urlscan.io logo urlscan.io
SecurityTrails logo

sites.rootsweb.com Open in urlscan Pro
45.60.65.104  Public Scan

Go To Rescan Add Verdict Report
URL: https://sites.rootsweb.com////rootsweb.blog
Submission: On December 02 via api from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 5 countries across 8 domains to perform 15 HTTP transactions. The main IP is 45.60.65.104, located in United States and belongs to INCAPSULA, US. The main domain is sites.rootsweb.com.
TLS certificate: Issued by GlobalSign CloudSSL CA - SHA256 - G3 on October 14th 2020. Valid for: 8 months.
This is the only time sites.rootsweb.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 45.60.65.104 19551 (INCAPSULA)
3 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
3 23.8.6.251 20940 (AKAMAI-ASN1)
1 35.190.11.84 15169 (GOOGLE)
1 4 52.49.47.228 16509 (AMAZON-02)
2 35.181.18.61 16509 (AMAZON-02)
1 1 54.171.42.33 16509 (AMAZON-02)
15 7
2    45.60.65.104 (United States)

ASN19551 (INCAPSULA, US)
sites.rootsweb.com
3    2a02:26f0:6c00:28b::17db (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
www.ancestrycdn.com
3    23.8.6.251 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a23-8-6-251.deploy.static.akamaitechnologies.com
tags.tiqcdn.com
1    35.190.11.84 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 84.11.190.35.bc.googleusercontent.com
api.lytics.io
4    52.49.47.228 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-47-228.eu-west-1.compute.amazonaws.com
dpm.demdex.net
ancestry-mcsp.demdex.net
2    35.181.18.61 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-181-18-61.eu-west-3.compute.amazonaws.com
ancestry.sc.omtrdc.net
smetrics.ancestry.com
1    54.171.42.33 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-42-33.eu-west-1.compute.amazonaws.com
cm.everesttech.net
Domain Requested by
3 dpm.demdex.net 1 redirects
3 tags.tiqcdn.com sites.rootsweb.com
tags.tiqcdn.com
3 www.ancestrycdn.com sites.rootsweb.com
2 sites.rootsweb.com sites.rootsweb.com
1 smetrics.ancestry.com
1 cm.everesttech.net 1 redirects
1 ancestry.sc.omtrdc.net tags.tiqcdn.com
1 ancestry-mcsp.demdex.net tags.tiqcdn.com
1 api.lytics.io tags.tiqcdn.com
15 9
Subject Issuer Validity Valid
incapsula.com
GlobalSign CloudSSL CA - SHA256 - G3		 2020-10-14 -
2021-06-03		 8 months crt.sh
www.ancestry.com
GeoTrust RSA CA 2018		 2020-05-04 -
2021-05-29		 a year crt.sh
*.tiqcdn.com
DigiCert SHA2 Secure Server CA		 2020-03-16 -
2021-06-15		 a year crt.sh
*.lytics.io
DigiCert ECC Secure Server CA		 2020-09-22 -
2021-10-24		 a year crt.sh
*.demdex.net
DigiCert SHA2 High Assurance Server CA		 2018-01-09 -
2021-02-12		 3 years crt.sh
*.sc.omtrdc.net
DigiCert SHA2 High Assurance Server CA		 2020-10-29 -
2021-11-29		 a year crt.sh
smetrics.ancestry.com
DigiCert SHA2 High Assurance Server CA		 2020-05-16 -
2021-08-19		 a year crt.sh

This page contains 2 frames:

Primary Page: https://sites.rootsweb.com////rootsweb.blog
Frame ID: 68C6519351B72FC79C8A3954918AD91E
Requests: 14 HTTP requests in this frame

Frame: https://ancestry-mcsp.demdex.net/dest5.html?d_nsid=0
Frame ID: 1A2DD788623E5EFE23EBB2E542BEF944
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /^(?:https?:)?\/\/tags\.tiqcdn\.com\//i

Page Statistics

15
Requests

93 %
HTTPS

14 %
IPv6

8
Domains

9
Subdomains

7
IPs

5
Countries

150 kB
Transfer

338 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=ED3301AC512D2A290A490D4C%40AdobeOrg&d_nsid=0&ts=1606872791807 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=ED3301AC512D2A290A490D4C%40AdobeOrg&d_nsid=0&ts=1606872791807
Request Chain 12
  • https://cm.everesttech.net/cm/dd?d_uuid=11773337972135212700047294581485788158 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=X8bu2AAAAFGKoxqj

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request rootsweb.blog
sites.rootsweb.com//// 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sites.rootsweb.com////rootsweb.blog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.65.104 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache /
Resource Hash
4237213aa9a683a6cc919d846d81fedbb8c83a79c2cac2b90a4e491f2af3ef98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
sites.rootsweb.com
:scheme
https
:path
////rootsweb.blog
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 02 Dec 2020 01:33:11 GMT
server
Apache
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-type
text/html
set-cookie
visid_incap_1725528=Xx4ChUZ+RzecW2Xo09ikINbuxl8AAAAAQUIPAAAAAAAS3+nS/5h4Gc0klr44pfu0; expires=Wed, 01 Dec 2021 14:01:43 GMT; HttpOnly; path=/; Domain=.rootsweb.com incap_ses_689_1725528=7Xz4V4L6a1f+uG+5DNKPCdbuxl8AAAAAuMyXIRa56kXgNNKwW1dGrw==; path=/; Domain=.rootsweb.com
x-cdn
Incapsula
content-encoding
gzip
x-iinfo
2-19141943-19141944 NNYY CT(0 0 0) RT(1606872790684 0) q(0 0 0 0) r(1 1) U5
rw.gif
www.ancestrycdn.com/aa-rw-home/280/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ancestrycdn.com/aa-rw-home/280/images/rw.gif
Requested by
Host: sites.rootsweb.com
URL: https://sites.rootsweb.com////rootsweb.blog
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28b::17db , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
88c28228952a3c582f5e4015146fccfa2a42c4a3f782a189cae6ea4520b7348f

Request headers

Referer
https://sites.rootsweb.com////rootsweb.blog
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 02 Dec 2020 01:33:11 GMT
x-check-cacheable
YES
x-serial
515
etag
"72077a5bd21c4a82001cfca022959fca:1519162337.991097"
content-type
image/png
access-control-allow-origin
*
cache-control
private, no-transform, max-age=17039981
last-modified
Wed, 24 Jul 2019 18:52:21 GMT
x-akamai-ssl-client-sid
tpibHPU/MftbUjWokmkr5w==
timing-allow-origin
*
content-length
2601
server
Akamai Image Manager
expires
Thu, 17 Jun 2021 06:52:52 GMT
anc.gif
www.ancestrycdn.com/aa-rw-home/280/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ancestrycdn.com/aa-rw-home/280/images/anc.gif
Requested by
Host: sites.rootsweb.com
URL: https://sites.rootsweb.com////rootsweb.blog
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28b::17db , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
1012183f6b14dbeb75ce6400a6efabaf8364064a268a5b8ee57f26bf30f91f31

Request headers

Referer
https://sites.rootsweb.com////rootsweb.blog
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 02 Dec 2020 01:33:11 GMT
last-modified
Wed, 24 Jul 2019 18:53:18 GMT
server
Akamai Image Manager
etag
"0c599b0a6d103c24352ec82772e31c4c:1519162337.968787"
content-type
image/png
access-control-allow-origin
*
cache-control
private, no-transform, max-age=17039879
timing-allow-origin
*
content-length
1679
expires
Thu, 17 Jun 2021 06:51:10 GMT
error.css
sites.rootsweb.com/stylesheets/ 		0
0
rw_bk.gif
www.ancestrycdn.com/aa-rw-home/280/images/ 		86 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ancestrycdn.com/aa-rw-home/280/images/rw_bk.gif
Requested by
Host: sites.rootsweb.com
URL: https://sites.rootsweb.com////rootsweb.blog
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28b::17db , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
462b575b6cf639f41e51ff62be07898caf8112b5deb876905ac5eb8e172438ce

Request headers

Referer
https://sites.rootsweb.com////rootsweb.blog
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 02 Dec 2020 01:33:11 GMT
last-modified
Wed, 24 Jul 2019 18:52:20 GMT
server
Akamai Image Manager
etag
"cb318b2897e571ede19fbb1f511580c6:1519162338.01658"
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=17039919
timing-allow-origin
*
content-length
86
expires
Thu, 17 Jun 2021 06:51:50 GMT
error.jpg
sites.rootsweb.com/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sites.rootsweb.com/error.jpg
Requested by
Host: sites.rootsweb.com
URL: https://sites.rootsweb.com////rootsweb.blog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.65.104 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache /
Resource Hash
17bfd68a4a9eaff0a1c3985b769e54cdd240c5d7b7ed1e5dabeecaee2e5b07ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sites.rootsweb.com////rootsweb.blog
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 02 Dec 2020 01:33:11 GMT
x-content-type-options
nosniff
last-modified
Wed, 22 Aug 2018 17:24:18 GMT
server
Apache
etag
"e6f1-57409699d3eae"
content-type
image/jpeg
x-iinfo
2-19141947-19141944 PNNy RT(1606872791083 0) q(0 0 0 -1) r(1 1) U5
x-xss-protection
1; mode=block
accept-ranges
bytes
content-length
59121
x-cdn
Incapsula
utag.js
tags.tiqcdn.com/utag/ancestry/rootsweb/prod/ 		212 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/ancestry/rootsweb/prod/utag.js
Requested by
Host: sites.rootsweb.com
URL: https://sites.rootsweb.com////rootsweb.blog
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.8.6.251 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-8-6-251.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a86950f3282095b0c03a1838c5659bbba66991380548878871c7df3fa764fc4a

Request headers

Referer
https://sites.rootsweb.com////rootsweb.blog
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 02 Dec 2020 01:33:11 GMT
content-encoding
gzip
last-modified
Mon, 23 Nov 2020 21:35:02 GMT
server
AkamaiNetStorage
etag
"411ae3bf3d15a76cfd2d8f2fe8789ebf:1606167302.160933"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
expires
Wed, 02 Dec 2020 01:38:11 GMT
00000000-0000-0000-0000-000000000000
api.lytics.io/api/me/6578caa0cdaa8dfcd95d5e6d3de12cc8/ucdmid/ 		76 B
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.lytics.io/api/me/6578caa0cdaa8dfcd95d5e6d3de12cc8/ucdmid/00000000-0000-0000-0000-000000000000?fields=behavior_is_current_subscriber&segments=true
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ancestry/rootsweb/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.11.84 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
84.11.190.35.bc.googleusercontent.com
Software
lytics.io ecbe931f7b2dfcd90069e7a7916358a9e1ad3fe2 /
Resource Hash
674d1ff7419bdf7f1dafd4a41db01a4feb1d802122213ecc456dd43f72791984

Request headers

Referer
https://sites.rootsweb.com////rootsweb.blog
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 02 Dec 2020 01:33:12 GMT
content-encoding
gzip
server
lytics.io ecbe931f7b2dfcd90069e7a7916358a9e1ad3fe2
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, *
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
https://sites.rootsweb.com
alt-svc
clear
content-length
95
via
1.1 google
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=ED3301AC512D2A290A490D4C%40AdobeOrg&d_nsid=0&ts=1606872791807
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=ED3301AC512D2A290A490D4C%40AdobeOrg&d_nsid=0&ts=1606872791807
372 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=ED3301AC512D2A290A490D4C%40AdobeOrg&d_nsid=0&ts=1606872791807
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.47.228 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-47-228.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c4a86e1aeaf833ab246042bcaafa2eba34dd2c33404f257d8edb36263444b083
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://sites.rootsweb.com////rootsweb.blog
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v086-09d56791c.edge-irl1.demdex.com 5.80.1.20201111130852 2ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-TID
+m+RS/IuS5o=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://sites.rootsweb.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
306
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Origin
https://sites.rootsweb.com
X-TID
2pEygITkQ0Y=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=ED3301AC512D2A290A490D4C%40AdobeOrg&d_nsid=0&ts=1606872791807
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
utag.107.js
tags.tiqcdn.com/utag/ancestry/rootsweb/prod/ 		54 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/ancestry/rootsweb/prod/utag.107.js?utv=ut4.46.202011231941
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ancestry/rootsweb/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.8.6.251 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-8-6-251.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
6e9a2faa245518a10391c2eaba8a2a2496efac39f21794a4d381f02ef8bcee03

Request headers

Referer
https://sites.rootsweb.com////rootsweb.blog
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 02 Dec 2020 01:33:11 GMT
content-encoding
gzip
last-modified
Mon, 23 Nov 2020 19:41:39 GMT
server
AkamaiNetStorage
etag
"ae6f626844a5d32f045d5d129b482e7a:1606160499.319867"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
18980
expires
Thu, 17 Dec 2020 01:33:11 GMT
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
202 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=ancestry/rootsweb/202011232134&cb=1606872791877
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ancestry/rootsweb/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.8.6.251 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-8-6-251.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer
https://sites.rootsweb.com////rootsweb.blog
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 02 Dec 2020 01:33:11 GMT
last-modified
Thu, 14 Apr 2016 16:57:51 GMT
server
AkamaiNetStorage
etag
"7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type
application/x-javascript
cache-control
max-age=600
accept-ranges
bytes
content-length
2
expires
Wed, 02 Dec 2020 01:43:11 GMT
Cookie set dest5.html
ancestry-mcsp.demdex.net/ Frame 1A2D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ancestry-mcsp.demdex.net/dest5.html?d_nsid=0
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ancestry/rootsweb/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.47.228 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-47-228.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Host
ancestry-mcsp.demdex.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sites.rootsweb.com////rootsweb.blog
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
demdex=11773337972135212700047294581485788158
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://sites.rootsweb.com////rootsweb.blog

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=21600
Content-Encoding
gzip
Content-Type
text/html
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified
Thu, 12 Nov 2020 13:40:28 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Set-Cookie
demdex=11773337972135212700047294581485788158;Path=/;Domain=.demdex.net;Expires=Mon, 31-May-2021 01:33:12 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding, User-Agent
X-TID
azQMQBTQRF4=
Content-Length
2785
Connection
keep-alive
id
ancestry.sc.omtrdc.net/ 		2 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ancestry.sc.omtrdc.net/id?d_visid_ver=5.0.1&d_fieldgroup=A&mcorgid=ED3301AC512D2A290A490D4C%40AdobeOrg&mid=11563360837112977590068290086091855447&ts=1606872792156
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ancestry/rootsweb/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.181.18.61 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-18-61.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sites.rootsweb.com////rootsweb.blog
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 02 Dec 2020 01:33:12 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-f7bfdfcfd-998cw
vary
Origin
x-c
master-1404.I1e61f9.M0-468
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://sites.rootsweb.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-type
application/x-javascript;charset=utf-8
content-length
2
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=X8bu2AAAAFGKoxqj
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=11773337972135212700047294581485788158
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=X8bu2AAAAFGKoxqj
42 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=X8bu2AAAAFGKoxqj
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.47.228 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-47-228.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://sites.rootsweb.com////rootsweb.blog
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v086-012fb26e8.edge-irl1.demdex.com 5.80.1.20201111130852 0ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-TID
hNolP05eTbI=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=X8bu2AAAAFGKoxqj
Date
Wed, 02 Dec 2020 01:33:12 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
s49669034237087
smetrics.ancestry.com/b/ss/ancestry-global/1/JS-2.20.0/ 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smetrics.ancestry.com/b/ss/ancestry-global/1/JS-2.20.0/s49669034237087?AQB=1&ndh=1&pf=1&t=2%2F11%2F2020%202%3A33%3A12%203%20-60&sdid=4037989D7D427E02-2D3A87BAAF02EBF7&mid=11563360837112977590068290086091855447&aamlh=6&ce=UTF-8&ns=ancestry&pageName=ancestry%20rootsweb%20%3A%20hostedsites%20%3A%20error&g=https%3A%2F%2Fsites.rootsweb.com%2F%2F%2F%2Frootsweb.blog&cc=USD&ch=www&server=rootsweb.com&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c11=00000000-0000-0000-0000-000000000000&v12=www&v13=us&v14=rootsweb&c23=nrvisitor&v23=nrvisitor&c24=not%20win%20back&c35=non%20dna%20user&v35=non%20dna%20user&v41=ancestry%20rootsweb%20%3A%20hostedsites%20%3A%20error&c42=ancestry%20rootsweb%20%3A%20hostedsites&v42=ancestry%20rootsweb%20%3A%20hostedsites&c43=ancestry%20rootsweb%20%3A%20hostedsites%20%3A%20error&v43=ancestry%20rootsweb%20%3A%20hostedsites%20%3A%20error&c44=202012020233&v44=202012020233&c45=sites.rootsweb.com%2F%2F%2F%2Frootsweb.blog&v45=sites.rootsweb.com%2F%2F%2F%2Frootsweb.blog&c49=12%2F01%2F2020%2018%3A33%3A11&v49=12%2F01%2F2020%2018%3A33%3A11&c50=ancestry%20rootsweb%20%3A%20hostedsites%20%3A%20error&v65=00000000-0000-0000-0000-000000000000&c68=sites.rootsweb.com&c73=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F83.0.4103.61%20Safari%2F537.36&v98=interactive%3C1.00s&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=ED3301AC512D2A290A490D4C%40AdobeOrg&AQE=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.181.18.61 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-18-61.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sites.rootsweb.com////rootsweb.blog
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 02 Dec 2020 01:33:12 GMT
x-content-type-options
nosniff
x-c
master-1404.I1e61f9.M0-468
p3p
CP="This is not a P3P policy"
vary
*
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 03 Dec 2020 01:33:12 GMT
server
jag
xserver
anedge-f7bfdfcfd-jpnrt
etag
3450733045321400320-4621655811026946687
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Tue, 01 Dec 2020 01:33:12 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sites.rootsweb.com
URL
https://sites.rootsweb.com/stylesheets/error.css

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| utag_data boolean| utag_condload undefined| multioptoutUrl object| utag function| e undefined| returnTLD boolean| __tealium_twc_switch function| tmsPromise function| P object| digitalData string| is_mobile string| is_tablet string| url object| urlP object| pNameA function| addSiteEvent object| adobe function| Visitor object| s_c_il number| s_c_in object| sx function| AppMeasurement function| s_gi function| s_pgicq function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_ActivityMap number| s_objectID number| s_giq object| s_i_ancestry-global

6 Cookies

Domain/Path Name / Value
.rootsweb.com/ Name: AMCV_ED3301AC512D2A290A490D4C%40AdobeOrg
Value: 359503849%7CMCIDTS%7C18599%7CvVersion%7C5.0.1
.rootsweb.com/ Name: visid_incap_1725528
Value: Xx4ChUZ+RzecW2Xo09ikINbuxl8AAAAAQUIPAAAAAAAS3+nS/5h4Gc0klr44pfu0
.rootsweb.com/ Name: utag_main
Value: v_id:01762114fae2001721e1f9b26f9a00078002b07000b08$_sn:1$_se:1$_ss:1$_st:1606874591780$ses_id:1606872791780%3Bexp-session$_pn:1%3Bexp-session$vapi_domain:rootsweb.com
.rootsweb.com/ Name: an_s_split
Value: 9
.rootsweb.com/ Name: incap_ses_689_1725528
Value: 7Xz4V4L6a1f+uG+5DNKPCdbuxl8AAAAAuMyXIRa56kXgNNKwW1dGrw==
.rootsweb.com/ Name: an_split
Value: 17

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block