fd.memoriams.com Open in urlscan Pro
2606:4700:10::6816:4041 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1
Submission: On March 02 via manual (March 2nd 2021, 2:57:06 pm UTC) from US

Summary HTTP 55 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 16 IPs in 6 countries across 15 domains to perform 55 HTTP transactions. The main IP is 2606:4700:10::6816:4041, located in United States and belongs to CLOUDFLARENET, US. The main domain is fd.memoriams.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 6th 2020. Valid for: a year.

This is the only time fd.memoriams.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
25	2606:4700:10:... 2606:4700:10::6816:4041	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6810:135e	() ()
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
4	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	() ()
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
4	23.79.129.43 23.79.129.43	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1 2	52.210.171.182 52.210.171.182	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
1	34.249.128.36 34.249.128.36	16509 (AMAZON-02) (AMAZON-02)
1	15.237.76.117 15.237.76.117	16509 (AMAZON-02) (AMAZON-02)
55	16

25 2606:4700:10::6816:4041 (United States)

ASN13335 (CLOUDFLARENET, US)

fd.memoriams.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:135e (United States)

ASN- ()

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

netdna.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN- ()

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.79.129.43 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-129-43.deploy.static.akamaitechnologies.com

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.210.171.182 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-171-182.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.249.128.36 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-128-36.eu-west-1.compute.amazonaws.com

ancestry-mcsp.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.237.76.117 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-237-76-117.eu-west-3.compute.amazonaws.com

ancestry.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	memoriams.com fd.memoriams.com	150 KB
4	tiqcdn.com tags.tiqcdn.com	86 KB
4	google-analytics.com www.google-analytics.com	20 KB
4	cloudflare.com cdnjs.cloudflare.com	9 KB
3	demdex.net 1 redirects dpm.demdex.net ancestry-mcsp.demdex.net	5 KB
3	gstatic.com fonts.gstatic.com	39 KB
3	googleapis.com fonts.googleapis.com	2 KB
2	doubleclick.net stats.g.doubleclick.net	156 B
2	googletagmanager.com www.googletagmanager.com	39 KB
1	omtrdc.net ancestry.sc.omtrdc.net	317 B
1	google.com www.google.com	119 B
1	bootstrapcdn.com netdna.bootstrapcdn.com	7 KB
0	ancestry.com Failed smetrics.ancestry.com Failed
0	everesttech.net Failed cm.everesttech.net Failed
0	google.de Failed www.google.de Failed
55	15

	Domain	Requested by
25	fd.memoriams.com	fd.memoriams.com
4	tags.tiqcdn.com	fd.memoriams.com tags.tiqcdn.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com fd.memoriams.com
4	cdnjs.cloudflare.com	fd.memoriams.com
3	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	fd.memoriams.com
2	dpm.demdex.net	1 redirects fd.memoriams.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	www.googletagmanager.com	fd.memoriams.com
1	ancestry.sc.omtrdc.net	tags.tiqcdn.com
1	ancestry-mcsp.demdex.net	tags.tiqcdn.com
1	www.google.com	fd.memoriams.com
1	netdna.bootstrapcdn.com	fd.memoriams.com
0	smetrics.ancestry.com Failed	fd.memoriams.com
0	cm.everesttech.net Failed	fd.memoriams.com
0	www.google.de Failed	fd.memoriams.com
55	16

This site contains links to these domains. Also see Links.

Domain
www.ancestry.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-06` - `2021-08-06`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-22` - `2021-10-12`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2020-03-16` - `2021-06-15`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
*.sc.omtrdc.net DigiCert SHA2 High Assurance Server CA	`2020-10-29` - `2021-11-29`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1
Frame ID: 5C32B090A2F033E52CCDC00DF4390AA1
Requests: 54 HTTP requests in this frame

Frame: https://ancestry-mcsp.demdex.net/dest5.html?d_nsid=0
Frame ID: 9765D9BD2DEC3C2B6E796C6CD493440E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

url /\.aspx?(?:$|\?)/i
html /<input[^>]+name="__VIEWSTATE/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

url /\.aspx?(?:$|\?)/i
html /<input[^>]+name="__VIEWSTATE/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

url /\.aspx?(?:$|\?)/i
html /<input[^>]+name="__VIEWSTATE/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Analytics Enhanced eCommerce (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
html //i

Tealium (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /^(?:https?:)?\/\/tags\.tiqcdn\.com\//i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

55
Requests

95 %
HTTPS

73 %
IPv6

15
Domains

16
Subdomains

16
IPs

6
Countries

356 kB
Transfer

1155 kB
Size

14
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ancestry.com/
Title: Ancestry

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=ED3301AC512D2A290A490D4C%40AdobeOrg&d_nsid=0&ts=1614697010629 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=ED3301AC512D2A290A490D4C%40AdobeOrg&d_nsid=0&ts=1614697010629

55 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request PrintEmailConfirmation.aspx Show response
fd.memoriams.com/Pages/ 16 KB
6 KB 1006ms
967ms Document
text/html 2606:4700:10::6816:4041
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::6816:4041 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2ca826425cfb805ac945971e769633c18226a74e6049e0e267d54a6fb57fc4a

Security Headers

Name	Value
X-Xss-Protection	1;mode=block

Request headers

:method: GET
:authority: fd.memoriams.com
:scheme: https
:path: /Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 14:56:48 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=dcbe8261f4054f06d48ef2ce9918d071b1614697007; expires=Thu, 01-Apr-21 14:56:47 GMT; path=/; domain=.memoriams.com; HttpOnly; SameSite=Lax; Secure ASP.NET_SessionId=vxe0zy1csdkrs4pg350ytk50; path=/; secure; HttpOnly; SameSite=Lax __cflb=02DiuCtiXopPhjDuzeJ62fhcYw5L9KMZZqDzJ9E5ukjsJ; SameSite=None; Secure; path=/; expires=Wed, 03-Mar-21 13:56:48 GMT; HttpOnly
cache-control: private
x-xss-protection: 1;mode=block
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-cache-status: DYNAMIC
cf-request-id: 08950a234a00004e43a62e8000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 629b794bab8f4e43-FRA
content-encoding: gzip

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
39 KB 49ms
42ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-120368930-3

Requested by

Host: fd.memoriams.com
URL: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e8a2daca7f4cfb40f81ee57d54eb249bc79a10e46b9fbf07f081e622e2bddcd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 14:56:48 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39453
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 02 Mar 2021 14:56:48 GMT

GET
H2 200 jquery-1.7.1.min.js Show response
fd.memoriams.com/Scripts/ 92 KB
33 KB 801ms
795ms Script
application/javascript 2606:4700:10::6816:4041
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fd.memoriams.com/Scripts/jquery-1.7.1.min.js

Requested by

Host: fd.memoriams.com
URL: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::6816:4041 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5309ca3e99da2e0fa0de2575ea750847db37fd4f4f1dbbda2a513268c702ace3

Security Headers

Name	Value
X-Xss-Protection	1;mode=block

Request headers

Referer: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 14:56:49 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
cf-request-id: 08950a271d00004e434ba13000000001
last-modified: Tue, 23 Feb 2021 21:15:44 GMT
server: cloudflare
etag: W/"0c0e1b29ad71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=691200
cf-ray: 629b7951cea44e43-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 jquery.fancybox-1.3.4.css
fd.memoriams.com/Styles/ 9 KB
2 KB 849ms
844ms Stylesheet
text/css 2606:4700:10::6816:4041
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fd.memoriams.com/Styles/jquery.fancybox-1.3.4.css

Requested by

Host: fd.memoriams.com
URL: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::6816:4041 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7dcf8cc2879d37a5d565513c2bfe0e6842f148839435408a6bcb8fa71b9dfc3

Security Headers

Name	Value
X-Xss-Protection	1;mode=block

Request headers

Referer: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 14:56:49 GMT
content-encoding: gzip
cf-cache-status: MISS
cf-request-id: 08950a271c00004e435b160000000001
last-modified: Tue, 23 Feb 2021 21:15:44 GMT
server: cloudflare
etag: W/"0c0e1b29ad71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/css
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=691200
cf-ray: 629b7951ce9f4e43-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 jquery.fancybox-1.3.4.pack.js Show response
fd.memoriams.com/Scripts/ 15 KB
6 KB 1063ms
1058ms Script
application/javascript 2606:4700:10::6816:4041
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fd.memoriams.com/Scripts/jquery.fancybox-1.3.4.pack.js

Requested by

Host: fd.memoriams.com
URL: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::6816:4041 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dfafda9d758ab8adcf6b09ea2f42cc254846964494f5ec63b11cfc00abd73f4

Security Headers

Name	Value
X-Xss-Protection	1;mode=block

Request headers

Referer: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 14:56:49 GMT
content-encoding: gzip
cf-cache-status: MISS
cf-request-id: 08950a271d00004e435d317000000001
last-modified: Tue, 23 Feb 2021 21:15:44 GMT
server: cloudflare
etag: W/"0c0e1b29ad71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=691200
cf-ray: 629b7951cea84e43-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 jquery.blockUI.js Show response
fd.memoriams.com/Scripts/ 16 KB
6 KB 999ms
993ms Script
application/javascript 2606:4700:10::6816:4041
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fd.memoriams.com/Scripts/jquery.blockUI.js

Requested by

Host: fd.memoriams.com
URL: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::6816:4041 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c135a8e2e7d6fc18e7c737b4862bec195ae2a09ea41129c17c5e8809b55f634

Security Headers

Name	Value
X-Xss-Protection	1;mode=block

Request headers

Referer: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 14:56:49 GMT
content-encoding: gzip
cf-cache-status: MISS
cf-request-id: 08950a271e00004e439fa7f000000001
last-modified: Tue, 23 Feb 2021 21:15:44 GMT
server: cloudflare
etag: W/"0c0e1b29ad71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=691200
cf-ray: 629b7951ceb34e43-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 jQuery.print.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jQuery.print/1.5.1/ 3 KB
1 KB 23ms
17ms Script
application/javascript 2606:4700::6810:135e

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jQuery.print/1.5.1/jQuery.print.min.js

Requested by

Host: fd.memoriams.com
URL: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

5cde316cea285a620e666f0fe27a788202b7488082c4ef2614d3d637c6ef6eb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 14:56:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4123403
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1075
cf-request-id: 08950a271d00002b41bb93b000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:42 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ebe-b14"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=X93zY3v3PCAwBcFLnMTIoLkTLJPwMw3nIuA4IM6p1mUjrNuLC4Jlyg7qJTIG3Y%2BUH1HORHoVn7Mjw7SSeW0jhQ8MS9Ixrcn4L%2Fqmn72MddSiH5cxq8ub36UY8uHg2iSjdA%3D%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 629b7951ce682b41-FRA
expires: Sun, 20 Feb 2022 14:56:48 GMT

GET
H2 200 jquery.cookie.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/ 1 KB
938 B 20ms
14ms Script
application/javascript 2606:4700::6810:135e

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js

Requested by

Host: fd.memoriams.com
URL: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 14:56:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 314976
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 591
cf-request-id: 08950a271e00002b41f538e000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec1-514"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GfhFWv4akwbVO0vtIC3YCb2K4PtmcPClGxkYs%2F%2BUI5dEmfBwxuRs01Jh7T8qQ3bP61IG3%2B6l7lYnhBO%2BqFx1cOkEpJmpVPOzNTAgBpnujRBjdMLvofbcatNl6eEvyO7IaA%3D%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 629b7951ce6c2b41-FRA
expires: Sun, 20 Feb 2022 14:56:48 GMT

GET
H2 200 jquery.sticky.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.sticky/1.0.4/ 4 KB
2 KB 19ms
13ms Script
application/javascript 2606:4700::6810:135e

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.sticky/1.0.4/jquery.sticky.min.js

Requested by

Host: fd.memoriams.com
URL: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

f69f7050e4488e7211a7d3c0c991b1aa5e8a80944d887d38cbef15e098d4867d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 14:56:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4124848
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1336
cf-request-id: 08950a271e00002b41be352000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-10e2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Xkv1Tlyse3OHHp85vJeBu%2B19SpvE4u%2FYRKldkgroQaSvh%2F5QeDES9aEYqtQzGxAt8CuLoo5%2FzPKEbR5wOAvJR8%2B0aW28rn2ZmO55t1mTqCNAZ3seREnh6O5Q3YfedFQpvQ%3D%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 629b7951ce6d2b41-FRA
expires: Sun, 20 Feb 2022 14:56:48 GMT

GET
H2 200 Helpers.js Show response
fd.memoriams.com/Scripts/ 761 B
435 B 875ms
870ms Script
application/javascript 2606:4700:10::6816:4041
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fd.memoriams.com/Scripts/Helpers.js

Requested by

Host: fd.memoriams.com
URL: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::6816:4041 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a452e227f703769909f85bf391ef27858f2d2f85be40682ffd929bd313c7eba2

Security Headers

Name	Value
X-Xss-Protection	1;mode=block

Request headers

Referer: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 14:56:49 GMT
content-encoding: gzip
cf-cache-status: MISS
cf-request-id: 08950a272000004e434dad1000000001
last-modified: Tue, 23 Feb 2021 21:15:44 GMT
server: cloudflare
etag: W/"0c0e1b29ad71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=691200
cf-ray: 629b7951cebf4e43-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 MessageBox.js Show response
fd.memoriams.com/Scripts/ 19 KB
4 KB 1104ms
1099ms Script
application/javascript 2606:4700:10::6816:4041
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fd.memoriams.com/Scripts/MessageBox.js

Requested by

Host: fd.memoriams.com
URL: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::6816:4041 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba7acb07530cda58a56218162b939f6db624936c36fdfaf6448bdb5842780697

Security Headers

Name	Value
X-Xss-Protection	1;mode=block

Request headers

Referer: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 14:56:50 GMT
content-encoding: gzip
cf-cache-status: MISS
cf-request-id: 08950a272000004e43b3b59000000001
last-modified: Tue, 23 Feb 2021 21:15:44 GMT
server: cloudflare
etag: W/"0c0e1b29ad71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=691200
cf-ray: 629b7951cec04e43-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 countdown.js Show response
fd.memoriams.com/Scripts/ 34 KB
5 KB 1206ms
1201ms Script
application/javascript 2606:4700:10::6816:4041
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fd.memoriams.com/Scripts/countdown.js

Requested by

Host: fd.memoriams.com
URL: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::6816:4041 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc8afc2c82dfaa46913c2a893ce9347045af161bf7e39ad19a249e1e19eb158f

Security Headers

Name	Value
X-Xss-Protection	1;mode=block

Request headers

Referer: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 14:56:50 GMT
content-encoding: gzip
cf-cache-status: MISS
cf-request-id: 08950a272000004e4383b0e000000001
last-modified: Tue, 23 Feb 2021 21:15:44 GMT
server: cloudflare
etag: W/"0c0e1b29ad71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=691200
cf-ray: 629b7951cec14e43-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 jquery.tooltipster.min.js Show response
cdnjs.cloudflare.com/ajax/libs/tooltipster/3.3.0/js/ 17 KB
5 KB 19ms
14ms Script
application/javascript 2606:4700::6810:135e

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/tooltipster/3.3.0/js/jquery.tooltipster.min.js

Requested by

Host: fd.memoriams.com
URL: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

95e9e3ea5a0771d7eeead1503d41cde92d8eec6da0bfbc97fcff4e9d173c967a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 14:56:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5741894
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4360
cf-request-id: 08950a271e00002b41a78a2000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:04 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04000-4473"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=N9MC9dD2%2F9tLXQUa53SspkwnnE5dqUr3fy2xuBEAw%2FgBpBj%2BU44g8K7GSC12K16Z01JV8D5GyE5UYahcZwSuerH50ZO6hdmAqZUU0GYjcQCOmNZpU2YK5Fdoa11I%2BJkKZw%3D%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 629b7951ce6e2b41-FRA
expires: Sun, 20 Feb 2022 14:56:48 GMT

GET
H2 200 CustomPreview.js Show response
fd.memoriams.com/Scripts/ 12 KB
2 KB 989ms
984ms Script
application/javascript 2606:4700:10::6816:4041
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fd.memoriams.com/Scripts/CustomPreview.js?new=3

Requested by

Host: fd.memoriams.com
URL: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::6816:4041 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6891302072bb66c9d402ed93082be1411ad4f979dfd83980c5c266311882128

Security Headers

Name	Value
X-Xss-Protection	1;mode=block

Request headers

Referer: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 14:56:49 GMT
content-encoding: gzip
cf-cache-status: MISS
cf-request-id: 08950a272000004e4373156000000001
last-modified: Tue, 23 Feb 2021 21:15:44 GMT
server: cloudflare
etag: W/"0c0e1b29ad71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=691200
cf-ray: 629b7951cec24e43-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 Hash.js Show response
fd.memoriams.com/Scripts/ 1 KB
444 B 812ms
808ms Script
application/javascript 2606:4700:10::6816:4041
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fd.memoriams.com/Scripts/Hash.js

Requested by

Host: fd.memoriams.com
URL: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::6816:4041 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ff7d3d9ea0e49b54030f983a9e9b2f2b974092827cfc181ab2c0ff783ee7fe3

Security Headers

Name	Value
X-Xss-Protection	1;mode=block

Request headers

Referer: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 14:56:49 GMT
content-encoding: gzip
cf-cache-status: MISS
cf-request-id: 08950a272000004e43c317b000000001
last-modified: Tue, 23 Feb 2021 21:15:44 GMT
server: cloudflare
etag: W/"0c0e1b29ad71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=691200
cf-ray: 629b7951cec34e43-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 font-awesome.min.css
netdna.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 29ms
8ms Stylesheet
text/css 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: fd.memoriams.com
URL: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 14:56:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:35:20 GMT
etag: "1544639720"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 7050

GET
H2 200 ImageEditor.Bootstrap.css
fd.memoriams.com/Skins/Bootstrap/ 5 KB
1 KB 879ms
875ms Stylesheet
text/css 2606:4700:10::6816:4041
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fd.memoriams.com/Skins/Bootstrap/ImageEditor.Bootstrap.css

Requested by

Host: fd.memoriams.com
URL: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::6816:4041 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60cb690e6d8aef83787777f0822ebee547761f080151a47e255aeb38edb0bf07

Security Headers

Name	Value
X-Xss-Protection	1;mode=block

Request headers

Referer: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 14:56:49 GMT
content-encoding: gzip
cf-cache-status: MISS
cf-request-id: 08950a271e00004e43ab01d000000001
last-modified: Tue, 23 Feb 2021 21:15:44 GMT
server: cloudflare
etag: W/"0c0e1b29ad71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/css
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=691200
cf-ray: 629b7951cea94e43-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 Upload.Bootstrap.css
fd.memoriams.com/Skins/Bootstrap/ 3 KB
742 B 862ms
858ms Stylesheet
text/css 2606:4700:10::6816:4041
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fd.memoriams.com/Skins/Bootstrap/Upload.Bootstrap.css

Requested by

Host: fd.memoriams.com
URL: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::6816:4041 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4787671343f11ec3652180a5daa83633e8c71e12aae64cacbcd5224a40111bfd

Security Headers

Name	Value
X-Xss-Protection	1;mode=block

Request headers

Referer: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 14:56:49 GMT
content-encoding: gzip
cf-cache-status: MISS
cf-request-id: 08950a271d00004e43ca08c000000001
last-modified: Tue, 23 Feb 2021 21:15:44 GMT
server: cloudflare
etag: W/"0c0e1b29ad71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/css
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=691200
cf-ray: 629b7951ceac4e43-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 Dock.Bootstrap.css
fd.memoriams.com/Skins/Bootstrap/ 4 KB
861 B 810ms
806ms Stylesheet
text/css 2606:4700:10::6816:4041
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fd.memoriams.com/Skins/Bootstrap/Dock.Bootstrap.css

Requested by

Host: fd.memoriams.com
URL: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::6816:4041 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ac97c03bcc09fecb387987a68b1a1d8a45092de152950e23afea30734cc9298

Security Headers

Name	Value
X-Xss-Protection	1;mode=block

Request headers

Referer: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 14:56:49 GMT
content-encoding: gzip
cf-cache-status: MISS
cf-request-id: 08950a271e00004e439532e000000001
last-modified: Tue, 23 Feb 2021 21:15:44 GMT
server: cloudflare
etag: W/"0c0e1b29ad71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/css
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=691200
cf-ray: 629b7951cead4e43-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 Slider.Bootstrap.css
fd.memoriams.com/Skins/Bootstrap/ 7 KB
1 KB 845ms
842ms Stylesheet
text/css 2606:4700:10::6816:4041
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fd.memoriams.com/Skins/Bootstrap/Slider.Bootstrap.css

Requested by

Host: fd.memoriams.com
URL: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::6816:4041 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1dc4dd470634339c97c48ad0cfa859ecdbc360f46fa543e0507abbb0dd8310e9

Security Headers

Name	Value
X-Xss-Protection	1;mode=block

Request headers

Referer: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 14:56:49 GMT
content-encoding: gzip
cf-cache-status: MISS
cf-request-id: 08950a271e00004e438c286000000001
last-modified: Tue, 23 Feb 2021 21:15:44 GMT
server: cloudflare
etag: W/"0c0e1b29ad71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/css
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=691200
cf-ray: 629b7951ceb04e43-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 Input.Bootstrap.css
fd.memoriams.com/Skins/Bootstrap/ 4 KB
1 KB 841ms
837ms Stylesheet
text/css 2606:4700:10::6816:4041
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fd.memoriams.com/Skins/Bootstrap/Input.Bootstrap.css

Requested by

Host: fd.memoriams.com
URL: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::6816:4041 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3d6c2966abd86f89bdb73c9f9da1cb17385f9f5a5938dc6fddc8481f378057b

Security Headers

Name	Value
X-Xss-Protection	1;mode=block

Request headers

Referer: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 14:56:49 GMT
content-encoding: gzip
cf-cache-status: MISS
cf-request-id: 08950a271e00004e43658d0000000001
last-modified: Tue, 23 Feb 2021 21:15:44 GMT
server: cloudflare
etag: W/"0c0e1b29ad71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/css
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=691200
cf-ray: 629b7951ceb24e43-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 Button.Bootstrap.css
fd.memoriams.com/Skins/Bootstrap/ 16 KB
2 KB 996ms
992ms Stylesheet
text/css 2606:4700:10::6816:4041
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fd.memoriams.com/Skins/Bootstrap/Button.Bootstrap.css

Requested by

Host: fd.memoriams.com
URL: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::6816:4041 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f7295f2afaaadd7cf067c8caa7290034a78c1ea429325dc9c0e1eea7c5458a6

Security Headers

Name	Value
X-Xss-Protection	1;mode=block

Request headers

Referer: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 14:56:49 GMT
content-encoding: gzip
cf-cache-status: MISS
cf-request-id: 08950a271f00004e4372162000000001
last-modified: Tue, 23 Feb 2021 21:15:44 GMT
server: cloudflare
etag: W/"0c0e1b29ad71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/css
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=691200
cf-ray: 629b7951ceb44e43-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 ToolBar.Bootstrap.css
fd.memoriams.com/Skins/Bootstrap/ 5 KB
1008 B 809ms
806ms Stylesheet
text/css 2606:4700:10::6816:4041
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fd.memoriams.com/Skins/Bootstrap/ToolBar.Bootstrap.css

Requested by

Host: fd.memoriams.com
URL: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::6816:4041 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46456e474df9aaa490289b03a3a8961e2e7ccd2d38fa52f1b0e31d669a5e5175

Security Headers

Name	Value
X-Xss-Protection	1;mode=block

Request headers

Referer: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 14:56:49 GMT
content-encoding: gzip
cf-cache-status: MISS
cf-request-id: 08950a272100004e43a3b12000000001
last-modified: Tue, 23 Feb 2021 21:15:44 GMT
server: cloudflare
etag: W/"0c0e1b29ad71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/css
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=691200
cf-ray: 629b7951ceb64e43-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 DropDownList.Bootstrap.css
fd.memoriams.com/Skins/Bootstrap/ 2 KB
645 B 928ms
924ms Stylesheet
text/css 2606:4700:10::6816:4041
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fd.memoriams.com/Skins/Bootstrap/DropDownList.Bootstrap.css

Requested by

Host: fd.memoriams.com
URL: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::6816:4041 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d0f8568b5ce4a6781d7bd540c178c9abc482b87a4e539a6a00cb641a5b91ed9

Security Headers

Name	Value
X-Xss-Protection	1;mode=block

Request headers

Referer: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 14:56:49 GMT
content-encoding: gzip
cf-cache-status: MISS
cf-request-id: 08950a271f00004e43b0b88000000001
last-modified: Tue, 23 Feb 2021 21:15:44 GMT
server: cloudflare
etag: W/"0c0e1b29ad71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/css
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=691200
cf-ray: 629b7951ceb74e43-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 DropDownTree.Bootstrap.css
fd.memoriams.com/Skins/Bootstrap/ 3 KB
721 B 850ms
847ms Stylesheet
text/css 2606:4700:10::6816:4041
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fd.memoriams.com/Skins/Bootstrap/DropDownTree.Bootstrap.css

Requested by

Host: fd.memoriams.com
URL: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::6816:4041 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a52725df249568eccf42dc32e938200bb7ba7c8ebe068f3a7d4b5099f91a958f

Security Headers

Name	Value
X-Xss-Protection	1;mode=block

Request headers

Referer: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 14:56:49 GMT
content-encoding: gzip
cf-cache-status: MISS
cf-request-id: 08950a271f00004e438b39e000000001
last-modified: Tue, 23 Feb 2021 21:15:44 GMT
server: cloudflare
etag: W/"0c0e1b29ad71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/css
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=691200
cf-ray: 629b7951ceb94e43-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 Menu.Bootstrap.css
fd.memoriams.com/Skins/Bootstrap/ 8 KB
1 KB 919ms
916ms Stylesheet
text/css 2606:4700:10::6816:4041
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fd.memoriams.com/Skins/Bootstrap/Menu.Bootstrap.css

Requested by

Host: fd.memoriams.com
URL: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::6816:4041 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

294f8c76cb2ae379717527512cc294a8085bd06ee61a7ffc00bd38942dde29d2

Security Headers

Name	Value
X-Xss-Protection	1;mode=block

Request headers

Referer: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 14:56:49 GMT
content-encoding: gzip
cf-cache-status: MISS
cf-request-id: 08950a271f00004e4356a69000000001
last-modified: Tue, 23 Feb 2021 21:15:44 GMT
server: cloudflare
etag: W/"0c0e1b29ad71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/css
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=691200
cf-ray: 629b7951cebb4e43-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 omaha.css
fd.memoriams.com/Styles/ 155 KB
27 KB 1490ms
1488ms Stylesheet
text/css 2606:4700:10::6816:4041
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fd.memoriams.com/Styles/omaha.css

Requested by

Host: fd.memoriams.com
URL: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::6816:4041 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

683a8690d0431c43204ee9fdafddc9c0a8771c399a3895bfbaf4af732762d1d4

Security Headers

Name	Value
X-Xss-Protection	1;mode=block

Request headers

Referer: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 14:56:50 GMT
content-encoding: gzip
cf-cache-status: MISS
cf-request-id: 08950a271f00004e4394124000000001
last-modified: Tue, 23 Feb 2021 21:15:44 GMT
server: cloudflare
etag: W/"0c0e1b29ad71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/css
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=691200
cf-ray: 629b7951cebc4e43-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 WebResource.axd Show response
fd.memoriams.com/ 23 KB
5 KB 1105ms
1103ms Script
application/x-javascript 2606:4700:10::6816:4041
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fd.memoriams.com/WebResource.axd?d=QLzMt2XX3Om51pni2yPHyPkFVSm4Xsm3prnsACvlTpuJtM9WyC_8IGdR7WvpPHX5DV-NQT071vi_VOt8p9uLIVx_SPfMqs5BeK0ndkPGzGs1&t=637117981340000000

Requested by

Host: fd.memoriams.com
URL: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::6816:4041 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Security Headers

Name	Value
X-Xss-Protection	1;mode=block

Request headers

Referer: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 14:56:50 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 13 Dec 2019 08:42:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: public
cf-ray: 629b7951cec44e43-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-request-id: 08950a272000004e439d1a7000000001
expires: Tue, 01 Mar 2022 17:06:12 GMT

GET
H2 200 Telerik.Web.UI.WebResource.axd Show response
fd.memoriams.com/ 140 KB
35 KB 1030ms
1027ms Script
application/x-javascript 2606:4700:10::6816:4041
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fd.memoriams.com/Telerik.Web.UI.WebResource.axd?_TSM_HiddenField_=ctl00_ScriptManager1_TSM&compress=1&_TSM_CombinedScripts_=%3b%3bSystem.Web.Extensions%2c+Version%3d4.0.0.0%2c+Culture%3dneutral%2c+PublicKeyToken%3d31bf3856ad364e35%3aen-US%3a9ead301a-2c07-4fc5-be19-f8423a34e117%3aea597d4b%3ab25378d2

Requested by

Host: fd.memoriams.com
URL: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::6816:4041 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5da63581de820df79aef1596fd2083935f0a065c7ec96541616107c38642a79

Security Headers

Name	Value
X-Xss-Protection	1;mode=block

Request headers

Referer: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 14:56:49 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
content-length: 35162
cf-request-id: 08950a272100004e43c4aa2000000001
last-modified: Wed, 17 Jan 2018 00:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: public, max-age=31536000
cf-ray: 629b7951cec54e43-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 02 Mar 2022 14:56:49 GMT

GET
H2 200 email-decode.min.js Show response
fd.memoriams.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
885 B 12ms
10ms Script
application/javascript 2606:4700:10::6816:4041
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fd.memoriams.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: fd.memoriams.com
URL: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::6816:4041 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 14:56:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 18 Feb 2021 13:46:54 GMT
server: cloudflare
etag: W/"602e6fce-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 629b7951cec74e43-FRA
vary: Accept-Encoding
cf-request-id: 08950a272100004e43abbdf000000001
expires: Thu, 04 Mar 2021 14:56:48 GMT

GET
H3-Q050 404 gtm.js
www.googletagmanager.com/ 0
0 56ms
42ms Script
text/html 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.googletagmanager.com/gtm.js?id=GTM-WD36JJZ
Requested by: Host: fd.memoriams.com
URL: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-120368930-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 4173
date: Tue, 02 Mar 2021 13:47:17 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Tue, 02 Mar 2021 15:47:17 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
66 B 13ms
13ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1551502643&t=pageview&_s=1&dl=https%3A%2F%2Ffd.memoriams.com%2FPages%2FPrintEmailConfirmation.aspx%3Fnid%3D4318377%26vid%3D1&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=253334079&gjid=1044148442&cid=80886421.1614697010&tid=UA-120368930-3&_gid=1118999951.1614697010&_r=1&gtm=2ou2h0&z=881079553

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 14:56:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fd.memoriams.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
88 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c00::9c

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-120368930-3&cid=80886421.1614697010&jid=253334079&gjid=1044148442&_gid=1118999951.1614697010&_u=IEBAAUAAAAAAAC~&z=419182420

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 02 Mar 2021 14:56:50 GMT
content-type: text/plain
access-control-allow-origin: https://fd.memoriams.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
119 B 18ms
18ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-120368930-3&cid=80886421.1614697010&jid=253334079&_u=IEBAAUAAAAAAAC~&z=1663992459

Requested by

Host: fd.memoriams.com
URL: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 14:56:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET ga-audiences
www.google.de/ads/ 0
0

GET
H2 200 css
fonts.googleapis.com/ 11 KB
904 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:200,300,400,600,700

Requested by

Host: fd.memoriams.com
URL: https://fd.memoriams.com/Styles/omaha.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1a5f40667db61a5c505e06c3851e7e88fec09f1c8d92b0790a85e4670e4d0788

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fd.memoriams.com/Styles/omaha.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 14:56:50 GMT
server: ESF
date: Tue, 02 Mar 2021 14:56:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 02 Mar 2021 14:56:50 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
768 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:200,300,400,600,700

Requested by

Host: fd.memoriams.com
URL: https://fd.memoriams.com/Styles/omaha.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f06c5f18584e8d94f0b4997820910454e00e752f9ef1d317075879769e197529

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fd.memoriams.com/Styles/omaha.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 14:56:50 GMT
server: ESF
date: Tue, 02 Mar 2021 14:56:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 02 Mar 2021 14:56:50 GMT

GET
H2 200 css
fonts.googleapis.com/ 11 KB
873 B 23ms
23ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap

Requested by

Host: fd.memoriams.com
URL: https://fd.memoriams.com/Styles/omaha.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4a29e008c684709e47187b56a861a81009d991926d5419987e4aa9257564acc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fd.memoriams.com/Styles/omaha.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 14:40:27 GMT
server: ESF
date: Tue, 02 Mar 2021 14:56:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 02 Mar 2021 14:56:50 GMT

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/ancestry/memoriams/prod/ 208 KB
62 KB 126ms
82ms Script
application/x-javascript 23.79.129.43
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/ancestry/memoriams/prod/utag.js
Requested by: Host: fd.memoriams.com
URL: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.79.129.43 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-129-43.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5e9e2287a628077f4f600a6b7f0ba77b43501ed7b74a06ff8935c1d89f0aef3f

Request headers

Referer: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 14:56:50 GMT
content-encoding: gzip
last-modified: Tue, 02 Feb 2021 21:42:58 GMT
server: AkamaiNetStorage
etag: "f670c1643166197362710652731879d2:1612302178.140835"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
expires: Tue, 02 Mar 2021 15:01:50 GMT

GET
H2 200 Header2.png
fd.memoriams.com/Images/ 7 KB
7 KB 836ms
835ms Image
image/png 2606:4700:10::6816:4041
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fd.memoriams.com/Images/Header2.png

Requested by

Host: fd.memoriams.com
URL: https://fd.memoriams.com/Styles/omaha.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::6816:4041 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

502239d645ba2dcc91625072187d8da918f97c14c72b9584b5ba4d9d979961b6

Security Headers

Name	Value
X-Xss-Protection	1;mode=block

Request headers

Referer: https://fd.memoriams.com/Styles/omaha.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 14:56:51 GMT
cf-cache-status: MISS
content-length: 7130
cf-request-id: 08950a2d1a00004e436928c000000001
last-modified: Tue, 23 Feb 2021 21:15:42 GMT
server: cloudflare
etag: "093b0a29ad71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 629b795b5f6c4e43-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 13 KB
13 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:200,300,400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://fd.memoriams.com
Referer: https://fonts.googleapis.com/css?family=Source+Sans+Pro:200,300,400,600,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 19:41:26 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:14 GMT
server: sffe
age: 414924
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13324
x-xss-protection: 0
expires: Fri, 25 Feb 2022 19:41:26 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i94_wlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 13 KB
13 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i94_wlxdu3cOWxw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:200,300,400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68557607814f0192de7c0ca91b6271099eb9f32a1b1d90f582b22c5c8d44a93e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://fd.memoriams.com
Referer: https://fonts.googleapis.com/css?family=Source+Sans+Pro:200,300,400,600,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 04:25:49 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:51 GMT
server: sffe
age: 383461
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13008
x-xss-protection: 0
expires: Sat, 26 Feb 2022 04:25:49 GMT

GET
H3-Q050 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 13 KB
13 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu3cOWxw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:200,300,400,600,700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

487f2e9da2ff0740755a5ef01dc15a2888b89537795895203a831b13b199d8bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://fd.memoriams.com
Referer: https://fonts.googleapis.com/css?family=Source+Sans+Pro:200,300,400,600,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 11:08:31 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:11 GMT
server: sffe
age: 532099
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12976
x-xss-protection: 0
expires: Thu, 24 Feb 2022 11:08:31 GMT

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=ED3301AC512D2A290A490D4C%40AdobeOrg&d_nsid=0&ts=1614697010629
https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=ED3301AC512D2A290A490D4C%40AdobeOrg&d_nsid=0&ts=1614697010629

372 B
1 KB

37ms
36ms

XHR
application/json

52.210.171.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=ED3301AC512D2A290A490D4C%40AdobeOrg&d_nsid=0&ts=1614697010629

Requested by

Host: fd.memoriams.com
URL: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.210.171.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-171-182.eu-west-1.compute.amazonaws.com

Software

Resource Hash

cc692cb2ec20389d567c0b21562aeb09598a367d1e1ccd6f4f30f8a463835b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v089-0af65bc10.edge-irl1.demdex.com 5.80.6.20210202104731 3ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: J4IQ6oYgRjM=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://fd.memoriams.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 307
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://fd.memoriams.com
X-TID: kwtHYW7UT3A=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=ED3301AC512D2A290A490D4C%40AdobeOrg&d_nsid=0&ts=1614697010629
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 utag.1.js Show response
tags.tiqcdn.com/utag/ancestry/memoriams/prod/ 20 KB
5 KB 24ms
23ms Script
application/x-javascript 23.79.129.43
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/ancestry/memoriams/prod/utag.1.js?utv=ut4.46.201910311640
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ancestry/memoriams/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.79.129.43 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-129-43.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 96a81cb483f9a74d836f16438555ab99f5b9b9ae7251bae11f2cf2c786defc47

Request headers

Referer: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 14:56:50 GMT
content-encoding: gzip
last-modified: Thu, 31 Oct 2019 16:40:39 GMT
server: AkamaiNetStorage
etag: "c86a4ee3330c3885c51ca93022757918:1572540039.932293"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 4959
expires: Wed, 17 Mar 2021 14:56:50 GMT

GET
H2 200 utag.87.js Show response
tags.tiqcdn.com/utag/ancestry/memoriams/prod/ 54 KB
19 KB 30ms
29ms Script
application/x-javascript 23.79.129.43
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/ancestry/memoriams/prod/utag.87.js?utv=ut4.46.202102022142
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ancestry/memoriams/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.79.129.43 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-129-43.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: f7cacf3d307efe6143fa266592b0646217dff01e3d5d0419a62e4d954599d1e4

Request headers

Referer: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 14:56:50 GMT
content-encoding: gzip
last-modified: Mon, 21 Dec 2020 18:37:25 GMT
server: AkamaiNetStorage
etag: "4196dd1add15cf687ead8e13a477549c:1608575845.053447"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 19048
expires: Wed, 17 Mar 2021 14:56:50 GMT

GET
H3-Q050 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 14:20:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 2178
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
expires: Tue, 02 Mar 2021 15:20:32 GMT

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
202 B 22ms
22ms Script
application/x-javascript 23.79.129.43
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=ancestry/memoriams/202102022142&cb=1614697010674
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ancestry/memoriams/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.79.129.43 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-129-43.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 14:56:50 GMT
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type: application/x-javascript
cache-control: max-age=600
accept-ranges: bytes
content-length: 2
expires: Tue, 02 Mar 2021 15:06:50 GMT

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
68 B 38ms
38ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-53953404-1&cid=80886421.1614697010&jid=2026530283&gjid=1636394885&_gid=1118999951.1614697010&_u=aGDAgUIJAAAAAG~&z=555288432

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 02 Mar 2021 14:56:50 GMT
content-type: text/plain
access-control-allow-origin: https://fd.memoriams.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
109 B 6ms
6ms Image
image/gif 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&aip=1&a=1551502643&t=pageview&_s=1&dl=https%3A%2F%2Ffd.memoriams.com%2FPages%2FPrintEmailConfirmation.aspx%3Fnid%3D4318377%26vid%3D1&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgUIJAAAAAC~&jid=2026530283&gjid=1636394885&cid=80886421.1614697010&tid=UA-53953404-1&_gid=1118999951.1614697010&z=1281282811

Requested by

Host: fd.memoriams.com
URL: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 21:53:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61403
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Cookie set dest5.html Show response
ancestry-mcsp.demdex.net/ Frame 9765 7 KB
3 KB 131ms
31ms Document
text/html 34.249.128.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ancestry-mcsp.demdex.net/dest5.html?d_nsid=0

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ancestry/memoriams/prod/utag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.249.128.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-249-128-36.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: ancestry-mcsp.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: demdex=19812841213005835251587566645422752045
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Thu, 11 Feb 2021 14:59:45 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Set-Cookie: demdex=19812841213005835251587566645422752045;Path=/;Domain=.demdex.net;Expires=Sun, 29-Aug-2021 14:56:50 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, User-Agent
X-TID: tt5f4rXmSvM=
Content-Length: 2785
Connection: keep-alive

GET
H2 200 id Show response
ancestry.sc.omtrdc.net/ 2 B
317 B 101ms
29ms XHR
application/x-javascript 15.237.76.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ancestry.sc.omtrdc.net/id?d_visid_ver=5.0.1&d_fieldgroup=A&mcorgid=ED3301AC512D2A290A490D4C%40AdobeOrg&mid=19558159320405139961608541670822104196&ts=1614697010805

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ancestry/memoriams/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.237.76.117 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-237-76-117.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fd.memoriams.com/Pages/PrintEmailConfirmation.aspx?nid=4318377&vid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 02 Mar 2021 14:56:50 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-5955cb7dcf-88mrz
vary: Origin
x-c: main-1422.I3bac54.M0-478
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://fd.memoriams.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-type: application/x-javascript;charset=utf-8
content-length: 2
x-xss-protection: 1; mode=block

GET dd
cm.everesttech.net/cm/ 0
0

GET s81193147576310
smetrics.ancestry.com/b/ss/ancestry-global/1/JS-2.20.0/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google.de
URL: https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-120368930-3&cid=80886421.1614697010&jid=253334079&_u=IEBAAUAAAAAAAC~&z=1663992459

Domain: cm.everesttech.net
URL: https://cm.everesttech.net/cm/dd?d_uuid=19812841213005835251587566645422752045

Domain: smetrics.ancestry.com
URL: https://smetrics.ancestry.com/b/ss/ancestry-global/1/JS-2.20.0/s81193147576310?AQB=1&ndh=1&pf=1&t=2%2F2%2F2021%2015%3A56%3A50%202%20-60&sdid=6DFB4041A9001E39-25E289D204921410&mid=19558159320405139961608541670822104196&aamlh=6&ce=UTF-8&ns=ancestry&pageName=memoriams%20%3A%20printemailconfirmation&g=https%3A%2F%2Ffd.memoriams.com%2FPages%2FPrintEmailConfirmation.aspx%3Fnid%3D4318377%26vid%3D1&cc=USD&ch=memoriams&server=memoriams.com&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&v12=memoriams&v13=us&v14=memoriams&c24=not%20win%20back&c35=non%20dna%20user&v35=non%20dna%20user&v41=memoriams%20%3A%20printemailconfirmation&c42=memoriams%20%3A%20printemailconfirmation&v42=memoriams%20%3A%20printemailconfirmation&c43=memoriams%20%3A%20printemailconfirmation&v43=memoriams%20%3A%20printemailconfirmation&c44=202103021556&v44=202103021556&c45=fd.memoriams.com%2Fpages%2Fprintemailconfirmation.aspx&v45=fd.memoriams.com%2Fpages%2Fprintemailconfirmation.aspx&c49=03%2F02%2F2021%207%3A56%3A50&v49=03%2F02%2F2021%207%3A56%3A50&c50=memoriams%20%3A%20printemailconfirmation&c68=fd.memoriams.com&c73=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F83.0.4103.61%20Safari%2F537.36&v98=1.00s%3Cinteractive%3C2.00s&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=ED3301AC512D2A290A490D4C%40AdobeOrg&AQE=1

Verdicts & Comments Add Verdict or Comment

174 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.demdex.net/	1970-01-19 20:50:49	Name: demdex Value: 19812841213005835251587566645422752045
.memoriams.com/	1970-01-20 10:02:49	Name: AMCV_ED3301AC512D2A290A490D4C%40AdobeOrg Value: 359503849%7CMCIDTS%7C18689%7CMCMID%7C19558159320405139961608541670822104196%7CMCAAMLH-1615301810%7C6%7CMCAAMB-1615301810%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1614704210s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.0.1
.memoriams.com/	1969-12-31 23:59:59	Name: AMCVS_ED3301AC512D2A290A490D4C%40AdobeOrg Value: 1
fd.memoriams.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: vxe0zy1csdkrs4pg350ytk50
.memoriams.com/	1970-01-19 16:33:03	Name: _gid Value: GA1.2.1118999951.1614697010
.memoriams.com/	1970-01-19 16:31:37	Name: _gat_GUA_Memoriams Value: 1
.memoriams.com/	1970-01-20 01:17:13	Name: utag_main Value: v_id:0177f37115b60019a9a6981bf85d00078004c07000b08$_sn:1$_se:1$_ss:1$_st:1614698810615$ses_id:1614697010615%3Bexp-session$_pn:1%3Bexp-session$vapi_domain:memoriams.com
.memoriams.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.memoriams.com/	1969-12-31 23:59:59	Name: an_s_split Value: 71
.memoriams.com/	1970-02-17 11:33:21	Name: an_split Value: 69
fd.memoriams.com/	1970-01-19 16:32:59	Name: __cflb Value: 02DiuCtiXopPhjDuzeJ62fhcYw5L9KMZZqDzJ9E5ukjsJ
.memoriams.com/	1970-01-20 10:02:49	Name: _ga Value: GA1.2.80886421.1614697010
.memoriams.com/	1970-01-19 16:31:37	Name: _gat_gtag_UA_120368930_3 Value: 1
.memoriams.com/	1970-01-19 17:14:49	Name: __cfduid Value: dcbe8261f4054f06d48ef2ce9918d071b1614697007

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Xss-Protection	1;mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ancestry-mcsp.demdex.net
ancestry.sc.omtrdc.net
cdnjs.cloudflare.com
cm.everesttech.net
dpm.demdex.net
fd.memoriams.com
fonts.googleapis.com
fonts.gstatic.com
netdna.bootstrapcdn.com
smetrics.ancestry.com
stats.g.doubleclick.net
tags.tiqcdn.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
cm.everesttech.net
smetrics.ancestry.com
www.google.de
15.237.76.117
2001:4de0:ac19::1:b:3a
23.79.129.43
2606:4700:10::6816:4041
2606:4700::6810:135e
2a00:1450:4001:803::200e
2a00:1450:4001:810::2003
2a00:1450:4001:812::200a
2a00:1450:4001:813::2004
2a00:1450:4001:827::2008
2a00:1450:4001:82b::2003
2a00:1450:400c:c00::9c
2a00:1450:400c:c0c::9b
34.249.128.36
52.210.171.182
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
0ff7d3d9ea0e49b54030f983a9e9b2f2b974092827cfc181ab2c0ff783ee7fe3
1a5f40667db61a5c505e06c3851e7e88fec09f1c8d92b0790a85e4670e4d0788
1dc4dd470634339c97c48ad0cfa859ecdbc360f46fa543e0507abbb0dd8310e9
1f7295f2afaaadd7cf067c8caa7290034a78c1ea429325dc9c0e1eea7c5458a6
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
294f8c76cb2ae379717527512cc294a8085bd06ee61a7ffc00bd38942dde29d2
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46456e474df9aaa490289b03a3a8961e2e7ccd2d38fa52f1b0e31d669a5e5175
4787671343f11ec3652180a5daa83633e8c71e12aae64cacbcd5224a40111bfd
487f2e9da2ff0740755a5ef01dc15a2888b89537795895203a831b13b199d8bb
4a29e008c684709e47187b56a861a81009d991926d5419987e4aa9257564acc2
502239d645ba2dcc91625072187d8da918f97c14c72b9584b5ba4d9d979961b6
5309ca3e99da2e0fa0de2575ea750847db37fd4f4f1dbbda2a513268c702ace3
5cde316cea285a620e666f0fe27a788202b7488082c4ef2614d3d637c6ef6eb3
5e9e2287a628077f4f600a6b7f0ba77b43501ed7b74a06ff8935c1d89f0aef3f
60cb690e6d8aef83787777f0822ebee547761f080151a47e255aeb38edb0bf07
683a8690d0431c43204ee9fdafddc9c0a8771c399a3895bfbaf4af732762d1d4
68557607814f0192de7c0ca91b6271099eb9f32a1b1d90f582b22c5c8d44a93e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c135a8e2e7d6fc18e7c737b4862bec195ae2a09ea41129c17c5e8809b55f634
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7d0f8568b5ce4a6781d7bd540c178c9abc482b87a4e539a6a00cb641a5b91ed9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8ac97c03bcc09fecb387987a68b1a1d8a45092de152950e23afea30734cc9298
95e9e3ea5a0771d7eeead1503d41cde92d8eec6da0bfbc97fcff4e9d173c967a
96a81cb483f9a74d836f16438555ab99f5b9b9ae7251bae11f2cf2c786defc47
9dfafda9d758ab8adcf6b09ea2f42cc254846964494f5ec63b11cfc00abd73f4
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a452e227f703769909f85bf391ef27858f2d2f85be40682ffd929bd313c7eba2
a52725df249568eccf42dc32e938200bb7ba7c8ebe068f3a7d4b5099f91a958f
ba7acb07530cda58a56218162b939f6db624936c36fdfaf6448bdb5842780697
cc692cb2ec20389d567c0b21562aeb09598a367d1e1ccd6f4f30f8a463835b5f
d3d6c2966abd86f89bdb73c9f9da1cb17385f9f5a5938dc6fddc8481f378057b
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
dc8afc2c82dfaa46913c2a893ce9347045af161bf7e39ad19a249e1e19eb158f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e5da63581de820df79aef1596fd2083935f0a065c7ec96541616107c38642a79
e8a2daca7f4cfb40f81ee57d54eb249bc79a10e46b9fbf07f081e622e2bddcd4
ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f06c5f18584e8d94f0b4997820910454e00e752f9ef1d317075879769e197529
f2ca826425cfb805ac945971e769633c18226a74e6049e0e267d54a6fb57fc4a
f6891302072bb66c9d402ed93082be1411ad4f979dfd83980c5c266311882128
f69f7050e4488e7211a7d3c0c991b1aa5e8a80944d887d38cbef15e098d4867d
f7cacf3d307efe6143fa266592b0646217dff01e3d5d0419a62e4d954599d1e4
f7dcf8cc2879d37a5d565513c2bfe0e6842f148839435408a6bcb8fa71b9dfc3

fd.memoriams.com Open in urlscan Pro 2606:4700:10::6816:4041 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

55 Requests

95 %HTTPS

73 %IPv6

15 Domains

16 Subdomains

16 IPs

6 Countries

356 kBTransfer

1155 kBSize

14 Cookies

1 Outgoing links

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

fd.memoriams.com Open in urlscan Pro
2606:4700:10::6816:4041 Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

95 %
HTTPS

73 %
IPv6

15
Domains

16
Subdomains

16
IPs

6
Countries

356 kB
Transfer

1155 kB
Size

14
Cookies

55 HTTP transactions
0 data transactions