.114.150.y91ogSnqSHlfUJS6WaLDjfMVYJKMEZ8JvUmoqcz1NKo
.ipredictive.com/ Name: cu
Value: 6b633886-2006-11ec-893b-15cf7b31d650|1632797248520
.audrte.com/ Name: arcki2_TT
Value: 1632797248519!25hqnu6j5aZSxW9NfiDAPa4eQ!6c6fe68e-4096-4245-a5f4-4f251c100ba4#d0bff3d1-8ee5-4ffd-b77e-cdd22cc622df#6a1eb112-e833-3dab-88aa-04bc09c0dae6#94be5085-53f3-34a6-8a3a-d3a7dd0f7997#f9b7e21e-4a29-4602-a92a-b851d7a073ea!pubmatic
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-q0XEd0ZsSM9X9DmRNkPcgNiDcpY
.tribalfusion.com/ Name: ANON_ID
Value: a9nseFs2aF9pAJsbYLnZatmBCBjXWB1HSDSKdQtQdWZdHU5w24TZdV6u9ZcxDp2TQiKr5s6gTLPRMj2ZdjtCPM3wZb
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-6b633886-2006-11ec-893b-15cf7b31d650&KRTB&23011-6b633886-2006-11ec-893b-15cf7b31d650
.mediarithmics.com/ Name: mics_vid
Value: 21086535777
.mediarithmics.com/ Name: mics_uaid
Value: web:1:193c6e5f-f652-4392-b5cf-d36155745675
.mediarithmics.com/ Name: mics_lts
Value: 1632797248609
.audrte.com/ Name: arcki2
Value: 25hqnu6j5aZSxW9NfiDAPa4eQ!20210804!1632797248621
.id5-sync.com/ Name: 3pi
Value: 146#1632797218110#-2029034386|18#1632797218303#1699194633|19#1632797218346#-1672701896#eb121bedbb6b5b675efdd302be205b58|916#1632797217802#914345879|441#1632797217651#48|124#1632797217850#914345879

13 Console Messages

Source Level URL
Text
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://insticator.technoratimedia.com/openrtb/bids/insticator?src=prebid_prebid_4.32.0
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://api.britepool.com/v1/britepool/id
Message:
Failed to load resource: net::ERR_CONNECTION_REFUSED
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=88
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://dpm.demdex.net/ibs:dpid=463291&dpuuid=ID5-ZHMOOzL2w94mgQFZpIn4horxEiVkXQXBi_QGAQpSCw&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F160%2F3%2F7.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://sync.aralego.com/idSync?redirect=&ucf_nid=dsp-6AABDA2D3AA6EAD1E94E9442DE6444A&ucf_user_id=2a886cd7-5f09-4e83-97d0-d6aabe6eacc4
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a.tribalfusion.com
acdn.adnxs.com
ad-cdn.technoratimedia.com
ad.360yield.com
ad.turn.com
ad4m.at
ads.playground.xyz
ads.pubmatic.com
ads.yahoo.com
adservice.google.com
adspsp.com
ajax.googleapis.com
ancestry-d.openx.net
ancestry-mcsp.demdex.net
ancestry.sc.omtrdc.net
ap.lijit.com
apex.go.sonobi.com
api.britepool.com
api.lytics.io
api.rlcdn.com
aud.pubmatic.com
b1sync.zemanta.com
b2c.insticator.com
bab70c4430ebeed8319c5c4854b9709b.safeframe.googlesyndication.com
bam-cell.nr-data.net
bcp.crwdcntrl.net
bh.contextweb.com
biddr.brealtime.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
c2shb.ssp.yahoo.com
cdn.aralego.net
cdn.districtm.io
cm.adgrx.com
cm.everesttech.net
cm.g.doubleclick.net
confiant-integrations.global.ssl.fastly.net
connect-metrics-collector.s-onetag.com
csync.loopme.me
d3lcz8vpax4lo2.cloudfront.net
d5p.de17a.com
df80k0z3fi8zg.cloudfront.net
dis.criteo.com
dmx.districtm.io
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
event.insticator.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
geo.adspsp.com
geoip.insticator.com
get.s-onetag.com
go.newspapers.com
green.erne.co
gum.criteo.com
hb.aralego.com
hb.emxdgt.com
hbopenbid.pubmatic.com
helpdesk.rootsweb.com
htlb.casalemedia.com
ib.adnxs.com
id.crwdcntrl.net
id.rlcdn.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
insticator.technoratimedia.com
inv-nets.admixer.net
js-agent.newrelic.com
js-sec.indexww.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.taboola.com
mwzeom.zeotap.com
nep.advangelists.com
onetag-geo.s-onetag.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.media.net
prod.adspsp.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.britepool.com
rtb-csync.smartadserver.com
rtb.gumgum.com
s.amazon-adsystem.com
s.tribalfusion.com
secure.adnxs.com
securepubads.g.doubleclick.net
signal-beacon.s-onetag.com
signal-metrics-collector-beta.s-onetag.com
simage2.pubmatic.com
simage4.pubmatic.com
smetrics.ancestry.com
ssc-cms.33across.com
ssc.33across.com
ssl.google-analytics.com
ssum-sec.casalemedia.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.aralego.com
sync.crwdcntrl.net
sync.ipredictive.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
tag.1rx.io
tags.bluekai.com
tags.tiqcdn.com
thrtle.com
tlx.3lift.com
token.rubiconproject.com
trc.taboola.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
use.fontawesome.com
visitor.fiftyt.com
web.hb.ad.cpe.dotomi.com
www.ancestrycdn.com
www.google-analytics.com
www.google.com
www.googletagservices.com
x.bidswitch.net
api.britepool.com
dpm.demdex.net
go.newspapers.com
inv-nets.admixer.net
sync.aralego.com
www.google.com
104.111.215.191
104.111.226.93
104.16.19.6
104.16.68.69
104.17.120.107
104.18.13.5
104.22.24.87
104.26.10.209
104.26.5.103
104.75.88.194
108.174.11.85
13.248.242.197
13.248.245.213
142.250.184.194
142.250.184.200
142.250.184.225
142.250.184.238
142.250.185.162
142.250.185.194
142.250.185.234
142.250.185.74
142.250.186.35
142.250.186.66
142.250.186.98
143.204.101.147
143.204.101.190
143.204.95.188
143.204.98.113
143.204.98.31
143.204.98.56
143.204.98.60
143.204.98.68
147.75.38.124
15.188.95.229
15.236.176.210
151.101.129.44
151.101.194.49
151.101.2.137
151.101.65.108
151.101.65.194
152.199.22.191
159.253.128.188
159.65.196.12
162.210.196.208
162.247.243.146
162.55.6.213
169.197.150.8
172.253.120.155
172.67.214.69
178.162.133.150
178.250.0.157
178.250.0.163
18.156.0.31
18.156.195.47
18.184.35.118
18.185.169.108
18.210.5.212
185.183.112.148
185.29.132.245
185.33.221.89
185.64.189.110
185.64.189.112
185.64.189.114
185.64.189.115
185.64.189.229
185.64.190.80
185.86.138.114
188.165.4.142
193.122.130.38
198.148.27.139
2.18.233.180
2.18.234.21
204.79.197.200
208.100.17.178
212.82.100.176
213.155.156.183
213.19.147.42
213.19.147.45
216.52.2.39
23.37.38.181
23.37.42.132
3.120.57.46
3.123.143.157
3.213.248.174
3.215.242.19
3.92.246.31
34.107.148.139
34.120.133.55
34.149.20.76
34.227.85.106
34.249.249.121
34.98.107.212
35.190.11.84
35.201.96.126
35.244.159.8
35.244.174.68
37.157.4.23
37.252.172.250
38.27.122.126
45.60.65.104
46.228.164.11
51.222.80.231
51.89.21.5
52.202.233.191
52.205.151.180
52.208.210.171
52.30.222.33
52.39.45.181
52.46.130.91
52.48.137.92
52.58.57.174
54.175.176.13
54.247.138.82
63.251.232.170
63.32.159.255
64.158.223.137
64.158.223.146
66.155.71.150
69.173.144.138
69.173.144.143
70.42.32.127
77.243.60.138
85.114.159.118
87.248.118.23
91.228.74.226
99.83.181.31
02c30f3e7aec710c498ae4fc38c2290024901d2be6b163d8532557befd238125
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
058142ad991e52836f6d557c3d90b280b9a6ab39c2eaeb68b4a8876e802753c4
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
09837eddceb4220be832ed371358dd8adf23fb68ca598dcbefc8cfa8ce81ba45
09a5cf78f70c2e4dc3ce16317d3c787806fed4de4ad067015224d21edaca9d05
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0d239500d61e95ca8799eaa2ec23276fe4cc9940bbbb1a723a47766d43c85edf
0d2db31949c4839afb25f7fdc0111b4bc98bdfaefab118321bfb40eb66e49f31
1008c935fd70611ffd4492772e27b6c3cd9183e44464b6cb04c6ffcbdac07255
108651ebf54555a00f52a70b7cf29b3465c7151214b0467738de3acb4f68ed71
151c4c52c25dd28c33321aaaeabe879c4814087d4eaf7545d93f5d81d4d1c4f3
169c36dc159981a1aa3b7c4683a7f2c45ebf6c8db6097cb55e4eff44f718cb47
17fccaf63b7706097ee7de08275cd3d4f1ac11662219b7c84b99020ca8a19b59
183ad2faae0222513f01b2c79661b655ba58c849d17261d9806a8a5988169f6c
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18a31fbeeb95d076ad5b1db1df7653e1e1c2efb6fcc84e3a44543416697e9f4e
18ddcdb24ef28edc630b9a8543b40580652c11b541930e4e7f457a0859e26920
1a3e3dd419c4d28c1f0c68c8167c1689f308235d376a0f01989c05c9a4619a23
1bd15eebfb666408e7db84da51d38b002142e3ab5d1fd4f6c8567f04ef753958
1c0ed67e4e6fe4ab3e1191502ce021b2a93f76b6820455f97b7387c08a7e52b6
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1f2d68f16a5426ee5e208e7a3bb18881cf77722f0c1311da72305603f3c453d0
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2af377295412a005d253988778eea53ded927c5d307f49745bd8c4eae282d1ff
2b3dd53e971b7924e18c11d3a017129ee1a3199d92517afa60fb8eb85e960ef0
2b64e70f5935821d8822dd61869f53832ae538bc2c3921d454ec3659f0175ac1
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e2201192d8a342b5f570c4418dc4dcd2c0460243b4f9ba99c60a7c312d13e50
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
2ef11050f150e7e242a38fa3111f688f59c1dc8d6104ba0d5f6f811e891a028c
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30cc59a443e44f2162692ef1b8b78e3919dc4eb968ecdccb9e0f6c0c1cdcce22
3213bb97e284f266249563d4b148e11a4f32f541a052d5f0c6e85fc73d7e191c
32df7706c6096f135527621c4263d0b290fa55e3c9b16651c95f314bb329f2ee
334d72729202ac0a862f13cd45752999afbe85f54a5dba207c656b09712370bf
33c501b6204f96055ccb9ac459dc3480919bba2eb27c02f11dc2778b5d62d7b3
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37880b0a7b67fac8600b00237579d7bc4124a8a261ec5847c639287dab5e449e
3956abb802c9c7d9423c07d90c15ed2edeefcb4387915d92f39dc9a215ed4c00
3b81bdcb8ef23921e078fa298d1eb9966f6d2c4be1b4b8636fa6cc853d5a4f1b
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3db9505c9ab48dcf077970bf455d5e724f5d039983d9e7a0814b52801a8ee361
3e454ecd42e3569ee3b840e7cd240abc632336a7c9eee92226e1cee3443d0d4d
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42263293892018047a19900afe1626f29c90ec2995258433cb18243fdb850d1d
4273f929c478a2c39e01cc08afe2d4e38197a6a7f62415c993fb0e58dc5103e2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4537694480e187f6b4bb7c80b546a1febc7a717f6d672ed0eeadcccd68279959
46a1dec5da0845a1327cb894a2cd173084e547a8eae7fc546ae73c0ec32fba78
47b4c4499562cb06f4323402eee6d9159074dd44665a00124f299a1f6e963f6a
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4c95d706475a153fe4bc12a4aae383e5bf845cba076d95d76f413f51424802ee
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e5efe49b88ffe795ea15327e190e25594889da7d60f32c04dc7d13e824885e7
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
517316ff6d19d0f7bf60d294685b6940de6c3b14fe508883174c77e1a53a8539
52c41152c7916b4cf3b3a90f790faa0ba7f746603671e286531bc50407d844ca
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5b06d90bbe1a6f3bc6ca035d8bea5b58dedc33dd66eef54e1c68501125a5fca1
5b8810ee64bade6fc49a6c0948f933337663c3df9526ed7e21694b728a15818e
5ebfda037beb490e6ab60a07fe13fc65c80cc01c0c7963b5d9e1f8404c5b8305
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
62f3a786e694b5c0ea068b3267e019ec7de62fb98fbebffdfbd425f1cd99a86e
674d1ff7419bdf7f1dafd4a41db01a4feb1d802122213ecc456dd43f72791984
695ce10188e5306fcbf679b7cc125b6eac681d124a85a5908bbd8d0079a47e9a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6e9a2faa245518a10391c2eaba8a2a2496efac39f21794a4d381f02ef8bcee03
7980569c490f4d3a42a21d1f3d8ff166d25baaf513e8d7fcbce756e75919bb69
7a77e60b17cfcabc04ef30c432d32aa878577843250c7697607c6604f80953a9
7ae59f68e4bd41cdf2039f5abd80120761df3f2f6da565405268f5efde3a8ccb
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7e8f3dadf31ccbaff67acee0751b89dbbb7263e1afdae3e75785c6b09557f98e
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
827b43634e59fc5cfb5968fc598610ffbe8767a1018b721718aae0cd9f07a749
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83af3eed9bc9713193f2ad86f6214e2554ec29f8022e054dcf696a10d59ff9d2
841e672f6c34697e80e26c054a5732afbe20040bc0e32b793d0065369bd73398
856c9a2b9752fb7a147c16bb13b07ded29e8ac98dfa95093c86098e41b8044c4
85b3580813fa8eb2c6c64f0690f1104f9e14fdd3b34d6916b69617955047369a
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
88c28228952a3c582f5e4015146fccfa2a42c4a3f782a189cae6ea4520b7348f
8d33a91846895ce984a37f1f72c611911851613eb7b76c196d4f93e9dbe8d4fa
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ea9df9aa296a2eac3fe1a8b6972fecea49c7295f723cf9c93356ff9301a09ec
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8
91b89d09c816f5eee0e2132877cbdaafdfc8bd477f74167020523ee414c75738
95772bfc7f7ae0ca67c30ff609d179b6793cbf874e85edd44b6daf4687fb993c
975b62423e82390a1b54f47625f46f5b4451a8ea69945b2e85008a194bb55edd
984bca55409990098cf74adc47ed650c3d22c68900739950bd14c04c9d45f8f7
987f99479658144f51bb3d58724e6cad26e9c59b396c8da74781c49d3bd9072e
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2
9f60e19500513ab17705449e16e7cec14a0f266d207458dd2db5da4c4ae40a3c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5469db974a4d2d9daa13d13d00b976c8d1b16d48a12c83975a9e233969ed303
a5a9b6f5b34e210eb13a7e9c629b4271f1321d40307d5d9aa62a605cbc727baa
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b07ee248cf027745b1bf6e0e4c13e6404db9f6f64adeb54011878b26fc6744ae
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b86e59e58208eb497bb565fa5649c53b6809220b2af037ceb97e59e18f82032a
b943ac9eb37bac5937d3fdec8a4295e7e330f8c1ff4b481fb2810d3ae4bca8dd
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bf04f1bb313d5c0d23cb106d2fe2f1b0bad2e317c56df482cf5b8b1c141f6ddc
c01cb65570391c2b589d14997af9cb1cc9113c52196580b23b7ef5b5924c7758
c1115107882c6d262bbad595d39c722c43ef39d1b358bcf889b7984090056cb5
c1ebd4e726be81a3ed0e634ca004da151a7d12d39e9c3f542f42345c2bd3c257
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
ccf0eb0d8aea6f3561bcab2e6d8fae160618c71e663001f426dc5b41f909f85a
ce09d8b32ed76e27b50034fab8d45d2e21d986e392acd6b26c7c439108115c5d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d19a5f976883268fd260c965eb73485a651d539e1f3b58a64192251f12ae4155
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d4cc2c709011178c06e10f7c74ba463f3e4df26d12c2b11809287f6a9a352f50
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
dbe5b7ecbb1e59ac15de1b1ea340c9540f8d1cf1764c667aeca64a1fdd3b639c
dc15042f85f92a2da33736e489946cfb22419d936f40dcc5038bdaf5deb57b26
dcfb1b9612d2daa775df33c8f8171b7bff9d05741e0e1d2f3253709f2efa00d8
dea157dd8e89eb47239360e8a659f19b93d3ee22a685246e8a80253463428304
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5668ad294690c0def710438c8462f2eb7ece9e8ef4b7ab53cb93a45d1f8cd7c
e9cb33c4737c5456510e4b4dfedc79b21a901db6a14d23648b017647c8ea875d
eaa0147e5d85f2b51a0fd168cf5b6ce9d49e08d1604ac44d524432c036cd8990
edbced3faaa65b01a475fd96cb1f2a642a1238e307761096e92172dda7815a0f
eddc9bd014102546ff89072b922724a4bac18283c2176617eb7f07ee0389d05a
ee218226cf011b71b60668de2628fd4cc0b34371be618ad3b7c3305eac754b9a
ee2553aa0e59f769b5c41ed1d4ab2f8b8353383d2abd9e558e598791f2c66ff5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f69d27c7a2ebdd689a2f7c9cf02972ee25a1bdc0a867c47eafaa8806138ea514
f87ba2d94c81d62472bac27150f1200ca3bd575f26591191c4a0aa718bd0e282
fb59c0f637a2c45cd8f4d777da358c765fd47e6c277d2dadee850f9c3870b22c
fc466493fe46d54a59c024749afc0db9259c15d02e56512caf4f50839aa1297b
fca4c724009bbda9487719603948ffe2c8b1e3d1cf78261d7bf681ae79218065
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62