www.therams.com Open in urlscan Pro
151.101.193.153 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://therams.com/
Effective URL:
https://www.therams.com/
Submission: On March 01 via api (March 1st 2022, 4:55:34 pm UTC) from US — Scanned from DE

Summary HTTP 166 Redirects Links 64 Behaviour Indicators

Summary

This website contacted 57 IPs in 7 countries across 53 domains to perform 166 HTTP transactions. The main IP is 151.101.193.153, located in United States and belongs to FASTLY, US. The main domain is www.therams.com. The Cisco Umbrella rank of the primary domain is 177231.
TLS certificate: Issued by R3 on February 10th 2022. Valid for: 3 months.

This is the only time www.therams.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	151.101.129.153 151.101.129.153	54113 (FASTLY) (FASTLY)
45	151.101.193.153 151.101.193.153	54113 (FASTLY) (FASTLY)
3	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a02:26f0:6c0... 2a02:26f0:6c00:28a::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
11	151.101.65.153 151.101.65.153	54113 (FASTLY) (FASTLY)
5	2600:9000:21c... 2600:9000:21c7:3600:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
2 15	34.248.142.13 34.248.142.13	16509 (AMAZON-02) (AMAZON-02)
2 4	54.192.86.19 54.192.86.19	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
1	13.227.220.113 13.227.220.113	16509 (AMAZON-02) (AMAZON-02)
1	34.255.107.204 34.255.107.204	16509 (AMAZON-02) (AMAZON-02)
2	15.236.176.210 15.236.176.210	16509 (AMAZON-02) (AMAZON-02)
8 8	54.194.191.134 54.194.191.134	16509 (AMAZON-02) (AMAZON-02)
1	54.228.10.200 54.228.10.200	16509 (AMAZON-02) (AMAZON-02)
1	52.205.167.202 52.205.167.202	14618 (AMAZON-AES) (AMAZON-AES)
7 9	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1 1	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	2.18.234.36 2.18.234.36	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2620:116:800d... 2620:116:800d:21:3175:5196:e3fd:8c1d	16509 (AMAZON-02) (AMAZON-02)
2 2	18.198.69.109 18.198.69.109	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c70... 2a02:6ea0:c700::2	60068 (CDN77 ^_^) (CDN77 ^_^)
2 4	2606:4700::68... 2606:4700::6810:7baf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:21c... 2600:9000:21c7:7200:3:a4cd:8380:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:220... 2600:9000:2204:4e00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
9	54.240.168.32 54.240.168.32	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6811:d2cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	52.58.249.203 52.58.249.203	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	3.69.18.111 3.69.18.111	16509 (AMAZON-02) (AMAZON-02)
2 3	37.252.172.38 37.252.172.38	29990 (ASN-APPNEX) (ASN-APPNEX)
6	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	151.101.1.153 151.101.1.153	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	151.101.129.152 151.101.129.152	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::13	56396 (AMOBEE) (AMOBEE)
1	2606:4700::68... 2606:4700::6812:14bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:47b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:e8cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	184.30.210.29 184.30.210.29	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
6 12	34.246.234.200 34.246.234.200	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.192.86.50 54.192.86.50	16509 (AMAZON-02) (AMAZON-02)
2 2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 2	52.59.131.166 52.59.131.166	16509 (AMAZON-02) (AMAZON-02)
2 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	3.127.178.105 3.127.178.105	16509 (AMAZON-02) (AMAZON-02)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
1	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
8 8	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1	2a04:4e42:200... 2a04:4e42:200::300	54113 (FASTLY) (FASTLY)
1 1	54.240.168.24 54.240.168.24	16509 (AMAZON-02) (AMAZON-02)
1 1	54.84.143.226 54.84.143.226	14618 (AMAZON-AES) (AMAZON-AES)
2 3	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
166	57

3 151.101.129.153 (United States) 1 redirects

ASN54113 (FASTLY, US)

therams.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.www.nfl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 151.101.193.153 (United States)

ASN54113 (FASTLY, US)

www.therams.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:6c00:28a::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 151.101.65.153 (United States)

ASN54113 (FASTLY, US)

static.clubs.nfl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:21c7:3600:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 34.248.142.13 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-142-13.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.192.86.19 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-54-192-86-19.ams50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.220.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-220-113.ams54.r.cloudfront.net

d1z2jf7jlzjs58.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.255.107.204 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-107-204.eu-west-1.compute.amazonaws.com

nfl.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.236.176.210 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

smetrics.nfl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.194.191.134 (Dublin, Ireland) 8 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-191-134.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.228.10.200 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-10-200.eu-west-1.compute.amazonaws.com

nflenterprises.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.205.167.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-167-202.compute-1.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.181.226 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.244 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.36 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-36.deploy.static.akamaitechnologies.com

cdns.us1.gigya.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:3175:5196:e3fd:8c1d (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.198.69.109 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::2 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:7baf (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21c7:7200:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)

test.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2204:4e00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 54.240.168.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-240-168-32.ams54.r.cloudfront.net

auth-id.nfl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d2cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.58.249.203 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-249-203.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.69.18.111 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-18-111.eu-central-1.compute.amazonaws.com

audit-tcfv2.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.38 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.153 (United States)

ASN54113 (FASTLY, US)

p.nfltags.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.152 (United States)

ASN54113 (FASTLY, US)

api.nfl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::13 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:14bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:47b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e8cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.210.29 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-210-29.deploy.static.akamaitechnologies.com

us.connextra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.215.191 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 34.246.234.200 (Dublin, Ireland) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-234-200.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.192.86.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-86-50.ams50.r.cloudfront.net

auth-id.therams.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.59.131.166 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-131-166.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.178.105 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-178-105.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.2.49 (United States) 8 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.240.168.24 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-54-240-168-24.ams54.r.cloudfront.net

ads.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.84.143.226 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-143-226.compute-1.amazonaws.com

evt.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.130.91 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	therams.com 1 redirects therams.com — Cisco Umbrella Rank: 170909 www.therams.com — Cisco Umbrella Rank: 177231 auth-id.therams.com — Cisco Umbrella Rank: 501153	471 KB
28	everesttech.net 22 redirects cm.everesttech.net — Cisco Umbrella Rank: 881 pixel.everesttech.net — Cisco Umbrella Rank: 2907 sync-tm.everesttech.net — Cisco Umbrella Rank: 491	11 KB
26	nfl.com static.clubs.nfl.com — Cisco Umbrella Rank: 31202 smetrics.nfl.com — Cisco Umbrella Rank: 23858 static.www.nfl.com — Cisco Umbrella Rank: 24358 auth-id.nfl.com — Cisco Umbrella Rank: 25829 api.nfl.com — Cisco Umbrella Rank: 17224	964 KB
16	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 187 nfl.demdex.net — Cisco Umbrella Rank: 24809	19 KB
13	doubleclick.net 7 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 googleads.g.doubleclick.net — Cisco Umbrella Rank: 37 stats.g.doubleclick.net — Cisco Umbrella Rank: 67 cm.g.doubleclick.net — Cisco Umbrella Rank: 175	152 KB
7	consensu.org quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2040 test.quantcast.mgr.consensu.org — Cisco Umbrella Rank: 5726 audit-tcfv2.quantcast.mgr.consensu.org — Cisco Umbrella Rank: 9863	176 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	631 B
4	google.com www.google.com — Cisco Umbrella Rank: 2 apis.google.com — Cisco Umbrella Rank: 86	112 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 126	200 KB
4	unpkg.com 2 redirects unpkg.com — Cisco Umbrella Rank: 802	45 KB
4	scorecardresearch.com 2 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 129	3 KB
4	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 505	103 KB
3	amazon-adsystem.com 2 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 266	2 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 210	3 KB
3	exelator.com 2 redirects loadm.exelator.com — Cisco Umbrella Rank: 891 load77.exelator.com — Cisco Umbrella Rank: 2952	2 KB
3	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 2951 onesignal.com — Cisco Umbrella Rank: 1314	73 KB
2	undertone.com 2 redirects ads.undertone.com — Cisco Umbrella Rank: 5552 evt.undertone.com — Cisco Umbrella Rank: 6500	1 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 469	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 488	2 KB
2	yahoo.com 1 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 855 ads.yahoo.com — Cisco Umbrella Rank: 835	865 B
2	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 355	789 B
2	advertising.com 1 redirects pixel.advertising.com — Cisco Umbrella Rank: 307	602 B
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 295	935 B
2	hubspot.com track.hubspot.com — Cisco Umbrella Rank: 2223 forms.hubspot.com — Cisco Umbrella Rank: 3078	2 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6342	611 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 704	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	77 KB
1	taboola.com trc.taboola.com — Cisco Umbrella Rank: 571	240 B
1	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 752	547 B
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 322	274 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 288	239 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 776	324 B
1	eyeota.net 1 redirects ps.eyeota.net — Cisco Umbrella Rank: 845	418 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 468	355 B
1	addthis.com 1 redirects x.dlx.addthis.com — Cisco Umbrella Rank: 982	175 B
1	connextra.com us.connextra.com — Cisco Umbrella Rank: 25050
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 4013	87 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2019	20 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2042	16 KB
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 754	402 B
1	nfltags.com p.nfltags.com — Cisco Umbrella Rank: 31033	176 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2180	959 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 770	345 B
1	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 829	10 KB
1	gigya.com cdns.us1.gigya.com — Cisco Umbrella Rank: 7079	133 KB
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 387	685 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 99	15 KB
1	parsely.com p1.parsely.com — Cisco Umbrella Rank: 1996	258 B
1	omtrdc.net nflenterprises.tt.omtrdc.net — Cisco Umbrella Rank: 24814	593 B
1	cloudfront.net d1z2jf7jlzjs58.cloudfront.net	24 KB
1	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 407	29 KB
0	netmng.com Failed adb2waycm-atl.netmng.com Failed
166	53

	Domain	Requested by
45	www.therams.com	www.therams.com
15	dpm.demdex.net	2 redirects www.therams.com
12	pixel.everesttech.net	6 redirects
11	static.clubs.nfl.com	www.therams.com
9	auth-id.nfl.com	cdns.us1.gigya.com auth-id.nfl.com
8	sync-tm.everesttech.net	8 redirects
8	cm.g.doubleclick.net	7 redirects
8	cm.everesttech.net	8 redirects
6	www.facebook.com	www.therams.com connect.facebook.net
5	quantcast.mgr.consensu.org	www.therams.com quantcast.mgr.consensu.org
4	connect.facebook.net	www.therams.com connect.facebook.net cdns.us1.gigya.com
4	unpkg.com	2 redirects www.therams.com
4	sb.scorecardresearch.com	2 redirects www.therams.com
4	assets.adobedtm.com	www.therams.com assets.adobedtm.com
3	s.amazon-adsystem.com	2 redirects
3	ib.adnxs.com	2 redirects
3	securepubads.g.doubleclick.net	www.therams.com securepubads.g.doubleclick.net
2	sync.search.spotxchange.com	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	apis.google.com	cdns.us1.gigya.com apis.google.com
2	gum.criteo.com	2 redirects
2	pixel.advertising.com	1 redirects
2	match.adsrvr.org	2 redirects
2	api.nfl.com	p.nfltags.com
2	www.google.de	www.therams.com
2	www.google.com	www.therams.com
2	pm.w55c.net	2 redirects
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	loadm.exelator.com	2 redirects
2	static.www.nfl.com	www.therams.com
2	smetrics.nfl.com	assets.adobedtm.com
2	www.googletagmanager.com	assets.adobedtm.com
2	cdn.onesignal.com	www.therams.com cdn.onesignal.com
1	evt.undertone.com	1 redirects
1	ads.undertone.com	1 redirects
1	trc.taboola.com
1	image2.pubmatic.com
1	us-u.openx.net
1	pixel.rubiconproject.com
1	ads.yahoo.com
1	odr.mookie1.com
1	cms.analytics.yahoo.com	1 redirects
1	ps.eyeota.net	1 redirects
1	auth-id.therams.com	cdns.us1.gigya.com
1	forms.hubspot.com	js.hsleadflows.net
1	track.hubspot.com
1	analytics.twitter.com	www.therams.com
1	x.dlx.addthis.com	1 redirects
1	us.connextra.com	assets.adobedtm.com
1	js.hsleadflows.net	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	d.turn.com	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	p.nfltags.com	www.therams.com
1	audit-tcfv2.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	googleads.g.doubleclick.net	www.googleadservices.com
1	js.hs-scripts.com	assets.adobedtm.com
1	rules.quantcount.com	secure.quantserve.com
1	test.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	load77.exelator.com	www.therams.com
1	secure.quantserve.com	quantcast.mgr.consensu.org
1	cdns.us1.gigya.com	www.therams.com
1	sync.mathtag.com	1 redirects
1	www.googleadservices.com	www.googletagmanager.com
1	p1.parsely.com	www.therams.com
1	nflenterprises.tt.omtrdc.net	assets.adobedtm.com
1	nfl.demdex.net	assets.adobedtm.com
1	onesignal.com	cdn.onesignal.com
1	d1z2jf7jlzjs58.cloudfront.net	assets.adobedtm.com
1	imasdk.googleapis.com	www.therams.com
1	therams.com	1 redirects
0	adb2waycm-atl.netmng.com Failed	www.therams.com
166	73

This site contains links to these domains. Also see Links.

Domain
www.nfl.com
www.ramsfanshop.com
www.pntrac.com
sports.yahoo.com
ramsnewlook.com
am.ticketmaster.com
laramsplates.com
itunes.apple.com
play.google.com
www.facebook.com
www.instagram.com
www.snapchat.com
twitter.com
www.youtube.com
www.tiktok.com
open.spotify.com
www.linkedin.com
rams.formstack.com
www.teamworkonline.com
www.stanza.co
onlocationexp.com
www.baltimoreravens.com
www.bengals.com
www.clevelandbrowns.com
www.steelers.com
www.buffalobills.com
www.miamidolphins.com
www.patriots.com
www.newyorkjets.com
www.houstontexans.com
www.colts.com
www.jaguars.com
www.tennesseetitans.com
www.denverbroncos.com
www.chiefs.com
www.chargers.com
www.raiders.com
www.chicagobears.com
www.detroitlions.com
www.packers.com
www.vikings.com
www.dallascowboys.com
www.giants.com
www.philadelphiaeagles.com
www.commanders.com
www.atlantafalcons.com
www.panthers.com
www.neworleanssaints.com
www.buccaneers.com
www.azcardinals.com
www.49ers.com
www.seahawks.com
operations.nfl.com
www.nflshop.com
nflonlocation.com
www.profootballhof.com
www.nfl.info
www.usafootball.com
www.nflextrapoints.com
www.ticketmaster.com

Subject Issuer	Validity	Valid
clubs.nfl.com R3	`2022-02-10` - `2022-05-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-04` - `2022-07-03`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-10` - `2022-09-10`	a year	crt.sh
quantcast.mgr.consensu.org Amazon	`2021-04-24` - `2022-05-23`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
smetrics.nfl.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-26` - `2022-08-26`	a year	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-11` - `2022-10-12`	a year	crt.sh
*.parsely.com R3	`2022-01-16` - `2022-04-16`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
cdns.gigya.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-04`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
static.www.nfl.com R3	`2022-02-15` - `2022-05-16`	3 months	crt.sh
auth-id.nfl.com Amazon	`2021-11-22` - `2022-12-20`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-12-08` - `2022-03-08`	3 months	crt.sh
ndc-production-san.nfl.com R3	`2022-02-03` - `2022-05-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
clubsweb.san1.nfl.com R3	`2022-02-07` - `2022-05-08`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.connextra.com DigiCert SHA2 Secure Server CA	`2021-07-04` - `2022-07-13`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-06` - `2023-01-05`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2021-06-26` - `2022-06-25`	a year	crt.sh
auth-id.therams.com Amazon	`2021-11-16` - `2022-12-15`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://www.therams.com/
Frame ID: CAFC4F2A170A694E1889A569417ECAC9
Requests: 125 HTTP requests in this frame

Frame: https://nfl.demdex.net/dest5.html?d_nsid=0
Frame ID: A664B6D41C0B4B16AFBCE54FCD93A772
Requests: 34 HTTP requests in this frame

Frame: https://auth-id.nfl.com/gs/webSdk/Api.aspx?apiKey=4_9uJbeFZZVmtKTfSv1bjUVQ&version=latest&build=12833
Frame ID: 3E049AA7B00316F73E59DCA34AC58A83
Requests: 2 HTTP requests in this frame

Frame: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=12833
Frame ID: 9A36C4F32B7078B2DE4E2AADB3291225
Requests: 2 HTTP requests in this frame

Frame: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=12833
Frame ID: 35A1ED522C91F4E101690E3D3902CB97
Requests: 2 HTTP requests in this frame

Frame: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=12833
Frame ID: 3813760CD575AF46E2C1475771E5AB2B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Los Angeles Rams Home | Los Angeles Rams - therams.com

Page URL History Show full URLs

https://therams.com/ HTTP 301
https://www.therams.com/ Page URL

Detected technologies

SAP Customer Data Cloud Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

\.gigya\.com/JS/gigya\.js

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Choice (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

quantcast\.mgr\.consensu\.org

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

166
Requests

78 %
HTTPS

41 %
IPv6

53
Domains

73
Subdomains

57
IPs

7
Countries

2935 kB
Transfer

8241 kB
Size

65
Cookies

64 Outgoing links

These are links going to different origins than the main page.

URL: https://www.nfl.com/legal/privacy/
Title: privacy policy

Search URL Search Domain Scan URL

URL: https://www.ramsfanshop.com/los-angeles-rams-SBLVI-Champs/t-3434+c-13423?_s=bm-super-bowl-champions-comad-rams-sticky-top-banners

Search URL Search Domain Scan URL

URL: https://www.ramsfanshop.com/?_s=bm-Rams-TopNav-0124
Title: RAMS SHOP

Search URL Search Domain Scan URL

URL: https://www.pntrac.com/t/2-479175-57835-55814
Title: GAME PASS

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nfl/live-video/?is_retargeting=true&af_sub1=Acquisition&c=US_Acquisition_YMktg_NFLLive_NFLinapp_NFLteamappusers&pid=partnership&af_sub5=NFLteamapps__Static_&af_sub2=US_YMktg
Title: LIVE NFL GAMES

Search URL Search Domain Scan URL

URL: https://ramsnewlook.com/?utm_source=therams.com&utm_medium=nav
Title: UNIFORMS

Search URL Search Domain Scan URL

URL: https://www.ramsfanshop.com/?_s=bm-Rams-Header-MobHotButton-061721
Title: SHOP

Search URL Search Domain Scan URL

URL: https://www.ramsfanshop.com/los-angeles-rams-SBLVI-Champs/t-3434+c-13423?_s=bm-super-bowl-champions-comad-rams-news

Search URL Search Domain Scan URL

URL: https://www.ramsfanshop.com/los-angeles-rams-SBLVI-Champs/t-3434+c-13423?_s=bm-super-bowl-champions-comad-rams-page-takeover

Search URL Search Domain Scan URL

URL: https://am.ticketmaster.com/rams/
Title: ACCOUNT MANAGER

Search URL Search Domain Scan URL

URL: https://laramsplates.com/

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/app/los-angeles-rams/id467623653?mt=8
Title: DOWNLOAD FOR iOS

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.yinzcam.nfl.rams
Title: DOWNLOAD FOR ANDROID

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Rams/
Title: facebook Rams

Search URL Search Domain Scan URL

URL: https://www.instagram.com/rams/
Title: instagram Rams

Search URL Search Domain Scan URL

URL: https://www.snapchat.com/add/snaptherams
Title: snapchat SnapTheRams

Search URL Search Domain Scan URL

URL: https://twitter.com/ramsnfl
Title: twitter RamsNFL

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCyJ6yZdVUkBvt2vl4R03jcA
Title: youtube Los Angeles Rams

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@rams
Title: tiktok Rams

Search URL Search Domain Scan URL

URL: https://open.spotify.com/show/5mkt0hgTNL81R8cjngLS1e
Title: spotify Rams Iconic Podcast

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/los-angeles-rams
Title: linkedin Los Angeles Rams

Search URL Search Domain Scan URL

URL: https://rams.formstack.com/forms/sign_up
Title: email Email/SMS

Search URL Search Domain Scan URL

URL: https://www.teamworkonline.com/football-jobs/la-rams-careers/la-rams-micro
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.stanza.co/button/launch?calendar=https%3A%2F%2Fspoton.it%2Fschedules%2Fnfl-rams#/
Title: Add to Calendar

Search URL Search Domain Scan URL

URL: https://onlocationexp.com/nfl/los-angeles-rams-tickets?utm_source=therams.com&utm_medium=referral&utm_campaign=sb56_teams-rams_footer_menu
Title: Super Bowl Packages

Search URL Search Domain Scan URL

URL: https://www.baltimoreravens.com/

Search URL Search Domain Scan URL

URL: https://www.bengals.com/

Search URL Search Domain Scan URL

URL: https://www.clevelandbrowns.com/

Search URL Search Domain Scan URL

URL: https://www.steelers.com/

Search URL Search Domain Scan URL

URL: https://www.buffalobills.com/

Search URL Search Domain Scan URL

URL: https://www.miamidolphins.com/

Search URL Search Domain Scan URL

URL: https://www.patriots.com/

Search URL Search Domain Scan URL

URL: https://www.newyorkjets.com/

Search URL Search Domain Scan URL

URL: https://www.houstontexans.com/

Search URL Search Domain Scan URL

URL: https://www.colts.com/

Search URL Search Domain Scan URL

URL: https://www.jaguars.com/

Search URL Search Domain Scan URL

URL: https://www.tennesseetitans.com/

Search URL Search Domain Scan URL

URL: https://www.denverbroncos.com/

Search URL Search Domain Scan URL

URL: https://www.chiefs.com/

Search URL Search Domain Scan URL

URL: https://www.chargers.com/

Search URL Search Domain Scan URL

URL: https://www.raiders.com/

Search URL Search Domain Scan URL

URL: https://www.chicagobears.com/

Search URL Search Domain Scan URL

URL: https://www.detroitlions.com/

Search URL Search Domain Scan URL

URL: https://www.packers.com/

Search URL Search Domain Scan URL

URL: https://www.vikings.com/

Search URL Search Domain Scan URL

URL: https://www.dallascowboys.com/

Search URL Search Domain Scan URL

URL: https://www.giants.com/

Search URL Search Domain Scan URL

URL: https://www.philadelphiaeagles.com/

Search URL Search Domain Scan URL

URL: https://www.commanders.com/

Search URL Search Domain Scan URL

URL: https://www.atlantafalcons.com/

Search URL Search Domain Scan URL

URL: https://www.panthers.com/

Search URL Search Domain Scan URL

URL: https://www.neworleanssaints.com/

Search URL Search Domain Scan URL

URL: https://www.buccaneers.com/

Search URL Search Domain Scan URL

URL: https://www.azcardinals.com/

Search URL Search Domain Scan URL

URL: https://www.49ers.com/

Search URL Search Domain Scan URL

URL: https://www.seahawks.com/

Search URL Search Domain Scan URL

URL: https://operations.nfl.com/
Title: NFL Football Operations

Search URL Search Domain Scan URL

URL: https://www.nflshop.com/source/bm-nflcom-2017-BottomBanner-shopgeneric
Title: NFL Shop

Search URL Search Domain Scan URL

URL: https://nflonlocation.com/?utm_campaign=OLE&utm_medium=referral&utm_source=nfl&utm_content=footerlink
Title: NFL On Location

Search URL Search Domain Scan URL

URL: https://www.profootballhof.com/
Title: Pro Football Hall of Fame

Search URL Search Domain Scan URL

URL: https://www.nfl.info/NFLConsProd/Welcome/index.html
Title: Licensing

Search URL Search Domain Scan URL

URL: https://www.usafootball.com/
Title: USA Football

Search URL Search Domain Scan URL

URL: https://www.nflextrapoints.com/nfl-extra-points-credit-card/?campaignId=2038&shopperid=&cellNumber=706&referrerid=NFLB070911&referrerid=NFLB070911&publisherid=&advertisementid=#national-football-league
Title: NFL Extra Points

Search URL Search Domain Scan URL

URL: https://www.ticketmaster.com/nfl?wt.mc_id=NFL_LEAGUE_FOOTER_LINK&utm_source=NFL.com&utm_medium=client&utm_campaign=NFL_LEAGUE&utm_content=FOOTER_LINK
Title: NFL Ticket Exchange

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://therams.com/ HTTP 301
https://www.therams.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1646153727904 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1646153727904

Request Chain 27

https://sb.scorecardresearch.com/cs/3005386/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 34

https://sb.scorecardresearch.com/b?c1=2&c2=3005386&cs_cmp_nc=1&cs_it=b2&cv=3.8.0.210223&ns__t=1646153728066&ns_c=UTF-8&c7=https%3A%2F%2Fwww.therams.com%2F&c8=Los%20Angeles%20Rams%20Home%20%7C%20Los%20Angeles%20Rams%20-%20therams.com&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=3005386&cs_cmp_nc=1&cs_it=b2&cv=3.8.0.210223&ns__t=1646153728066&ns_c=UTF-8&c7=https%3A%2F%2Fwww.therams.com%2F&c8=Los%20Angeles%20Rams%20Home%20%7C%20Los%20Angeles%20Rams%20-%20therams.com&c9=

Request Chain 37

https://cm.everesttech.net/cm/dd?d_uuid=62030311748104556671576419898913206234 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yh5QAAAAALWGHgQp

Request Chain 42

https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=62030311748104556671576419898913206234&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d62030311748104556671576419898913206234 HTTP 302
https://dpm.demdex.net/ibs:dpid=269&dpuuid=3aa9621e-5000-4a00-a7f6-0b01f443d771&ddsuuid=62030311748104556671576419898913206234

Request Chain 66

https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=62030311748104556671576419898913206234 HTTP 302
https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=62030311748104556671576419898913206234&xl8blockcheck=1 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 68

https://unpkg.com/react@17/umd/react.production.min.js HTTP 302
https://unpkg.com/react@17.0.2/umd/react.production.min.js

Request Chain 69

https://unpkg.com/react-dom@17/umd/react-dom.production.min.js HTTP 302
https://unpkg.com/react-dom@17.0.2/umd/react-dom.production.min.js

Request Chain 89

https://pm.w55c.net/ping_match.gif?st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_ HTTP 302
https://dpm.demdex.net/ibs:dpid=359&dpuuid=Du03Q9IK1Np5MA5

Request Chain 97

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
https://dpm.demdex.net/ibs:dpid=358&dpuuid=7037450098884816168

Request Chain 110

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=470&dpuuid=8750454965806440114

Request Chain 120

https://x.dlx.addthis.com/e/demdex_sync?na_exid=62030311748104556671576419898913206234&ru=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%3Cna_id%3E%20 HTTP 301
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2022030116552900013707678364

Request Chain 122

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NjIwMzAzMTE3NDgxMDQ1NTY2NzE1NzY0MTk4OTg5MTMyMDYyMzQ= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEIhVKDL6p7a2C5uRghIRgIQ&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 125

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.everesttech.net%2F1x1%3F HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WWg1UUFBQUFBTFdHSGdRcA&url=/1/gr%3furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F&google_gid=CAESEBrUMfH7RDFDkEFAr0tCi5U&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 131

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072980%26val%3D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WWg1UUFBQUFBTFdHSGdRcA&url=/1/gr%3furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEBrUMfH7RDFDkEFAr0tCi5U&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 132

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fib.adnxs.com%2Fpxj%3Faction%3Dsetuid(%27__EFGSURFER__.__EFGCK__%27)%26bidder%3D51%26seg%3D2634060der%3D51%26seg%3D2634060 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WWg1UUFBQUFBTFdHSGdRcA&url=/1/gr%3furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D2634060der%253D51%2526seg%253D2634060 HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D2634060der%253D51%2526seg%253D2634060&google_gid=CAESEBrUMfH7RDFDkEFAr0tCi5U&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 134

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fexpires%3D30%26nid%3D2181%26put%3D__EFGSURFER__.__EFGCK__%26v%3D11782 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WWg1UUFBQUFBTFdHSGdRcA&url=/1/gr%3furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2526v%253D11782 HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2526v%253D11782&google_gid=CAESEBrUMfH7RDFDkEFAr0tCi5U&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 135

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%3D%26piggybackCookie%3D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WWg1UUFBQUFBTFdHSGdRcA&url=/1/gr%3furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggybackCookie%253D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggybackCookie%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEBrUMfH7RDFDkEFAr0tCi5U&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 136

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=903&dpuuid=b7ef8c92-61cb-422b-a248-9ff49c3ca367

Request Chain 137

https://pixel.advertising.com/ups/28/sync?uid=62030311748104556671576419898913206234&_origin=1&redir=true HTTP 302
https://pixel.advertising.com/ups/28/sync?uid=62030311748104556671576419898913206234&_origin=1&redir=true&verify=true

Request Chain 138

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D71%26external_user_id%3D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WWg1UUFBQUFBTFdHSGdRcA&url=/1/gr%3furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEBrUMfH7RDFDkEFAr0tCi5U&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 141

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://gum.criteo.com/sync?s=1&c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=hZ4S3U2f-PO0kFQR8l0Ia-QQD_GHyrBe&gdpr=0&gdpr_consent=

Request Chain 142

https://ps.eyeota.net/match?bid=6j5b2cv&uid=62030311748104556671576419898913206234&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

Request Chain 143

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=62030311748104556671576419898913206234&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-2ScGTipE2pHfC4nMAtxGxSN.tDztG_MARho-~A

Request Chain 147

https://cm.everesttech.net/cm/yh HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=Yh5QAAAAALWGHgQp&sigv=1&esig=1~a745df55641057a5f0eda38b3d5dc74df765b357

Request Chain 148

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWg1UUFBQUFBTFdHSGdRcA==

Request Chain 149

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Yh5QAAAAALWGHgQp&expires=90

Request Chain 153

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yh5QAAAAALWGHgQp HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yh5QAAAAALWGHgQp&C=1

Request Chain 156

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
https://ib.adnxs.com/setuid?entity=158&code=Yh5QAAAAALWGHgQp

Request Chain 159

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yh5QAAAAALWGHgQp

Request Chain 160

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yh5QAAAAALWGHgQp

Request Chain 161

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Yh5QAAAAALWGHgQp&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Yh5QAAAAALWGHgQp&img=1&__user_check__=1&sync_id=6785d10b-9980-11ec-886f-14bc9e680306

Request Chain 162

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Yh5QAAAAALWGHgQp&t=2592000&o=0

Request Chain 164

https://ads.undertone.com/u?dp=32&url=https%3A//dpm.demdex.net/ibs%3Adpid%3D152416%26dpuuid%3D HTTP 307
https://evt.undertone.com/u?dp=32&url=https%3A//dpm.demdex.net/ibs%3Adpid%3D152416%26dpuuid%3D HTTP 302
https://dpm.demdex.net/ibs:dpid=152416&dpuuid=

Request Chain 165

https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433 HTTP 302
https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433&dcc=t HTTP 302
https://dpm.demdex.net/ibs:dpid=139200&dpuuid=SSWROQdZReCs0qPefj7SCA&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=62030311748104556671576419898913206234

166 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.therams.com/
Redirect Chain

https://therams.com/
https://www.therams.com/

492 KB
85 KB

225ms
182ms

Document
text/html

151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

8977e9a04b35b4e93e8d23e89b9a0084dcad5a10ff01079be0c9c08996591b50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Length: 86687
content-type: text/html
server: envoy
content-encoding: gzip
access-control-allow-origin: *
service-worker-allowed: /
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-envoy-upstream-service-time: 1672
strict-transport-security: max-age=31536000
origin-site: LV1
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Tue, 01 Mar 2022 16:55:27 GMT
Age: 0
X-NFL-Geo: country_code=DE
X-NFL-Dma: 276006
X-Served-By: cache-nf-las9120-NF-LAS, cache-lax10656-LGB, cache-hhn4061-HHN
X-Cache: HIT, MISS, MISS
X-Cache-Hits: 1, 0, 0
X-Timer: S1646153727.340357,VS0,VE176
Vary: Accept-Encoding,X-NFL-Geo,Origin

Redirect headers

Connection: close
Content-Length: 0
Server: Varnish
Retry-After: 0
Location: https://www.therams.com/
Cache-Control: private
Accept-Ranges: bytes
Date: Tue, 01 Mar 2022 16:55:27 GMT
Via: 1.1 varnish
X-NFL-Geo: country_code=DE
X-NFL-Dma: 276006
X-Served-By: cache-hhn4031-HHN
X-Cache: HIT
X-Cache-Hits: 0

GET
H/1.1 200
OK base.css
www.therams.com/compiledassets/css/ 508 KB
90 KB 144ms
144ms Stylesheet
text/css 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/css/base.css?_t=d88dbc479573a51bd84878e5bd0cfe7c

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

cf6d682f0289fa284b2a55d17f29501dc0b97a0a5777af3d0ff6e57e56b13bef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/
Origin: https://www.therams.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 0
Via: 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 3
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 90932
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9123-NF-LAS, cache-hhn4061-HHN
X-NFL-Dma: 276006
last-modified: Fri, 25 Feb 2022 21:06:02 GMT
server: envoy
X-Timer: S1646153728.544267,VS0,VE137
etag: "1d82a8b7e9229fd"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: text/css
access-control-allow-origin: https://www.therams.com
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Tue, 01 Mar 2022 16:55:27 GMT
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK d67c44a609a9b0620bc93a8019cd60e8
www.therams.com/compiledassets/theming/ 16 KB
4 KB 131ms
110ms Stylesheet
text/css 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/theming/d67c44a609a9b0620bc93a8019cd60e8

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

47c51b8272102bc692e117de7f58ea6c6f5e7c18fc262512ad902ef1c645609b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/
Origin: https://www.therams.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1349634
Via: 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 8
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 3441
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9120-NF-LAS, cache-hhn4051-HHN
X-NFL-Dma: 276006
server: envoy
X-Timer: S1646153728.569312,VS0,VE100
Date: Tue, 01 Mar 2022 16:55:27 GMT
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: text/css
access-control-allow-origin: https://www.therams.com
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 3, 1

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 154ms
61ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

b384b5e8bbd0a5bb8d550c6475c3a1f8f99fd48dd5cfa55fd80f764926b80999

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:55:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27680
x-xss-protection: 0
server: sffe
etag: "1146 / 86 of 1000 / last-modified: 1646136456"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 01 Mar 2022 16:55:27 GMT

GET
H2 200 gpt_proxy.js Show response
imasdk.googleapis.com/js/sdkloader/ 79 KB
29 KB 186ms
43ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/gpt_proxy.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06c1ae2d8de19aee620db18e7942df9d1c634197bfe7da0f7aa9958176d1067b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:54:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28708
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 23:43:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=900
accept-ranges: bytes
expires: Tue, 01 Mar 2022 17:09:58 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 35ms
17ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:55:27 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 230
etag: W/"a393ad4e03deeab316f7121a80708ce6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6e536b9ebb57917c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 04 Mar 2022 16:55:27 GMT

GET
H2 200 launch-43d0dff5e3ff.min.js Show response
assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/ 273 KB
80 KB 40ms
8ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 2465a231a58b82c620d23b94ee93bb2bdc046acf40e9ded0aacf40cc43384952

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:55:27 GMT
content-encoding: gzip
last-modified: Thu, 23 Dec 2021 00:10:00 GMT
server: AkamaiNetStorage
etag: "2706c6195820af5978bfcfb529ca1907:1640218200.981688"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.therams.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 81255
expires: Tue, 01 Mar 2022 17:55:27 GMT

GET
H/1.1 200
OK sdozabcfjeqx1cng3so3.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_8_desktop_mobile/t_lazy/f_auto/rams/ 9 KB
10 KB 48ms
8ms Image
image/webp 151.101.65.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_8_desktop_mobile/t_lazy/f_auto/rams/sdozabcfjeqx1cng3so3.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 5f28c1ce6a8db182d846bc4bd1baf9f8aea74f6e8efa4b14ebaa68bcee94cc18

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 01 Mar 2022 16:55:27 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 64286
Edge-Cache-Tag: 410313206463368692162549275314084912460,402427362555912672425739576678711768492,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 410313206463368692162549275314084912460,402427362555912672425739576678711768492,c34f21cfe162ce329654d565922e8c70
Status: 200 OK
Content-Disposition: inline; filename="sdozabcfjeqx1cng3so3.webp"
Connection: keep-alive
Content-Length: 8848
X-Request-Id: fbdfe47b20f72d86d9c1929e9846f2e9
X-Served-By: cache-iad-kcgs7200153-IAD, cache-iad-kiad7000067-IAD, cache-hhn4053-HHN
X-Cache: MISS, HIT, HIT
Last-Modified: Mon, 28 Feb 2022 23:04:02 GMT
Server: cloudinary
X-Timer: S1646153728.823084,VS0,VE1
Etag: "5b6e7076ad2099a161c03189f31d13a1"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 1, 1

GET
H2 200 choice.js Show response
quantcast.mgr.consensu.org/choice/gGpYeVwuEvd4w/www.therams.com/ 6 KB
2 KB 506ms
472ms Script
application/javascript 2600:9000:21c7:3600:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/gGpYeVwuEvd4w/www.therams.com/choice.js
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21c7:3600:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aafa5bd1a6d109986f239e94e42036262c7eb9189f63b4f00cefbfe963ca6ad3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 01 Mar 2022 16:55:29 GMT
content-encoding: br
last-modified: Thu, 03 Feb 2022 21:46:46 GMT
server: AmazonS3
x-amz-cf-pop: AMS54-C1
etag: W/"88ab4a15a734e08bba7a8735b1d3edf4"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 b619a16f6f8fe9793bf642d2a8434284.cloudfront.net (CloudFront)
cache-control: max-age=900
cross-origin-resource-policy: cross-origin
x-amz-cf-id: JvXjfiZwNRLrWUl40MhROk5h-Lj3a25KHKE2eAObMoq7aM1i8xALYA==

GET
H/1.1 200
OK base.css
www.therams.com/compiledassets/css/ 508 KB
90 KB 178ms
159ms Stylesheet
text/css 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/css/base.css?_t=d88dbc479573a51bd84878e5bd0cfe7c

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

cf6d682f0289fa284b2a55d17f29501dc0b97a0a5777af3d0ff6e57e56b13bef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 0
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 3
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 90932
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9122-NF-LAS, cache-lax10664-LGB, cache-hhn4051-HHN
X-NFL-Dma: 276006
last-modified: Fri, 25 Feb 2022 21:06:02 GMT
server: envoy
X-Timer: S1646153728.567142,VS0,VE150
etag: "1d82a8b7e9229fd"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: text/css
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Tue, 01 Mar 2022 16:55:27 GMT
X-Cache-Hits: 0, 0, 1

GET
H/1.1 200
OK d67c44a609a9b0620bc93a8019cd60e8
www.therams.com/compiledassets/theming/ 16 KB
4 KB 33ms
12ms Stylesheet
text/css 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/theming/d67c44a609a9b0620bc93a8019cd60e8

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

47c51b8272102bc692e117de7f58ea6c6f5e7c18fc262512ad902ef1c645609b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1413128
Via: 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 10
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 3441
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9123-NF-LAS, cache-hhn4055-HHN
X-NFL-Dma: 276006
server: envoy
X-Timer: S1646153728.574507,VS0,VE0
Date: Tue, 01 Mar 2022 16:55:27 GMT
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: text/css
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 3, 134

GET
H/1.1 200
OK dwrbwyhg0yv53z4omtfw.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/ 2 KB
3 KB 47ms
7ms Image
image/webp 151.101.65.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/dwrbwyhg0yv53z4omtfw.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 9ff4764a6542f35a47ce43ca58142fd062e7a6ca79b4b2b3bcccff49732630b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 01 Mar 2022 16:55:27 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 2090132
Edge-Cache-Tag: 503639730933124820193278774953482029463,620112503730474126247409804263215884566,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 503639730933124820193278774953482029463,620112503730474126247409804263215884566,c34f21cfe162ce329654d565922e8c70
Content-Disposition: inline; filename="dwrbwyhg0yv53z4omtfw.webp"
Connection: keep-alive
Content-Length: 1810
X-Served-By: cache-iad-kcgs7200119-IAD, cache-iad-kiad7000098-IAD, cache-hhn4059-HHN
X-Cache: MISS, HIT, HIT
Last-Modified: Mon, 08 Mar 2021 18:00:34 GMT
Server: cloudinary
X-Timer: S1646153728.823224,VS0,VE1
Etag: "a581f7a87ca3cc4272567c4d47151e1a"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 1, 1

GET
H/1.1 200
OK ywktknujivvwroqjwvwt.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/ 2 KB
3 KB 46ms
7ms Image
image/webp 151.101.65.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/ywktknujivvwroqjwvwt.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: e10028c203c2f3a5076be0658619b783d8bc38828b132847fed040c3fae7ebb2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 01 Mar 2022 16:55:27 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 170445
Edge-Cache-Tag: 521737038458549100023802785905712304101,620112503730474126247409804263215884566,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 521737038458549100023802785905712304101,620112503730474126247409804263215884566,c34f21cfe162ce329654d565922e8c70
Status: 200 OK
Content-Disposition: inline; filename="ywktknujivvwroqjwvwt.webp"
Connection: keep-alive
Content-Length: 1876
X-Request-Id: 9897e61f5bfb214800deef126e038c9a
X-Served-By: cache-iad-kjyo7100071-IAD, cache-iad-kiad7000083-IAD, cache-hhn4031-HHN
X-Cache: MISS, HIT, HIT
Last-Modified: Sun, 27 Feb 2022 17:34:43 GMT
Server: cloudinary
X-Timer: S1646153728.823089,VS0,VE1
Etag: "1944504cf1303b9935f8198aaed3ef3f"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 1, 1

GET
H/1.1 200
OK kmi82ltgshxasyy61aqs.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/ 2 KB
3 KB 47ms
8ms Image
image/webp 151.101.65.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/kmi82ltgshxasyy61aqs.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: d83fdae84f130da1568e9b5a9815acb5b10c20b7d6240fc8fc59fe9ada4f4e2b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 01 Mar 2022 16:55:27 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 258674
Edge-Cache-Tag: 300698670061965312790593906884740803849,620112503730474126247409804263215884566,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 300698670061965312790593906884740803849,620112503730474126247409804263215884566,c34f21cfe162ce329654d565922e8c70
Status: 200 OK
Content-Disposition: inline; filename="kmi82ltgshxasyy61aqs.webp"
Connection: keep-alive
Content-Length: 1656
X-Request-Id: f4b976f6bbed222ea0cd9b101c91690c
X-Served-By: cache-iad-kcgs7200048-IAD, cache-iad-kcgs7200116-IAD, cache-hhn4074-HHN
X-Cache: MISS, HIT, HIT
Last-Modified: Sat, 26 Feb 2022 17:04:14 GMT
Server: cloudinary
X-Timer: S1646153728.823318,VS0,VE1
Etag: "807cfb7255a336b3b22774614b18434b"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 1, 1

GET
H/1.1 200
OK xoaqlyrqdqfldcnul3kg.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/ 1 KB
2 KB 48ms
8ms Image
image/webp 151.101.65.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/xoaqlyrqdqfldcnul3kg.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 82515c0f922258f4154443f676019e7a222f85afb23bc81ceb616ac055ac61bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 01 Mar 2022 16:55:27 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 2717383
Edge-Cache-Tag: 577822122912920262004273880752820954225,620112503730474126247409804263215884566,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 577822122912920262004273880752820954225,620112503730474126247409804263215884566,c34f21cfe162ce329654d565922e8c70
Content-Disposition: inline; filename="xoaqlyrqdqfldcnul3kg.webp"
Connection: keep-alive
Content-Length: 1292
X-Served-By: cache-iad-kiad7000128-IAD, cache-iad-kcgs7200138-IAD, cache-hhn4050-HHN
X-Cache: HIT, HIT, HIT
Last-Modified: Thu, 19 Aug 2021 17:26:13 GMT
Server: cloudinary
X-Timer: S1646153728.823269,VS0,VE1
Etag: "228d1d1d332588f027c1cf6bf8bec59e"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 1, 1, 1

GET
H/1.1 200
OK fbvmsdkuaqllhqaa8svo.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/ 1 KB
2 KB 50ms
8ms Image
image/webp 151.101.65.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/fbvmsdkuaqllhqaa8svo.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: c6a9563efc298908aaa1fbfe750739d7e2ddc36f5a32b33f66c9a045bc997e97

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 01 Mar 2022 16:55:27 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 1796541
Edge-Cache-Tag: 376478009509735034352339071327420009227,620112503730474126247409804263215884566,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 376478009509735034352339071327420009227,620112503730474126247409804263215884566,c34f21cfe162ce329654d565922e8c70
Content-Disposition: inline; filename="fbvmsdkuaqllhqaa8svo.webp"
Connection: keep-alive
Content-Length: 1278
X-Served-By: cache-iad-kjyo7100141-IAD, cache-iad-kjyo7100171-IAD, cache-hhn4050-HHN
X-Cache: MISS, HIT, HIT
Last-Modified: Wed, 29 Jul 2020 23:43:48 GMT
Server: cloudinary
X-Timer: S1646153728.825864,VS0,VE1
Etag: "eaf974c61e99bb67ea7ca3a0dc55e568"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 1, 1

GET
H/1.1 200
OK require-2.3.5.min.js Show response
www.therams.com/compiledassets/js/vendor/requirejs/ 17 KB
8 KB 163ms
163ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

55723e64f42b1751419803799a21651fdcfa9fb1df025344a07f5b619fc09155

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 0
Via: 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 7427
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9120-NF-LAS, cache-hhn4061-HHN
X-NFL-Dma: 276006
last-modified: Fri, 25 Feb 2022 20:57:58 GMT
server: envoy
X-Timer: S1646153728.813603,VS0,VE156
etag: "1d82a8a5e190a4a"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Tue, 01 Mar 2022 16:55:27 GMT
X-Cache-Hits: 0, 1

GET
DATA 200
OK truncated
/ 73 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 476e7eb397d8ad4c1c63798669d2b7011f69f14add6f5ad92d8df3ace8456355

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK All-ProSans--medium.woff2
www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/ 19 KB
20 KB 171ms
171ms Font
font/woff2 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/All-ProSans--medium.woff2

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/css/base.css?_t=d88dbc479573a51bd84878e5bd0cfe7c

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

dfa5fd01fac7951b11788f71c5d01fe9b567ffee4e04fe57315daf90da43df02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/compiledassets/css/base.css?_t=d88dbc479573a51bd84878e5bd0cfe7c
Origin: https://www.therams.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
Age: 0
origin-site: LV1
X-Cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 19348
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9120-NF-LAS, cache-sna10738-LGB, cache-hhn4051-HHN
X-NFL-Dma: 276006
last-modified: Fri, 25 Feb 2022 20:57:58 GMT
server: envoy
X-Timer: S1646153728.790379,VS0,VE164
etag: "1d82a8a5e190494"
Vary: X-NFL-Geo,Origin
content-type: font/woff2
access-control-allow-origin: https://www.therams.com
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Tue, 01 Mar 2022 16:55:27 GMT
X-Cache-Hits: 0, 0, 1

GET
H/1.1 200
OK All-ProSans--bold.woff2
www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/ 19 KB
20 KB 158ms
156ms Font
font/woff2 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/All-ProSans--bold.woff2

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/css/base.css?_t=d88dbc479573a51bd84878e5bd0cfe7c

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

55fde4bfab54152c832b0004120bf58a6962fa6e907063bc0ffea0cf22122dd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/compiledassets/css/base.css?_t=d88dbc479573a51bd84878e5bd0cfe7c
Origin: https://www.therams.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
Age: 0
origin-site: LA3
X-Cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 3
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 19284
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9123-NF-LAS, cache-lax10641-LGB, cache-hhn4051-HHN
X-NFL-Dma: 276006
last-modified: Fri, 25 Feb 2022 20:57:58 GMT
server: envoy
X-Timer: S1646153728.825919,VS0,VE150
etag: "1d82a8a5e190454"
Vary: X-NFL-Geo,Origin
content-type: font/woff2
access-control-allow-origin: https://www.therams.com
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Tue, 01 Mar 2022 16:55:27 GMT
X-Cache-Hits: 0, 0, 1

GET
H/1.1 200
OK All-ProSans--regular.woff2
www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/ 18 KB
19 KB 175ms
174ms Font
font/woff2 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/All-ProSans--regular.woff2

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/css/base.css?_t=d88dbc479573a51bd84878e5bd0cfe7c

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

187a6bf381cd0cef776ca2c409928045347b7d62324c73d65f32073a3a91f915

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/compiledassets/css/base.css?_t=d88dbc479573a51bd84878e5bd0cfe7c
Origin: https://www.therams.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
Age: 0
origin-site: LV1
X-Cache: MISS, HIT, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 18168
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9123-NF-LAS, cache-lax10676-LGB, cache-hhn4055-HHN
X-NFL-Dma: 276006
last-modified: Fri, 25 Feb 2022 20:57:58 GMT
server: envoy
X-Timer: S1646153728.826283,VS0,VE168
etag: "1d82a8a5e1909f8"
Vary: X-NFL-Geo,Origin
content-type: font/woff2
access-control-allow-origin: https://www.therams.com
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Tue, 01 Mar 2022 16:55:27 GMT
X-Cache-Hits: 0, 1, 1

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 23ms
23ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:55:27 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 227
etag: W/"0e269028feac530d16f00d8dad8ece74"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6e536b9f2c5e917c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 04 Mar 2022 16:55:27 GMT

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1646153727904
https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1646153727904

7 KB
3 KB

43ms
43ms

XHR
application/json

34.248.142.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1646153727904

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

HTTP/1.1

Server

34.248.142.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-248-142-13.eu-west-1.compute.amazonaws.com

Software

Resource Hash

250eb532dbc4525ada3ab433105a47caed8111909199623af25134af5195bd85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v028-086712121.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: uGYy5gSFRXM=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.therams.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1998
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v028-0f4e69597.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://www.therams.com
X-TID: otvESmbESPY=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1646153727904
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 33 KB
12 KB 7ms
7ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:55:27 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
etag: "f259ee6445c19c2ce3c64a1b117a4f35:1597270192.577101"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.therams.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12184
expires: Tue, 01 Mar 2022 17:55:27 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 3 KB
2 KB 8ms
8ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:55:27 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
etag: "5dedcda2c8a6c3a51fd419d306427010:1597270192.857753"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.therams.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1594
expires: Tue, 01 Mar 2022 17:55:27 GMT

GET
H2 200 AppMeasurement_Module_AudienceManagement.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 25 KB
9 KB 9ms
9ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_AudienceManagement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: e5f0058d3d737d25b691728bce12a7d0b77183781c936ca8152e28cacf9e6e3f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:55:27 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:53 GMT
server: AkamaiNetStorage
etag: "c8afb92bc0d997ba5b673367e69b9ff1:1597270193.156081"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.therams.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 8762
expires: Tue, 01 Mar 2022 17:55:27 GMT

GET
H/1.1 200
OK All-ProSans--light.woff2
www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/ 18 KB
19 KB 157ms
156ms Font
font/woff2 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/All-ProSans--light.woff2

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/css/base.css?_t=d88dbc479573a51bd84878e5bd0cfe7c

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

3d699a355a5d1e675af5663335726fc636aaeaacf75be421a35901874043a8e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/compiledassets/css/base.css?_t=d88dbc479573a51bd84878e5bd0cfe7c
Origin: https://www.therams.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
Age: 0
origin-site: LA3
X-Cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 18504
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9121-NF-LAS, cache-lax10672-LGB, cache-hhn4051-HHN
X-NFL-Dma: 276006
last-modified: Fri, 25 Feb 2022 20:57:58 GMT
server: envoy
X-Timer: S1646153728.966676,VS0,VE150
etag: "1d82a8a5e190748"
Vary: X-NFL-Geo,Origin
content-type: font/woff2
access-control-allow-origin: https://www.therams.com
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Tue, 01 Mar 2022 16:55:28 GMT
X-Cache-Hits: 0, 0, 1

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/3005386/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

14ms
14ms

Script
application/javascript

54.192.86.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: H2
Server: 54.192.86.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-86-19.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:30:42 GMT
content-encoding: gzip
etag: W/"5b0f9f0704a703b8da651007721fac57"
last-modified: Thu, 04 Mar 2021 13:31:34 GMT
server: AmazonS3
age: 1487
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d8c5e23736c47a3e5184b0a78042898e.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
x-amz-cf-id: 2U_XUoGF6xytKU7I5BNXVbgZfAY3wHS4wjT9yI2VoQWZK7Mi2XN_mg==

Redirect headers

date: Tue, 01 Mar 2022 16:55:28 GMT
via: 1.1 d8c5e23736c47a3e5184b0a78042898e.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: /internal-cs/default/beacon.js
content-length: 52
x-amz-cf-id: r5gPgDadLU71CyK-0YrT2cXHvQgpiMQfiTqubxLhWhAI6BBO_bF0iw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 102 KB
41 KB 166ms
73ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-861929325

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

62fbd09d6bec05c360433aea6fd1f69c3cc38625fc99720c3de548a8746d72be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:55:28 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41075
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 01 Mar 2022 16:55:28 GMT

GET
H/1.1 200
OK p.js Show response
d1z2jf7jlzjs58.cloudfront.net/keys/therams.com/ 66 KB
24 KB 120ms
42ms Script
application/javascript 13.227.220.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1z2jf7jlzjs58.cloudfront.net/keys/therams.com/p.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.220.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-220-113.ams54.r.cloudfront.net
Software: nginx /
Resource Hash: d68d0ec4538467639a78668e1c3ff4f364c9d5dc2b147050baafce989ff5e868

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 01 Mar 2022 05:24:50 GMT
Content-Encoding: gzip
Age: 41438
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Pragma: public
Last-Modified: Tue, 20 Apr 2021 20:53:44 GMT
Server: nginx
ETag: W/"607f3f58-10707"
Content-Type: application/javascript
Via: 1.1 46293c8f7848e2378b777a1f48183614.cloudfront.net (CloudFront)
Cache-Control: max-age=86400, public
X-Amz-Cf-Pop: AMS54-C1
X-Amz-Cf-Id: j8ATchiy1o4OEcm92FcLXf5ts73jriWSb8xySWWN3ghrLR6tPGCRtQ==
Expires: Wed, 02 Mar 2022 05:24:50 GMT

GET
H2 200 web Show response
onesignal.com/api/v1/sync/fde36100-f0c8-4d64-b942-75e4b965bf86/ 5 KB
2 KB 28ms
28ms Script
text/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/fde36100-f0c8-4d64-b942-75e4b965bf86/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

609dd23caf8f7839c095b0056b9f7f3437d5c09b5318572ef831a7abcf3d93b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:55:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2756
cf-polished: origSize=4687
status: 200 OK
x-envoy-upstream-service-time: 47
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: a794584e-dd5e-4c0b-b016-232e29c7bb5c
x-runtime: 0.045816
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"9df9bbd16a63542f271d0bb7420dd9ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 6e536ba01f2e917c-FRA
access-control-allow-headers: SDK-Version
expires: Tue, 01 Mar 2022 17:55:28 GMT

GET
H3 200 pubads_impl_2022022401.js Show response
securepubads.g.doubleclick.net/gpt/ 363 KB
121 KB 103ms
49ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022401.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

eb17a933f0977509c796b9055e3c140746326ecd3ec343dfa3614e8bdb1ac2f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 15:52:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3763
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124299
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 09:41:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 01 Mar 2023 15:52:45 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 100 B
114 B 105ms
53ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.therams.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

0a376bb4059b1fd056b475fe7f1b92bc27ac86fe4dc4f7f080cd91a119c0e08b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 01 Mar 2022 16:55:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89
x-xss-protection: 0
expires: Tue, 01 Mar 2022 16:55:28 GMT

GET
H/1.1 200
OK main.js Show response
www.therams.com/compiledassets/js/ 6 KB
2 KB 179ms
179ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/main.js?_t=f5bb613af6cc14fd2057e0d87110935d

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

be8c3c798ecced707ad68e445acdc515f441e8d0f8c26ac7c9c2f0d5ed513855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 0
Via: 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 1763
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9120-NF-LAS, cache-hhn4055-HHN
X-NFL-Dma: 276006
last-modified: Fri, 25 Feb 2022 21:06:19 GMT
server: envoy
X-Timer: S1646153728.059132,VS0,VE173
etag: "1d82a8b88b7cfd8"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Tue, 01 Mar 2022 16:55:28 GMT
X-Cache-Hits: 1, 1

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=3005386&cs_cmp_nc=1&cs_it=b2&cv=3.8.0.210223&ns__t=1646153728066&ns_c=UTF-8&c7=https%3A%2F%2Fwww.therams.com%2F&c8=Los%20Angeles%20Rams%20Home%20%7C%20Los...
https://sb.scorecardresearch.com/b2?c1=2&c2=3005386&cs_cmp_nc=1&cs_it=b2&cv=3.8.0.210223&ns__t=1646153728066&ns_c=UTF-8&c7=https%3A%2F%2Fwww.therams.com%2F&c8=Los%20Angeles%20Rams%20Home%20%7C%20Lo...

0
224 B

24ms
23ms

Image
text/plain

54.192.86.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=3005386&cs_cmp_nc=1&cs_it=b2&cv=3.8.0.210223&ns__t=1646153728066&ns_c=UTF-8&c7=https%3A%2F%2Fwww.therams.com%2F&c8=Los%20Angeles%20Rams%20Home%20%7C%20Los%20Angeles%20Rams%20-%20therams.com&c9=
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: H2
Server: 54.192.86.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-86-19.ams50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:55:28 GMT
via: 1.1 d8c5e23736c47a3e5184b0a78042898e.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: n7TM_GfXsTqsAk_1NBoXsbEOXZUp9rVa9enh2tRs5DPryyrJ9KtSTQ==
x-cache: Miss from cloudfront

Redirect headers

date: Tue, 01 Mar 2022 16:55:28 GMT
via: 1.1 d8c5e23736c47a3e5184b0a78042898e.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=3005386&cs_cmp_nc=1&cs_it=b2&cv=3.8.0.210223&ns__t=1646153728066&ns_c=UTF-8&c7=https%3A%2F%2Fwww.therams.com%2F&c8=Los%20Angeles%20Rams%20Home%20%7C%20Los%20Angeles%20Rams%20-%20therams.com&c9=
content-length: 259
x-amz-cf-id: 2kIQVBo3DTxpOKpn1SqiBS6YTacL8mfrh74rHSQaH7DMIqTUPNWuaA==

GET
H/1.1 200
OK dest5.html Show response
nfl.demdex.net/ Frame A664 7 KB
3 KB 116ms
27ms Document
text/html 34.255.107.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://nfl.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.255.107.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-255-107-204.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Tue, 1 Mar 2022 16:55:28 GMT
DCS: dcs-prod-irl1-1-v028-00e80f1a0.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Mon, 14 Feb 2022 15:44:39 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: smpiI3o/R+E=
Content-Length: 2791
Connection: keep-alive

GET
H2 200 id Show response
smetrics.nfl.com/ 48 B
505 B 79ms
17ms XHR
application/x-javascript 15.236.176.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.nfl.com/id?d_visid_ver=5.2.0&d_fieldgroup=A&mcorgid=F75C3025512D2C1D0A490D44%40AdobeOrg&mid=62235332403458014201561457095485805413&ts=1646153728098

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

15b3bb5cee62b497154271663edca3fb1574e676a2fa2d81e80640a25e148864

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 01 Mar 2022 16:55:28 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-cdfbd77b-v28j2
vary: Origin
x-c: main-1585.I7afc85.M0-540
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.therams.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=Yh5QAAAAALWGHgQp
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=62030311748104556671576419898913206234
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yh5QAAAAALWGHgQp

42 B
945 B

33ms
33ms

Image
image/gif

34.248.142.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yh5QAAAAALWGHgQp

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

HTTP/1.1

Server

34.248.142.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-248-142-13.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v028-001b3fc0c.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: yWrpQwgMQSs=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yh5QAAAAALWGHgQp
Date: Tue, 01 Mar 2022 16:55:28 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H2 200 delivery Show response
nflenterprises.tt.omtrdc.net/rest/v1/ 357 B
593 B 124ms
36ms XHR
application/json 54.228.10.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nflenterprises.tt.omtrdc.net/rest/v1/delivery?client=nflenterprises&sessionId=58e40e646d4f44b28484a1fd87d2ee31&version=2.4.1
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.228.10.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-228-10-200.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 298b2d5ed213f76dd7d1d3fc86f9285887cb1f9fe55653833b6151b74a5bca62

Request headers

Referer: https://www.therams.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 01 Mar 2022 16:55:28 GMT
content-encoding: gzip
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.therams.com
access-control-allow-credentials: true
timing-allow-origin: *
x-request-id: cdf83424ebda86fa8368694ef56a3a99

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
258 B 403ms
96ms Image
image/gif 52.205.167.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1646153728154&plid=16380724&idsite=therams.com&url=https%3A%2F%2Fwww.therams.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.therams.com%2F&sref=&sts=1646153728130&slts=0&title=Los+Angeles+Rams+Home+%7C+Los+Angeles+Rams+-+therams.com&date=Tue+Mar+01+2022+16%3A55%3A28+GMT%2B0000+(GMT)&action=pageview&pvid=22591682&u=pid%3D5a1e6801256da2cbeb7bd4eb4914fad8
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.167.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-167-202.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 01 Mar 2022 16:55:28 GMT
Cache-Control: no-cache
Last-Modified: Tuesday, 01-Mar-2022 16:55:28 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 166ms
69ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-861929325

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:55:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14879
x-xss-protection: 0
server: cafe
etag: 17635014576153706337
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 01 Mar 2022 16:55:28 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 94 KB
37 KB 114ms
60ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-122484269-1

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

328ebec5d3dcb20a208cdc364cc8fb61be2238dd49ca1aea040d41fd13f69faf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:55:28 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37538
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 01 Mar 2022 16:55:28 GMT

GET
H/1.1

200
OK

ibs:dpid=269&dpuuid=3aa9621e-5000-4a00-a7f6-0b01f443d771&ddsuuid=62030311748104556671576419898913206234
dpm.demdex.net/ Frame A664
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=62030311748104556671576419898913206234&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d62030311748104...
https://dpm.demdex.net/ibs:dpid=269&dpuuid=3aa9621e-5000-4a00-a7f6-0b01f443d771&ddsuuid=62030311748104556671576419898913206234

42 B
945 B

31ms
31ms

Image
image/gif

34.248.142.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=269&dpuuid=3aa9621e-5000-4a00-a7f6-0b01f443d771&ddsuuid=62030311748104556671576419898913206234

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

HTTP/1.1

Server

34.248.142.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-248-142-13.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v028-0f6565866.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 58T0Y7dnS+k=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date: Tue, 01 Mar 2022 16:55:28 GMT
Server: MT3 4172 645ee8c master cdg-pixel-x30 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dpm.demdex.net/ibs:dpid=269&dpuuid=3aa9621e-5000-4a00-a7f6-0b01f443d771&ddsuuid=62030311748104556671576419898913206234
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 01 Mar 2022 16:55:27 GMT

GET
H/1.1 200
OK requireModule.js Show response
www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/functions/ 982 B
1 KB 8ms
7ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/functions/requireModule.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

b3a0468ca1d69210db78aefafae46d1fd7efe8b3bfb43ac999b9398384b8dea7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1111033
Via: 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 539
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9122-NF-LAS, cache-hhn4055-HHN
X-NFL-Dma: 276006
last-modified: Wed, 16 Feb 2022 20:04:27 GMT
server: envoy
X-Timer: S1646153728.276503,VS0,VE1
etag: "1d823706679d456"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Tue, 01 Mar 2022 16:55:28 GMT
X-Cache-Hits: 2, 1

GET
H/1.1 200
OK intersectionObserver.js Show response
www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/functions/ 808 B
1 KB 8ms
7ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/functions/intersectionObserver.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

8182161d54abafd67e6e11122131bc2bcd65a4a86bf80617e655aa88265000f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1111109
Via: 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 428
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9122-NF-LAS, cache-hhn4051-HHN
X-NFL-Dma: 276006
last-modified: Wed, 16 Feb 2022 20:04:27 GMT
server: envoy
X-Timer: S1646153728.277117,VS0,VE1
etag: "1d823706679d4a8"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Tue, 01 Mar 2022 16:55:28 GMT
X-Cache-Hits: 2, 1

GET
H/1.1 200
OK adobeLaunch.js Show response
www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/modules/ 2 KB
2 KB 8ms
7ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/modules/adobeLaunch.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

590724305eb93b15b09eac9a534d173f727155ddb42c0a06275eec549f35a5f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1110946
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, HIT, HIT
x-envoy-upstream-service-time: 3
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 837
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9120-NF-LAS, cache-lax10625-LGB, cache-hhn4051-HHN
X-NFL-Dma: 276006
last-modified: Wed, 16 Feb 2022 20:04:27 GMT
server: envoy
X-Timer: S1646153728.276938,VS0,VE1
etag: "1d823706679dea5"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Tue, 01 Mar 2022 16:55:28 GMT
X-Cache-Hits: 0, 1, 1

GET
H/1.1 200
OK lazyload.js Show response
www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/modules/ 2 KB
2 KB 9ms
8ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/modules/lazyload.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

5377c77436bfcc620e2d5bebb1779b5daf63a9cabd28022ba959323d1d8e9b0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1111032
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: HIT, HIT, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 846
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9122-NF-LAS, cache-lax10666-LGB, cache-hhn4061-HHN
X-NFL-Dma: 276006
last-modified: Wed, 16 Feb 2022 20:04:27 GMT
server: envoy
X-Timer: S1646153728.276968,VS0,VE1
etag: "1d823706679d016"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Tue, 01 Mar 2022 16:55:28 GMT
X-Cache-Hits: 5, 1, 1

GET
H/1.1 200
OK gigya.js Show response
cdns.us1.gigya.com/js/ 401 KB
133 KB 46ms
8ms Script
text/javascript 2.18.234.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ
Requested by: Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.36 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-36.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fccb7d2df89b2d280cea57322dacf66f3e21ed05a773fcfce66abe6466b64ab0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 01 Mar 2022 16:55:28 GMT
Content-Encoding: gzip
Content-Type: text/javascript; charset=utf-8
x-soa: true, Gator
Vary: Accept-Encoding
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
Access-Control-Allow-Origin: *
x-callid: c4f5087a90db4118867a775f7fa67314
Cache-Control: public, max-age=900, s-maxage=3600
x-server: us1d-nomad-g8
Connection: keep-alive
x-robots-tag: none
Content-Length: 136037
Expires: Tue, 01 Mar 2022 17:10:28 GMT

GET
H/1.1 200
OK gigyaLoggedInChecker.js Show response
www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/modules/common/ 2 KB
2 KB 18ms
8ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/modules/common/gigyaLoggedInChecker.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

02930bc2b4c08b3da50de2d03d6374454b0ff8fbe111ae5463964d1bc251c939

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1111032
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: HIT, HIT, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 920
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9123-NF-LAS, cache-lax10681-LGB, cache-hhn4055-HHN
X-NFL-Dma: 276006
last-modified: Wed, 16 Feb 2022 20:04:27 GMT
server: envoy
X-Timer: S1646153728.286234,VS0,VE2
etag: "1d823706679d009"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Tue, 01 Mar 2022 16:55:28 GMT
X-Cache-Hits: 6, 1, 1

GET
H/1.1 200
OK oneSignalAdobeTracker.js Show response
www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/modules/ 907 B
1 KB 17ms
7ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/modules/oneSignalAdobeTracker.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

9491f3caca5118a6226c06230922aa60cc2f342dec29a728970daf1d73b107a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1111109
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: HIT, HIT, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 387
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9120-NF-LAS, cache-lax10679-LGB, cache-hhn4051-HHN
X-NFL-Dma: 276006
last-modified: Wed, 16 Feb 2022 20:04:27 GMT
server: envoy
X-Timer: S1646153728.286359,VS0,VE1
etag: "1d823706679d40b"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Tue, 01 Mar 2022 16:55:28 GMT
X-Cache-Hits: 2, 1, 1

GET
H/1.1 200
OK noconflict.js Show response
www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/modules/ 93 B
942 B 8ms
7ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/modules/noconflict.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

61ed9ec4c536d2eb2e32389cfff1656afce90aa7715968876853a1ac3439ca88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1111064
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: MISS, HIT, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 108
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9121-NF-LAS, cache-sna10742-LGB, cache-hhn4061-HHN
X-NFL-Dma: 276006
last-modified: Wed, 16 Feb 2022 20:04:27 GMT
server: envoy
X-Timer: S1646153728.289922,VS0,VE1
etag: "1d823706679d7dd"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Tue, 01 Mar 2022 16:55:28 GMT
X-Cache-Hits: 0, 1, 1

GET
H/1.1 200
OK adobeLaunchService.js Show response
www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/addons/services/ 180 B
942 B 90ms
89ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/addons/services/adobeLaunchService.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

a72891ab6e9b44ba1dab6cda81cb196e7a93913a05c7b8d772bbe35c402f14f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1111032
Via: 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 149
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9121-NF-LAS, cache-hhn4051-HHN
X-NFL-Dma: 276006
last-modified: Wed, 16 Feb 2022 20:04:27 GMT
server: envoy
X-Timer: S1646153728.290488,VS0,VE83
etag: "1d823706679d734"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Tue, 01 Mar 2022 16:55:28 GMT
X-Cache-Hits: 4, 1

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 29ms
8ms Script
application/javascript 2620:116:800d:21:3175:5196:e3fd:8c1d
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/gGpYeVwuEvd4w/www.therams.com/choice.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:3175:5196:e3fd:8c1d , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:55:28 GMT
content-encoding: gzip
etag: "yoD6mq4JTyPdtDBolW+GUg=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Tue, 08 Mar 2022 16:55:28 GMT

GET
H2 200 cmp2.js Show response
quantcast.mgr.consensu.org/tcfv2/ 178 KB
43 KB 16ms
16ms Script
text/javascript 2600:9000:21c7:3600:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.therams.com
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/gGpYeVwuEvd4w/www.therams.com/choice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21c7:3600:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 32ed95b190974ab3c06dcbfe84decbe46ba5bf9ef759aaad201b053d06342d9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:55:24 GMT
content-encoding: br
age: 41
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Thu, 03 Feb 2022 15:12:49 GMT
server: AmazonS3
etag: W/"654a79dfaa26ade386414ddc75ea4b75"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 b619a16f6f8fe9793bf642d2a8434284.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-meta-qc-ineu: True
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: Ox5v7eY_Cd-OwpoX7wsK_9xBoGUUGg_SooTXjiM5r-rGU0oBlQFDUg==

GET
H/1.1 200
OK navigation.js Show response
www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/modules/ 5 KB
3 KB 8ms
7ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/modules/navigation.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

229a2534529014c8d62688d11f598a6bfb826f82054827f6ab6633e186a608d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1111000
Via: 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 1979
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9120-NF-LAS, cache-hhn4055-HHN
X-NFL-Dma: 276006
last-modified: Wed, 16 Feb 2022 20:04:27 GMT
server: envoy
X-Timer: S1646153728.295088,VS0,VE1
etag: "1d823706679c254"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Tue, 01 Mar 2022 16:55:28 GMT
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK search.js Show response
www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/modules/ 2 KB
2 KB 12ms
12ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/modules/search.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

d5fff1784193807b9cd03e9babd9b017375f622351e7024b591e6b337295e47a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1111031
Via: 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 880
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9123-NF-LAS, cache-hhn4051-HHN
X-NFL-Dma: 276006
last-modified: Wed, 16 Feb 2022 20:04:27 GMT
server: envoy
X-Timer: S1646153728.296802,VS0,VE1
etag: "1d823706679d04f"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Tue, 01 Mar 2022 16:55:28 GMT
X-Cache-Hits: 4, 1

GET
H/1.1 200
OK live-game-yahoo-cta.js Show response
www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/modules/nfl-components/ 402 B
1 KB 10ms
7ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/modules/nfl-components/live-game-yahoo-cta.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

62395563f638a3227da0c4cfeefda13f053ee80277d24f3609117a5ad66bacb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1111032
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: HIT, HIT, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 288
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9123-NF-LAS, cache-lax10636-LGB, cache-hhn4020-HHN
X-NFL-Dma: 276006
last-modified: Wed, 16 Feb 2022 20:04:27 GMT
server: envoy
X-Timer: S1646153728.298169,VS0,VE1
etag: "1d823706679d612"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Tue, 01 Mar 2022 16:55:28 GMT
X-Cache-Hits: 1, 1, 1

GET
H/1.1 200
OK carousel.js Show response
www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/modules/ 3 KB
2 KB 11ms
9ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/modules/carousel.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

6bb6f27c495e42eac7fdc790ff75d0917228612e4fbc625ee84488df8f20e5f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1110941
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 3
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 1134
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9120-NF-LAS, cache-sna10745-LGB, cache-hhn4074-HHN
X-NFL-Dma: 276006
last-modified: Wed, 16 Feb 2022 20:04:27 GMT
server: envoy
X-Timer: S1646153728.298614,VS0,VE2
etag: "1d823706679dd92"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Tue, 01 Mar 2022 16:55:28 GMT
X-Cache-Hits: 0, 0, 1

GET
H/1.1 200
OK tabs.js Show response
www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/modules/ 822 B
1 KB 8ms
7ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/modules/tabs.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

a311e0ce6a3e817788f8596744acb7a698dea12d9307317b42382475a8f4aac4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1111018
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, HIT, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 471
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9122-NF-LAS, cache-sna10729-LGB, cache-hhn4061-HHN
X-NFL-Dma: 276006
last-modified: Wed, 16 Feb 2022 20:04:27 GMT
server: envoy
X-Timer: S1646153728.298165,VS0,VE1
etag: "1d823706679d4b6"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Tue, 01 Mar 2022 16:55:28 GMT
X-Cache-Hits: 0, 1, 1

GET
H/1.1 200
OK iconHelper.js Show response
www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/modules/ 530 B
1 KB 7ms
7ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/modules/iconHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

8bcd1a4901c7753af609970d77e8a023a889afdb02bb7ee6b343b05ca5069598

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1111032
Via: 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 86
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 380
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9121-NF-LAS, cache-hhn4055-HHN
X-NFL-Dma: 276006
last-modified: Wed, 16 Feb 2022 20:04:27 GMT
server: envoy
X-Timer: S1646153728.303509,VS0,VE1
etag: "1d823706679d592"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Tue, 01 Mar 2022 16:55:28 GMT
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK gigyaHelper.js Show response
www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/modules/helpers/ 3 KB
2 KB 12ms
9ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/modules/helpers/gigyaHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

798e9911a02d8cc29927bfceb1f617e25d4e8e4fb5435140419c6236f7b7f5b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1111032
Via: 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 1178
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9121-NF-LAS, cache-hhn4051-HHN
X-NFL-Dma: 276006
last-modified: Wed, 16 Feb 2022 20:04:27 GMT
server: envoy
X-Timer: S1646153728.314435,VS0,VE1
etag: "1d823706679dc87"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Tue, 01 Mar 2022 16:55:28 GMT
X-Cache-Hits: 5, 1

GET
H/1.1 200
OK accountButtonService.js Show response
www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/addons/services/ 465 B
1 KB 10ms
7ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/addons/services/accountButtonService.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

b25cb256e8187eba8e3e63bc4d6bb8faf1aa6ba285c63d31eb9e85100bfc5de8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1111032
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: MISS, HIT, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 241
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9120-NF-LAS, cache-lax10646-LGB, cache-hhn4074-HHN
X-NFL-Dma: 276006
last-modified: Wed, 16 Feb 2022 20:04:27 GMT
server: envoy
X-Timer: S1646153728.312528,VS0,VE1
etag: "1d823706679d651"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Tue, 01 Mar 2022 16:55:28 GMT
X-Cache-Hits: 0, 1, 1

GET
H/1.1 200
OK jquery-3.6.0.min.js Show response
www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/vendor/jquery/ 105 KB
40 KB 10ms
8ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/vendor/jquery/jquery-3.6.0.min.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

878796facbcbeadeddda79c14175bb3967519b61d1db46ae49a36b5dc84e5dd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1110937
Via: 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 4
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 39864
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9120-NF-LAS, cache-hhn4061-HHN
X-NFL-Dma: 276006
last-modified: Wed, 16 Feb 2022 20:04:27 GMT
server: envoy
X-Timer: S1646153728.312650,VS0,VE1
etag: "1d8237066787367"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Tue, 01 Mar 2022 16:55:28 GMT
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK LA
static.www.nfl.com/t_q-best/league/api/clubs/logos/ 8 KB
4 KB 53ms
7ms Image
image/svg+xml 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.www.nfl.com/t_q-best/league/api/clubs/logos/LA

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

bcec1a47d702627a87baa373da863f22a6133d09fabad9fa9182380dd654134e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 1621348
X-Cache: HIT, HIT
Server-Timing: fastly;dur=163;cpu=0;start=2022-02-10T22:33:00.024Z;desc=miss,rtt;dur=0,cloudinary;dur=160;start=2022-02-10T22:33:00.025Z
Content-Disposition: attachment; filename="LA"
Connection: keep-alive
Content-Length: 3390
Etag: W/"f3c7a18a8a089614f6d239bc13034f14"
X-Served-By: cache-iad-kiad7000059-IAD, cache-hhn4080-HHN
Access-Control-Allow-Origin: *
Last-Modified: Tue, 27 Oct 2020 18:38:40 GMT
Server: Cloudinary
X-Timer: S1646153728.355737,VS0,VE1
Date: Tue, 01 Mar 2022 16:55:28 GMT
Vary: Accept-Encoding
Content-Type: image/svg+xml
Via: 1.1 varnish, 1.1 varnish
Access-Control-Expose-Headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
Cache-Control: public, no-transform, immutable, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK gcybqmewpyphnr4kocrq
static.clubs.nfl.com/image/private/f_auto/rams/ 73 KB
74 KB 9ms
9ms Image
image/webp 151.101.65.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/f_auto/rams/gcybqmewpyphnr4kocrq
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 4d311058817ad7d8ef7f3497ff3c1a0fb36d9eb3ba16dbd66a2d444eaa05dfd0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 01 Mar 2022 16:55:28 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 1162508
Edge-Cache-Tag: 475927892034919877933306299992275130494,591084183525109384174561494082774581312,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 475927892034919877933306299992275130494,591084183525109384174561494082774581312,c34f21cfe162ce329654d565922e8c70
Status: 200 OK
Content-Disposition: inline; filename="gcybqmewpyphnr4kocrq.webp"
Connection: keep-alive
Content-Length: 75202
X-Request-Id: 8d130ec502e7532fb44bcf20a24ced82
X-Served-By: cache-iad-kiad7000111-IAD, cache-iad-kcgs7200144-IAD, cache-hhn4050-HHN
X-Cache: MISS, HIT, HIT
Last-Modified: Wed, 16 Feb 2022 06:00:21 GMT
Server: cloudinary
X-Timer: S1646153728.314032,VS0,VE1
Etag: "2501387da12303077147272a3fe286c5"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 1, 1

GET
H/1.1 200
OK browserHelper.js Show response
www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/modules/helpers/ 2 KB
2 KB 9ms
7ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/modules/helpers/browserHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

51f9f21b7ac45e48dea3f02ead3b3ed2151936f28cb0f7a3bf26af88bb30adb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1111031
Via: 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 761
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9123-NF-LAS, cache-hhn4051-HHN
X-NFL-Dma: 276006
last-modified: Wed, 16 Feb 2022 20:04:27 GMT
server: envoy
X-Timer: S1646153728.325438,VS0,VE1
etag: "1d823706679d1a0"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Tue, 01 Mar 2022 16:55:28 GMT
X-Cache-Hits: 0, 1

GET
H2

200

pixel.gif
load77.exelator.com/ Frame A664
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=62030311748104556671576419898913206234
https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=62030311748104556671576419898913206234&xl8blockcheck=1
https://load77.exelator.com/pixel.gif

43 B
332 B

38ms
6ms

Image
image/gif

2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: H2
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-77-nzt: AcO1ry8NPVf/Qp8BAA
x-accel-expires: @1647084222
date: Tue, 01 Mar 2022 16:55:28 GMT
etag: "59f0c3fc-2b"
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
x-77-nzt-ray: 2YYmAei9l7A
x-77-cache: HIT
content-type: image/gif
access-control-allow-origin: *
x-cache: HIT
x-age: 106306
accept-ranges: bytes
x-77-pop: frankfurtDE
content-length: 43

Redirect headers

date: Tue, 01 Mar 2022 16:55:28 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://load77.exelator.com/pixel.gif
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2 200 s16298206543696 Show response
smetrics.nfl.com/b/ss/nflglobal2016/10/JS-2.22.0-LBWB/ 7 KB
8 KB 42ms
40ms Script
application/x-javascript 15.236.176.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.nfl.com/b/ss/nflglobal2016/10/JS-2.22.0-LBWB/s16298206543696?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=1%2F2%2F2022%2016%3A55%3A28%202%200&d.&nsid=0&jsonv=1&.d&sdid=5EA6478A43DC7823-4FB8467BB42539F1&mid=62235332403458014201561457095485805413&aamlh=6&ce=UTF-8&pageName=rams%3Ahome%3Ahome%3Alanding&g=https%3A%2F%2Fwww.therams.com%2F&c.&visitorAPI=VisitorAPI%20Present&.c&cc=USD&ch=home&events=event1&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c2=home&v2=rams%3Ahome%3Ahome%3Alanding&v3=home&v4=false&c8=home&c12=desktop&v14=home&v20=2.0.0.0&c22=nflclubsrams&v24=desktop&v25=nflclubsrams&c33=rams&v33=rams&c48=pv&v48=english&c49=NFL%20Clubs%20-%20Launch%7Cv20200225%7C2.22.0%7C5.2.0%7C2021-12-23T00%3A09%3A53Z%7CServer%20Side%20ID%7C2.4.1&c50=D%3Dmid&v50=D%3Dmid&c51=D%3Dv49&c52=D%3Dv9&v57=https%3A%2F%2Fwww.therams.com%2F&c67=landing&v67=desktop&c71=Launch&c72=D%3Dv57&c73=D%3Dv73&v73=www.therams.com&v83=landing&v88=deltatre&v94=cp%20video&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=F75C3025512D2C1D0A490D44%40AdobeOrg&AQE=1

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

6d2f93e04bee266ab3f95be416648e386ccac91f7e7d8a8fd6ee59923b4a6a62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-aam-tid: mi/SDxPETFw=
date: Tue, 01 Mar 2022 16:55:28 GMT
x-content-type-options: nosniff
x-c: main-1585.I7afc85.M0-540
p3p: CP="This is not a P3P policy"
vary: *
content-length: 7501
x-xss-protection: 1; mode=block
dcs: dcs-prod-irl1-2-v028-04b4a07b1.edge-irl1.demdex.com UNKNOWN
pragma: no-cache
last-modified: Wed, 02 Mar 2022 16:55:28 GMT
server: jag
xserver: anedge-cdfbd77b-8sb7g
etag: 3535088213359296512-4619766018608773781
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Mon, 28 Feb 2022 16:55:28 GMT

GET
H2

200

react.production.min.js Show response
unpkg.com/react@17.0.2/umd/
Redirect Chain

https://unpkg.com/react@17/umd/react.production.min.js
https://unpkg.com/react@17.0.2/umd/react.production.min.js

11 KB
5 KB

23ms
23ms

Script
application/javascript

2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/react@17.0.2/umd/react.production.min.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

229bbf4d0e7488209564152c6723497f1ac3934136ca1684233d2fa88fa4146f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:55:28 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 111041
fly-request-id: 01FWZWMACD78CFC3EHSBR4PDD8-fra
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"2cb0-bAUYnMLQi7KnYJwALwZ1ycZw02I"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6e536ba2dbd1997b-FRA

Redirect headers

date: Tue, 01 Mar 2022 16:55:28 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01FX36419CAXN344XHVABB5W11-fra
server: cloudflare
age: 425
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /react@17.0.2/umd/react.production.min.js
cache-control: public, s-maxage=600, max-age=60
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6e536ba26ad8997b-FRA
access-control-allow-origin: *

GET
H2

200

react-dom.production.min.js Show response
unpkg.com/react-dom@17.0.2/umd/
Redirect Chain

https://unpkg.com/react-dom@17/umd/react-dom.production.min.js
https://unpkg.com/react-dom@17.0.2/umd/react-dom.production.min.js

118 KB
39 KB

35ms
35ms

Script
application/javascript

2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/react-dom@17.0.2/umd/react-dom.production.min.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9db33292007ab6c38527b39d5663e976a305564e19b2a5a8713ea2b2c00f505d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:55:28 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3056449
fly-request-id: 01FT83NF2W4B7KMC3HTVEFJV5P
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"1d709-vwi4rRrXPBKnycshGSbOI6hh2wc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6e536ba2dbd4997b-FRA

Redirect headers

date: Tue, 01 Mar 2022 16:55:28 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01FX363R5G9JF9N1T7VNCBCNSZ-fra
server: cloudflare
age: 434
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /react-dom@17.0.2/umd/react-dom.production.min.js
cache-control: public, s-maxage=600, max-age=60
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6e536ba26adc997b-FRA
access-control-allow-origin: *

GET
H/1.1 200
OK tabsCore.js Show response
www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/modules/core/ 1 KB
1 KB 8ms
7ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/modules/core/tabsCore.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

56cea23a191dfea947a52a2ab4f48064b680fbde67eb1f7830e86c4ec8164f45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1111019
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: HIT, MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 581
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9121-NF-LAS, cache-lax10655-LGB, cache-hhn4051-HHN
X-NFL-Dma: 276006
last-modified: Wed, 16 Feb 2022 20:04:27 GMT
server: envoy
X-Timer: S1646153728.365822,VS0,VE1
etag: "1d823706679d373"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Tue, 01 Mar 2022 16:55:28 GMT
X-Cache-Hits: 1, 0, 1

GET
H/1.1 200
OK carouselCore.js Show response
www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/modules/core/ 1 KB
1 KB 8ms
7ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/modules/core/carouselCore.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

804b5aa180e095fff2fa8ad389c57a1640e94e3084a28ff21610d6f85b6c0fe3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1110940
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: HIT, HIT, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 655
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9123-NF-LAS, cache-lax10628-LGB, cache-hhn4061-HHN
X-NFL-Dma: 276006
last-modified: Wed, 16 Feb 2022 20:04:27 GMT
server: envoy
X-Timer: S1646153728.365824,VS0,VE1
etag: "1d823706679d2f7"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Tue, 01 Mar 2022 16:55:28 GMT
X-Cache-Hits: 2, 1, 1

GET
H/1.1 200
OK keyboardNavigationService.js Show response
www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/modules/services/carousel/ 4 KB
2 KB 8ms
8ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/modules/services/carousel/keyboardNavigationService.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

bcd2cdc5985a1cac0f1ee443788c768f2f9a5524aafbe9b2e2b4456575b8f2b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1110940
Via: 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 1374
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9123-NF-LAS, cache-hhn4074-HHN
X-NFL-Dma: 276006
last-modified: Wed, 16 Feb 2022 20:04:27 GMT
server: envoy
X-Timer: S1646153728.365960,VS0,VE2
etag: "1d823706679d8bd"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Tue, 01 Mar 2022 16:55:28 GMT
X-Cache-Hits: 4, 1

GET
H/1.1 200
OK accountButtonService.js Show response
www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/addons/services/clubs/ 1 KB
1 KB 11ms
10ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/addons/services/clubs/accountButtonService.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

2a44537ffe33c438fcc6f49f4ee6a02be0daa467010273f3c10f8101bd570073

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1111031
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 575
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9120-NF-LAS, cache-sna10720-LGB, cache-hhn4055-HHN
X-NFL-Dma: 276006
last-modified: Wed, 16 Feb 2022 20:04:27 GMT
server: envoy
X-Timer: S1646153728.371751,VS0,VE1
etag: "1d823706679d3a9"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Tue, 01 Mar 2022 16:55:28 GMT
X-Cache-Hits: 0, 0, 1

GET
H/1.1 200
OK sha256.min.js Show response
www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/vendor/sha256/ 9 KB
5 KB 7ms
7ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/vendor/sha256/sha256.min.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

7157511697db744d384a5a2a8646af23f3c90560abf93bb240fdd690b29a898a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1110947
Via: 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 3
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 3888
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9121-NF-LAS, cache-hhn4020-HHN
X-NFL-Dma: 276006
last-modified: Wed, 16 Feb 2022 20:04:27 GMT
server: envoy
X-Timer: S1646153728.368838,VS0,VE1
etag: "1d823706679f4b9"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Tue, 01 Mar 2022 16:55:28 GMT
X-Cache-Hits: 2, 1

GET
H/1.1 200
OK nflTokenHelper.js Show response
www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/modules/helpers/ 4 KB
2 KB 129ms
129ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/modules/helpers/nflTokenHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

c98366a87bd0007a24b135bf9c39038ff3d7ea8d4c77f4222aa834f747afc6ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1111031
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: HIT, HIT, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 1551
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9120-NF-LAS, cache-sna10738-LGB, cache-hhn4074-HHN
X-NFL-Dma: 276006
last-modified: Wed, 16 Feb 2022 20:04:27 GMT
server: envoy
X-Timer: S1646153728.375221,VS0,VE122
etag: "1d823706679c755"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Tue, 01 Mar 2022 16:55:28 GMT
X-Cache-Hits: 2, 1, 1

GET
H2 200 cmp-list.json Show response
test.quantcast.mgr.consensu.org/GVL-v2/ 9 KB
3 KB 46ms
14ms XHR
application/json 2600:9000:21c7:7200:3:a4cd:8380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test.quantcast.mgr.consensu.org/GVL-v2/cmp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.therams.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21c7:7200:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 21588ff06c8d62213aeb662895a415609340053243492e0c8255388e969eca0e

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.therams.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 03:00:36 GMT
content-encoding: br
age: 50093
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Fri, 18 Feb 2022 19:52:29 GMT
server: AmazonS3
etag: W/"68deec44da0ca2810e7c67d67eec39ee"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: 6Hh9ZDukV2IFPYmvxSd.QbCotU.Q.Hfx
via: 1.1 697a26790d3ab8292d8546ca9be87bbc.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: AMS54-C1
content-type: application/json
x-amz-cf-id: gLsFAR9XRAb8YLxo5rzsuNV2ZIgSGB5-q68oX2Dm63YJJIyJ6usK3w==

GET
H/1.1 200
OK jquery.visible.min.js Show response
www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/vendor/jquery/plugins/ 803 B
1 KB 8ms
7ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/vendor/jquery/plugins/jquery.visible.min.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

5735dc0f41e6575b3c446749ff221fed891988e66b7313e985a0e9c0cfbea52b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1110937
Via: 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 443
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9120-NF-LAS, cache-hhn4051-HHN
X-NFL-Dma: 276006
last-modified: Wed, 16 Feb 2022 20:04:27 GMT
server: envoy
X-Timer: S1646153728.395145,VS0,VE1
etag: "1d823706679d4a3"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Tue, 01 Mar 2022 16:55:28 GMT
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK js.cookie.min.js Show response
www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/vendor/js-cookie/ 2 KB
2 KB 11ms
11ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/vendor/js-cookie/js.cookie.min.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

a1e8ff6e3433451a637658e81616852233d86684186eab93629b79c94d15b28f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1110937
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, HIT, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 1126
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9123-NF-LAS, cache-sna10749-LGB, cache-hhn4055-HHN
X-NFL-Dma: 276006
last-modified: Wed, 16 Feb 2022 20:04:27 GMT
server: envoy
X-Timer: S1646153728.397929,VS0,VE1
etag: "1d823706679d066"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Tue, 01 Mar 2022 16:55:28 GMT
X-Cache-Hits: 0, 1, 1

GET
H2 200 rules-p-gGpYeVwuEvd4w.js Show response
rules.quantcount.com/ 2 B
345 B 48ms
14ms Script
application/javascript 2600:9000:2204:4e00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-gGpYeVwuEvd4w.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2204:4e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:38:19 GMT
via: 1.1 d8c5e23736c47a3e5184b0a78042898e.cloudfront.net (CloudFront)
server: AmazonS3
age: 1028
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
x-amz-cf-pop: AMS50-C1
content-length: 2
x-amz-cf-id: ZxkbJ5nypanlptzSxkuOysFZqFlbttTHdEzboepjAA0lYYIM-TYOag==

GET
H2 200 sdk.config.get Show response
auth-id.nfl.com/ 4 KB
2 KB 337ms
259ms Fetch
text/javascript 54.240.168.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-id.nfl.com/sdk.config.get?apiKey=4_9uJbeFZZVmtKTfSv1bjUVQ&httpStatusCodes=true
Requested by: Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.240.168.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-240-168-32.ams54.r.cloudfront.net
Software: /
Resource Hash: 939d51b21aeb2d1ae41dc5224b9b988b5054f413cb01855af8f7a3a47a233d18

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:55:28 GMT
content-encoding: gzip
x-soa: true, Gator
x-amz-cf-pop: AMS54-C1
edge-cache-tag: siteid_748934946734
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
edge-control: !no-store,max-age=1h
x-cache: Miss from cloudfront
content-length: 1533
access-control-allow-origin: *
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 4e4c50c641418e6aad9ec09cb0f22844.cloudfront.net (CloudFront)
x-callid: ff49b2e32a764eaa990a2a8d57d0aee1
cache-control: public, s-maxage=3600, max-age=900
x-server: us1d-nomad-g5
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: y6mdkshUdXTMNqoPaQgJA3HjcWAuOQdhunapTavhYMPgMjzR5EO4cg==

GET
H/1.1 200
OK jquery.autocomplete.min.js Show response
www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/vendor/autocomplete/ 13 KB
6 KB 8ms
7ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/vendor/autocomplete/jquery.autocomplete.min.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

83b8975d97ad572af9b9c7bf861913699ac5d14f1ad14521e0ef5c451b71ac55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1110937
Via: 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 4972
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9121-NF-LAS, cache-hhn4055-HHN
X-NFL-Dma: 276006
last-modified: Wed, 16 Feb 2022 20:04:27 GMT
server: envoy
X-Timer: S1646153728.438593,VS0,VE1
etag: "1d823706679e51b"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Tue, 01 Mar 2022 16:55:28 GMT
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK md5.js Show response
www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/vendor/md5/ 4 KB
2 KB 8ms
7ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/vendor/md5/md5.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

eec3e00ec5297b3e3a9fdfda04e1eb3495b871c01db06e469146a731fd726f98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1110947
Via: 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 1714
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9122-NF-LAS, cache-hhn4051-HHN
X-NFL-Dma: 276006
last-modified: Wed, 16 Feb 2022 20:04:27 GMT
server: envoy
X-Timer: S1646153728.438644,VS0,VE1
etag: "1d823706679d8a6"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Tue, 01 Mar 2022 16:55:28 GMT
X-Cache-Hits: 4, 1

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 134ms
40ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-122484269-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4835
date: Tue, 01 Mar 2022 15:34:53 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 01 Mar 2022 17:34:53 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 22ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26236
x-xss-protection: 0
pragma: public
x-fb-debug: 2Ip/OErq0opR7zbjCuyO4r2jP32vFrNISl8vgq8UEeQchA+UJLWGSvEoPBQ2hmm9mPV0x6wPUPQV/ph+RuIKWQ==
x-fb-trip-id: 2050670934
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 01 Mar 2022 16:55:28 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 5191967.js Show response
js.hs-scripts.com/ 1 KB
959 B 446ms
429ms Script
application/javascript 2606:4700::6811:d2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/5191967.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c6281ee9e9b964d9d62e4b4e926cba710a182b5c29ea97e3d8d268225ea86a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:55:28 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
x-hubspot-correlation-id: e35b8148-1954-465d-8f83-0bd1288d9479
last-modified: Tue, 01 Mar 2022 16:52:25 GMT
server: cloudflare
x-trace: 2B56E21E30B996BEC7D7D07E11EC8A6DDCB0E48467000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.therams.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 6e536ba308209182-FRA
expires: Tue, 01 Mar 2022 16:56:28 GMT

GET
H2 200 cmp2ui-en.js Show response
quantcast.mgr.consensu.org/tcfv2/39/ 227 KB
55 KB 16ms
16ms Script
text/javascript 2600:9000:21c7:3600:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/39/cmp2ui-en.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.therams.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21c7:3600:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a6bdf620e64f6f9481b0b273e6365a133ce173c2feb8839cfb99542f0f7f518e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 02:49:33 GMT
content-encoding: br
age: 137156
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Thu, 03 Feb 2022 15:12:35 GMT
server: AmazonS3
etag: W/"58b24098a17406b31f4f22592394578b"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 b619a16f6f8fe9793bf642d2a8434284.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: qUgENPN-Ev93R32XSHV8LlGGEzuKrCqvBdR3KpJOmvCpP-XjkBVV_Q==

GET
H2 200 vendor-list-trimmed-v1.json Show response
quantcast.mgr.consensu.org/GVL-v2/ 283 KB
36 KB 44ms
16ms XHR
application/json 2600:9000:21c7:3600:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/GVL-v2/vendor-list-trimmed-v1.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.therams.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21c7:3600:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5a536c560589fc364daacce993cb96a9d60a30508a2fe008080f92c10a6decb0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 03:00:37 GMT
content-encoding: gzip
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 50092
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 01 Mar 2022 03:00:31 GMT
server: AmazonS3
etag: W/"a5d02ec8d0d1e0cc15146d64cc1f2526"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
via: 1.1 23776effa8a63b2e2dccd702e73b0c86.cloudfront.net (CloudFront)
cache-control: max-age=172800
access-control-allow-credentials: true
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: 5_3cq-ewZR9rillLZI9Uqs-k-xAsBns0019mFzPPCHUgJxoxMVk_dg==

GET
H2 200 google-atp-list.json Show response
quantcast.mgr.consensu.org/tcfv2/ 153 KB
36 KB 56ms
28ms XHR
application/json 2600:9000:21c7:3600:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/google-atp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.therams.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21c7:3600:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 95045347f438c2512764824b7bd997e68b8c18b06ef5c234962eba3b3024f6e8

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.therams.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 03:01:40 GMT
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 50029
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 01 Mar 2022 03:01:38 GMT
server: AmazonS3
etag: W/"e095029eba3dbb82040530a0e49b05ed"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
via: 1.1 23776effa8a63b2e2dccd702e73b0c86.cloudfront.net (CloudFront)
cache-control: max-age=172800
access-control-allow-credentials: true
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: BjsQg8CQqyjpRuCCbxk3FKIx0My8PCUAOa_CvoddYUQ2Z3AqigrHTg==

GET
H/1.1

200
OK

ibs:dpid=359&dpuuid=Du03Q9IK1Np5MA5
dpm.demdex.net/ Frame A664
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_
https://dpm.demdex.net/ibs:dpid=359&dpuuid=Du03Q9IK1Np5MA5

42 B
945 B

32ms
31ms

Image
image/gif

34.248.142.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=359&dpuuid=Du03Q9IK1Np5MA5

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

HTTP/1.1

Server

34.248.142.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-248-142-13.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v028-0ce455656.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: Z2rIdYGOQ7Y=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma: no-cache
Date: Tue, 01 Mar 2022 16:55:27 GMT
Server: PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-0ae965e2f8a6b4310@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://dpm.demdex.net/ibs:dpid=359&dpuuid=Du03Q9IK1Np5MA5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/861929325/ 2 KB
2 KB 156ms
59ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/861929325/?random=1646153728475&cv=9&fst=1646153728475&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2s0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.therams.com%2F&tiba=Los%20Angeles%20Rams%20Home%20%7C%20Los%20Angeles%20Rams%20-%20therams.com&hn=www.googleadservices.com&us_privacy=1---&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7aa262988bb9d0e46288f7c2ec332513b5a34e7a2fdf0b36f916a33231bb79ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Mar 2022 16:55:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1045
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK owl.carousel-2.3.4.min.js Show response
www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/vendor/owlcarousel2/ 49 KB
15 KB 9ms
9ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/vendor/owlcarousel2/owl.carousel-2.3.4.min.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

fabf02fa5b45b614d86acb2367ac45b4eb4f62a6e1b3437f8ef0d76b78d47ef9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1110799
Via: 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 14875
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9120-NF-LAS, cache-hhn4055-HHN
X-NFL-Dma: 276006
last-modified: Wed, 16 Feb 2022 20:04:27 GMT
server: envoy
X-Timer: S1646153728.483391,VS0,VE2
etag: "1d82370667914c9"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Tue, 01 Mar 2022 16:55:28 GMT
X-Cache-Hits: 3, 1

GET
H/1.1 200
OK locationHelper.js Show response
www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/modules/helpers/ 995 B
1 KB 7ms
7ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/modules/helpers/locationHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

2bc1e39bc42a6b22ca0750f79347faf3d5720cccd8a3d611682dc53f715c82dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1111031
Via: 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 502
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9121-NF-LAS, cache-hhn4051-HHN
X-NFL-Dma: 276006
last-modified: Wed, 16 Feb 2022 20:04:27 GMT
server: envoy
X-Timer: S1646153728.485474,VS0,VE1
etag: "1d823706679d463"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Tue, 01 Mar 2022 16:55:28 GMT
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK jt7rpzbfsakg7rybqpsd.jpg
static.clubs.nfl.com/image/upload/v1644747834/rams/ 525 KB
526 KB 10ms
9ms Image
image/jpeg 151.101.65.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/upload/v1644747834/rams/jt7rpzbfsakg7rybqpsd.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 55818a4e8f1db1716ecc411296c82f35fb9241f4fe74143c3d048c1921e13c5f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 01 Mar 2022 16:55:28 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 1074605
Edge-Cache-Tag: 432599695469455241371611311072902720030,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 432599695469455241371611311072902720030,c34f21cfe162ce329654d565922e8c70
X-Cache: HIT, HIT, HIT
Connection: keep-alive
Content-Length: 537817
X-Served-By: cache-iad-kiad7000112-IAD, cache-iad-kjyo7100172-IAD, cache-hhn4050-HHN
Last-Modified: Sun, 13 Feb 2022 10:23:55 GMT
Server: cloudinary
X-Timer: S1646153729.548818,VS0,VE2
Etag: "143791242bf4c6a71f4c04a3e3ad7237"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 1, 1, 1

GET
H/1.1 200
OK sdozabcfjeqx1cng3so3.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_8_desktop_mobile/f_auto/rams/ 66 KB
67 KB 8ms
7ms Image
image/webp 151.101.65.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_8_desktop_mobile/f_auto/rams/sdozabcfjeqx1cng3so3.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: ef467a9e4cb57447c359cf932be4cb6d62c74f3408888d210963502eb2ff1f8f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 01 Mar 2022 16:55:28 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 64286
Edge-Cache-Tag: 410313206463368692162549275314084912460,585147726592303587139188067252872359897,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 410313206463368692162549275314084912460,585147726592303587139188067252872359897,c34f21cfe162ce329654d565922e8c70
Status: 200 OK
Content-Disposition: inline; filename="sdozabcfjeqx1cng3so3.webp"
Connection: keep-alive
Content-Length: 67950
X-Request-Id: f7c9885a0445c5a872e9b7a880fd271f
X-Served-By: cache-iad-kiad7000161-IAD, cache-iad-kiad7000166-IAD, cache-hhn4053-HHN
X-Cache: MISS, HIT, HIT
Last-Modified: Mon, 28 Feb 2022 23:04:02 GMT
Server: cloudinary
X-Timer: S1646153729.548889,VS0,VE1
Etag: "84fd8cf4806a120d15722d5483963caa"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 1, 1

GET
H2 200 / Show response
audit-tcfv2.quantcast.mgr.consensu.org/ 2 B
101 B 25ms
8ms XHR
text/plain 3.69.18.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://audit-tcfv2.quantcast.mgr.consensu.org/?log=%7B%22accountId%22%3A%22gGpYeVwuEvd4w%22%2C%22domain%22%3A%22www.therams.com%22%2C%22publisher%22%3A%22Rams%20Web%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.39%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22%2Be9BB1ZFFULwYoeI9%2BVz%2FA%22%2C%22clientTimestamp%22%3A1646153728577%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-4wplvwaa9vdhxxqhayrf%22%7D
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/39/cmp2ui-en.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.69.18.111 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-18-111.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.therams.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 01 Mar 2022 16:55:28 GMT
content-length: 2
content-type: text/plain; charset=utf-8

GET
H3 200 604658169716205 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 228ms
219ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/604658169716205?v=2.9.52&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7ccd19e6e7a9b375559510bd2e53ea683543efd7f43f30d899d811ee754dbddd

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: YonahOFOVrBVrBKzrEzKwchQqS7fTGSd/i1hYirLId0Iw4z57TOe6KPnqv9pCyygH3eWMfwMoi0lO9WBcy7rzw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 01 Mar 2022 16:55:28 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=358&dpuuid=7037450098884816168
dpm.demdex.net/ Frame A664
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
https://dpm.demdex.net/ibs:dpid=358&dpuuid=7037450098884816168

42 B
945 B

31ms
31ms

Image
image/gif

34.248.142.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=358&dpuuid=7037450098884816168

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

HTTP/1.1

Server

34.248.142.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-248-142-13.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v028-096f3dd92.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: yr6KEUgiSEo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma: no-cache
Date: Tue, 01 Mar 2022 16:55:28 GMT
X-Proxy-Origin: 185.213.155.165; 185.213.155.165; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 8f83677d-1b0b-4583-a385-5916f09c7f33
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dpm.demdex.net/ibs:dpid=358&dpuuid=7037450098884816168
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 24ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=265163127283621&ev=Adobe-Audience-Manager-Segment&cd[segID]=8512423&noscript=1

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:55:28 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Tue, 01 Mar 2022 16:55:28 GMT

GET
H/1.1 200
OK NflUmdComponents.WatchLiveButtonsFallbackPromo.js Show response
p.nfltags.com/nfl/ 565 KB
176 KB 43ms
7ms Script
application/javascript 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://p.nfltags.com/nfl/NflUmdComponents.WatchLiveButtonsFallbackPromo.js
Requested by: Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: f8bc4699b2bb4f0c2c3bb9f7c655cbea402421cbb61ed1e1736d41d53b042791

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 01 Mar 2022 16:55:28 GMT
Content-Encoding: gzip
Age: 18
X-Cache: HIT
Connection: keep-alive
Content-Length: 179502
X-Served-By: cache-hhn4029-HHN
Access-Control-Allow-Origin: *
Last-Modified: Mon, 28 Feb 2022 20:51:51 GMT
Server: nginx/1.18.0
X-Timer: S1646153729.675758,VS0,VE1
ETag: W/"621d35e7-8d495"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 varnish
Expires: Tue, 01 Mar 2022 16:55:59 GMT
Cache-Control: max-age=30
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H/1.1 200
OK deferredService.js Show response
www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/modules/services/ 751 B
1 KB 8ms
7ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/modules/services/deferredService.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

2d347443d3ac1363e31281915b1a5a239c9905bfdbabb7f897dbb07ef981d71b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1111064
Via: 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 3
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 402
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9123-NF-LAS, cache-hhn4074-HHN
X-NFL-Dma: 276006
last-modified: Wed, 16 Feb 2022 20:04:27 GMT
server: envoy
X-Timer: S1646153729.644452,VS0,VE1
etag: "1d823706679d56f"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Tue, 01 Mar 2022 16:55:28 GMT
X-Cache-Hits: 3, 1

GET
H/1.1 200
OK stringHelper.js Show response
www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/modules/helpers/ 586 B
1 KB 8ms
7ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/modules/helpers/stringHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

788ab74adefb14b2710f86b1de56bc0040c935d09e5ba8a1825ca6d3c15dc8a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1111031
Via: 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 4
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 392
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9122-NF-LAS, cache-hhn4055-HHN
X-NFL-Dma: 276006
last-modified: Wed, 16 Feb 2022 20:04:27 GMT
server: envoy
X-Timer: S1646153729.644921,VS0,VE1
etag: "1d823706679d5ca"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Tue, 01 Mar 2022 16:55:28 GMT
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK dateHelper.js Show response
www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/modules/helpers/ 287 B
994 B 8ms
8ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/modules/helpers/dateHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

7fe19ed9f52e04a6932f63b7de463fd9c8593b2ddbcbd4469fe0db31a0fabf30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1111031
Via: 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 202
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9120-NF-LAS, cache-hhn4051-HHN
X-NFL-Dma: 276006
last-modified: Wed, 16 Feb 2022 20:04:27 GMT
server: envoy
X-Timer: S1646153729.644951,VS0,VE1
etag: "1d823706679d69f"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Tue, 01 Mar 2022 16:55:28 GMT
X-Cache-Hits: 2, 1

GET
H/1.1 200
OK objectHelper.js Show response
www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/modules/helpers/ 395 B
1 KB 14ms
14ms Script
application/javascript 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/modules/helpers/objectHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

ab2e2395cef5812ed20caae0b0a178b1edace5036be869f62709efbfbee0580f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 1111031
Via: 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 262
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9122-NF-LAS, cache-hhn4020-HHN
X-NFL-Dma: 276006
last-modified: Wed, 16 Feb 2022 20:04:27 GMT
server: envoy
X-Timer: S1646153729.650985,VS0,VE2
etag: "1d823706679d60b"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Tue, 01 Mar 2022 16:55:28 GMT
X-Cache-Hits: 0, 1

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 101ms
50ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=540638149&t=pageview&_s=1&dl=https%3A%2F%2Fwww.therams.com%2F&ul=en-us&de=UTF-8&dt=Los%20Angeles%20Rams%20Home%20%7C%20Los%20Angeles%20Rams%20-%20therams.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4GBAAUABAAAAAC~&jid=1090312100&gjid=1957183016&cid=1893906104.1646153729&tid=UA-122484269-1&_gid=846924628.1646153729&_r=1&gtm=2ou2s0&z=2001422005

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.therams.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 01 Mar 2022 16:55:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.therams.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/861929325/ 42 B
548 B 151ms
56ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/861929325/?random=1646153728475&cv=9&fst=1646150400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2s0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.therams.com%2F&tiba=Los%20Angeles%20Rams%20Home%20%7C%20Los%20Angeles%20Rams%20-%20therams.com&async=1&fmt=3&is_vtc=1&random=1182947609&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Mar 2022 16:55:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/861929325/ 42 B
548 B 151ms
56ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/861929325/?random=1646153728475&cv=9&fst=1646150400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2s0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.therams.com%2F&tiba=Los%20Angeles%20Rams%20Home%20%7C%20Los%20Angeles%20Rams%20-%20therams.com&async=1&fmt=3&is_vtc=1&random=1182947609&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Mar 2022 16:55:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 token Show response
api.nfl.com/identity/v2/ 991 B
1 KB 155ms
154ms Fetch
application/json 151.101.129.152
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.nfl.com/identity/v2/token
Requested by: Host: p.nfltags.com
URL: https://p.nfltags.com/nfl/NflUmdComponents.WatchLiveButtonsFallbackPromo.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: 7c93fbc1a408030d138623b8ad3f499a7a64601e4657564a559869497802ea7f

Request headers

Referer: https://www.therams.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 01 Mar 2022 16:55:29 GMT
via: 1.1 varnish, 1.1 varnish
origin-site: LV1
x-cache: MISS, MISS
x-envoy-upstream-service-time: 13
content-length: 991
x-served-by: cache-nf-las9123-NF-LAS, cache-hhn4025-HHN
server: envoy
x-timer: S1646153729.866122,VS0,VE148
vary: Accept-Encoding
access-control-allow-methods: PUT,POST,OPTIONS,GET,PATCH,DELETE
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: Authorization,Content-Type,Cache-Control,nfl_session
x-cache-hits: 0, 0

OPTIONS
H2 200 token
api.nfl.com/identity/v2/ Frame 0
0 48ms
7ms Preflight
text/html 151.101.129.152
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.nfl.com/identity/v2/token
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.therams.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Varnish
retry-after: 0
content-type: text/html
access-control-max-age: 600
accept-ranges: bytes
date: Tue, 01 Mar 2022 16:55:28 GMT
via: 1.1 varnish
x-served-by: cache-hhn4025-HHN
x-cache: HIT
x-cache-hits: 0
access-control-allow-origin: *
access-control-allow-methods: PUT,POST,OPTIONS,GET,PATCH,DELETE
access-control-allow-headers: Authorization,Content-Type,Cache-Control,nfl_session
content-length: 2

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 56ms
18ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-122484269-1&cid=1893906104.1646153729&jid=1090312100&gjid=1957183016&_gid=846924628.1646153729&_u=4GBAAUAAAAAAAC~&z=1121412077

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.therams.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 01 Mar 2022 16:55:28 GMT
content-type: text/plain
access-control-allow-origin: https://www.therams.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=470&dpuuid=8750454965806440114
dpm.demdex.net/ Frame A664
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
https://dpm.demdex.net/ibs:dpid=470&dpuuid=8750454965806440114

42 B
945 B

32ms
32ms

Image
image/gif

34.248.142.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=470&dpuuid=8750454965806440114

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

HTTP/1.1

Server

34.248.142.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-248-142-13.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v028-0d02bd033.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: +DeOO9jjQd8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=470&dpuuid=8750454965806440114
pragma: no-cache
date: Tue, 01 Mar 2022 16:55:28 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 17ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=971204136971632&ev=Adobe-Audience-Manager-Segment&cd[segID]=8512423;18940937&noscript=1

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:55:28 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Tue, 01 Mar 2022 16:55:28 GMT

GET
H2 200 Api.aspx Show response
auth-id.nfl.com/gs/webSdk/ Frame 3E04 111 KB
40 KB 299ms
261ms Document
text/html 54.240.168.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-id.nfl.com/gs/webSdk/Api.aspx?apiKey=4_9uJbeFZZVmtKTfSv1bjUVQ&version=latest&build=12833

Requested by

Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.240.168.32 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-240-168-32.ams54.r.cloudfront.net

Software

Resource Hash

fe79718c6d7060bdde704a42161787735669f3ee801eb3833212f16aad939e13

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/

Response headers

content-type: text/html; charset=utf-8
content-length: 40236
cache-control: public, s-maxage=3600, max-age=900
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-origin: *
edge-control: !no-store,max-age=1h
edge-cache-tag: siteid_748934946734,ver_latest
strict-transport-security: max-age=63072000; includeSubDomains; preload
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
x-soa: true, Gator
x-server: us1d-nomad-g5
x-callid: 108720529a704262b93e1524cb3755b0
date: Tue, 01 Mar 2022 16:55:29 GMT
accept-ranges: bytes
x-robots-tag: none
x-cache: Miss from cloudfront
via: 1.1 4b3bed207ec72204ebc89ae818e573ee.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: l6bTcTVF1SlHQuhZVBt7eHDGoKs6XKzp1Bi433WzHK8pr7md2c41dg==

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=604658169716205&ev=PageView&dl=https%3A%2F%2Fwww.therams.com%2F&rl=&if=false&ts=1646153728865&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&fbp=fb.1.1646153728864.332431973&it=1646153728600&coo=false&dpo=&exp=p1&rqm=GET

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:55:28 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Tue, 01 Mar 2022 16:55:28 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 122ms
68ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-122484269-1&cid=1893906104.1646153729&jid=1090312100&_u=4GBAAUAAAAAAAC~&z=308372040

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Mar 2022 16:55:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 119ms
66ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-122484269-1&cid=1893906104.1646153729&jid=1090312100&_u=4GBAAUAAAAAAAC~&z=308372040

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Mar 2022 16:55:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5191967.js Show response
js.hs-banner.com/ 61 KB
16 KB 435ms
407ms Script
text/javascript 2606:4700::6812:14bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/5191967.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5191967.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:14bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c795df01f38b55e2ade4c44e166975aeb921272a17953a2fffac160de9f5429

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:55:29 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: 6C14DPBRQ12EBQQN
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-id-2: O5R2fjSzCYky0zMQ/Vtx1+4Yx0ud53uKqUU7emFwmFuxOWhuWQjZhs4kA6Ddw9CsA9FF0hsz/jg=
timing-allow-origin: *
last-modified: Thu, 17 Feb 2022 21:19:13 GMT
server: cloudflare
etag: W/"693d3789adb1883f23d68ad6ead1b819"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: ZGuiug2nKejvO_6HS6qwNyogRk_BiKiS
access-control-allow-origin: https://www.therams.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 6e536ba5e9459293-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Tue, 01 Mar 2022 17:00:29 GMT

GET
H2 200 5191967.js Show response
js.hs-analytics.net/analytics/1646153700000/ 62 KB
20 KB 51ms
24ms Script
text/javascript 2606:4700::6811:47b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1646153700000/5191967.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5191967.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:47b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 493bb6607bca4f5e637018ddab955498f3ce1c80d0747e1264bfc7e16a912ac8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:55:28 GMT
content-encoding: br
cf-cache-status: HIT
age: 13
x-amz-server-side-encryption: AES256
x-amz-request-id: 9WQVNK5QEP1XVRF6
x-amz-id-2: jh3oLnWWS7TI4i5BYJxpt2zKZd8+rFPKyqEiA84L3cyTuiR88CIjxH98DahwgGGVHIuM8TGCS8I=
last-modified: Thu, 24 Feb 2022 12:23:06 GMT
server: cloudflare
etag: W/"ea8bc058947febad2a920dea2bc515da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
x-amz-version-id: null
cf-ray: 6e536ba5eeca9951-FRA
expires: Tue, 01 Mar 2022 17:00:15 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 534 KB
87 KB 79ms
51ms Script
application/javascript 2606:4700::6811:e8cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5191967.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e8cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 947d6c755989ac2b8e761deb8f7c3d38c30f9e01ce86b4ce1c8f3a2e1d1e5221

Request headers

Referer: https://www.therams.com/
Origin: https://www.therams.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:55:28 GMT
via: 1.1 9557da2570df16242f84a67f254d7f30.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 24700
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1080/bundle/main/lead-flows-release.js&cfRay=6e5110996a969b49-IAD
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 6e536ba5eff068ec-FRA
last-modified: Tue, 01 Mar 2022 09:57:40 UTC
server: cloudflare
etag: W/"57a8210ba9519a68ae76dcc1857db0f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: qE7M39zrJ2dCa.o34UdW.NnTPVZDG9U3
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD89-P1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: 9t2i-qgfHNMazMHBbPXGB6wBI5ioybMJA9AUVmYrYTAebL5mOtyHYg==
x-hs-target-asset: lead-flows-js/static-1.1080/bundle/main/lead-flows-release.js

GET
H2 403 homepage
us.connextra.com/dcs/tagController/tag/11935e1e2233/ 0
0 50ms
9ms Script
text/html 184.30.210.29
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://us.connextra.com/dcs/tagController/tag/11935e1e2233/homepage
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.210.29 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-210-29.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:55:28 GMT
content-length: 34
content-type: text/html

GET
H/1.1

200
OK

ibs:dpid=134096&dpuuid=2022030116552900013707678364
dpm.demdex.net/ Frame A664
Redirect Chain

https://x.dlx.addthis.com/e/demdex_sync?na_exid=62030311748104556671576419898913206234&ru=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%3Cna_id%3E%20
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2022030116552900013707678364

42 B
945 B

35ms
35ms

Image
image/gif

34.248.142.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2022030116552900013707678364

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

HTTP/1.1

Server

34.248.142.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-248-142-13.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v028-026847d37.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 0/J6WR82R2Y=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2022030116552900013707678364
pragma: no-cache
date: Tue, 01 Mar 2022 16:55:29 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Tue, 01 Mar 2022 16:55:29 GMT

GET /
adb2waycm-atl.netmng.com/cm/ Frame A664 0
0

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEIhVKDL6p7a2C5uRghIRgIQ&google_cver=1
dpm.demdex.net/ Frame A664
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NjIwMzAzMTE3NDgxMDQ1NTY2NzE1NzY0MTk4OTg5MTMyMDYyMzQ=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEIhVKDL6p7a2C5uRghIRgIQ&google_cver=1?gdpr=0&gdpr_consent=

42 B
945 B

34ms
34ms

Image
image/gif

34.248.142.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEIhVKDL6p7a2C5uRghIRgIQ&google_cver=1?gdpr=0&gdpr_consent=

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

HTTP/1.1

Server

34.248.142.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-248-142-13.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v028-0f6565866.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 4F0VQj3QThg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Tue, 01 Mar 2022 16:55:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEIhVKDL6p7a2C5uRghIRgIQ&google_cver=1?gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
analytics.twitter.com/i/ Frame A664 43 B
355 B 129ms
114ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_user_id=62030311748104556671576419898913206234&p_id=38594

Requested by

Host: www.therams.com
URL: https://www.therams.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-response-time: 108
date: Tue, 01 Mar 2022 16:55:29 GMT
server: tsa_o
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 467bcefbeef099c9eb8a826e2706a8c55060cbd12e6163f6e0891dbf84f9432b
content-length: 43

GET
H2 200 sdk.config.get Show response
auth-id.nfl.com/ Frame 3E04 4 KB
2 KB 257ms
256ms Fetch
text/javascript 54.240.168.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-id.nfl.com/sdk.config.get?apiKey=4_9uJbeFZZVmtKTfSv1bjUVQ&httpStatusCodes=true
Requested by: Host: auth-id.nfl.com
URL: https://auth-id.nfl.com/gs/webSdk/Api.aspx?apiKey=4_9uJbeFZZVmtKTfSv1bjUVQ&version=latest&build=12833
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.240.168.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-240-168-32.ams54.r.cloudfront.net
Software: /
Resource Hash: 939d51b21aeb2d1ae41dc5224b9b988b5054f413cb01855af8f7a3a47a233d18

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth-id.nfl.com/gs/webSdk/Api.aspx?apiKey=4_9uJbeFZZVmtKTfSv1bjUVQ&version=latest&build=12833
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:55:29 GMT
content-encoding: gzip
x-soa: true, Gator
x-amz-cf-pop: AMS54-C1
edge-cache-tag: siteid_748934946734
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
edge-control: !no-store,max-age=1h
x-cache: Miss from cloudfront
content-length: 1533
access-control-allow-origin: *
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 4b3bed207ec72204ebc89ae818e573ee.cloudfront.net (CloudFront)
x-callid: ff49b2e32a764eaa990a2a8d57d0aee1
cache-control: public, s-maxage=3600, max-age=900
x-server: us1d-nomad-g5
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: tILr7AgJbhMXV8uDX2Do_XL8U4oxK9nWjx1psMnt1XnL6_FO_87_QQ==

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame A664
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.everesttech.net%2F1x1%3F
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WWg1UUFBQUFBTFdHSGdRcA&url=/1/gr%3furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F&google_gid=CAESEBrUMfH7RDFDkEFAr0tCi5U&google_cver=1
https://pixel.everesttech.net/1x1

128 B
796 B

31ms
29ms

Image
image/png

34.246.234.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 34.246.234.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-234-200.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 01 Mar 2022 16:55:29 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b521-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Tue, 01 Mar 2022 16:55:29 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
959 B 198ms
171ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1163162232&v=1.1&a=5191967&rcu=https%3A%2F%2Fwww.therams.com%2F&pu=https%3A%2F%2Fwww.therams.com%2F&t=Los+Angeles+Rams+Home+%7C+Los+Angeles+Rams+-+therams.com&cts=1646153729377&vi=49e99effb8bfc490a9b8cb54ee95634d&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:55:29 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: f82e8ee1-c787-468e-92a0-70e7ee4b1f8b
cf-ray: 6e536ba8cad391d1-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1pfK2t32i31wDi3i02LMzppnSm07GnNcbwnG6VwJapX%2BrnqJmwkA78Np38BpfqUxBbXNK28BaIovqTFkzuQGzZ9N0qObdqNsJcFNnhduWmRWwMwma9Erm5LJkd2R7fSAXyf%2B2luj40xCNpVfj15O"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H/1.1 200
OK LA
static.www.nfl.com/t_q-best/league/api/clubs/logos/ 8 KB
4 KB 7ms
6ms Image
image/svg+xml 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.www.nfl.com/t_q-best/league/api/clubs/logos/LA

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/functions/intersectionObserver.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

bcec1a47d702627a87baa373da863f22a6133d09fabad9fa9182380dd654134e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 1621349
X-Cache: HIT, HIT
Server-Timing: fastly;dur=163;cpu=0;start=2022-02-10T22:33:00.024Z;desc=miss,rtt;dur=0,cloudinary;dur=160;start=2022-02-10T22:33:00.025Z
Content-Disposition: attachment; filename="LA"
Connection: keep-alive
Content-Length: 3390
Etag: W/"f3c7a18a8a089614f6d239bc13034f14"
X-Served-By: cache-iad-kiad7000059-IAD, cache-hhn4080-HHN
Access-Control-Allow-Origin: *
Last-Modified: Tue, 27 Oct 2020 18:38:40 GMT
Server: Cloudinary
X-Timer: S1646153729.394431,VS0,VE0
Date: Tue, 01 Mar 2022 16:55:29 GMT
Vary: Accept-Encoding
Content-Type: image/svg+xml
Via: 1.1 varnish, 1.1 varnish
Access-Control-Expose-Headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
Cache-Control: public, no-transform, immutable, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Cache-Hits: 1, 2

GET
H/1.1 200
OK gcybqmewpyphnr4kocrq
static.clubs.nfl.com/image/private/f_auto/rams/ 73 KB
74 KB 7ms
7ms Image
image/webp 151.101.65.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/f_auto/rams/gcybqmewpyphnr4kocrq
Requested by: Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/c13e74e23a978f13934c3ad0735ffbd3/functions/intersectionObserver.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 4d311058817ad7d8ef7f3497ff3c1a0fb36d9eb3ba16dbd66a2d444eaa05dfd0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 01 Mar 2022 16:55:29 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 1162509
Edge-Cache-Tag: 475927892034919877933306299992275130494,591084183525109384174561494082774581312,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 475927892034919877933306299992275130494,591084183525109384174561494082774581312,c34f21cfe162ce329654d565922e8c70
Status: 200 OK
Content-Disposition: inline; filename="gcybqmewpyphnr4kocrq.webp"
Connection: keep-alive
Content-Length: 75202
X-Request-Id: 8d130ec502e7532fb44bcf20a24ced82
X-Served-By: cache-iad-kiad7000111-IAD, cache-iad-kcgs7200144-IAD, cache-hhn4050-HHN
X-Cache: MISS, HIT, HIT
Last-Modified: Wed, 16 Feb 2022 06:00:21 GMT
Server: cloudinary
X-Timer: S1646153729.394453,VS0,VE0
Etag: "2501387da12303077147272a3fe286c5"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 1, 2

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=604658169716205&ev=Microdata&dl=https%3A%2F%2Fwww.therams.com%2F&rl=&if=false&ts=1646153729394&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Los%20Angeles%20Rams%20Home%20%7C%20Los%20Angeles%20Rams%20-%20therams.com%22%2C%22meta%3Adescription%22%3A%22Los%20Angeles%20Rams%20Home%3A%20Official%20team%20site%20with%20news%2C%20videos%2C%20photos%2C%20schedule%2C%20roster%2C%20depth%20charts%2C%20transactions%2C%20statistics%2C%20player%20profiles%20and%20ticket%20info.%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Official%20Site%20of%20the%20Los%20Angeles%20Rams%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.therams.com%2F%22%2C%22og%3Alocale%22%3A%22en-US%22%2C%22og%3Aimage%22%3A%22%22%2C%22og%3Aimage%3Atype%22%3A%22image%2Fjpeg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.52&r=stable&ec=1&o=30&fbp=fb.1.1646153728864.332431973&it=1646153728600&coo=false&dpo=&es=automatic&tm=3&exp=p1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:55:29 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Tue, 01 Mar 2022 16:55:29 GMT

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 167 B
1 KB 151ms
132ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=5191967&utk=49e99effb8bfc490a9b8cb54ee95634d&__hstc=121074455.49e99effb8bfc490a9b8cb54ee95634d.1646153729375.1646153729375.1646153729375.1&__hssc=121074455.1.1646153729375&currentUrl=https%3A%2F%2Fwww.therams.com%2F

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1c839d0fb2d53950de2889d2e7d9a7a491feff06f8e049e11dc912b20d09e7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:55:29 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 4e73069c-c0cb-41bc-a9d5-8d43fcd6fca8
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag: none
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nO%2F1IPCoDTDqu%2FcKyFhgS1MXy1TVidfmLirgS0YQZfM9m4PL8A6U9ojQtV3seKLj6bIpvagoBYBohC8y%2FlzKcz3jFr2763AdUxpXVWp9TpvRMKzI%2BOOeTMHWITM0pH%2Bcnl3GjMl5re3LpPS0XcVB"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.therams.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 6e536ba91df9915e-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame A664
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072980%26val%3D__EFGSURFER__.__EFGCK__
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WWg1UUFBQUFBTFdHSGdRcA&url=/1/gr%3furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEB...
https://pixel.everesttech.net/1x1

128 B
796 B

30ms
29ms

Image
image/png

34.246.234.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 34.246.234.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-234-200.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 01 Mar 2022 16:55:29 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b521-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Tue, 01 Mar 2022 16:55:29 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame A664
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fib.adnxs.com%2Fpxj%3Faction%3Dsetuid(%27__EFGSURFER__.__EFGCK__%27)%26bidder%3D51%26seg%3D2634060der%3D51%26seg%3D2634060
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WWg1UUFBQUFBTFdHSGdRcA&url=/1/gr%3furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%25...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D26...
https://pixel.everesttech.net/1x1

128 B
691 B

30ms
29ms

Image
image/png

34.246.234.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 34.246.234.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-234-200.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 01 Mar 2022 16:55:29 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b521-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Tue, 01 Mar 2022 16:55:29 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 accounts.webSdkBootstrap Show response
auth-id.therams.com/ 199 B
1 KB 485ms
384ms XHR
text/javascript 54.192.86.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-id.therams.com/accounts.webSdkBootstrap?apiKey=4_9uJbeFZZVmtKTfSv1bjUVQ&pageURL=https%3A%2F%2Fwww.therams.com%2F&sdk=js_latest&sdkBuild=12833&format=json
Requested by: Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.86.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-86-50.ams50.r.cloudfront.net
Software: /
Resource Hash: 28c8e9e712c6ecf99a5b779e911923ead491c4639be0969f35c998811bd8272f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:55:29 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
x-soa: true, Gator
x-amz-cf-pop: AMS50-C1
x-cache: Miss from cloudfront
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
content-length: 167
access-control-allow-origin: https://www.therams.com
access-control-max-age: 86400
access-control-allow-methods: GET,PUT,DELETE,HEAD,OPTIONS,POST,PATCH
content-type: text/javascript; charset=utf-8
via: 1.1 66dd60a280ca9f6b133d158ccf4dd40a.cloudfront.net (CloudFront)
x-callid: aeaf48311dd14c7ab43ae8cbaca9426c
cache-control: private
x-server: us1d-nomad-g8
access-control-allow-credentials: true
x-robots-tag: none
x-amz-cf-id: DwOdkrO4ebTrB4W4dnPGCOe9NGku6TVDUsFdLKEmmn6pCWb0fn8e0w==

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame A664
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fexpires%3D30%26nid%3D2181%26put%3D__EFGSURFER__.__EFGCK__%26v%3D11782
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WWg1UUFBQUFBTFdHSGdRcA&url=/1/gr%3furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpir...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2...
https://pixel.everesttech.net/1x1

128 B
691 B

30ms
29ms

Image
image/png

34.246.234.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 34.246.234.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-234-200.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 01 Mar 2022 16:55:29 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b521-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Tue, 01 Mar 2022 16:55:29 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame A664
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%3D%26piggybackCookie%3D__EFGSURFER__.__EFGCK__
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WWg1UUFBQUFBTFdHSGdRcA&url=/1/gr%3furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fv...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggyb...
https://pixel.everesttech.net/1x1

128 B
691 B

30ms
29ms

Image
image/png

34.246.234.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 34.246.234.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-234-200.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 01 Mar 2022 16:55:29 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "36b521-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Tue, 01 Mar 2022 16:55:29 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

ibs:dpid=903&dpuuid=b7ef8c92-61cb-422b-a248-9ff49c3ca367
dpm.demdex.net/ Frame A664
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
https://dpm.demdex.net/ibs:dpid=903&dpuuid=b7ef8c92-61cb-422b-a248-9ff49c3ca367

42 B
945 B

41ms
40ms

Image
image/gif

34.248.142.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=903&dpuuid=b7ef8c92-61cb-422b-a248-9ff49c3ca367

Protocol

HTTP/1.1

Server

34.248.142.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-248-142-13.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v028-01aae059a.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: JD7sR9p8TI0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Tue, 01 Mar 2022 16:55:29 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dpm.demdex.net/ibs:dpid=903&dpuuid=b7ef8c92-61cb-422b-a248-9ff49c3ca367
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 189

GET
H2

404

sync
pixel.advertising.com/ups/28/ Frame A664
Redirect Chain

https://pixel.advertising.com/ups/28/sync?uid=62030311748104556671576419898913206234&_origin=1&redir=true
https://pixel.advertising.com/ups/28/sync?uid=62030311748104556671576419898913206234&_origin=1&redir=true&verify=true

0
255 B

24ms
24ms

Image
text/plain

52.59.131.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/28/sync?uid=62030311748104556671576419898913206234&_origin=1&redir=true&verify=true

Protocol

Server

52.59.131.166 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-59-131-166.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:55:29 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://pixel.advertising.com/ups/28/sync?uid=62030311748104556671576419898913206234&_origin=1&redir=true&verify=true
date: Tue, 01 Mar 2022 16:55:29 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame A664
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D71%26external_user_id%3D__EFGSURFER__.__EFGCK__
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WWg1UUFBQUFBTFdHSGdRcA&url=/1/gr%3furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__&google_...
https://pixel.everesttech.net/1x1

128 B
691 B

30ms
29ms

Image
image/png

34.246.234.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 34.246.234.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-234-200.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 01 Mar 2022 16:55:30 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "36b51f-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Tue, 01 Mar 2022 16:55:30 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 sso.htm Show response
auth-id.nfl.com/gs/ Frame 9A36 78 KB
28 KB 260ms
260ms Document
text/html 54.240.168.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=12833

Requested by

Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.240.168.32 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-240-168-32.ams54.r.cloudfront.net

Software

Resource Hash

bb17e24c74e06e8b0b21efd79b1b8c9d2e39d27e33520fb6841a3e8b0af04a65

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/

Response headers

content-type: text/html; charset=utf-8
content-length: 28491
cache-control: public, s-maxage=3600, max-age=900
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-origin: *
edge-control: !no-store,max-age=1h
edge-cache-tag: siteid_7827621,ver_latest
strict-transport-security: max-age=63072000; includeSubDomains; preload
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
x-soa: true, Gator
x-server: us1d-nomad-g14
x-callid: 43f375eead374cd6b6589d7a2243b6b1
date: Tue, 01 Mar 2022 16:55:30 GMT
accept-ranges: bytes
x-robots-tag: none
x-cache: Miss from cloudfront
via: 1.1 4b3bed207ec72204ebc89ae818e573ee.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: _raCMcBRUGshEOnzbyEkOrf9UbqAkY124F3sOmCcal52dRQgrEXdzA==

GET
H2 200 sso.htm Show response
auth-id.nfl.com/gs/ Frame 35A1 78 KB
28 KB 257ms
257ms Document
text/html 54.240.168.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=12833

Requested by

Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.240.168.32 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-240-168-32.ams54.r.cloudfront.net

Software

Resource Hash

bb17e24c74e06e8b0b21efd79b1b8c9d2e39d27e33520fb6841a3e8b0af04a65

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/

Response headers

content-type: text/html; charset=utf-8
content-length: 28491
cache-control: public, s-maxage=3600, max-age=900
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-origin: *
edge-control: !no-store,max-age=1h
edge-cache-tag: siteid_7827621,ver_latest
strict-transport-security: max-age=63072000; includeSubDomains; preload
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
x-soa: true, Gator
x-server: us1d-nomad-g14
x-callid: 43f375eead374cd6b6589d7a2243b6b1
date: Tue, 01 Mar 2022 16:55:30 GMT
accept-ranges: bytes
x-robots-tag: none
x-cache: Miss from cloudfront
via: 1.1 4b3bed207ec72204ebc89ae818e573ee.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: WP1Pke3LLD1rsWywARj5v1Gjn4nKnl2BJWnxULZGK4yXXL_M6QJOCQ==

GET
H/1.1

200
OK

ibs:dpid=28645&dpuuid=hZ4S3U2f-PO0kFQR8l0Ia-QQD_GHyrBe&gdpr=0&gdpr_consent=
dpm.demdex.net/ Frame A664
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
https://gum.criteo.com/sync?s=1&c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=hZ4S3U2f-PO0kFQR8l0Ia-QQD_GHyrBe&gdpr=0&gdpr_consent=

42 B
945 B

31ms
30ms

Image
image/gif

34.248.142.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=28645&dpuuid=hZ4S3U2f-PO0kFQR8l0Ia-QQD_GHyrBe&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

34.248.142.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-248-142-13.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v028-03c8e435b.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: Rp7oXUoMRNU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=hZ4S3U2f-PO0kFQR8l0Ia-QQD_GHyrBe&gdpr=0&gdpr_consent=
date: Tue, 01 Mar 2022 16:55:29 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 4317
content-length: 227
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
dpm.demdex.net/ Frame A664
Redirect Chain

https://ps.eyeota.net/match?bid=6j5b2cv&uid=62030311748104556671576419898913206234&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

42 B
963 B

29ms
29ms

Image
image/gif

34.248.142.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

Protocol

HTTP/1.1

Server

34.248.142.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-248-142-13.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v028-0f4e69597.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-Error: 303,104
X-TID: BJ1iETbITjo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=30064&dpuuid={UUID_6j5b2cv}
Date: Tue, 01 Mar 2022 16:55:30 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H/1.1

200
OK

ibs:dpid=30646
dpm.demdex.net/ Frame A664
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=62030311748104556671576419898913206234&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-2ScGTipE2pHfC4nMAtxGxSN.tDztG_MARho-~A

42 B
945 B

31ms
31ms

Image
image/gif

34.248.142.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-2ScGTipE2pHfC4nMAtxGxSN.tDztG_MARho-~A

Protocol

HTTP/1.1

Server

34.248.142.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-248-142-13.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v028-0f60f1ee2.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: tlI4rJ64Q38=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Tue, 01 Mar 2022 16:55:30 GMT
via: http/1.1 spdc0109.pbp.ir2.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
strict-transport-security: max-age=31536000
content-type: text/html;charset=utf-8
location: https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-2ScGTipE2pHfC4nMAtxGxSN.tDztG_MARho-~A
content-length: 0

GET
H2 200 v2
odr.mookie1.com/t/ Frame A664 43 B
324 B 60ms
19ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2?tagid=V2_676804&src.visitorId=62030311748104556671576419898913206234&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Mar 2022 16:55:30 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 sdk.config.get Show response
auth-id.nfl.com/ Frame 35A1 4 KB
2 KB 255ms
255ms Fetch
text/javascript 54.240.168.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-id.nfl.com/sdk.config.get?apiKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&httpStatusCodes=true
Requested by: Host: auth-id.nfl.com
URL: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=12833
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.240.168.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-240-168-32.ams54.r.cloudfront.net
Software: /
Resource Hash: e72f57ca4fae11964712516fc7bb29ecec8d5352da39d7f662a64c0fc3f9ec5b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=12833
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:55:30 GMT
content-encoding: gzip
x-soa: true, Gator
x-amz-cf-pop: AMS54-C1
edge-cache-tag: siteid_7827621
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
edge-control: !no-store,max-age=1h
x-cache: Miss from cloudfront
content-length: 1529
access-control-allow-origin: *
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 4b3bed207ec72204ebc89ae818e573ee.cloudfront.net (CloudFront)
x-callid: 7ab878d5d89746eab2104d78e467eb8b
cache-control: public, s-maxage=3600, max-age=900
x-server: us1d-nomad-g15
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: w_fca53PBFexGnCqn1sLS9u_eIVpHyXWqXk85Fu431SH7wW0k5LYAQ==

GET
H2 200 sdk.config.get Show response
auth-id.nfl.com/ Frame 9A36 4 KB
2 KB 263ms
263ms Fetch
text/javascript 54.240.168.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-id.nfl.com/sdk.config.get?apiKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&httpStatusCodes=true
Requested by: Host: auth-id.nfl.com
URL: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=12833
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.240.168.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-240-168-32.ams54.r.cloudfront.net
Software: /
Resource Hash: e72f57ca4fae11964712516fc7bb29ecec8d5352da39d7f662a64c0fc3f9ec5b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=12833
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:55:30 GMT
content-encoding: gzip
x-soa: true, Gator
x-amz-cf-pop: AMS54-C1
edge-cache-tag: siteid_7827621
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
edge-control: !no-store,max-age=1h
x-cache: Miss from cloudfront
content-length: 1529
access-control-allow-origin: *
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 4b3bed207ec72204ebc89ae818e573ee.cloudfront.net (CloudFront)
x-callid: 7ab878d5d89746eab2104d78e467eb8b
cache-control: public, s-maxage=3600, max-age=900
x-server: us1d-nomad-g15
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: C3VGJ2eTVHNXyBcSUV8ojEyA4igCzOV-phwmPlRp3A2kgfMxZzvxlg==

GET
H2

204

v1
ads.yahoo.com/cms/ Frame A664
Redirect Chain

https://cm.everesttech.net/cm/yh
https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=Yh5QAAAAALWGHgQp&sigv=1&esig=1~a745df55641057a5f0eda38b3d5dc74df765b357

0
194 B

73ms
21ms

Image
text/plain

2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=Yh5QAAAAALWGHgQp&sigv=1&esig=1~a745df55641057a5f0eda38b3d5dc74df765b357

Protocol

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:55:30 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=Yh5QAAAAALWGHgQp&sigv=1&esig=1~a745df55641057a5f0eda38b3d5dc74df765b357
Date: Tue, 01 Mar 2022 16:55:30 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A664
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWg1UUFBQUFBTFdHSGdRcA==

170 B
188 B

69ms
68ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWg1UUFBQUFBTFdHSGdRcA==

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Mar 2022 16:55:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 01 Mar 2022 16:55:30 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1646153731.668718,VS0,VE0
x-served-by: cache-hhn4082-HHN
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWg1UUFBQUFBTFdHSGdRcA==
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame A664
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Yh5QAAAAALWGHgQp&expires=90

0
239 B

377ms
94ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Yh5QAAAAALWGHgQp&expires=90
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: f69a50991384d09413b97a37bb74928b
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 01 Mar 2022 16:55:30 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1646153731.758317,VS0,VE0
x-served-by: cache-hhn4082-HHN
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Yh5QAAAAALWGHgQp&expires=90
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 sso.htm Show response
auth-id.nfl.com/gs/ Frame 3813 78 KB
28 KB 103ms
102ms Document
text/html 54.240.168.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=12833

Requested by

Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.240.168.32 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-240-168-32.ams54.r.cloudfront.net

Software

Resource Hash

bb17e24c74e06e8b0b21efd79b1b8c9d2e39d27e33520fb6841a3e8b0af04a65

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/

Response headers

content-type: text/html; charset=utf-8
content-length: 28491
cache-control: public, s-maxage=3600, max-age=900
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-origin: *
edge-control: !no-store,max-age=1h
edge-cache-tag: siteid_7827621,ver_latest
strict-transport-security: max-age=63072000; includeSubDomains; preload
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
x-soa: true, Gator
x-server: us1d-nomad-g14
x-callid: 43f375eead374cd6b6589d7a2243b6b1
date: Tue, 01 Mar 2022 16:55:30 GMT
accept-ranges: bytes
x-robots-tag: none
x-cache: Miss from cloudfront
via: 1.1 4b3bed207ec72204ebc89ae818e573ee.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: HViYNwJEa-14CUPn6oWrnZfNBgK2ZYfeF08Abhn8UqfnPWjhccJl2A==

GET
H2 200 client.js Show response
apis.google.com/js/ 14 KB
6 KB 155ms
60ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/client.js?onload=__gigya_handleClientLoad

Requested by

Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83322327c7aa10545576e8871c9e005626e830734c9eab2e636a898d570f9c12

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5721
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
date: Tue, 01 Mar 2022 16:55:30 GMT
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "cc8921b7060bca02"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 01 Mar 2022 16:55:30 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_EN/ 3 KB
2 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_EN/sdk.js

Requested by

Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e2709ce85ccd785aa028d121d171626287847f44b78aa1095c44a9e78010e909

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: LbMdtWO5v9xOxxEPrTjE9A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: ArLTqMmHQCWC6lkJxy2+K8Y7dtuf08PaiBhAA7z/C/Tw2j7gpuBjBLZ7iS1qutFp60xIVGslwEY1XFhrnwj2gw==
x-fb-content-md5: fe91c82910196979e6f12ccd66a4b7a5
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 01 Mar 2022 16:55:30 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "c86fd9ad9e0f2bac9a091259cd1798fd"
timing-allow-origin: *
priority: u=3,i
expires: Tue, 01 Mar 2022 17:05:58 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A664
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yh5QAAAAALWGHgQp
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yh5QAAAAALWGHgQp&C=1

43 B
1003 B

27ms
26ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yh5QAAAAALWGHgQp&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Mar 2022 16:55:30 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 01 Mar 2022 16:55:30 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 01 Mar 2022 16:55:30 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yh5QAAAAALWGHgQp&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 279
Expires: Tue, 01 Mar 2022 16:55:30 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 301 KB
85 KB 17ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=bff52984a40c2748643fa9c486cb782a

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_EN/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

930bb36e554894482a611a5f0e6bd84c1673e36ac7437b2590bab08fe8152898

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.therams.com/
Origin: https://www.therams.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 2v82kiC/5H/l9BA1rVvoEA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 86582
x-fb-rlafr: 0
x-fb-debug: eASMjY0qseKfE0q+peHf260CbJVRs8BJKsDY6sR6LXQNRm87FWw+7F138exmyeasG0W1qJdrlqV7p26QxviibQ==
x-fb-content-md5: b8617472db196cdc04e6967e6f91e0fe
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 01 Mar 2022 16:55:30 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "18243c8f30824f02d4be4d215b24458c"
timing-allow-origin: *
priority: u=3,i
expires: Wed, 01 Mar 2023 14:36:01 GMT

GET
H3 200 status
www.facebook.com/x/oauth/ 0
0 38ms
38ms Fetch
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=404205130228139&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.therams.com%2F&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=bff52984a40c2748643fa9c486cb782a

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: /PITUw7g0InQM856+wZmukELo5CmEMpI04dUECWSOJs8NHh1htHhWmaBUnBlHG0gU2R+FMvQ0BgwGzwwR6ybWA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
date: Tue, 01 Mar 2022 16:55:30 GMT
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.therams.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame A664
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
https://ib.adnxs.com/setuid?entity=158&code=Yh5QAAAAALWGHgQp

43 B
1013 B

90ms
90ms

Image
image/gif

37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=158&code=Yh5QAAAAALWGHgQp

Protocol

HTTP/1.1

Server

37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Mar 2022 16:55:31 GMT
X-Proxy-Origin: 185.213.155.165; 185.213.155.165; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: b9450402-8f16-4441-9e1e-153676f91655
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 01 Mar 2022 16:55:30 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1646153731.967219,VS0,VE0
x-served-by: cache-hhn4082-HHN
x-cache: HIT
location: https://ib.adnxs.com/setuid?entity=158&code=Yh5QAAAAALWGHgQp
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 sdk.config.get Show response
auth-id.nfl.com/ Frame 3813 4 KB
2 KB 95ms
95ms Fetch
text/javascript 54.240.168.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-id.nfl.com/sdk.config.get?apiKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&httpStatusCodes=true
Requested by: Host: auth-id.nfl.com
URL: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=12833
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.240.168.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-240-168-32.ams54.r.cloudfront.net
Software: /
Resource Hash: e72f57ca4fae11964712516fc7bb29ecec8d5352da39d7f662a64c0fc3f9ec5b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=12833
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:55:31 GMT
content-encoding: gzip
x-soa: true, Gator
x-amz-cf-pop: AMS54-C1
edge-cache-tag: siteid_7827621
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
edge-control: !no-store,max-age=1h
x-cache: Miss from cloudfront
content-length: 1529
access-control-allow-origin: *
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 4b3bed207ec72204ebc89ae818e573ee.cloudfront.net (CloudFront)
x-callid: 7ab878d5d89746eab2104d78e467eb8b
cache-control: public, s-maxage=3600, max-age=900
x-server: us1d-nomad-g15
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: RYIMvmSDj_fOOP-yXF7jEkBlH4JsssPbGSYqlOXgKqw7hHHYwQkEiw==

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I13-EL4NYtQ.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w/ 311 KB
105 KB 96ms
43ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I13-EL4NYtQ.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/client.js?onload=__gigya_handleClientLoad

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5de6587f20288172a4e499f34200a8bde3cb11c9c8678e35dffea539e8d51b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 07:04:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35464
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107939
x-xss-protection: 0
last-modified: Wed, 02 Feb 2022 22:59:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 01 Mar 2023 07:04:27 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame A664
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yh5QAAAAALWGHgQp

43 B
274 B

52ms
22ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yh5QAAAAALWGHgQp
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Mar 2022 16:55:31 GMT
via: 1.1 google
server: OXGW/17.1.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 01 Mar 2022 16:55:31 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1646153731.068283,VS0,VE0
x-served-by: cache-hhn4082-HHN
x-cache: HIT
location: https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yh5QAAAAALWGHgQp
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame A664
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yh5QAAAAALWGHgQp

1 B
547 B

53ms
16ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yh5QAAAAALWGHgQp
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 16:55:31 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug006:0:423
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 01 Mar 2022 16:55:31 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1646153731.175025,VS0,VE0
x-served-by: cache-hhn4082-HHN
x-cache: HIT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yh5QAAAAALWGHgQp
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame A664
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Yh5QAAAAALWGHgQp&img=1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Yh5QAAAAALWGHgQp&img=1&__user_check__=1&sync_id=6785d10b-9980-11ec-886f-14bc9e680306

43 B
548 B

21ms
21ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Yh5QAAAAALWGHgQp&img=1&__user_check__=1&sync_id=6785d10b-9980-11ec-886f-14bc9e680306
Protocol: HTTP/1.1
Server: 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 01 Mar 2022 16:55:31 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 49
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Tue, 01 Mar 2022 16:55:31 GMT
Server: nginx
Location: /partner?adv_id=6409&uid=Yh5QAAAAALWGHgQp&img=1&__user_check__=1&sync_id=6785d10b-9980-11ec-886f-14bc9e680306
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 41
Connection: keep-alive
Content-Length: 0

GET
H3

200

b.php
www.facebook.com/fr/ Frame A664
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Yh5QAAAAALWGHgQp&t=2592000&o=0

43 B
69 B

41ms
41ms

Image
image/gif

2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/fr/b.php?p=1531105787105294&e=Yh5QAAAAALWGHgQp&t=2592000&o=0

Protocol

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 08:55:31 PST
content-encoding: br
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: ySEplTHBfN3T6lrGodsS5HOP7zdmXwQ+k72Meyd0kmidpmbRWZAYnz0OStcEzJUoo89L59n7zW+mmTuffA1eJw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: image/gif
vary: Accept-Encoding
cache-control: public, max-age=0
priority: u=3,i
expires: Tue, 01 Mar 2022 08:55:31 PST

Redirect headers

pragma: no-cache
date: Tue, 01 Mar 2022 16:55:31 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1646153731.372239,VS0,VE0
x-served-by: cache-hhn4082-HHN
x-cache: HIT
location: https://www.facebook.com/fr/b.php?p=1531105787105294&e=Yh5QAAAAALWGHgQp&t=2592000&o=0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 cm
trc.taboola.com/sg/adobe/1/ Frame A664 43 B
240 B 34ms
18ms Image
image/gif 2a04:4e42:200::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms: 12
pragma: no-cache
date: Tue, 01 Mar 2022 16:55:31 GMT
via: 1.1 varnish
server: nginx
x-timer: S1646153731.487345,VS0,VE12
x-served-by: cache-hhn4028-HHN
x-cache: MISS
cache-control: no-cache, no-store
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1

200
OK

ibs:dpid=152416&dpuuid=
dpm.demdex.net/ Frame A664
Redirect Chain

https://ads.undertone.com/u?dp=32&url=https%3A//dpm.demdex.net/ibs%3Adpid%3D152416%26dpuuid%3D
https://evt.undertone.com/u?dp=32&url=https%3A//dpm.demdex.net/ibs%3Adpid%3D152416%26dpuuid%3D
https://dpm.demdex.net/ibs:dpid=152416&dpuuid=

42 B
963 B

30ms
29ms

Image
image/gif

34.248.142.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=152416&dpuuid=

Protocol

HTTP/1.1

Server

34.248.142.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-248-142-13.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v028-011c1d713.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-Error: 104,300
X-TID: b1VdwrXURBg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Tue, 01 Mar 2022 16:55:31 GMT
server: istio-envoy
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
location: https://dpm.demdex.net/ibs:dpid=152416&dpuuid=
cache-control: private, max-age=0, no-cache
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame A664
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433
https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433&dcc=t
https://dpm.demdex.net/ibs:dpid=139200&dpuuid=SSWROQdZReCs0qPefj7SCA&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=62030311748104556671576419898913206234

43 B
556 B

102ms
102ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=62030311748104556671576419898913206234

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Mar 2022 16:55:32 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 99V04ACJRN2GSW145ZPB
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS: dcs-prod-irl1-1-v028-0f6565866.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 2yPlnq9cQ00=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=62030311748104556671576419898913206234
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK dwrbwyhg0yv53z4omtfw.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_8_desktop_mobile/f_auto/rams/ 45 KB
46 KB 8ms
8ms Image
image/webp 151.101.65.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_8_desktop_mobile/f_auto/rams/dwrbwyhg0yv53z4omtfw.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 728e0719ac2f23f4fcc23824103389f41c64a94dd81bd96e7ea1f0febda0b603

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 01 Mar 2022 16:55:33 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 64941
Edge-Cache-Tag: 503639730933124820193278774953482029463,585147726592303587139188067252872359897,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 503639730933124820193278774953482029463,585147726592303587139188067252872359897,c34f21cfe162ce329654d565922e8c70
Content-Disposition: inline; filename="dwrbwyhg0yv53z4omtfw.webp"
Connection: keep-alive
Content-Length: 46146
X-Served-By: cache-iad-kjyo7100087-IAD, cache-iad-kiad7000115-IAD, cache-hhn4050-HHN
X-Cache: MISS, HIT, HIT
Last-Modified: Mon, 08 Mar 2021 18:40:36 GMT
Server: cloudinary
X-Timer: S1646153733.405068,VS0,VE1
Etag: "d07434ce9c3b16b48ac943d25e311534"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 1, 1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: adb2waycm-atl.netmng.com
URL: https://adb2waycm-atl.netmng.com/cm/

Verdicts & Comments Add Verdict or Comment

155 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

65 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.therams.com/	1969-12-31 23:59:59	Name: at_check Value: true
.demdex.net/	1970-01-20 05:35:05	Name: demdex Value: 62030311748104556671576419898913206234
.scorecardresearch.com/	1970-01-20 18:32:41	Name: UID Value: 1B013f48cad8c56226562f11646153728
.therams.com/	1969-12-31 23:59:59	Name: AMCVS_F75C3025512D2C1D0A490D44%40AdobeOrg Value: 1
.therams.com/	1970-01-20 01:15:55	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://www.therams.com/%22%2C%22sref%22:%22%22%2C%22sts%22:1646153728130%2C%22slts%22:0}
.therams.com/	1970-01-20 10:45:17	Name: _parsely_visitor Value: {%22id%22:%22pid=5a1e6801256da2cbeb7bd4eb4914fad8%22%2C%22session_count%22:1%2C%22last_session_ts%22:1646153728130}
.everesttech.net/	1970-01-20 10:01:29	Name: everest_g_v2 Value: g_surferid~Yh5QAAAAALWGHgQp
.therams.com/	1970-01-20 03:25:29	Name: _gcl_au Value: 1.1.1463474563.1646153728
.dpm.demdex.net/	1970-01-20 05:35:05	Name: dpm Value: 62030311748104556671576419898913206234
.therams.com/	1970-01-20 18:48:32	Name: AMCV_F75C3025512D2C1D0A490D44%40AdobeOrg Value: -1124106680%7CMCIDTS%7C19053%7CMCMID%7C62235332403458014201561457095485805413%7CMCAAMLH-1646758528%7C6%7CMCAAMB-1646758528%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1646160928s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19060%7CvVersion%7C5.2.0
.therams.com/	1970-01-20 18:49:58	Name: mbox Value: session#58e40e646d4f44b28484a1fd87d2ee31#1646155588\|PC#58e40e646d4f44b28484a1fd87d2ee31.37_0#1709398529
.mathtag.com/	1970-01-20 10:41:48	Name: uuid Value: 3aa9621e-5000-4a00-a7f6-0b01f443d771
.therams.com/	1970-01-20 01:15:55	Name: s_pv Value: rams%3Ahome%3Ahome%3Alanding
.therams.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.exelator.com/	1970-01-20 04:08:41	Name: EE Value: "071f2fb51d48055d6ab02bce6601bd11"
.www.therams.com/	1969-12-31 23:59:59	Name: gig_canary Value: false
.www.therams.com/	1969-12-31 23:59:59	Name: gig_canary_ver Value: 12852-3-27435855
.exelator.com/	1970-01-20 04:08:41	Name: ud Value: "eJxrXxzq6XKLQcHA3DDNKC3J1DDFxMLA1DTFLDHJwCgpOdXMzMAwKcXQcHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yNJiSX5RZvoiF9fFRSlpDItKik8F719sAgBz6Cnp"
.w55c.net/	1970-01-20 10:46:08	Name: wfivefivec Value: Du03Q9IK1Np5MA5
.w55c.net/	1970-01-20 01:59:05	Name: matchdmx Value: 5
.therams.com/	1970-01-20 18:47:05	Name: _ga Value: GA1.2.1893906104.1646153729
.therams.com/	1970-01-20 01:17:20	Name: _gid Value: GA1.2.846924628.1646153729
.therams.com/	1970-01-20 01:15:53	Name: _gat_gtag_UA_122484269_1 Value: 1
.adnxs.com/	1970-01-20 03:25:29	Name: uuid2 Value: 7037450098884816168
.therams.com/	1970-01-20 03:25:29	Name: _fbp Value: fb.1.1646153728864.332431973
.turn.com/	1970-01-20 05:35:05	Name: uid Value: 8750454965806440114
.doubleclick.net/	1970-01-20 10:37:29	Name: IDE Value: AHWqTUnrzX0pyQubEnFI32mt_gCG_48t3jl3UPzJllrCDFJC-naBh9TSPgDbYLhL9RQ
.twitter.com/	1970-01-20 18:47:05	Name: personalization_id Value: "v1_vsQUZ+PMn5zJgEKg27D7Zw=="
www.therams.com/	1970-01-20 05:35:05	Name: __hstc Value: 121074455.49e99effb8bfc490a9b8cb54ee95634d.1646153729375.1646153729375.1646153729375.1
www.therams.com/	1970-01-20 05:35:05	Name: hubspotutk Value: 49e99effb8bfc490a9b8cb54ee95634d
www.therams.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
www.therams.com/	1970-01-20 01:15:55	Name: __hssc Value: 121074455.1.1646153729375
.therams.com/	1969-12-31 23:59:59	Name: s_ptc Value: pt.rdr%240.04%5E%5Ept.apc%240.00%5E%5Ept.dns%240.01%5E%5Ept.tcp%240.03%5E%5Ept.req%240.18%5E%5Ept.rsp%240.01%5E%5Ept.prc%241.83%5E%5Ept.onl%240.03%5E%5Ept.tot%242.13%5E%5Ept.pfi%241
.hubspot.com/	1970-01-20 01:15:55	Name: __cf_bm Value: NJLQ1Whfi6I9HoSB3FmJyurMR6q9_918kETCiWpOKv8-1646153729-0-Ad6cW4zDHbUuMJrLO/RBNAHcWk4yg3HJrcO/6McvRk2GUooMWX4ytvTTHZ0QPXaxzKllqToNp0yK8sfGERoZFVM=
.everesttech.net/	1970-01-20 02:00:32	Name: ev_sync_ax Value: 20220301
.auth-id.nfl.com/	1970-01-20 10:01:29	Name: apiDomain_3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P Value: auth-id.therams.com
.everesttech.net/	1969-12-31 23:59:59	Name: everest_session_v2 Value: Yh5QAQAABcODZEib
.adsrvr.org/	1970-01-20 10:01:29	Name: TDID Value: b7ef8c92-61cb-422b-a248-9ff49c3ca367
.adsrvr.org/	1970-01-20 10:01:29	Name: TDCPM Value: CAESEgoDYWFtEgsIwoCus8rrvToQBRgFIAEoAjILCLzHjeDg6706EAU4AQ..
.advertising.com/	1970-01-20 10:02:56	Name: APID Value: UP66b84ae9-9980-11ec-abb7-028c3eae12d0
.auth-id.therams.com/	1970-01-20 10:01:29	Name: gmid Value: gmid.ver4.AcbHSUNdww.dpa8MxngK0g9OwrACx2gt5SIas3f-9qQKTTC9yMyMZ-FZ5qPqX4Hwklga8FQ3ndn.Np2weJ0UtBTCadyd5V9V8B4ixXfQ2IGXrpJXJsH5PI-7B0WyMAq9FpN15C-Fuu3l5hbRm8IUUtrCJknweHXMTA.sc3
.auth-id.therams.com/	1970-01-20 10:01:29	Name: ucid Value: WrOGrL0xoBv50RVxt6lUZQ
.auth-id.therams.com/	1970-01-20 05:40:47	Name: hasGmid Value: ver4
.therams.com/	1970-01-20 10:01:29	Name: gig_bootstrap_4_9uJbeFZZVmtKTfSv1bjUVQ Value: auth-id_ver4
.criteo.com/	1970-01-20 10:37:29	Name: uid Value: bcafe830-8343-4d79-b1e4-db04e7d2833b
.eyeota.net/	1970-01-20 01:15:54	Name: SERVERID Value: 19756~DM
.yahoo.com/	1970-01-20 10:01:51	Name: A3 Value: d=AQABBAJQHmICEHasDsRAaIW7DqucjFcwjCg&S=AQAAAsvpb59WsH9Xg27r8S_vJgs
.everesttech.net/	1970-01-20 02:00:32	Name: ev_sync_yh Value: 20220301
.auth-id.nfl.com/	1970-01-20 10:01:29	Name: gig_canary_3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P Value: false
.auth-id.nfl.com/	1970-01-20 10:01:29	Name: gig_canary_ver_3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P Value: 12852-3-27435855
.casalemedia.com/	1970-01-20 10:01:29	Name: CMID Value: Yh5QAjrTm4pA7wfDJAHbZQAA
.casalemedia.com/	1970-01-20 03:25:29	Name: CMPS Value: 3270
.casalemedia.com/	1970-01-20 03:25:29	Name: CMPRO Value: 1144
.casalemedia.com/	1970-01-20 01:17:20	Name: CMST Value: Yh5QAmIeUAIA
.casalemedia.com/	1970-01-20 10:01:29	Name: CMRUM3 Value: 58621e50022760Yh5QAAAAALWGHgQp
.adnxs.com/	1970-01-20 03:25:29	Name: anj Value: dTM7k!M4.FErk#WF']wIg2HaRn9y#9!@wnfH)iR8PMp-v=0C#04xhl?M+Ab(iO=o`VQ^rqcfCq2cd#A^/kM_F]s.hL(FmbF[H_[U%vhLj)fy+ZNNV$D
.pubmatic.com/	1970-01-20 03:25:29	Name: KRTBCOOKIE_218 Value: 4056-Yh5QAAAAALWGHgQp&KRTB&22978-Yh5QAAAAALWGHgQp&KRTB&23194-Yh5QAAAAALWGHgQp&KRTB&23209-Yh5QAAAAALWGHgQp
.pubmatic.com/	1970-01-20 01:59:05	Name: PugT Value: 1646153731
.pubmatic.com/	1970-01-20 03:25:29	Name: PUBMDCID Value: 3
.spotxchange.com/	1970-01-20 10:01:33	Name: audience Value: 6785d0ca-9980-11ec-886f-14bc9e680306
.demdex.net/	1970-01-20 05:35:05	Name: dextp Value: 269-1-1646153728230\|3-1-1646153728340\|359-1-1646153728468\|358-1-1646153728635\|470-1-1646153728826\|843-1-1646153728927\|640-1-1646153729029\|771-1-1646153729129\|1123-1-1646153729230\|1083-1-1646153729334\|1085-1-1646153729435\|1086-1-1646153729536\|1087-1-1646153729636\|1088-1-1646153729738\|903-1-1646153729839\|6835-1-1646153729940\|19913-1-1646153730041\|28645-1-1646153730142\|30064-1-1646153730243\|30646-1-1646153730343\|30862-1-1646153730445\|83349-1-1646153730546\|144230-1-1646153730647\|144231-1-1646153730748\|144232-1-1646153730853\|144233-1-1646153730963\|144234-1-1646153731064\|144235-1-1646153731165\|144236-1-1646153731266\|144237-1-1646153731367\|147592-1-1646153731468\|152416-1-1646153731569\|139200-1-1646153731670
.amazon-adsystem.com/	1970-01-20 06:24:03	Name: ad-id Value: AwKpw2PcBURIg8m-mCJNgl4
.amazon-adsystem.com/	1970-01-21 21:49:58	Name: ad-privacy Value: 0
.undertone.com/	1970-01-20 10:01:29	Name: UTID Value: cd4210e89ece4e0aaa746ed1302d1174
.undertone.com/	1970-01-20 10:01:29	Name: UTID_ENC Value: c5gp6ybr8tjbt5kajphefy7hw

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.therams.com/(Line 49) Message: A preload for 'https://www.therams.com/compiledassets/css/base.css?_t=d88dbc479573a51bd84878e5bd0cfe7c' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other	warning	URL: https://www.therams.com/(Line 50) Message: A preload for 'https://www.therams.com/compiledassets/theming/d67c44a609a9b0620bc93a8019cd60e8' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
network	error	URL: https://us.connextra.com/dcs/tagController/tag/11935e1e2233/homepage Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://pixel.advertising.com/ups/28/sync?uid=62030311748104556671576419898913206234&_origin=1&redir=true&verify=true Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: https://www.therams.com/ Message: The resource https://www.therams.com/compiledassets/css/base.css?_t=d88dbc479573a51bd84878e5bd0cfe7c was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.therams.com/ Message: The resource https://www.therams.com/compiledassets/theming/d67c44a609a9b0620bc93a8019cd60e8 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adb2waycm-atl.netmng.com
ads.undertone.com
ads.yahoo.com
analytics.twitter.com
api.nfl.com
apis.google.com
assets.adobedtm.com
audit-tcfv2.quantcast.mgr.consensu.org
auth-id.nfl.com
auth-id.therams.com
cdn.onesignal.com
cdns.us1.gigya.com
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
d.turn.com
d1z2jf7jlzjs58.cloudfront.net
dpm.demdex.net
dsum-sec.casalemedia.com
evt.undertone.com
forms.hubspot.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
image2.pubmatic.com
imasdk.googleapis.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsleadflows.net
load77.exelator.com
loadm.exelator.com
match.adsrvr.org
nfl.demdex.net
nflenterprises.tt.omtrdc.net
odr.mookie1.com
onesignal.com
p.nfltags.com
p1.parsely.com
pixel.advertising.com
pixel.everesttech.net
pixel.rubiconproject.com
pm.w55c.net
ps.eyeota.net
quantcast.mgr.consensu.org
rules.quantcount.com
s.amazon-adsystem.com
sb.scorecardresearch.com
secure.quantserve.com
securepubads.g.doubleclick.net
smetrics.nfl.com
static.clubs.nfl.com
static.www.nfl.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
sync.search.spotxchange.com
test.quantcast.mgr.consensu.org
therams.com
track.hubspot.com
trc.taboola.com
unpkg.com
us-u.openx.net
us.connextra.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.therams.com
x.dlx.addthis.com
adb2waycm-atl.netmng.com
104.111.215.191
104.244.42.3
13.227.220.113
142.250.181.226
142.250.184.226
15.236.176.210
151.101.1.153
151.101.129.152
151.101.129.153
151.101.193.153
151.101.2.49
151.101.65.153
18.198.69.109
184.30.210.29
185.29.134.244
185.64.190.80
185.94.180.126
2.18.234.21
2.18.234.36
2001:678:cb4:bbbb::13
212.82.100.182
2600:9000:21c7:3600:9:46dc:4700:93a1
2600:9000:21c7:7200:3:a4cd:8380:93a1
2600:9000:2204:4e00:6:44e3:f8c0:93a1
2606:4700::6810:7baf
2606:4700::6811:47b0
2606:4700::6811:d2cc
2606:4700::6811:e8cc
2606:4700::6812:14bf
2606:4700::6812:e234
2606:4700::6813:9a53
2606:4700::6813:9b53
2620:116:800d:21:3175:5196:e3fd:8c1d
2a00:1288:80:807::2
2a00:1450:4001:803::2002
2a00:1450:4001:808::2008
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2004
2a00:1450:4001:810::200e
2a00:1450:4001:828::200e
2a00:1450:400c:c06::9d
2a02:2638:1::13
2a02:26f0:6c00:28a::1e80
2a02:6ea0:c700::2
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:200::300
3.127.178.105
3.69.18.111
34.246.234.200
34.248.142.13
34.255.107.204
34.98.67.61
35.244.159.8
37.252.172.38
52.205.167.202
52.223.40.198
52.46.130.91
52.58.249.203
52.59.131.166
54.192.86.19
54.192.86.50
54.194.191.134
54.228.10.200
54.240.168.24
54.240.168.32
54.84.143.226
69.173.151.100
02930bc2b4c08b3da50de2d03d6374454b0ff8fbe111ae5463964d1bc251c939
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2
06c1ae2d8de19aee620db18e7942df9d1c634197bfe7da0f7aa9958176d1067b
083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966
0a376bb4059b1fd056b475fe7f1b92bc27ac86fe4dc4f7f080cd91a119c0e08b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
15b3bb5cee62b497154271663edca3fb1574e676a2fa2d81e80640a25e148864
187a6bf381cd0cef776ca2c409928045347b7d62324c73d65f32073a3a91f915
21588ff06c8d62213aeb662895a415609340053243492e0c8255388e969eca0e
229a2534529014c8d62688d11f598a6bfb826f82054827f6ab6633e186a608d0
229bbf4d0e7488209564152c6723497f1ac3934136ca1684233d2fa88fa4146f
2465a231a58b82c620d23b94ee93bb2bdc046acf40e9ded0aacf40cc43384952
250eb532dbc4525ada3ab433105a47caed8111909199623af25134af5195bd85
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
28c8e9e712c6ecf99a5b779e911923ead491c4639be0969f35c998811bd8272f
298b2d5ed213f76dd7d1d3fc86f9285887cb1f9fe55653833b6151b74a5bca62
2a44537ffe33c438fcc6f49f4ee6a02be0daa467010273f3c10f8101bd570073
2bc1e39bc42a6b22ca0750f79347faf3d5720cccd8a3d611682dc53f715c82dd
2c795df01f38b55e2ade4c44e166975aeb921272a17953a2fffac160de9f5429
2d347443d3ac1363e31281915b1a5a239c9905bfdbabb7f897dbb07ef981d71b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
328ebec5d3dcb20a208cdc364cc8fb61be2238dd49ca1aea040d41fd13f69faf
32ed95b190974ab3c06dcbfe84decbe46ba5bf9ef759aaad201b053d06342d9e
3d699a355a5d1e675af5663335726fc636aaeaacf75be421a35901874043a8e5
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
476e7eb397d8ad4c1c63798669d2b7011f69f14add6f5ad92d8df3ace8456355
47c51b8272102bc692e117de7f58ea6c6f5e7c18fc262512ad902ef1c645609b
493bb6607bca4f5e637018ddab955498f3ce1c80d0747e1264bfc7e16a912ac8
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d311058817ad7d8ef7f3497ff3c1a0fb36d9eb3ba16dbd66a2d444eaa05dfd0
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51f9f21b7ac45e48dea3f02ead3b3ed2151936f28cb0f7a3bf26af88bb30adb1
5377c77436bfcc620e2d5bebb1779b5daf63a9cabd28022ba959323d1d8e9b0b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55723e64f42b1751419803799a21651fdcfa9fb1df025344a07f5b619fc09155
55818a4e8f1db1716ecc411296c82f35fb9241f4fe74143c3d048c1921e13c5f
55fde4bfab54152c832b0004120bf58a6962fa6e907063bc0ffea0cf22122dd7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56cea23a191dfea947a52a2ab4f48064b680fbde67eb1f7830e86c4ec8164f45
5735dc0f41e6575b3c446749ff221fed891988e66b7313e985a0e9c0cfbea52b
590724305eb93b15b09eac9a534d173f727155ddb42c0a06275eec549f35a5f3
5a536c560589fc364daacce993cb96a9d60a30508a2fe008080f92c10a6decb0
5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153
5f28c1ce6a8db182d846bc4bd1baf9f8aea74f6e8efa4b14ebaa68bcee94cc18
609dd23caf8f7839c095b0056b9f7f3437d5c09b5318572ef831a7abcf3d93b3
61ed9ec4c536d2eb2e32389cfff1656afce90aa7715968876853a1ac3439ca88
62395563f638a3227da0c4cfeefda13f053ee80277d24f3609117a5ad66bacb7
62fbd09d6bec05c360433aea6fd1f69c3cc38625fc99720c3de548a8746d72be
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda
6bb6f27c495e42eac7fdc790ff75d0917228612e4fbc625ee84488df8f20e5f7
6d2f93e04bee266ab3f95be416648e386ccac91f7e7d8a8fd6ee59923b4a6a62
7157511697db744d384a5a2a8646af23f3c90560abf93bb240fdd690b29a898a
728e0719ac2f23f4fcc23824103389f41c64a94dd81bd96e7ea1f0febda0b603
7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403
788ab74adefb14b2710f86b1de56bc0040c935d09e5ba8a1825ca6d3c15dc8a1
798e9911a02d8cc29927bfceb1f617e25d4e8e4fb5435140419c6236f7b7f5b3
7aa262988bb9d0e46288f7c2ec332513b5a34e7a2fdf0b36f916a33231bb79ad
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c93fbc1a408030d138623b8ad3f499a7a64601e4657564a559869497802ea7f
7ccd19e6e7a9b375559510bd2e53ea683543efd7f43f30d899d811ee754dbddd
7fe19ed9f52e04a6932f63b7de463fd9c8593b2ddbcbd4469fe0db31a0fabf30
804b5aa180e095fff2fa8ad389c57a1640e94e3084a28ff21610d6f85b6c0fe3
8182161d54abafd67e6e11122131bc2bcd65a4a86bf80617e655aa88265000f1
82515c0f922258f4154443f676019e7a222f85afb23bc81ceb616ac055ac61bc
83322327c7aa10545576e8871c9e005626e830734c9eab2e636a898d570f9c12
83b8975d97ad572af9b9c7bf861913699ac5d14f1ad14521e0ef5c451b71ac55
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
878796facbcbeadeddda79c14175bb3967519b61d1db46ae49a36b5dc84e5dd9
8977e9a04b35b4e93e8d23e89b9a0084dcad5a10ff01079be0c9c08996591b50
8bcd1a4901c7753af609970d77e8a023a889afdb02bb7ee6b343b05ca5069598
930bb36e554894482a611a5f0e6bd84c1673e36ac7437b2590bab08fe8152898
939d51b21aeb2d1ae41dc5224b9b988b5054f413cb01855af8f7a3a47a233d18
947d6c755989ac2b8e761deb8f7c3d38c30f9e01ce86b4ce1c8f3a2e1d1e5221
9491f3caca5118a6226c06230922aa60cc2f342dec29a728970daf1d73b107a8
95045347f438c2512764824b7bd997e68b8c18b06ef5c234962eba3b3024f6e8
9c6281ee9e9b964d9d62e4b4e926cba710a182b5c29ea97e3d8d268225ea86a6
9db33292007ab6c38527b39d5663e976a305564e19b2a5a8713ea2b2c00f505d
9ff4764a6542f35a47ce43ca58142fd062e7a6ca79b4b2b3bcccff49732630b6
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1e8ff6e3433451a637658e81616852233d86684186eab93629b79c94d15b28f
a311e0ce6a3e817788f8596744acb7a698dea12d9307317b42382475a8f4aac4
a5de6587f20288172a4e499f34200a8bde3cb11c9c8678e35dffea539e8d51b9
a6bdf620e64f6f9481b0b273e6365a133ce173c2feb8839cfb99542f0f7f518e
a72891ab6e9b44ba1dab6cda81cb196e7a93913a05c7b8d772bbe35c402f14f7
aafa5bd1a6d109986f239e94e42036262c7eb9189f63b4f00cefbfe963ca6ad3
ab2e2395cef5812ed20caae0b0a178b1edace5036be869f62709efbfbee0580f
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3
b25cb256e8187eba8e3e63bc4d6bb8faf1aa6ba285c63d31eb9e85100bfc5de8
b384b5e8bbd0a5bb8d550c6475c3a1f8f99fd48dd5cfa55fd80f764926b80999
b3a0468ca1d69210db78aefafae46d1fd7efe8b3bfb43ac999b9398384b8dea7
bb17e24c74e06e8b0b21efd79b1b8c9d2e39d27e33520fb6841a3e8b0af04a65
bcd2cdc5985a1cac0f1ee443788c768f2f9a5524aafbe9b2e2b4456575b8f2b0
bcec1a47d702627a87baa373da863f22a6133d09fabad9fa9182380dd654134e
be8c3c798ecced707ad68e445acdc515f441e8d0f8c26ac7c9c2f0d5ed513855
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c6a9563efc298908aaa1fbfe750739d7e2ddc36f5a32b33f66c9a045bc997e97
c98366a87bd0007a24b135bf9c39038ff3d7ea8d4c77f4222aa834f747afc6ee
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf6d682f0289fa284b2a55d17f29501dc0b97a0a5777af3d0ff6e57e56b13bef
d1c839d0fb2d53950de2889d2e7d9a7a491feff06f8e049e11dc912b20d09e7d
d5fff1784193807b9cd03e9babd9b017375f622351e7024b591e6b337295e47a
d68d0ec4538467639a78668e1c3ff4f364c9d5dc2b147050baafce989ff5e868
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
d83fdae84f130da1568e9b5a9815acb5b10c20b7d6240fc8fc59fe9ada4f4e2b
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfa5fd01fac7951b11788f71c5d01fe9b567ffee4e04fe57315daf90da43df02
e10028c203c2f3a5076be0658619b783d8bc38828b132847fed040c3fae7ebb2
e2709ce85ccd785aa028d121d171626287847f44b78aa1095c44a9e78010e909
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5f0058d3d737d25b691728bce12a7d0b77183781c936ca8152e28cacf9e6e3f
e72f57ca4fae11964712516fc7bb29ecec8d5352da39d7f662a64c0fc3f9ec5b
eb17a933f0977509c796b9055e3c140746326ecd3ec343dfa3614e8bdb1ac2f5
eec3e00ec5297b3e3a9fdfda04e1eb3495b871c01db06e469146a731fd726f98
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef467a9e4cb57447c359cf932be4cb6d62c74f3408888d210963502eb2ff1f8f
f8bc4699b2bb4f0c2c3bb9f7c655cbea402421cbb61ed1e1736d41d53b042791
fabf02fa5b45b614d86acb2367ac45b4eb4f62a6e1b3437f8ef0d76b78d47ef9
fccb7d2df89b2d280cea57322dacf66f3e21ed05a773fcfce66abe6466b64ab0
fe79718c6d7060bdde704a42161787735669f3ee801eb3833212f16aad939e13

www.therams.com Open in urlscan Pro 151.101.193.153 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

166 Requests

78 %HTTPS

41 %IPv6

53 Domains

73 Subdomains

57 IPs

7 Countries

2935 kBTransfer

8241 kBSize

65 Cookies

64 Outgoing links

Page URL History

Redirected requests

166 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.therams.com Open in urlscan Pro
151.101.193.153 Public Scan

Screenshot
Live screenshot

Full Image

166
Requests

78 %
HTTPS

41 %
IPv6

53
Domains

73
Subdomains

57
IPs

7
Countries

2935 kB
Transfer

8241 kB
Size

65
Cookies

166 HTTP transactions
2 data transactions