www.therams.com Open in urlscan Pro
151.101.129.153 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.therams.com/schedule/
Submission: On May 23 via api (May 23rd 2023, 8:14:51 pm UTC) from US — Scanned from DE

Summary HTTP 199 Redirects Links 94 Behaviour Indicators

Summary

This website contacted 53 IPs in 8 countries across 45 domains to perform 199 HTTP transactions. The main IP is 151.101.129.153, located in United States and belongs to FASTLY, US. The main domain is www.therams.com. The Cisco Umbrella rank of the primary domain is 537023.
TLS certificate: Issued by R3 on April 18th 2023. Valid for: 3 months.

This is the only time www.therams.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
44	151.101.129.153 151.101.129.153	54113 (FASTLY) (FASTLY)
11	2606:4700::68... 2606:4700::6813:bb61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
4	2a02:26f0:350... 2a02:26f0:3500:58f::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	151.101.65.153 151.101.65.153	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
17	52.85.132.103 52.85.132.103	16509 (AMAZON-02) (AMAZON-02)
2	151.101.1.152 151.101.1.152	54113 (FASTLY) (FASTLY)
1	2606:4700:440... 2606:4700:4400::6812:2b9e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	151.101.193.153 151.101.193.153	54113 (FASTLY) (FASTLY)
2 14	52.49.215.81 52.49.215.81	16509 (AMAZON-02) (AMAZON-02)
1	151.101.128.114 151.101.128.114	54113 (FASTLY) (FASTLY)
1	52.215.114.201 52.215.114.201	16509 (AMAZON-02) (AMAZON-02)
8 8	52.209.38.88 52.209.38.88	16509 (AMAZON-02) (AMAZON-02)
1	66.235.152.113 66.235.152.113	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.134.248 185.29.134.248	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c70... 2a02:6ea0:c700::11	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
2 2	52.58.134.213 52.58.134.213	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2 3	185.89.210.244 185.89.210.244	29990 (ASN-APPNEX) (ASN-APPNEX)
1	23.35.237.2 23.35.237.2	16625 (AKAMAI-AS) (AKAMAI-AS)
4	151.101.1.153 151.101.1.153	54113 (FASTLY) (FASTLY)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::13	56396 (AMOBEE) (AMOBEE)
9	18.165.83.110 18.165.83.110	16509 (AMAZON-02) (AMAZON-02)
4	52.31.36.112 52.31.36.112	16509 (AMAZON-02) (AMAZON-02)
1 1	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
4	2600:9000:223... 2600:9000:223f:9000:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
7 8	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
10	2600:1f13:800... 2600:1f13:800:7780:68f0:a33:9e57:b3d0	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
6 12	52.208.194.197 52.208.194.197	16509 (AMAZON-02) (AMAZON-02)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2 3	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
2 2	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	3.122.214.165 3.122.214.165	16509 (AMAZON-02) (AMAZON-02)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1	34.160.236.64 34.160.236.64	15169 (GOOGLE) (GOOGLE)
1	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
8 8	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	52.85.151.12 52.85.151.12	16509 (AMAZON-02) (AMAZON-02)
1 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a04:4e42::300 2a04:4e42::300	54113 (FASTLY) (FASTLY)
1 1	18.154.227.77 18.154.227.77	16509 (AMAZON-02) (AMAZON-02)
1 1	18.165.98.4 18.165.98.4	16509 (AMAZON-02) (AMAZON-02)
2 3	209.54.182.161 209.54.182.161	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
199	53

44 151.101.129.153 (United States)

ASN54113 (FASTLY, US)

www.therams.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6813:bb61 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:3500:58f::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.153 (United States)

ASN54113 (FASTLY, US)

p.nfltags.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 52.85.132.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-132-103.iad50.r.cloudfront.net

rams.formstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.formstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.152 (United States)

ASN54113 (FASTLY, US)

api.nfl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2b9e (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.193.153 (United States)

ASN54113 (FASTLY, US)

static.clubs.nfl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 52.49.215.81 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-215-81.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.128.114 (United States)

ASN54113 (FASTLY, US)

cdn.evgnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.215.114.201 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-114-201.eu-west-1.compute.amazonaws.com

nfl.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.209.38.88 (Dublin, Ireland) 8 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-38-88.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.235.152.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-66-235-152-113.data.adobedc.net

nflenterprises.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.248 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.78.254.47 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a9f75a4194adab9f33c5a1e95130639d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.58.134.213 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-134-213.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.244 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.2 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-2.deploy.static.akamaitechnologies.com

cdns.us1.gigya.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.1.153 (United States)

ASN54113 (FASTLY, US)

static.www.nfl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::13 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 18.165.83.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-83-110.iad55.r.cloudfront.net

auth-id.nfl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.31.36.112 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-36-112.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.192.160.219 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:223f:9000:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 216.58.212.162 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:1f13:800:7780:68f0:a33:9e57:b3d0 (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 52.208.194.197 (Dublin, Ireland) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-194-197.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.75.62.37 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::d (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.122.214.165 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-214-165.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.236.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.236.160.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.194.49 (United States) 8 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.151.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-151-12.iad89.r.cloudfront.net

auth-id.therams.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.154.227.77 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-154-227-77.iad55.r.cloudfront.net

ads.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.165.98.4 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-165-98-4.iad55.r.cloudfront.net

evt.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 209.54.182.161 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	therams.com www.therams.com — Cisco Umbrella Rank: 537023 auth-id.therams.com	517 KB
28	everesttech.net 22 redirects cm.everesttech.net — Cisco Umbrella Rank: 1022 pixel.everesttech.net — Cisco Umbrella Rank: 4412 sync-tm.everesttech.net — Cisco Umbrella Rank: 606	10 KB
21	nfl.com api.nfl.com — Cisco Umbrella Rank: 24377 static.clubs.nfl.com — Cisco Umbrella Rank: 32016 static.www.nfl.com — Cisco Umbrella Rank: 30494 auth-id.nfl.com — Cisco Umbrella Rank: 31128	663 KB
18	adsafeprotected.com pixel.adsafeprotected.com — Cisco Umbrella Rank: 685 static.adsafeprotected.com — Cisco Umbrella Rank: 595 dt.adsafeprotected.com — Cisco Umbrella Rank: 569	200 KB
17	formstack.com rams.formstack.com static.formstack.com — Cisco Umbrella Rank: 24850	321 KB
17	doubleclick.net 7 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 cm.g.doubleclick.net — Cisco Umbrella Rank: 210 stats.g.doubleclick.net — Cisco Umbrella Rank: 76	170 KB
15	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 200 nfl.demdex.net — Cisco Umbrella Rank: 33080	18 KB
13	googlesyndication.com a9f75a4194adab9f33c5a1e95130639d.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 132 pagead2.googlesyndication.com — Cisco Umbrella Rank: 93	120 KB
11	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 368	215 KB
5	google.com adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2 apis.google.com — Cisco Umbrella Rank: 109	117 KB
4	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 272 cms.analytics.yahoo.com — Cisco Umbrella Rank: 991 ads.yahoo.com — Cisco Umbrella Rank: 5909	1 KB
4	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 448	112 KB
3	amazon-adsystem.com 2 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 273	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	21 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 214	3 KB
3	exelator.com 2 redirects loadm.exelator.com — Cisco Umbrella Rank: 1397 load77.exelator.com — Cisco Umbrella Rank: 3435	2 KB
3	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 437 ajax.googleapis.com — Cisco Umbrella Rank: 320 fonts.googleapis.com — Cisco Umbrella Rank: 35	35 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 157	88 KB
2	undertone.com 2 redirects ads.undertone.com — Cisco Umbrella Rank: 5675 evt.undertone.com — Cisco Umbrella Rank: 5357	1 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 102	889 B
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 694	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530	1 KB
2	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 413	758 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 181	107 KB
2	gstatic.com fonts.gstatic.com	46 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 752	1 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 9037 www.google.de — Cisco Umbrella Rank: 6080	939 B
1	taboola.com trc.taboola.com — Cisco Umbrella Rank: 635	374 B
1	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 820	451 B
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 436	273 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 315	239 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1108	213 B
1	eyeota.net 1 redirects ps.eyeota.net — Cisco Umbrella Rank: 924	418 B
1	advertising.com 1 redirects pixel.advertising.com — Cisco Umbrella Rank: 1375	331 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 306	265 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 637	394 B
1	addthis.com 1 redirects x.dlx.addthis.com — Cisco Umbrella Rank: 1269	175 B
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 1144	402 B
1	gigya.com cdns.us1.gigya.com — Cisco Umbrella Rank: 10999	164 KB
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 482	696 B
1	omtrdc.net nflenterprises.tt.omtrdc.net — Cisco Umbrella Rank: 31507	847 B
1	evgnet.com cdn.evgnet.com — Cisco Umbrella Rank: 3699	46 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 587	303 B
1	nfltags.com p.nfltags.com — Cisco Umbrella Rank: 31123	92 KB
0	netmng.com Failed adb2waycm-atl.netmng.com Failed
199	45

	Domain	Requested by
44	www.therams.com	www.therams.com
14	dpm.demdex.net	2 redirects www.therams.com
13	static.formstack.com	rams.formstack.com
12	pixel.everesttech.net	6 redirects
11	cdn.cookielaw.org	www.therams.com cdn.cookielaw.org
10	dt.adsafeprotected.com
9	auth-id.nfl.com	cdns.us1.gigya.com auth-id.nfl.com
8	sync-tm.everesttech.net	8 redirects
8	cm.g.doubleclick.net	7 redirects
8	cm.everesttech.net	8 redirects
8	securepubads.g.doubleclick.net	www.therams.com securepubads.g.doubleclick.net www.googletagservices.com
7	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
6	static.clubs.nfl.com	www.therams.com
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
4	static.adsafeprotected.com	pixel.adsafeprotected.com www.therams.com
4	pixel.adsafeprotected.com	www.therams.com
4	static.www.nfl.com	www.therams.com
4	rams.formstack.com	www.therams.com static.formstack.com
4	assets.adobedtm.com	www.therams.com assets.adobedtm.com
3	s.amazon-adsystem.com	2 redirects
3	www.google-analytics.com	static.formstack.com www.google-analytics.com
3	ib.adnxs.com	2 redirects
2	connect.facebook.net	cdns.us1.gigya.com connect.facebook.net
2	apis.google.com	cdns.us1.gigya.com apis.google.com
2	www.facebook.com	connect.facebook.net
2	sync.search.spotxchange.com	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	gum.criteo.com	2 redirects
2	ups.analytics.yahoo.com	1 redirects
2	www.google.com	tpc.googlesyndication.com
2	www.googletagservices.com	securepubads.g.doubleclick.net
2	fonts.gstatic.com	fonts.googleapis.com
2	pm.w55c.net	2 redirects
2	loadm.exelator.com	2 redirects
2	api.nfl.com	p.nfltags.com
1	evt.undertone.com	1 redirects
1	ads.undertone.com	1 redirects
1	trc.taboola.com
1	image2.pubmatic.com
1	us-u.openx.net
1	auth-id.therams.com	cdns.us1.gigya.com
1	pixel.rubiconproject.com
1	ads.yahoo.com
1	odr.mookie1.com
1	cms.analytics.yahoo.com	1 redirects
1	ps.eyeota.net	1 redirects
1	pixel.advertising.com	1 redirects
1	match.adsrvr.org
1	www.google.de
1	stats.g.doubleclick.net	www.google-analytics.com
1	analytics.twitter.com
1	x.dlx.addthis.com	1 redirects
1	d.turn.com	1 redirects
1	cdns.us1.gigya.com	www.therams.com
1	a9f75a4194adab9f33c5a1e95130639d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	fonts.googleapis.com	ajax.googleapis.com
1	load77.exelator.com	www.therams.com
1	sync.mathtag.com	1 redirects
1	nflenterprises.tt.omtrdc.net	assets.adobedtm.com
1	nfl.demdex.net	assets.adobedtm.com
1	cdn.evgnet.com	rams.formstack.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	ajax.googleapis.com	www.therams.com
1	p.nfltags.com	www.therams.com
1	imasdk.googleapis.com	www.therams.com
0	adb2waycm-atl.netmng.com Failed
199	68

This site contains links to these domains. Also see Links.

Domain
www.ramsfanshop.com
www.pntrac.com
sports.yahoo.com
ramsnewlook.com
static.clubs.nfl.com
www.nfl.com
onlocationexp.com
www.ticketmaster.com
ramssuites.com
www.hilton.com
itunes.apple.com
play.google.com
www.teamworkonline.com
am.ticketmaster.com
www.baltimoreravens.com
www.bengals.com
www.clevelandbrowns.com
www.steelers.com
www.buffalobills.com
www.miamidolphins.com
www.patriots.com
www.newyorkjets.com
www.houstontexans.com
www.colts.com
www.jaguars.com
www.tennesseetitans.com
www.denverbroncos.com
www.chiefs.com
www.chargers.com
www.raiders.com
www.chicagobears.com
www.detroitlions.com
www.packers.com
www.vikings.com
www.dallascowboys.com
www.giants.com
www.philadelphiaeagles.com
www.commanders.com
www.atlantafalcons.com
www.panthers.com
www.neworleanssaints.com
www.buccaneers.com
www.azcardinals.com
www.49ers.com
www.seahawks.com
operations.nfl.com
www.nflshop.com
nflonlocation.com
www.profootballhof.com
www.nfl.info
www.usafootball.com
www.nflextrapoints.com
privacyportal.onetrust.com
www.onetrust.com

Subject Issuer	Validity	Valid
clubs.nfl.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-19` - `2023-08-19`	a year	crt.sh
ndc-production-san.nfl.com R3	`2023-04-11` - `2023-07-10`	3 months	crt.sh
*.formstack.com Amazon RSA 2048 M02	`2023-03-20` - `2024-04-17`	a year	crt.sh
clubsweb.san1.nfl.com R3	`2023-04-15` - `2023-07-14`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
cdn.evergage.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-06` - `2024-03-04`	a year	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-09-01`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
cdns.gigya.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-07` - `2023-12-07`	a year	crt.sh
static.www.nfl.com R3	`2023-04-23` - `2023-07-22`	3 months	crt.sh
auth-id.nfl.com Amazon RSA 2048 M01	`2023-02-17` - `2023-11-20`	9 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M01	`2023-02-24` - `2023-09-04`	6 months	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-27` - `2024-03-29`	a year	crt.sh
auth-id.therams.com Amazon RSA 2048 M02	`2023-03-01` - `2023-11-16`	9 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-03-02` - `2023-05-31`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://www.therams.com/schedule/
Frame ID: 2E8092A2EE7202A0BD30B3EB6CE25B40
Requests: 135 HTTP requests in this frame

Frame: https://nfl.demdex.net/dest5.html?d_nsid=0
Frame ID: 57C1D8693EBCFE3F1D988461B6688F95
Requests: 34 HTTP requests in this frame

Frame: https://a9f75a4194adab9f33c5a1e95130639d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4FF18CE2ADF6FE8A0D6F318048BB9AAA
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu8pT0bmYJ59v9VHxNH-eC5oIJsUfOHTsFbNR3DB0MrQIqbyBQCFrjjNMzXt_JqJpsDRrMJ17CcAaUMkTqGBDdd7tRRZuvwq3DrRA6TBouwAzuZHBpDhRQsKMksvHZNhIi_VG88UnJbqndqnTcZQKxYiILhbnAvzoP5hGUxXHavZfKaW5G1_-_4CgUeqr6rRFvwD34_DoRupBD5UQehPD4081yA7FHtrvxTcR9XrZtzwsOi5UqJX-lSH9auv24BnTIB4PLbqTMFP1RuMSMzYc4JWvb3J439q5VtgNI8y-YFv4jm-g0qv7UpUYdfJP7DTHQTszk&sai=AMfl-YTEnE3YAxMI0LZmuHkMZLhmKQ7fYD_aDt9lzm8Iv5rbCEZK7Vcz4Iegyibqr898AGLNr_c55IbFb9LBk64FnlJR9Ra_NNEpG8FfpRVhwpt3RuzUxkhLYbNyPJrFt4U17R_-Kvj4rkKi9KroHAQO&sig=Cg0ArKJSzJ_4sSkMDUoNEAE&uach_m=[UACH]&adurl=
Frame ID: BA67DEE26E0771D2C7D7245AF7AE0F5C
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvfgEKjxSNyAY-mYQAK4RMtVvTsMIBCDiuLPyUf7KdhUb1643q9TOxM-dVz2l6JVrDJ97Yt2dM4r6o19PzOZoNE_QMNhzOPG6BdtT1VjJCbkPQoHkOaBpkUjglcZk_hHbypRJZNMycQFZxFluCDLl-P10QDiqSfgdcUDzS9pLoGYgJOZrjUw_EF3dXPtXjuQP0z8rjx7ZnuBAQajVEhETgYYhjfP59GTW9lZcTQbBZk1I1zElX5a_i0minGZSeJcA4w4yBcozZL_VN2Tfh0umVUC4kUwC7tWyaX1BcethCzI3kt5yHSG705Sggc--Vu9QeUK0M&sai=AMfl-YQQvM4O7H2I2vLPU7bc-EVLVv6D9PEfxcQryE8nv1kZndaT-pu-lDC2nOZwj_ou5XNVQVMH9YYOM1Y5OqLXXoRsb782IeNh1Wc4kOjPkGH9pyoLWHVqL34wRA1DZmacCi73Q5hWAUbFhvWIjTlo&sig=Cg0ArKJSzNdQVHvbTkaAEAE&uach_m=[UACH]&adurl=
Frame ID: 3D0EFCDA5310BC3F2231F492CB9F82AD
Requests: 6 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=929781&campId=100x30&pubId=30702453&chanId=182654973&placementId=5362858293&pubCreative=138310656510&pubOrder=2691141984&cb=865396118&adsafe_par&impId=&custom=logo&custom2=schedule&custom3=
Frame ID: 9D28247F8980AA8DE41B6DC85217310D
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=929781&campId=728x90&pubId=5226435748&chanId=182654973&placementId=6287660768&pubCreative=138431504884&pubOrder=3193859903&cb=775113353&adsafe_par&impId=&custom=bottom&custom2=schedule&custom3=
Frame ID: 0FB15198CA974B9A2803578844F091FE
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 561B69AD69E190311AE17F146F2EA649
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 4E2D849E6F4C0CB137DE046092791CAF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C8B4FBA414D2E5742D111799EAD58385
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D3CBEF13C7318D66207B39A66E9678F2
Requests: 2 HTTP requests in this frame

Frame: https://auth-id.nfl.com/gs/webSdk/Api.aspx?apiKey=4_9uJbeFZZVmtKTfSv1bjUVQ&version=latest&build=13905
Frame ID: 070259935945F417DEECDF24FD0EA390
Requests: 2 HTTP requests in this frame

Frame: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=13905
Frame ID: DC1E92C39B26FB74D579609D24D5C2BC
Requests: 2 HTTP requests in this frame

Frame: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=13905
Frame ID: 15DD9713C73906ABFBA52B9E4952733B
Requests: 2 HTTP requests in this frame

Frame: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=13905
Frame ID: AD8277E6E19F89549DEF7CAF423295AE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Rams Schedule | Los Angeles Rams - therams.comBack ButtonFilter Button

Detected technologies

SAP Customer Data Cloud Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

\.gigya\.com/JS/gigya\.js

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui[.-]([\d.]*\d)[^/]*\.js
jquery-ui.*\.js

Page Statistics

199
Requests

84 %
HTTPS

42 %
IPv6

45
Domains

68
Subdomains

53
IPs

8
Countries

3061 kB
Transfer

8175 kB
Size

55
Cookies

94 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ramsfanshop.com/?_s=bm-Rams-TopNav-0124
Title: RAMS SHOP

Search URL Search Domain Scan URL

URL: https://www.pntrac.com/t/2-479175-57835-55814
Title: NFL+

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nfl/live-video/?is_retargeting=true&af_sub1=Acquisition&c=US_Acquisition_YMktg_NFLLive_NFLinapp_NFLteamappusers&pid=partnership&af_sub5=NFLteamapps__Static_&af_sub2=US_YMktg
Title: LIVE NFL GAMES

Search URL Search Domain Scan URL

URL: https://ramsnewlook.com/
Title: UNIFORMS

Search URL Search Domain Scan URL

URL: https://www.ramsfanshop.com/?_s=bm-Rams-Header-MobHotButton-061721
Title: SHOP

Search URL Search Domain Scan URL

URL: https://static.clubs.nfl.com/image/upload/v1683845157/rams/qbjlnkg3rzksfz0ixtuv.pdf
Title: Printable Schedule

Search URL Search Domain Scan URL

URL: https://www.nfl.com/schedule
Title: League Schedule

Search URL Search Domain Scan URL

URL: https://onlocationexp.com/nfl/super-bowl-tickets
Title: Fan Travel Packages

Search URL Search Domain Scan URL

URL: https://www.ticketmaster.com/los-angeles-rams-vs-tbd-preseason-inglewood-california/event/0A005E95A2F92923?brand=rams&artistid=806024&landing=s&wt.mc_id=NFL_TEAM_LAR_SCHED_PG_LINK_PR1
Title: BUY TICKETS

Search URL Search Domain Scan URL

URL: https://ramssuites.com/games/PreSeason-Game-1-Los-Angeles-Rams-vs-TBD-82262/
Title: SUITE RENTALS

Search URL Search Domain Scan URL

URL: https://www.hilton.com/en/destination-guides/los-angeles/?WT.mc_id=zKNDM0AA1MB2OLQ3LocalPartner4LARAMS_Aug5Seed___6MULTIBR7CAPHXHub8i85582
Title: Stay with Hilton

Search URL Search Domain Scan URL

URL: https://www.ticketmaster.com/los-angeles-rams-vs-tbd-preseason-inglewood-california/event/0A005E95A2FD2926?brand=rams&artistid=806024&landing=s&wt.mc_id=NFL_TEAM_LAR_SCHED_PG_LINK_PR2
Title: BUY TICKETS

Search URL Search Domain Scan URL

URL: https://ramssuites.com/games/PreSeason-Game-2-Los-Angeles-Rams-vs-TBD-82263/
Title: SUITE RENTALS

Search URL Search Domain Scan URL

URL: https://www.ticketmaster.com/event/1E005E95935B3007?wt.mc_id=NFL_TEAM_LAR_SCHED_PG_LINK_AWAY_PR1&utm_source=NFL.com&utm_medium=client&utm_campaign=NFL_TEAM_LAR&utm_content=SCHED_PG_LINK_AWAY_PR1
Title: BUY TICKETS

Search URL Search Domain Scan URL

URL: https://www.hilton.com/en/search/?query=Denver&WT&WT.mc_id=zRHDM0US1MB2OLQ3LocalPartner4DM_Sports_May5Seed_Rams_SchedulePageDenver6MULTIBR7CAPHXHub8i86002
Title: STAY WITH HILTON

Search URL Search Domain Scan URL

URL: https://www.ticketmaster.com/event/0F005E98A2DB63F8?wt.mc_id=NFL_TEAM_LAR_SCHED_PG_LINK_AWAY_RAMS_SEAHAWKS&utm_source=NFL.com&utm_medium=client&utm_campaign=NFL_TEAM_LAR&utm_content=SCHED_PG_LINK_AWAY_RAMS_SEAHAWKS
Title: BUY TICKETS

Search URL Search Domain Scan URL

URL: https://www.hilton.com/en/search/hilton-honors/?query=Seattle&WT.mc_id=zKNDM0AA1MB2OLQ3LocalPartner4LARAMS_Aug5Seed___6MULTIBR7CAPHXHub8i85590
Title: Stay with Hilton

Search URL Search Domain Scan URL

URL: https://www.ticketmaster.com/los-angeles-rams-vs-san-francisco-inglewood-california/event/0A005E95A3062933?brand=rams&artistid=806024&landing=s&wt.mc_id=NFL_TEAM_LAR_SCHED_PG_LINK_RAMS_49ERS
Title: BUY TICKETS

Search URL Search Domain Scan URL

URL: https://ramssuites.com/games/Los-Angeles-Rams-vs-San-Francisco-49ers-82264/
Title: SUITE RENTALS

Search URL Search Domain Scan URL

URL: https://www.ticketmaster.com/event/16005E9BE18C708F?wt.mc_id=NFL_TEAM_LAR_SCHED_PG_LINK_AWAY_RAMS_BENGALS&utm_source=NFL.com&utm_medium=client&utm_campaign=NFL_TEAM_LAR&utm_content=SCHED_PG_LINK_AWAY_RAMS_BENGALS
Title: BUY TICKETS

Search URL Search Domain Scan URL

URL: https://www.hilton.com/en/search/hilton-honors/?query=Cincinnati%2C%20Ohio&WT.mc_id=zKNDM0AA1MB2OLQ3LocalPartner4LARAMS_Aug5Seed___6MULTIBR7CAPHXHub8i85583
Title: Stay with Hilton

Search URL Search Domain Scan URL

URL: https://www.ticketmaster.com/event/05005E95A7F13716?wt.mc_id=NFL_TEAM_LAR_SCHED_PG_LINK_AWAY_RAMS_COLTS&utm_source=NFL.com&utm_medium=client&utm_campaign=NFL_TEAM_LAR&utm_content=SCHED_PG_LINK_AWAY_RAMS_COLTS
Title: BUY TICKETS

Search URL Search Domain Scan URL

URL: https://www.hilton.com/en/search/?query=Indianapolis&WT&WT.mc_id=zRHDM0US1MB2OLQ3LocalPartner4DM_Sports_May5Seed_Rams_SchedulePageIndianapolis6MULTIBR7CAPHXHub8i86003
Title: Stay with Hilton

Search URL Search Domain Scan URL

URL: https://www.ticketmaster.com/los-angeles-rams-vs-philadelphia-eagles-inglewood-california/event/0A005E95A2F1291A?brand=rams&artistid=806024&landing=s&wt.mc_id=NFL_TEAM_LAR_SCHED_PG_LINK_RAMS_EAGLES
Title: BUY TICKETS

Search URL Search Domain Scan URL

URL: https://ramssuites.com/games/Los-Angeles-Rams-vs-Philadelphia-Eagles-82269/
Title: SUITE RENTALS

Search URL Search Domain Scan URL

URL: https://www.ticketmaster.com/los-angeles-rams-vs-arizona-cardinals-inglewood-california/event/0A005E95A2E7290C?brand=rams&artistid=806024&landing=s&wt.mc_id=NFL_TEAM_LAR_SCHED_PG_LINK_RAMS_CARDINALS
Title: BUY TICKETS

Search URL Search Domain Scan URL

URL: https://ramssuites.com/games/Los-Angeles-Rams-vs-Arizona-Cardinals-82266/
Title: SUITE RENTALS

Search URL Search Domain Scan URL

URL: https://www.ticketmaster.com/los-angeles-rams-vs-pittsburgh-steelers-inglewood-california/event/0A005E95A2F5291C?brand=rams&artistid=806024&landing=s&wt.mc_id=NFL_TEAM_LAR_SCHED_PG_LINK_RAMS_STEELERS
Title: BUY TICKETS

Search URL Search Domain Scan URL

URL: https://ramssuites.com/games/Los-Angeles-Rams-vs-Pittsburgh-Steelers-82268/
Title: SUITE RENTALS

Search URL Search Domain Scan URL

URL: https://www.ticketmaster.com/event/0C005E9AC447371B?wt.mc_id=NFL_TEAM_LAR_SCHED_PG_LINK_AWAY_RAMS_COWBOYS&utm_source=NFL.com&utm_medium=client&utm_campaign=NFL_TEAM_LAR&utm_content=SCHED_PG_LINK_AWAY_RAMS_COWBOYS
Title: BUY TICKETS

Search URL Search Domain Scan URL

URL: https://www.hilton.com/en/destination-guides/dallas/?WT.mc_id=zRHDM0US1MB2OLQ3LocalPartner4DM_Sports_May5Seed_Rams_SchedulePageDallasDest6MULTIBR7CAPHXHub8i86005
Title: Stay with Hilton

Search URL Search Domain Scan URL

URL: https://www.ticketmaster.com/event/07005E94A1801933?wt.mc_id=NFL_TEAM_LAR_SCHED_PG_LINK_AWAY_RAMS_PACKERS&utm_source=NFL.com&utm_medium=client&utm_campaign=NFL_TEAM_LAR&utm_content=SCHED_PG_LINK_AWAY_RAMS_PACKERS
Title: BUY TICKETS

Search URL Search Domain Scan URL

URL: https://www.hilton.com/en/search/hilton-honors/?query=Green%20Bay%2C%20Wisconsin&WT.mc_id=zKNDM0AA1MB2OLQ3LocalPartner4LARAMS_Aug5Seed___6MULTIBR7CAPHXHub8i85589
Title: Stay with Hilton

Search URL Search Domain Scan URL

URL: https://www.ticketmaster.com/los-angeles-rams-vs-seattle-seahawks-inglewood-california/event/0A005E95A3012930?brand=rams&artistid=806024&landing=s&wt.mc_id=NFL_TEAM_LAR_SCHED_PG_LINK_RAMS_SEAHAWKS
Title: BUY TICKETS

Search URL Search Domain Scan URL

URL: https://ramssuites.com/games/Los-Angeles-Rams-vs-Seattle-Seahawks-82265/
Title: SUITE RENTALS

Search URL Search Domain Scan URL

URL: https://www.ticketmaster.com/event/19005E9ABF244238?wt.mc_id=NFL_TEAM_LAR_SCHED_PG_LINK_AWAY_RAMS_CARDINALS&utm_source=NFL.com&utm_medium=client&utm_campaign=NFL_TEAM_LAR&utm_content=SCHED_PG_LINK_AWAY_RAMS_CARDINALS
Title: BUY TICKETS

Search URL Search Domain Scan URL

URL: https://www.hilton.com/en/search/?query=Phoenix&WT.mc_id=zKNDM0AA1MB2OLQ3LocalPartner4LARAMS_Aug5Seed___6MULTIBR7CAPHXHub8i85584
Title: Stay with Hilton

Search URL Search Domain Scan URL

URL: https://www.ticketmaster.com/los-angeles-rams-vs-cleveland-browns-inglewood-california/event/0A005E95A2EA290E?brand=rams&artistid=806024&landing=s&wt.mc_id=NFL_TEAM_LAR_SCHED_PG_LINK_RAMS_BROWNS
Title: BUY TICKETS

Search URL Search Domain Scan URL

URL: https://ramssuites.com/games/Los-Angeles-Rams-vs-Cleveland-Browns-82271/
Title: SUITE RENTALS

Search URL Search Domain Scan URL

URL: https://www.ticketmaster.com/event/15005E9CE170634C?wt.mc_id=NFL_TEAM_LAR_SCHED_PG_LINK_AWAY_RAMS_RAVENS&utm_source=NFL.com&utm_medium=client&utm_campaign=NFL_TEAM_LAR&utm_content=SCHED_PG_LINK_AWAY_RAMS_RAVENS
Title: BUY TICKETS

Search URL Search Domain Scan URL

URL: https://www.hilton.com/en/search/?query=Baltimore&WT&WT.mc_id=zRHDM0US1MB2OLQ3LocalPartner4DM_Sports_May5Seed_Rams_SchedulePageBaltimore6MULTIBR7CAPHXHub8i86006
Title: Stay with Hilton

Search URL Search Domain Scan URL

URL: https://www.ticketmaster.com/los-angeles-rams-vs-washington-commanders-inglewood-california/event/0A005E95A30A2938?brand=rams&artistid=806024&landing=s&wt.mc_id=NFL_TEAM_LAR_SCHED_PG_LINK_RAMS_COMMANDERS
Title: BUY TICKETS

Search URL Search Domain Scan URL

URL: https://ramssuites.com/games/Los-Angeles-Rams-vs-Washington-Commanders-82270/
Title: SUITE RENTALS

Search URL Search Domain Scan URL

URL: https://www.ticketmaster.com/los-angeles-rams-vs-new-orleans-inglewood-california/event/0A005E95A2ED2910?brand=rams&artistid=806024&landing=s&wt.mc_id=NFL_TEAM_LAR_SCHED_PG_LINK_RAMS_SAINTS
Title: BUY TICKETS

Search URL Search Domain Scan URL

URL: https://ramssuites.com/games/Los-Angeles-Rams-vs-New-Orleans-Saints-82267/
Title: SUITE RENTALS

Search URL Search Domain Scan URL

URL: https://www.ticketmaster.com/event/00005E96EA2D916F?wt.mc_id=NFL_TEAM_LAR_SCHED_PG_LINK_AWAY_RAMS_GIANTS&utm_source=NFL.com&utm_medium=client&utm_campaign=NFL_TEAM_LAR&utm_content=SCHED_PG_LINK_AWAY_RAMS_GIANTS
Title: BUY TICKETS

Search URL Search Domain Scan URL

URL: https://www.hilton.com/en/destination-guides/new-york-city/?WT.mc_id=zRHDM0US1MB2OLQ3LocalPartner4DM_Sports_May5Seed_Rams_SchedulePageNYDest6MULTIBR7CAPHXHub8i86008
Title: Stay with Hilton

Search URL Search Domain Scan URL

URL: https://www.ticketmaster.com/event/1C005E8DA6FE3C10?wt.mc_id=NFL_TEAM_LAR_SCHED_PG_LINK_AWAY_RAMS_49ERS&utm_source=NFL.com&utm_medium=client&utm_campaign=NFL_TEAM_LAR&utm_content=SCHED_PG_LINK_AWAY_RAMS_49ERS
Title: BUY TICKETS

Search URL Search Domain Scan URL

URL: https://www.hilton.com/en/destination-guides/where-to-stay-san-francisco/?WT.mc_id=zRHDM0US1MB2OLQ3LocalPartner4DM_Sports_May5Seed_Rams_SchedulePageSFDestinationGuide6MULTIBR7CAPHXHub8i86001
Title: Stay with Hilton

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/app/los-angeles-rams/id467623653?mt=8
Title: DOWNLOAD FOR iOS

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.yinzcam.nfl.rams
Title: DOWNLOAD FOR ANDROID

Search URL Search Domain Scan URL

URL: https://www.teamworkonline.com/football-jobs/la-rams-careers/la-rams-micro
Title: Careers

Search URL Search Domain Scan URL

URL: https://am.ticketmaster.com/rams/
Title: Rams Account Manager

Search URL Search Domain Scan URL

URL: https://www.baltimoreravens.com/

Search URL Search Domain Scan URL

URL: https://www.bengals.com/

Search URL Search Domain Scan URL

URL: https://www.clevelandbrowns.com/

Search URL Search Domain Scan URL

URL: https://www.steelers.com/

Search URL Search Domain Scan URL

URL: https://www.buffalobills.com/

Search URL Search Domain Scan URL

URL: https://www.miamidolphins.com/

Search URL Search Domain Scan URL

URL: https://www.patriots.com/

Search URL Search Domain Scan URL

URL: https://www.newyorkjets.com/

Search URL Search Domain Scan URL

URL: https://www.houstontexans.com/

Search URL Search Domain Scan URL

URL: https://www.colts.com/

Search URL Search Domain Scan URL

URL: https://www.jaguars.com/

Search URL Search Domain Scan URL

URL: https://www.tennesseetitans.com/

Search URL Search Domain Scan URL

URL: https://www.denverbroncos.com/

Search URL Search Domain Scan URL

URL: https://www.chiefs.com/

Search URL Search Domain Scan URL

URL: https://www.chargers.com/

Search URL Search Domain Scan URL

URL: https://www.raiders.com/

Search URL Search Domain Scan URL

URL: https://www.chicagobears.com/

Search URL Search Domain Scan URL

URL: https://www.detroitlions.com/

Search URL Search Domain Scan URL

URL: https://www.packers.com/

Search URL Search Domain Scan URL

URL: https://www.vikings.com/

Search URL Search Domain Scan URL

URL: https://www.dallascowboys.com/

Search URL Search Domain Scan URL

URL: https://www.giants.com/

Search URL Search Domain Scan URL

URL: https://www.philadelphiaeagles.com/

Search URL Search Domain Scan URL

URL: https://www.commanders.com/

Search URL Search Domain Scan URL

URL: https://www.atlantafalcons.com/

Search URL Search Domain Scan URL

URL: https://www.panthers.com/

Search URL Search Domain Scan URL

URL: https://www.neworleanssaints.com/

Search URL Search Domain Scan URL

URL: https://www.buccaneers.com/

Search URL Search Domain Scan URL

URL: https://www.azcardinals.com/

Search URL Search Domain Scan URL

URL: https://www.49ers.com/

Search URL Search Domain Scan URL

URL: https://www.seahawks.com/

Search URL Search Domain Scan URL

URL: https://operations.nfl.com/
Title: NFL Football Operations

Search URL Search Domain Scan URL

URL: https://www.nflshop.com/source/bm-nflcom-2017-BottomBanner-shopgeneric
Title: NFL Shop

Search URL Search Domain Scan URL

URL: https://nflonlocation.com/?utm_campaign=OLE&utm_medium=referral&utm_source=nfl&utm_content=footerlink
Title: NFL On Location

Search URL Search Domain Scan URL

URL: https://www.profootballhof.com/
Title: Pro Football Hall of Fame

Search URL Search Domain Scan URL

URL: https://www.nfl.info/NFLConsProd/Welcome/index.html
Title: Licensing

Search URL Search Domain Scan URL

URL: https://www.usafootball.com/
Title: USA Football

Search URL Search Domain Scan URL

URL: https://www.nflextrapoints.com/nfl-extra-points-credit-card/?campaignId=2038&shopperid=&cellNumber=706&referrerid=NFLB070911&referrerid=NFLB070911&publisherid=&advertisementid=#national-football-league
Title: NFL Extra Points

Search URL Search Domain Scan URL

URL: https://www.ticketmaster.com/nfl?wt.mc_id=NFL_LEAGUE_FOOTER_LINK&utm_source=NFL.com&utm_medium=client&utm_campaign=NFL_LEAGUE&utm_content=FOOTER_LINK
Title: NFL Ticket Exchange

Search URL Search Domain Scan URL

URL: https://privacyportal.onetrust.com/webform/46acd508-0e8d-40cd-af22-1a8bdfa6da60/224a3598-1b25-497d-9273-be255f55461c
Title: Your Privacy Choices

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1684872884089 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1684872884089

Request Chain 51

https://cm.everesttech.net/cm/dd?d_uuid=64200240131507681293472648398654314580 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZG0etAAAAICEgQOY

Request Chain 53

https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=64200240131507681293472648398654314580&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d64200240131507681293472648398654314580 HTTP 302
https://dpm.demdex.net/ibs:dpid=269&dpuuid=3ab5646d-1eb4-4000-8547-a31c89bcda9c&ddsuuid=64200240131507681293472648398654314580

Request Chain 54

https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=64200240131507681293472648398654314580 HTTP 302
https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=64200240131507681293472648398654314580&xl8blockcheck=1 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 66

https://pm.w55c.net/ping_match.gif?st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_ HTTP 302
https://dpm.demdex.net/ibs:dpid=359&dpuuid=FaXYjxDi1Q1yp65

Request Chain 77

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
https://dpm.demdex.net/ibs:dpid=358&dpuuid=3955446442563860411

Request Chain 100

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=470&dpuuid=8677260299256887821

Request Chain 114

https://x.dlx.addthis.com/e/demdex_sync?na_exid=64200240131507681293472648398654314580&ru=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%3Cna_id%3E%20 HTTP 301
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2023052320144500011943829943

Request Chain 135

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NjQyMDAyNDAxMzE1MDc2ODEyOTM0NzI2NDgzOTg2NTQzMTQ1ODA= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEESjrqVI3IDE82WGrvo9bps&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 154

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.everesttech.net%2F1x1%3F HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WkcwZXRBQUFBSUNFZ1FPWQ&url=/1/gr%3furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F&google_gid=CAESEGoy5RFLJt12OmbZe0T9Pug&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 155

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072980%26val%3D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WkcwZXRBQUFBSUNFZ1FPWQ&url=/1/gr%3furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEGoy5RFLJt12OmbZe0T9Pug&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 159

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fib.adnxs.com%2Fpxj%3Faction%3Dsetuid(%27__EFGSURFER__.__EFGCK__%27)%26bidder%3D51%26seg%3D2634060der%3D51%26seg%3D2634060 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WkcwZXRBQUFBSUNFZ1FPWQ&url=/1/gr%3furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D2634060der%253D51%2526seg%253D2634060 HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D2634060der%253D51%2526seg%253D2634060&google_gid=CAESEGoy5RFLJt12OmbZe0T9Pug&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 160

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fexpires%3D30%26nid%3D2181%26put%3D__EFGSURFER__.__EFGCK__%26v%3D11782 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WkcwZXRBQUFBSUNFZ1FPWQ&url=/1/gr%3furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2526v%253D11782 HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2526v%253D11782&google_gid=CAESEGoy5RFLJt12OmbZe0T9Pug&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 162

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%3D%26piggybackCookie%3D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WkcwZXRBQUFBSUNFZ1FPWQ&url=/1/gr%3furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggybackCookie%253D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggybackCookie%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEGoy5RFLJt12OmbZe0T9Pug&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 166

https://pixel.advertising.com/ups/28/sync?uid=64200240131507681293472648398654314580&_origin=1&redir=true HTTP 301
https://ups.analytics.yahoo.com/ups/28/sync?uid=64200240131507681293472648398654314580&_origin=1&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/28/sync?uid=64200240131507681293472648398654314580&_origin=1&redir=true&verify=true

Request Chain 167

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D71%26external_user_id%3D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WkcwZXRBQUFBSUNFZ1FPWQ&url=/1/gr%3furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEGoy5RFLJt12OmbZe0T9Pug&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 169

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://gum.criteo.com/sync?s=1&c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=ftvldYBxwPHyv3AWH4i3TTqWtAnX3kPQ&gdpr=0&gdpr_consent=

Request Chain 173

https://ps.eyeota.net/match?bid=6j5b2cv&uid=64200240131507681293472648398654314580&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

Request Chain 174

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=64200240131507681293472648398654314580&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-bllBEyBE2pHqg2suVWHF7AG7gSWxccQnt8M-~A

Request Chain 176

https://cm.everesttech.net/cm/yh HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=ZG0etAAAAICEgQOY&sigv=1&esig=1~caf4a255b4487a5bd6379f69f6f7683ed405748c

Request Chain 178

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WkcwZXRBQUFBSUNFZ1FPWQ==

Request Chain 179

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZG0etAAAAICEgQOY&expires=90

Request Chain 181

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZG0etAAAAICEgQOY HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZG0etAAAAICEgQOY&C=1

Request Chain 182

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
https://ib.adnxs.com/setuid?entity=158&code=ZG0etAAAAICEgQOY

Request Chain 183

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZG0etAAAAICEgQOY

Request Chain 184

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZG0etAAAAICEgQOY

Request Chain 187

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZG0etAAAAICEgQOY&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZG0etAAAAICEgQOY&img=1&__user_check__=1&sync_id=7714558c-f9a6-11ed-87b2-14c817940206

Request Chain 189

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZG0etAAAAICEgQOY&t=2592000&o=0

Request Chain 192

https://ads.undertone.com/u?dp=32&url=https%3A//dpm.demdex.net/ibs%3Adpid%3D152416%26dpuuid%3D HTTP 307
https://evt.undertone.com/u?dp=32&url=https%3A//dpm.demdex.net/ibs%3Adpid%3D152416%26dpuuid%3D HTTP 302
https://dpm.demdex.net/ibs:dpid=152416&dpuuid=

Request Chain 193

https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433 HTTP 302
https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433&dcc=t HTTP 302
https://dpm.demdex.net/ibs:dpid=139200&dpuuid=lUOMxqVEQ6OINgxNhzw7fw&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=64200240131507681293472648398654314580

199 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.therams.com/schedule/ 298 KB
62 KB 443ms
386ms Document
text/html 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/schedule/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

9a5d3afc3b518783756dc20b021980021add445dd44fd89349e65f8662f865fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Age: 0
Cache-Control: public, max-age=5
Connection: keep-alive
Content-Length: 63049
Date: Tue, 23 May 2023 20:14:43 GMT
Vary: Accept-Encoding,X-NFL-Geo,Origin
Via: 1.1 varnish, 1.1 varnish
X-Cache: MISS, MISS
X-Cache-Hits: 0, 0
X-NFL-Dma: 276003
X-NFL-Geo: country_code=DE
X-Served-By: cache-bur-kbur8200087-BUR, cache-fra-eddf8230067-FRA
X-Timer: S1684872883.710784,VS0,VE379
access-control-allow-origin: *
content-encoding: gzip
content-type: text/html
origin-site: LA3
server: envoy
service-worker-allowed: /
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-envoy-upstream-service-time: 210
x-html-minification-powered-by: WebMarkupMin
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK base.css
www.therams.com/compiledassets/css/ 626 KB
112 KB 169ms
168ms Stylesheet
text/css 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/css/base.css?_t=7c622c33563f55e9ff12803d8ffb56eb

Requested by

Host: www.therams.com
URL: https://www.therams.com/schedule/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

7868e53cbd486bbe29c810cad65ef89b42cfd45131db5e570a0776245ddafe23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/schedule/
Origin: https://www.therams.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:14:43 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 0
origin-site: LA3
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 113395
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200044-BUR, cache-fra-eddf8230067-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:43:56 GMT
server: envoy
X-Timer: S1684872883.127101,VS0,VE155
etag: "1d9874c709868d2"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: text/css
access-control-allow-origin: https://www.therams.com
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK 30e9f848f389db282054c914c30dd755
www.therams.com/compiledassets/theming/ 17 KB
4 KB 27ms
9ms Stylesheet
text/css 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/theming/30e9f848f389db282054c914c30dd755

Requested by

Host: www.therams.com
URL: https://www.therams.com/schedule/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

9ae6500d15aff263584a9da3cce4af73cb6480e0d494013f607a130fb2a6671e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/schedule/
Origin: https://www.therams.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:14:43 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 1798781
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 25
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 3710
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200137-BUR, cache-fra-eddf8230136-FRA
X-NFL-Dma: 276003
server: envoy
X-Timer: S1684872883.138736,VS0,VE2
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: text/css
access-control-allow-origin: https://www.therams.com
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 42ms
21ms Script
application/javascript 2606:4700::6813:bb61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/schedule/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c756b0b024a435129eca9014e98cc955dd97481285d9191b8d6c0a5749982d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 23 May 2023 20:14:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: JYwMFRCSwBZdNsd6Nb17qg==
age: 84682
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6766
x-ms-lease-status: unlocked
last-modified: Thu, 18 May 2023 12:19:51 GMT
server: cloudflare
etag: 0x8DB579A2E2978A8
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b5f45f37-701e-0174-5be1-8918f5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7cbff77fa8672c72-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 76 KB
25 KB 223ms
133ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/schedule/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5729198a882b488f06ba05ce31230648a7a63650f2f5e863ae937f00cabf57b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:14:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25345
x-xss-protection: 0
server: cafe
etag: 112 / 19500 / 31074815 / config-hash: 3349684995448228437
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 23 May 2023 20:14:43 GMT

GET
H2 200 gpt_proxy.js Show response
imasdk.googleapis.com/js/sdkloader/ 78 KB
28 KB 136ms
35ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/gpt_proxy.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/schedule/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcad30472d959caa42adf95b1e12c0d0cf8ca99ee5ac7bf0d2734dfdd153e68a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:06:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 512
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28640
x-xss-protection: 0
last-modified: Mon, 22 May 2023 19:38:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=900
accept-ranges: bytes
expires: Tue, 23 May 2023 20:21:11 GMT

GET
H2 200 launch-43d0dff5e3ff.min.js Show response
assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/ 314 KB
89 KB 156ms
7ms Script
application/x-javascript 2a02:26f0:3500:58f::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js
Requested by: Host: www.therams.com
URL: https://www.therams.com/schedule/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:58f::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: bdf96b01cde1b036361c160832a5f698dc9781a2c73972124bbe07b3f3a6c9fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:14:44 GMT
content-encoding: gzip
last-modified: Thu, 11 May 2023 22:57:52 GMT
server: AkamaiNetStorage
etag: "316862f17602b1fe8d4c5eed251707dd:1683845872.457083"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.therams.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 90584
expires: Tue, 23 May 2023 21:14:44 GMT

GET
H/1.1 200
OK NflUmdComponents.NFLToken.js Show response
p.nfltags.com/nfl/ 271 KB
92 KB 45ms
8ms Script
application/javascript 151.101.65.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://p.nfltags.com/nfl/NflUmdComponents.NFLToken.js
Requested by: Host: www.therams.com
URL: https://www.therams.com/schedule/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: e504538b0e71c48c3a1747e2a2ea3587ae91506582adcadee07aa7af978203e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Expires: Tue, 23 May 2023 20:15:13 GMT
Date: Tue, 23 May 2023 20:14:43 GMT
content-encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 18
origin-site: LV1
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 5
Connection: keep-alive
Content-Length: 93737
X-Served-By: cache-bur-kbur8200079-BUR, cache-fra-eddf8230049-FRA
last-modified: Mon, 24 Apr 2023 17:41:19 GMT
server: envoy
X-Timer: S1684872883.159921,VS0,VE1
etag: W/"6446bf3f-43c46"
Vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: max-age=30
Accept-Ranges: bytes
X-Cache-Hits: 1440278, 1

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ 13 KB
6 KB 123ms
39ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/schedule/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 12:21:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114812
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 May 2024 12:21:11 GMT

GET
H2 200 2020singleschedule Show response
rams.formstack.com/forms/js.php// 157 KB
158 KB 916ms
368ms Script
text/javascript 52.85.132.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rams.formstack.com/forms/js.php//2020singleschedule?

Requested by

Host: www.therams.com
URL: https://www.therams.com/schedule/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.132.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-132-103.iad50.r.cloudfront.net

Software

nginx /

Resource Hash

69f8090fb59cb79bb1d56d99512d91d5fd2f297ee69490aeb91bca904c04add7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:14:43 GMT
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 1717f995f2ca7c5df4d0a972f90c1564.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: IAD50-C2
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: public, max-age=5, public
x-amz-cf-id: XnW5SIueUEXZVtATxPdQ4Eb11HjUE5LI7lfmm4sNfpPRh3ZYDxvH6g==
expires: Tue, 23 May 2023 20:14:48 GMT

GET
H/1.1 200
OK require-2.3.5.min.js Show response
www.therams.com/compiledassets/js/vendor/requirejs/ 17 KB
8 KB 163ms
163ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Requested by

Host: www.therams.com
URL: https://www.therams.com/schedule/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

55723e64f42b1751419803799a21651fdcfa9fb1df025344a07f5b619fc09155

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:14:44 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 0
origin-site: LV1
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 7427
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200030-BUR, cache-fra-eddf8230131-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:36:47 GMT
server: envoy
X-Timer: S1684872884.905638,VS0,VE156
etag: "1d9874b70dd3cca"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK base.css
www.therams.com/compiledassets/css/ 626 KB
112 KB 634ms
618ms Stylesheet
text/css 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/css/base.css?_t=7c622c33563f55e9ff12803d8ffb56eb

Requested by

Host: www.therams.com
URL: https://www.therams.com/schedule/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

7868e53cbd486bbe29c810cad65ef89b42cfd45131db5e570a0776245ddafe23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:14:43 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 0
origin-site: LV1
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 113395
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200044-BUR, cache-fra-eddf8230131-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:43:56 GMT
server: envoy
X-Timer: S1684872883.143342,VS0,VE611
etag: "1d9874c709868d2"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: text/css
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK 30e9f848f389db282054c914c30dd755
www.therams.com/compiledassets/theming/ 17 KB
4 KB 26ms
11ms Stylesheet
text/css 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/theming/30e9f848f389db282054c914c30dd755

Requested by

Host: www.therams.com
URL: https://www.therams.com/schedule/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

9ae6500d15aff263584a9da3cce4af73cb6480e0d494013f607a130fb2a6671e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:14:43 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 1799219
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 30
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 3710
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200137-BUR, cache-fra-eddf8230074-FRA
X-NFL-Dma: 276003
server: envoy
X-Timer: S1684872883.144889,VS0,VE3
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: text/css
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

OPTIONS
H2 200 token
api.nfl.com/identity/v3/ Frame 0
0 157ms
7ms Preflight
text/html 151.101.1.152
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.nfl.com/identity/v3/token
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.therams.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Authorization,Content-Type,Cache-Control,nfl_session
access-control-allow-methods: PUT,POST,OPTIONS,GET,PATCH,DELETE
access-control-allow-origin: *
access-control-max-age: 600
content-length: 2
content-type: text/html
date: Tue, 23 May 2023 20:14:44 GMT
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-fra-eddf8230072-FRA

GET
H2 200 84aeb24d-03a4-4fdc-8d4b-371212102069.json Show response
cdn.cookielaw.org/consent/84aeb24d-03a4-4fdc-8d4b-371212102069/ 4 KB
2 KB 33ms
18ms XHR
application/x-javascript 2606:4700::6813:bb61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/84aeb24d-03a4-4fdc-8d4b-371212102069/84aeb24d-03a4-4fdc-8d4b-371212102069.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3809d41298c5c400bb68f7d47dbd764f71f21eb9c6ed3d6044c8005e883df513

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 23 May 2023 20:14:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: yuxzHqWqr1FdB4xcsrriIQ==
age: 33223
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1699
x-ms-lease-status: unlocked
last-modified: Mon, 24 Apr 2023 22:28:00 GMT
server: cloudflare
etag: 0x8DB451329399762
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 05fdf205-c01e-0144-04fc-7642df000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7cbff78418373678-FRA
expires: Wed, 24 May 2023 20:14:43 GMT

POST
H2 200 token Show response
api.nfl.com/identity/v3/ 1 KB
1 KB 351ms
350ms Fetch
application/json 151.101.1.152
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.nfl.com/identity/v3/token
Requested by: Host: p.nfltags.com
URL: https://p.nfltags.com/nfl/NflUmdComponents.NFLToken.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: b30c3b9d0cd13249fa7e9e449bc22a7bc59eac4be62b6cf7f80940b2055f06ca

Request headers

Referer: https://www.therams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 23 May 2023 20:14:44 GMT
via: 1.1 varnish, 1.1 varnish
origin-site: LV1
x-cache: MISS, MISS
x-envoy-upstream-service-time: 134
content-length: 1164
x-served-by: cache-bur-kbur8200118-BUR, cache-fra-eddf8230072-FRA
server: envoy
x-timer: S1684872884.062986,VS0,VE326
vary: Accept-Encoding
access-control-allow-methods: PUT,POST,OPTIONS,GET,PATCH,DELETE
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: Authorization,Content-Type,Cache-Control,nfl_session
x-cache-hits: 0, 0

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 66 B
303 B 181ms
33ms XHR
application/json 2606:4700:4400::6812:2b9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2b9e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.therams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:14:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 7cbff78558472be0-FRA
access-control-allow-headers: Content-Type

GET
DATA 200
OK truncated
/ 73 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 476e7eb397d8ad4c1c63798669d2b7011f69f14add6f5ad92d8df3ace8456355

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK zu7jn37mbhghu3v14ypt
static.clubs.nfl.com/image/private/f_auto/rams/ 13 KB
14 KB 139ms
9ms Image
image/webp 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/f_auto/rams/zu7jn37mbhghu3v14ypt
Requested by: Host: www.therams.com
URL: https://www.therams.com/schedule/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 6de95ed9ac949a7a36c2c60405c79958779b21938ce2b245b9c153c7196bcfa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 23 May 2023 20:14:44 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 1838995
Edge-Cache-Tag: 559253892405784975896444583664749918160,427243639673637129188351318415228242347,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 559253892405784975896444583664749918160,427243639673637129188351318415228242347,c34f21cfe162ce329654d565922e8c70
X-Cache: HIT, HIT, HIT
Content-Disposition: inline; filename="zu7jn37mbhghu3v14ypt.webp"
Connection: keep-alive
Content-Length: 13496
X-Served-By: cache-iad-kjyo7100156-IAD, cache-iad-kjyo7100156-IAD, cache-fra-eddf8230045-FRA
Last-Modified: Wed, 06 May 2020 12:43:09 GMT
Server: cloudinary
X-Timer: S1684872884.055045,VS0,VE2
Etag: "e8136697b9999e08d7022257ce3885aa"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 1, 4718, 1

GET
H/1.1 200
OK dropdown.png
www.therams.com/compiledassets/assets/img/ 1 KB
2 KB 163ms
163ms Image
image/png 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.therams.com/compiledassets/assets/img/dropdown.png

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/css/base.css?_t=7c622c33563f55e9ff12803d8ffb56eb

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

3df33152cd65eb45b9203090a7678540a27a9f44ef4641ee66de9a47b7a0a43c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/compiledassets/css/base.css?_t=7c622c33563f55e9ff12803d8ffb56eb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
Via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:14:44 GMT
Age: 0
origin-site: LA3
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 1024
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200148-BUR, cache-fra-eddf8230067-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:36:47 GMT
server: envoy
X-Timer: S1684872884.924821,VS0,VE156
etag: "1d9874b70dd7d80"
Vary: X-NFL-Geo,Origin
content-type: image/png
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK All-ProSans--medium.woff2
www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/ 19 KB
20 KB 169ms
169ms Font
font/woff2 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/All-ProSans--medium.woff2

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/css/base.css?_t=7c622c33563f55e9ff12803d8ffb56eb

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

237fafbe2ec2c8c9d2a4d99222662bb633d20ce82c5cf176b2d23c2fd9a5e2d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/compiledassets/css/base.css?_t=7c622c33563f55e9ff12803d8ffb56eb
Origin: https://www.therams.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
Via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:14:44 GMT
Age: 0
origin-site: LV1
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 19260
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200115-BUR, cache-fra-eddf8230074-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:36:47 GMT
server: envoy
X-Timer: S1684872884.930416,VS0,VE162
etag: "1d9874b70dd32bc"
Vary: X-NFL-Geo,Origin
content-type: font/woff2
access-control-allow-origin: https://www.therams.com
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK All-ProSans--regular.woff2
www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/ 18 KB
19 KB 163ms
162ms Font
font/woff2 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/All-ProSans--regular.woff2

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/css/base.css?_t=7c622c33563f55e9ff12803d8ffb56eb

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

5e6c3117716df8ad5f588f72e116cc9d5f7005e317cbf0675f3c96f505cab7fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/compiledassets/css/base.css?_t=7c622c33563f55e9ff12803d8ffb56eb
Origin: https://www.therams.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
Via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:14:44 GMT
Age: 0
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 3
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 18232
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200169-BUR, cache-fra-eddf8230136-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:36:47 GMT
server: envoy
X-Timer: S1684872884.930873,VS0,VE155
etag: "1d9874b70dd3eb8"
Vary: X-NFL-Geo,Origin
content-type: font/woff2
access-control-allow-origin: https://www.therams.com
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK All-ProSans--bold.woff2
www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/ 19 KB
20 KB 181ms
166ms Font
font/woff2 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/All-ProSans--bold.woff2

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/css/base.css?_t=7c622c33563f55e9ff12803d8ffb56eb

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

df3f8f6397a3d0f19f4f05d165b97a51eeb0ee64d7bd2c4a19dc8a12eb580652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/compiledassets/css/base.css?_t=7c622c33563f55e9ff12803d8ffb56eb
Origin: https://www.therams.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
Via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:14:44 GMT
Age: 0
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 19208
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200160-BUR, cache-fra-eddf8230068-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:36:47 GMT
server: envoy
X-Timer: S1684872884.945005,VS0,VE160
etag: "1d9874b70dd3288"
Vary: X-NFL-Geo,Origin
content-type: font/woff2
access-control-allow-origin: https://www.therams.com
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK All-ProSans--light.woff2
www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/ 18 KB
19 KB 200ms
185ms Font
font/woff2 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/All-ProSans--light.woff2

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/css/base.css?_t=7c622c33563f55e9ff12803d8ffb56eb

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

c8b2af23d0402c8c3b153c173e2613a33cc2806f467e322599e1ef108cb26ecb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/compiledassets/css/base.css?_t=7c622c33563f55e9ff12803d8ffb56eb
Origin: https://www.therams.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
Via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:14:44 GMT
Age: 0
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 11
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 18524
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200160-BUR, cache-fra-eddf8230114-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:36:47 GMT
server: envoy
X-Timer: S1684872884.947463,VS0,VE169
etag: "1d9874b70dd31dc"
Vary: X-NFL-Geo,Origin
content-type: font/woff2
access-control-allow-origin: https://www.therams.com
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK All-ProSans--thin.woff2
www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/ 18 KB
19 KB 299ms
161ms Font
font/woff2 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/All-ProSans--thin.woff2

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/css/base.css?_t=7c622c33563f55e9ff12803d8ffb56eb

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

d5a2e7738047c9fc62dbe182004f3050664967a941d5199236df72386921c7b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/compiledassets/css/base.css?_t=7c622c33563f55e9ff12803d8ffb56eb
Origin: https://www.therams.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
Via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:14:44 GMT
Age: 0
origin-site: LV1
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 18244
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200038-BUR, cache-fra-eddf8230131-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:36:47 GMT
server: envoy
X-Timer: S1684872884.069075,VS0,VE154
etag: "1d9874b70dd3ec4"
Vary: X-NFL-Geo,Origin
content-type: font/woff2
access-control-allow-origin: https://www.therams.com
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 1, 1

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305180101/ 408 KB
126 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305180101/pubads_impl.js?cb=31074815

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef30c883b4b4e4b45057fb38e75477aa1b847d061b19ff032e26c5d3a789961c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 17:36:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9502
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128769
x-xss-protection: 0
server: cafe
etag: 11452098575748349983
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 22 May 2024 17:36:22 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 46 B
66 B 149ms
73ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.therams.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e806084d55d68b4b35cbf911c796a50cf4fac0c5df539d896358c20805a24f04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:14:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Tue, 23 May 2023 20:14:44 GMT

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1684872884089
https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1684872884089

7 KB
3 KB

38ms
38ms

XHR
application/json

52.49.215.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1684872884089

Requested by

Host: www.therams.com
URL: https://www.therams.com/schedule/

Protocol

HTTP/1.1

Server

52.49.215.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-215-81.eu-west-1.compute.amazonaws.com

Software

Resource Hash

292ae61e9c86c92c18b191ffd3b1fb865420eae411d5125c8518fd2ea5d77dc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v048-0d3695a9b.edge-irl1.demdex.com 10 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: 7IAsz1moT1k=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.therams.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2008
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v048-08db0995a.edge-irl1.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: JbdlKMOXQVg=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.therams.com
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1684872884089
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ 34 KB
12 KB 18ms
18ms Script
application/x-javascript 2a02:26f0:3500:58f::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:58f::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:14:44 GMT
content-encoding: gzip
last-modified: Thu, 22 Sep 2022 16:16:49 GMT
server: AkamaiNetStorage
etag: "dfdd9e1f988805f0c2fbb10cd6b8f034:1663863409.614694"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.therams.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12384
expires: Tue, 23 May 2023 21:14:44 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ 3 KB
2 KB 28ms
28ms Script
application/x-javascript 2a02:26f0:3500:58f::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:58f::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:14:44 GMT
content-encoding: gzip
last-modified: Thu, 22 Sep 2022 16:16:49 GMT
server: AkamaiNetStorage
etag: "b89fcb8870ac40eecb6d3cc844d35389:1663863409.92483"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.therams.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1598
expires: Tue, 23 May 2023 21:14:44 GMT

GET
H2 200 AppMeasurement_Module_AudienceManagement.min.js Show response
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ 25 KB
9 KB 18ms
18ms Script
application/x-javascript 2a02:26f0:3500:58f::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_AudienceManagement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:58f::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b01bd01687b15585b2740273c8c3c6674dd9f559cfe52eeffdf43b1f93a12d05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:14:44 GMT
content-encoding: gzip
last-modified: Thu, 22 Sep 2022 16:16:50 GMT
server: AkamaiNetStorage
etag: "d220d501715e0484d0dddeac614f902c:1663863410.217006"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.therams.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 8755
expires: Tue, 23 May 2023 21:14:44 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202303.2.0/ 400 KB
97 KB 30ms
29ms Script
application/javascript 2606:4700::6813:bb61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202303.2.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8e166157d90ed13492b8627e50c606aeab874cd0a5d6ed3b7c8a7988a3d46d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 23 May 2023 20:14:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Sw59qQKTUz8IJh2hCY03KQ==
age: 38898
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 98810
x-ms-lease-status: unlocked
last-modified: Tue, 16 May 2023 03:39:51 GMT
server: cloudflare
etag: 0x8DB55BF34FA32B5
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 33d48d17-101e-00ca-25d3-874b2b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7cbff785b8852c72-FRA

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/84aeb24d-03a4-4fdc-8d4b-371212102069/32f2fbc0-2781-4bbb-b8b2-7e4796647e1c/ 80 KB
17 KB 17ms
17ms Fetch
application/x-javascript 2606:4700::6813:bb61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/84aeb24d-03a4-4fdc-8d4b-371212102069/32f2fbc0-2781-4bbb-b8b2-7e4796647e1c/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202303.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b2d4349345f1d8565e48dadbb4d70ea493ff614b58f83e568885881245ac2e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 23 May 2023 20:14:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 0whruBlMgi/2LbrpJXb5Yg==
age: 13363
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 17690
x-ms-lease-status: unlocked
last-modified: Mon, 24 Apr 2023 22:28:02 GMT
server: cloudflare
etag: 0x8DB45132A7371D4
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 5bd6d081-e01e-0057-0cfc-76316b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7cbff7860af23678-FRA
expires: Wed, 24 May 2023 20:14:44 GMT

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202303.2.0/assets/ 13 KB
3 KB 17ms
17ms Fetch
application/json 2606:4700::6813:bb61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202303.2.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202303.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa355c393e03f831dbdbcc678ba16396aab95930b1bc5b0549695d40cc955ca1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 23 May 2023 20:14:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: pRHDWyQMLvXwKY458EnqRw==
age: 13363
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3019
x-ms-lease-status: unlocked
last-modified: Tue, 16 May 2023 03:39:45 GMT
server: cloudflare
etag: 0x8DB55BF315FAED9
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: df5fe3f4-601e-00c5-3047-88a6dd000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7cbff7864b4a3678-FRA

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/202303.2.0/assets/v2/ 62 KB
13 KB 15ms
15ms Fetch
application/json 2606:4700::6813:bb61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202303.2.0/assets/v2/otPcTab.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202303.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32a8c8c75e0574d43215424909195c56e950e04c0839abec5e7cf5b0c0ac4282

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 23 May 2023 20:14:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: UgqWqpl5qGBlgacC8J2b6A==
age: 13363
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 13388
x-ms-lease-status: unlocked
last-modified: Tue, 16 May 2023 03:39:48 GMT
server: cloudflare
etag: 0x8DB55BF32DD687C
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: af93df67-701e-009e-5147-88a1a1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7cbff7864b4b3678-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202303.2.0/assets/ 21 KB
4 KB 18ms
18ms Fetch
text/css 2606:4700::6813:bb61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202303.2.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202303.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 23 May 2023 20:14:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: oWkBTLgDDXvrUsd93y/Zxg==
age: 885
x-ms-lease-status: unlocked
last-modified: Tue, 16 May 2023 03:39:56 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 90ab7831-301e-013c-4647-882a68000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7cbff7864b4d3678-FRA

GET
H2 200 reset_3d1cc6d59f.css
static.formstack.com/forms/css/3/ 2 KB
871 B 134ms
105ms Stylesheet
text/css 52.85.132.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/forms/css/3/reset_3d1cc6d59f.css
Requested by: Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//2020singleschedule?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.132.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-132-103.iad50.r.cloudfront.net
Software: nginx /
Resource Hash: 86d5823df9f96c928e9981519128e09bf8f745ca88e690be0b342b5ce904d394

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 11:52:44 GMT
content-encoding: gzip
via: 1.1 1717f995f2ca7c5df4d0a972f90c1564.cloudfront.net (CloudFront)
last-modified: Mon, 22 May 2023 16:16:00 GMT
server: nginx
x-amz-cf-pop: IAD50-C2
age: 30120
etag: W/"646b9540-616"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, s-maxage=86400
x-amz-cf-id: Sj9t7gz7RsZhV_doPfb2MFadRdUPKdQXw4SgSNIftlNy5kvJDdusnw==

GET
H2 200 jquery-ui-1.12.1_f735107ad2.css
static.formstack.com/forms/css/3/ 21 KB
5 KB 234ms
204ms Stylesheet
text/css 52.85.132.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/forms/css/3/jquery-ui-1.12.1_f735107ad2.css
Requested by: Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//2020singleschedule?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.132.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-132-103.iad50.r.cloudfront.net
Software: nginx /
Resource Hash: 5093c70019b3501c2eb8b2e8597e253bb2f8cf367cf5a305395a0ff7d238a643

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 09:41:13 GMT
content-encoding: gzip
via: 1.1 1717f995f2ca7c5df4d0a972f90c1564.cloudfront.net (CloudFront)
last-modified: Mon, 22 May 2023 16:16:01 GMT
server: nginx
x-amz-cf-pop: IAD50-C2
age: 38011
etag: W/"646b9541-5364"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, s-maxage=86400
x-amz-cf-id: I9YTG_xJqlj9Ec4je9u8mwKLgcrjLXyjp6nPUzDpWPaiFqg8TGYNTA==

GET
H2 200 default-v4_29cde3be75.css
static.formstack.com/forms/css/3/ 35 KB
6 KB 139ms
110ms Stylesheet
text/css 52.85.132.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/forms/css/3/default-v4_29cde3be75.css
Requested by: Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//2020singleschedule?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.132.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-132-103.iad50.r.cloudfront.net
Software: nginx /
Resource Hash: e2781619082fe50667bce285f562c3dfa98b589f0854da4a333a00d0f4b6c318

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 08:01:27 GMT
content-encoding: gzip
via: 1.1 1717f995f2ca7c5df4d0a972f90c1564.cloudfront.net (CloudFront)
last-modified: Mon, 22 May 2023 16:13:22 GMT
server: nginx
x-amz-cf-pop: IAD50-C2
age: 43997
etag: W/"646b94a2-8aef"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, s-maxage=86400
x-amz-cf-id: kdimbSs97DtTPvKX8FwLc3ao8ENmZeG_RkP6-fF0kll4EE576wPyYw==

GET
H2 200 uil-static.css
static.formstack.com/common/css/ 51 KB
8 KB 136ms
107ms Stylesheet
text/css 52.85.132.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/common/css/uil-static.css
Requested by: Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//2020singleschedule?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.132.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-132-103.iad50.r.cloudfront.net
Software: nginx /
Resource Hash: 5ec11883dbd19aa91c86ade182cfe7037a9b9f954daca64f341ffd0595e429c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 09:41:13 GMT
content-encoding: gzip
via: 1.1 1717f995f2ca7c5df4d0a972f90c1564.cloudfront.net (CloudFront)
last-modified: Mon, 22 May 2023 16:07:27 GMT
server: nginx
x-amz-cf-pop: IAD50-C2
age: 38011
etag: W/"646b933f-cc55"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, s-maxage=86400
x-amz-cf-id: SP9sb1ajk-UKOs9S2QJGdN5ZkJL-lzkRCPD-udYsd1X1mQ7cXtEz8A==

GET
H2 200 dialogs_00a7ec5f05.css
static.formstack.com/forms/css/common/ 170 B
497 B 132ms
103ms Stylesheet
text/css 52.85.132.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/forms/css/common/dialogs_00a7ec5f05.css
Requested by: Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//2020singleschedule?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.132.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-132-103.iad50.r.cloudfront.net
Software: nginx /
Resource Hash: 9fc43e8f6f26a254c4570b6ccd4e08a2a5f97bedcd1f3491ede9bbb8b5012d90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 14:38:08 GMT
via: 1.1 1717f995f2ca7c5df4d0a972f90c1564.cloudfront.net (CloudFront)
last-modified: Mon, 22 May 2023 16:16:00 GMT
server: nginx
x-amz-cf-pop: IAD50-C2
age: 20196
etag: "646b9540-aa"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, s-maxage=86400
accept-ranges: bytes
content-length: 170
x-amz-cf-id: m1jlu6QeYZZKfyli7VrPtsd-pEv3f5NGv8cgzzHT2WwH6qdFQ7LTYA==

GET
H2 200 evergage.min.js Show response
cdn.evgnet.com/beacon/losangelesrams/production/scripts/ 173 KB
46 KB 122ms
99ms Script
application/javascript 151.101.128.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.evgnet.com/beacon/losangelesrams/production/scripts/evergage.min.js
Requested by: Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//2020singleschedule?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.128.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 75a58f2aee7291da5efa4d6d0aceed2bebf39c283346a3269a7811d1910f9d43

Request headers

Referer: https://www.therams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-amz-version-id: yLvr.kLAqNnXwnOYPf.7utkYTHXpXAU5
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 23 May 2023 20:14:44 GMT
x-amz-request-id: MYQPR8V1T2A7RVTQ
age: 41
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: PENDING
content-length: 46641
x-amz-id-2: LpVqfSKLavb6RCh7h6lAyDepqoICDGdKJBC9Gov6AmvGsCNyVRMtrMfrbbJx1u5VFtEhBLZKjaX/q8we1knmiA==
x-served-by: cache-iad-kcgs7200120-IAD, cache-fra-eddf8230028-FRA
x-amz-meta-evergage-sum: b2bf9f5e3c122c6c64f9641d11aa0aea7c8077a4
last-modified: Mon, 15 May 2023 22:50:19 GMT
server: AmazonS3
x-timer: S1684872884.302348,VS0,VE92
etag: "ee6145b9d93c890117721c763da58ce9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
x-amz-meta-evergage-beacon-ver: 16
x-cache-hits: 35040, 1

GET
H2 200 jquery-3.5.1.min_dc5e7f18c8.js Show response
static.formstack.com/forms/js/3/ 87 KB
31 KB 235ms
209ms Script
application/javascript 52.85.132.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/forms/js/3/jquery-3.5.1.min_dc5e7f18c8.js
Requested by: Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//2020singleschedule?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.132.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-132-103.iad50.r.cloudfront.net
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://www.therams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 23 May 2023 11:52:44 GMT
content-encoding: gzip
via: 1.1 1717f995f2ca7c5df4d0a972f90c1564.cloudfront.net (CloudFront)
last-modified: Mon, 22 May 2023 16:16:01 GMT
server: nginx
x-amz-cf-pop: IAD50-C2
age: 30120
etag: W/"646b9541-15d84"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, s-maxage=86400
x-amz-cf-id: jOsKQZgHJBtiF3ndLTKOpZVf-sfsPXh_vtosU3thvy-Sw-z19oLNJg==

GET
H2 200 jquery-ui-1.12.1.min_d71fd11517.js Show response
static.formstack.com/forms/js/3/ 83 KB
25 KB 241ms
215ms Script
application/javascript 52.85.132.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/forms/js/3/jquery-ui-1.12.1.min_d71fd11517.js
Requested by: Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//2020singleschedule?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.132.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-132-103.iad50.r.cloudfront.net
Software: nginx /
Resource Hash: 550eacf0b0dde64399a52fd7e8935fb9ebec1ca81b4c9a94c96c7b2f691f1706

Request headers

Referer: https://www.therams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 23 May 2023 16:18:15 GMT
content-encoding: gzip
via: 1.1 1717f995f2ca7c5df4d0a972f90c1564.cloudfront.net (CloudFront)
last-modified: Tue, 23 May 2023 16:13:52 GMT
server: nginx
x-amz-cf-pop: IAD50-C2
age: 14189
etag: W/"646ce640-14dc1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, s-maxage=86400
x-amz-cf-id: 9cWTcA69_SXE1EIIdPMXqxrL8iSz6xiNoOmEBFWP0bY2NgPlM9xY6w==

GET
H2 200 scripts_0edcde2e8b.js Show response
static.formstack.com/forms/js/3/ 79 KB
23 KB 235ms
210ms Script
application/javascript 52.85.132.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/forms/js/3/scripts_0edcde2e8b.js
Requested by: Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//2020singleschedule?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.132.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-132-103.iad50.r.cloudfront.net
Software: nginx /
Resource Hash: 74bf23cb58f15f0a5828b81f3285e56f3917d80c4834cc990645c5aa5ba4c254

Request headers

Referer: https://www.therams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 23 May 2023 12:40:37 GMT
content-encoding: gzip
via: 1.1 1717f995f2ca7c5df4d0a972f90c1564.cloudfront.net (CloudFront)
last-modified: Mon, 22 May 2023 16:18:41 GMT
server: nginx
x-amz-cf-pop: IAD50-C2
age: 27247
etag: W/"646b95e1-13d02"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, s-maxage=86400
x-amz-cf-id: sxdPkTMKDfTJX1v8toTl322xSh5X70wrw-XjHvhhFjVbao0k9CJgVw==

GET
H2 200 analytics_7d49daa365.js Show response
static.formstack.com/forms/js/3/ 2 KB
1 KB 239ms
214ms Script
application/javascript 52.85.132.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/forms/js/3/analytics_7d49daa365.js
Requested by: Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//2020singleschedule?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.132.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-132-103.iad50.r.cloudfront.net
Software: nginx /
Resource Hash: af897a5f18c00a272750446a9c34d8e024e18813260c4cfef79db22dc4fdf2bb

Request headers

Referer: https://www.therams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 23 May 2023 14:38:08 GMT
content-encoding: gzip
via: 1.1 1717f995f2ca7c5df4d0a972f90c1564.cloudfront.net (CloudFront)
last-modified: Tue, 23 May 2023 14:37:48 GMT
server: nginx
x-amz-cf-pop: IAD50-C2
age: 20196
etag: W/"646ccfbc-839"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, s-maxage=86400
x-amz-cf-id: GQBdrjBTZrLa0U7E_VbfGeYA3oZjmhZoOzRWXWgw2X7MVFK37FNd8Q==

GET
H2 200 libphonenumber-min_6f64debfdd.js Show response
static.formstack.com/forms/js/3/ 165 KB
41 KB 232ms
208ms Script
application/javascript 52.85.132.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/forms/js/3/libphonenumber-min_6f64debfdd.js
Requested by: Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//2020singleschedule?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.132.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-132-103.iad50.r.cloudfront.net
Software: nginx /
Resource Hash: be488c0f242b432e7109eebf228368139abbeff37eb8fad1b3c510d41e362bd7

Request headers

Referer: https://www.therams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 23 May 2023 16:18:15 GMT
content-encoding: gzip
via: 1.1 1717f995f2ca7c5df4d0a972f90c1564.cloudfront.net (CloudFront)
last-modified: Tue, 23 May 2023 16:13:52 GMT
server: nginx
x-amz-cf-pop: IAD50-C2
age: 14189
etag: W/"646ce640-29364"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, s-maxage=86400
x-amz-cf-id: JD96LegnyqCN5mvtDq6Afr4wSTX97kutpmVBVEBIr1OewgfsngMO6Q==

GET
H2 200 googleanalytics_c118a241fb.js Show response
static.formstack.com/forms/js/3/plugins/ 2 KB
1 KB 229ms
205ms Script
application/javascript 52.85.132.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/forms/js/3/plugins/googleanalytics_c118a241fb.js
Requested by: Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//2020singleschedule?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.132.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-132-103.iad50.r.cloudfront.net
Software: nginx /
Resource Hash: d163164bb749cfdea6b29289c061df192d7fb36cc10f20b1583e3ab81156149a

Request headers

Referer: https://www.therams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 23 May 2023 11:01:03 GMT
content-encoding: gzip
via: 1.1 1717f995f2ca7c5df4d0a972f90c1564.cloudfront.net (CloudFront)
last-modified: Mon, 22 May 2023 16:16:00 GMT
server: nginx
x-amz-cf-pop: IAD50-C2
age: 33221
etag: W/"646b9540-9cb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, s-maxage=86400
x-amz-cf-id: QCj7KlcYeUsK6Ao4rxETO89I51L42hC7T5GbHRgJjcsK84pelhVleQ==

GET
H2 200 utm_tracking_dd0b5a32b7.js Show response
static.formstack.com/forms/js/3/plugins/ 790 B
1 KB 229ms
205ms Script
application/javascript 52.85.132.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/forms/js/3/plugins/utm_tracking_dd0b5a32b7.js
Requested by: Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//2020singleschedule?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.132.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-132-103.iad50.r.cloudfront.net
Software: nginx /
Resource Hash: 15d01c709fdf293cbb036c2bfabbf58a06a8b66bcc35df2455f485185b9d01bb

Request headers

Referer: https://www.therams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 23 May 2023 12:40:37 GMT
via: 1.1 1717f995f2ca7c5df4d0a972f90c1564.cloudfront.net (CloudFront)
last-modified: Mon, 22 May 2023 16:18:41 GMT
server: nginx
x-amz-cf-pop: IAD50-C2
age: 27247
etag: "646b95e1-316"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, s-maxage=86400
accept-ranges: bytes
content-length: 790
x-amz-cf-id: 3PTwSODsrC2tW6KG7owvjfCwNkajvUESU34ZjO7MXuY8HZMKkmN6Bg==

GET
H2 200 modernizr_60a2d5aeb5.js Show response
static.formstack.com/forms/js/3/ 13 KB
6 KB 235ms
212ms Script
application/javascript 52.85.132.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/forms/js/3/modernizr_60a2d5aeb5.js
Requested by: Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//2020singleschedule?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.132.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-132-103.iad50.r.cloudfront.net
Software: nginx /
Resource Hash: af420c807b04fdb5136ef53f3bab83b81f2b94e43fa9856f1fad2fde88383744

Request headers

Referer: https://www.therams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 23 May 2023 08:01:29 GMT
content-encoding: gzip
via: 1.1 1717f995f2ca7c5df4d0a972f90c1564.cloudfront.net (CloudFront)
last-modified: Mon, 22 May 2023 16:18:43 GMT
server: nginx
x-amz-cf-pop: IAD50-C2
age: 43995
etag: W/"646b95e3-33bc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, s-maxage=86400
x-amz-cf-id: 6UbtLKfcAJxpE1hpILtYgNTj2fujxFRBSJhVtgQKV7swPO65H4IkpQ==

GET
H/1.1 200
OK dest5.html Show response
nfl.demdex.net/ Frame 57C1 7 KB
3 KB 131ms
31ms Document
text/html 52.215.114.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://nfl.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.215.114.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-215-114-201.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.therams.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-1-v048-0b9efa3f3.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: bve1y6y9R60=
content-encoding: gzip
date: Tue, 23 May 2023 20:14:44 GMT
last-modified: Wed, 10 May 2023 10:46:53 GMT
transfer-encoding: chunked
vary: accept-encoding

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=ZG0etAAAAICEgQOY
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=64200240131507681293472648398654314580
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZG0etAAAAICEgQOY

42 B
942 B

30ms
30ms

Image
image/gif

52.49.215.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZG0etAAAAICEgQOY

Requested by

Host: www.therams.com
URL: https://www.therams.com/schedule/

Protocol

HTTP/1.1

Server

52.49.215.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-215-81.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v048-0b9efa3f3.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: tYTlyCweTFw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZG0etAAAAICEgQOY
Date: Tue, 23 May 2023 20:14:44 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H2 200 delivery Show response
nflenterprises.tt.omtrdc.net/rest/v1/ 357 B
847 B 130ms
41ms XHR
application/json 66.235.152.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://nflenterprises.tt.omtrdc.net/rest/v1/delivery?client=nflenterprises&sessionId=27aa3d5c2e574cdea4b273c12ecb6ab7&version=2.10.2

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.235.152.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-66-235-152-113.data.adobedc.net

Software

jag /

Resource Hash

21716ff9c6690bee89ff577997021a3e2e3d8c6538ab3524c66c4a67e5954cb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 May 2023 20:14:44 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
server: jag
x-content-type-options: nosniff
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.therams.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
x-request-id: c2719e0c-2490-4cfd-901e-39972ad33cd3

GET
H/1.1

200
OK

ibs:dpid=269&dpuuid=3ab5646d-1eb4-4000-8547-a31c89bcda9c&ddsuuid=64200240131507681293472648398654314580
dpm.demdex.net/ Frame 57C1
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=64200240131507681293472648398654314580&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d64200240131507...
https://dpm.demdex.net/ibs:dpid=269&dpuuid=3ab5646d-1eb4-4000-8547-a31c89bcda9c&ddsuuid=64200240131507681293472648398654314580

42 B
942 B

31ms
31ms

Image
image/gif

52.49.215.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=269&dpuuid=3ab5646d-1eb4-4000-8547-a31c89bcda9c&ddsuuid=64200240131507681293472648398654314580

Requested by

Host: www.therams.com
URL: https://www.therams.com/schedule/

Protocol

HTTP/1.1

Server

52.49.215.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-215-81.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v048-04d6aa4f0.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 95JS/tiRRiM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date: Tue, 23 May 2023 20:14:44 GMT
Server: MT3 851 9bd98ae master cdg-pixel-x34 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://dpm.demdex.net/ibs:dpid=269&dpuuid=3ab5646d-1eb4-4000-8547-a31c89bcda9c&ddsuuid=64200240131507681293472648398654314580
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 23 May 2023 20:14:43 GMT

GET
H2

200

pixel.gif
load77.exelator.com/ Frame 57C1
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=64200240131507681293472648398654314580
https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=64200240131507681293472648398654314580&xl8blockcheck=1
https://load77.exelator.com/pixel.gif

43 B
365 B

58ms
6ms

Image
image/gif

2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Requested by: Host: www.therams.com
URL: https://www.therams.com/schedule/
Protocol: H2
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 23 May 2023 20:14:44 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 874111
x-accel-date: 1683998773
content-length: 43
x-77-nzt: AcO1rycppK7/f1YNAA
x-accel-expires: @1685035573
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
etag: "59f0c3fc-2b"
x-77-nzt-ray: 25b021319246b3b9b41e6d64fdf1ad2d
content-type: image/gif
access-control-allow-origin: *
accept-ranges: bytes

Redirect headers

date: Tue, 23 May 2023 20:14:44 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://load77.exelator.com/pixel.gif
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H2 200 css
fonts.googleapis.com/ 1 KB
817 B 131ms
47ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

83bb47871b3895cd8f4bf5da67037710b6d9a9e1fab80d03b579cd83a448fe23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 23 May 2023 20:14:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 23 May 2023 18:23:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 May 2023 20:14:44 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 125ms
42ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.therams.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305180101/pubads_impl.js?cb=31074815

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:14:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 132ms
46ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.therams.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305180101/pubads_impl.js?cb=31074815

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:14:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 77 KB
17 KB 142ms
141ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=72258887751063&correlator=3697160983282414&eid=31074678%2C31074723%2C31074815%2C31074695%2C21065725&output=ldjh&gdfp_req=1&vrg=202305180101&ptt=17&impl=fifs&iu_parts=4595%2Cteam.la%2Cschedule&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=100x30%2C100x30%2C100x30%2C728x90%7C970x90%7C970x250%2C728x90%7C970x250%7C970x90%2C1x4%2C1x1&ifi=1&adks=207209546%2C1080922568%2C1208089488%2C321486337%2C3662562588%2C995991317%2C2915423114&sfv=1-0-40&ists=1&prev_scp=slot%3Dbrandedspon%7Cslot%3Dbrandedspon1%7Cpartner%3Dticketmaster%26slot%3Dlogo%7Cslot%3Dtop%26club%3Dla%7Cslot%3Dbottom%7Cslot%3Dinterstitial%7Cslot%3Doop&eri=1&cust_params=s1%3Dschedule&sc=1&cookie_enabled=1&abxe=1&dt=1684872884628&lmt=1684872884&dlt=1684872883104&idt=1060&adxs=1376%2C1484%2C1324%2C436%2C436%2C800%2C800&adys=159%2C159%2C1173%2C311%2C10190%2C10871%2C0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0%7C1%7C2%7C0&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.therams.com%2Fschedule%2F&frm=20&vis=1&psz=248x32%7C248x32%7C174x16%7C1600x0%7C1600x0%7C1600x10871%7C1600x10871&msz=116x0%7C100x0%7C100x0%7C728x0%7C728x0%7C1600x0%7C1600x0&fws=4%2C4%2C0%2C0%2C0%2C4%2C4&ohw=1600%2C1600%2C0%2C0%2C0%2C1600%2C1600&ga_vid=1256100219.1684872885&ga_sid=1684872885&ga_hid=1966049212&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305180101/pubads_impl.js?cb=31074815

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18b057ba8c9ab17fa25f398c46f9b71b5127b70ef49ef4cc2faf44062b8a3049

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:14:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17027
x-xss-protection: 0
google-lineitem-id: -2,-2,5362858293,-2,6287660768,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2,138310656510,-2,138431504884,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.therams.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
a9f75a4194adab9f33c5a1e95130639d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4FF1 6 KB
3 KB 143ms
46ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a9f75a4194adab9f33c5a1e95130639d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305180101/pubads_impl.js?cb=31074815

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.therams.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 20:14:44 GMT
expires: Wed, 22 May 2024 20:14:44 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ot_close.svg
cdn.cookielaw.org/logos/static/ 651 B
600 B 17ms
17ms Image
image/svg+xml 2606:4700::6813:bb61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_close.svg

Requested by

Host: www.therams.com
URL: https://www.therams.com/schedule/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 23 May 2023 20:14:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: pcXWFGpuVeSg/jVnYCseRg==
age: 57775
x-ms-lease-status: unlocked
last-modified: Mon, 22 May 2023 02:34:44 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 439ec356-901e-009f-0868-8ca05c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7cbff7891cf12c72-FRA

GET
H/1.1 200
OK All-ProSans--semiBold.woff2
www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/ 19 KB
19 KB 167ms
167ms Font
font/woff2 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/All-ProSans--semiBold.woff2

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/css/base.css?_t=7c622c33563f55e9ff12803d8ffb56eb

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

0dcdb2b2a47908a600d75aebd990877a582cb137d50a10066f9ebc484de79a46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/compiledassets/css/base.css?_t=7c622c33563f55e9ff12803d8ffb56eb
Origin: https://www.therams.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
Via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:14:44 GMT
Age: 0
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 19112
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200053-BUR, cache-fra-eddf8230131-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:36:47 GMT
server: envoy
X-Timer: S1684872885.655252,VS0,VE160
etag: "1d9874b70dd3328"
Vary: X-NFL-Geo,Origin
content-type: font/woff2
access-control-allow-origin: https://www.therams.com
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
493 B 20ms
19ms Fetch
image/svg+xml 2606:4700::6813:bb61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202303.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 23 May 2023 20:14:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 7601
x-ms-lease-status: unlocked
last-modified: Mon, 22 May 2023 17:17:57 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: af24b6e0-401e-0073-1872-8da825000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7cbff7892f2d3678-FRA

GET
H2 200 National_Football_League_logo.svg.png
cdn.cookielaw.org/logos/46acd508-0e8d-40cd-af22-1a8bdfa6da60/e9c29623-f807-422e-9944-964ce7fff1e0/a67792a1-43d4-44d0-8d5e-99ce69b835d9/ 68 KB
68 KB 17ms
17ms Image
image/png 2606:4700::6813:bb61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/46acd508-0e8d-40cd-af22-1a8bdfa6da60/e9c29623-f807-422e-9944-964ce7fff1e0/a67792a1-43d4-44d0-8d5e-99ce69b835d9/National_Football_League_logo.svg.png

Requested by

Host: www.therams.com
URL: https://www.therams.com/schedule/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2d3d05d0d1428ea50277aee6c9e425bf29863861209cbef9ab97bc184f8f525

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 23 May 2023 20:14:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Gz5DzPx+xXH6/nhkr1Zhpg==
age: 52339
content-length: 69278
x-ms-lease-status: unlocked
last-modified: Mon, 22 Aug 2022 17:40:20 GMT
server: cloudflare
etag: 0x8DA846562873955
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 55d0ada0-101e-00ca-4fe1-5a4b2b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7cbff7893d272c72-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 24ms
24ms Image
image/svg+xml 2606:4700::6813:bb61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: www.therams.com
URL: https://www.therams.com/schedule/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 23 May 2023 20:14:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 6947
x-ms-lease-status: unlocked
last-modified: Mon, 22 May 2023 17:17:58 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 0a756ff8-801e-0008-30d3-8cc395000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7cbff7893d292c72-FRA

GET
H/1.1 200
OK main.js Show response
www.therams.com/compiledassets/js/ 7 KB
3 KB 167ms
167ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/main.js?_t=bc019a14e50a0a7921ed567de291bd74

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

f63b6991810ec4f98212762bc0ab61f08e0400d05718019ee4ff280a55f93604

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:14:44 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 0
origin-site: LA3
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 2036
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200062-BUR, cache-fra-eddf8230114-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:44:18 GMT
server: envoy
X-Timer: S1684872885.683436,VS0,VE160
etag: "1d9874c7dae81ae"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 1, 1

GET
H/1.1

200
OK

ibs:dpid=359&dpuuid=FaXYjxDi1Q1yp65
dpm.demdex.net/ Frame 57C1
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_
https://dpm.demdex.net/ibs:dpid=359&dpuuid=FaXYjxDi1Q1yp65

42 B
942 B

30ms
30ms

Image
image/gif

52.49.215.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=359&dpuuid=FaXYjxDi1Q1yp65

Requested by

Host: www.therams.com
URL: https://www.therams.com/schedule/

Protocol

HTTP/1.1

Server

52.49.215.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-215-81.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v048-076739d48.edge-irl1.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: van7U/X0Qvc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma: no-cache
Date: Tue, 23 May 2023 20:14:44 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-777-g304ac51#rel-ec2-master i-0a1a90ed6ac66fe36@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://dpm.demdex.net/ibs:dpid=359&dpuuid=FaXYjxDi1Q1yp65
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 185ms
75ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.therams.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 15:41:45 GMT
x-content-type-options: nosniff
age: 275579
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 15:41:45 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 151ms
41ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.therams.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 13:31:10 GMT
x-content-type-options: nosniff
age: 283414
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 13:31:10 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame BA67 0
0 75ms
75ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu8pT0bmYJ59v9VHxNH-eC5oIJsUfOHTsFbNR3DB0MrQIqbyBQCFrjjNMzXt_JqJpsDRrMJ17CcAaUMkTqGBDdd7tRRZuvwq3DrRA6TBouwAzuZHBpDhRQsKMksvHZNhIi_VG88UnJbqndqnTcZQKxYiILhbnAvzoP5hGUxXHavZfKaW5G1_-_4CgUeqr6rRFvwD34_DoRupBD5UQehPD4081yA7FHtrvxTcR9XrZtzwsOi5UqJX-lSH9auv24BnTIB4PLbqTMFP1RuMSMzYc4JWvb3J439q5VtgNI8y-YFv4jm-g0qv7UpUYdfJP7DTHQTszk&sai=AMfl-YTEnE3YAxMI0LZmuHkMZLhmKQ7fYD_aDt9lzm8Iv5rbCEZK7Vcz4Iegyibqr898AGLNr_c55IbFb9LBk64FnlJR9Ra_NNEpG8FfpRVhwpt3RuzUxkhLYbNyPJrFt4U17R_-Kvj4rkKi9KroHAQO&sig=Cg0ArKJSzJ_4sSkMDUoNEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.therams.com
URL: https://www.therams.com/schedule/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:14:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 23 May 2023 20:14:44 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame BA67 3 KB
2 KB 136ms
37ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305180101/pubads_impl.js?cb=31074815

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:46:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23289
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 13:46:35 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BA67 171 KB
54 KB 175ms
78ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305180101/pubads_impl.js?cb=31074815

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

452f096c720b3e3f9bef10090f461ce08ab38e64159263e9939a7c60067aa32f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:14:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54262
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684757038394838"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 May 2023 20:14:44 GMT

GET
H2 200 7476150962692212385
tpc.googlesyndication.com/simgad/ Frame BA67 5 KB
5 KB 136ms
39ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7476150962692212385

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305180101/pubads_impl.js?cb=31074815

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b884aa073ae0995039e442f97eaa0523fa02913747029e74e717248812a476d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 19:55:50 GMT
x-content-type-options: nosniff
age: 519534
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4709
x-xss-protection: 0
last-modified: Tue, 05 May 2020 00:44:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 16 May 2024 19:55:50 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3D0E 0
0 76ms
76ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvfgEKjxSNyAY-mYQAK4RMtVvTsMIBCDiuLPyUf7KdhUb1643q9TOxM-dVz2l6JVrDJ97Yt2dM4r6o19PzOZoNE_QMNhzOPG6BdtT1VjJCbkPQoHkOaBpkUjglcZk_hHbypRJZNMycQFZxFluCDLl-P10QDiqSfgdcUDzS9pLoGYgJOZrjUw_EF3dXPtXjuQP0z8rjx7ZnuBAQajVEhETgYYhjfP59GTW9lZcTQbBZk1I1zElX5a_i0minGZSeJcA4w4yBcozZL_VN2Tfh0umVUC4kUwC7tWyaX1BcethCzI3kt5yHSG705Sggc--Vu9QeUK0M&sai=AMfl-YQQvM4O7H2I2vLPU7bc-EVLVv6D9PEfxcQryE8nv1kZndaT-pu-lDC2nOZwj_ou5XNVQVMH9YYOM1Y5OqLXXoRsb782IeNh1Wc4kOjPkGH9pyoLWHVqL34wRA1DZmacCi73Q5hWAUbFhvWIjTlo&sig=Cg0ArKJSzNdQVHvbTkaAEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.therams.com
URL: https://www.therams.com/schedule/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:14:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 23 May 2023 20:14:44 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame 3D0E 3 KB
1 KB 128ms
38ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305180101/pubads_impl.js?cb=31074815

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:46:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23289
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 13:46:35 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3D0E 171 KB
53 KB 225ms
136ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305180101/pubads_impl.js?cb=31074815

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

452f096c720b3e3f9bef10090f461ce08ab38e64159263e9939a7c60067aa32f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:14:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54262
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684757038394838"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 May 2023 20:14:44 GMT

GET
H2 200 15074156624295062743
tpc.googlesyndication.com/simgad/ Frame 3D0E 72 KB
72 KB 143ms
55ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15074156624295062743

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305180101/pubads_impl.js?cb=31074815

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

834f03082e3c1b45fd4fcd805ec415f07236a6586e08db572985f38c8b735e31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:14:44 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73763
x-xss-protection: 0
last-modified: Wed, 26 Apr 2023 16:47:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 22 May 2024 20:14:44 GMT

GET
H/1.1

200
OK

ibs:dpid=358&dpuuid=3955446442563860411
dpm.demdex.net/ Frame 57C1
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
https://dpm.demdex.net/ibs:dpid=358&dpuuid=3955446442563860411

42 B
942 B

33ms
30ms

Image
image/gif

52.49.215.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=358&dpuuid=3955446442563860411

Requested by

Host: www.therams.com
URL: https://www.therams.com/schedule/

Protocol

HTTP/1.1

Server

52.49.215.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-215-81.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v048-0e3ebe570.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: hU67S5ZdQFo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date: Tue, 23 May 2023 20:14:44 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.164; 185.213.155.164; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 73ec196d-97c6-4af1-b129-e9a1aa2aca04
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dpm.demdex.net/ibs:dpid=358&dpuuid=3955446442563860411
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame BA67 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ddd2c7c2acb3ed80cc30441a7e075fc0acf43b15ba5b7459c89d0729188fc963

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3D0E 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6daa2c4303a3ea37647e5a33af5c9c1c34c8003eb03b76c93d1c0a2f36a8d7e1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK requireModule.js Show response
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/functions/ 1 KB
1 KB 15ms
15ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/functions/requireModule.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

1690e605ce0b7b17dadf5cfa24a8ce211b424c4b1f22702d34fd624e727b68de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:14:44 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 702901
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 5
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 558
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200105-BUR, cache-fra-eddf8230114-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:44:18 GMT
server: envoy
X-Timer: S1684872885.856870,VS0,VE2
etag: "1d9874c7dae9905"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK intersectionObserver.js Show response
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/functions/ 808 B
1 KB 9ms
9ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/functions/intersectionObserver.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

8182161d54abafd67e6e11122131bc2bcd65a4a86bf80617e655aa88265000f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:14:44 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 702901
origin-site: LV1
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 4
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 428
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200052-BUR, cache-fra-eddf8230131-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:44:18 GMT
server: envoy
X-Timer: S1684872885.857154,VS0,VE1
etag: "1d9874c7dae9e28"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK adobeLaunch.js Show response
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/ 3 KB
2 KB 11ms
10ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/adobeLaunch.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

cfd88d77357dcdbf67e882d6771b4404fa9040c966ebeb859dd903418f11875c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:14:44 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 66038
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 923
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200100-BUR, cache-fra-eddf8230068-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:44:18 GMT
server: envoy
X-Timer: S1684872885.857527,VS0,VE1
etag: "1d9874c7dae97c3"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK lazyload.js Show response
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/ 2 KB
2 KB 12ms
11ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/lazyload.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

5377c77436bfcc620e2d5bebb1779b5daf63a9cabd28022ba959323d1d8e9b0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:14:44 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 636550
origin-site: LA3
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 846
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200054-BUR, cache-fra-eddf8230074-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:44:18 GMT
server: envoy
X-Timer: S1684872885.857526,VS0,VE1
etag: "1d9874c7dae9a96"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 1, 1

GET
H2 200 gigya.js Show response
cdns.us1.gigya.com/js/ 496 KB
164 KB 62ms
8ms Script
text/javascript 23.35.237.2
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ
Requested by: Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.2 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-2.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 673089261a490c7c06604429afc843813446902e59322da97745929aaec615f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:14:44 GMT
content-encoding: gzip
x-soa: true, Gator
vary: Accept-Encoding
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
access-control-allow-origin: *
x-callid: e027a5ac51e243fdbc40155ac6155c39
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=900, s-maxage=3600
x-server: us1d-nomad-t12
x-error-code: 0
x-robots-tag: none
content-length: 166868
expires: Tue, 23 May 2023 20:29:44 GMT

GET
H/1.1 200
OK gigyaLoggedInChecker.js Show response
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/common/ 2 KB
2 KB 13ms
13ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/common/gigyaLoggedInChecker.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

c06f3fcb3a93af5c96f6d7eda17c8bf3bb02fc99b8d68e4fea7cfecd1d0fe948

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:14:44 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 702901
origin-site: LV1
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 3
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 909
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200066-BUR, cache-fra-eddf8230136-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:44:18 GMT
server: envoy
X-Timer: S1684872885.857545,VS0,VE3
etag: "1d9874c7dae9a71"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK noconflict.js Show response
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/ 93 B
910 B 10ms
9ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/noconflict.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

61ed9ec4c536d2eb2e32389cfff1656afce90aa7715968876853a1ac3439ca88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:14:44 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 702901
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 108
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200025-BUR, cache-fra-eddf8230114-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:44:18 GMT
server: envoy
X-Timer: S1684872885.887842,VS0,VE1
etag: "1d9874c7dae9d5d"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK adobeLaunchService.js Show response
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/addons/services/ 180 B
950 B 12ms
8ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/addons/services/adobeLaunchService.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

a72891ab6e9b44ba1dab6cda81cb196e7a93913a05c7b8d772bbe35c402f14f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:14:44 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 702901
origin-site: LV1
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 6
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 149
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200168-BUR, cache-fra-eddf8230136-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:44:18 GMT
server: envoy
X-Timer: S1684872885.892227,VS0,VE1
etag: "1d9874c7dae9db4"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK iconHelper.js Show response
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/ 530 B
1 KB 10ms
8ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/iconHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

8bcd1a4901c7753af609970d77e8a023a889afdb02bb7ee6b343b05ca5069598

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:14:44 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 702901
origin-site: LA3
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 380
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200131-BUR, cache-fra-eddf8230074-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:44:18 GMT
server: envoy
X-Timer: S1684872885.892452,VS0,VE1
etag: "1d9874c7dae9f12"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK gigyaHelper.js Show response
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/helpers/ 3 KB
2 KB 20ms
12ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/helpers/gigyaHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

e9166b6dead256e5e723626e7344660a24e0c5e99b4688bc4f60633886a5e0bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:14:44 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 702900
origin-site: LA3
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 4
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 1209
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200151-BUR, cache-fra-eddf8230068-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:44:18 GMT
server: envoy
X-Timer: S1684872885.901514,VS0,VE2
etag: "1d9874c7dae9662"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK accountButtonService.js Show response
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/addons/services/ 831 B
1 KB 18ms
11ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/addons/services/accountButtonService.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

d564ecea790280585429959b133a75bad092b20be35041c735d9c3fb1b800c14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:14:44 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 702901
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 7
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 488
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200124-BUR, cache-fra-eddf8230131-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:44:18 GMT
server: envoy
X-Timer: S1684872885.899155,VS0,VE1
etag: "1d9874c7dae9e3f"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK LA
static.www.nfl.com/t_q-best/league/api/clubs/logos/ 8 KB
4 KB 37ms
8ms Image
image/svg+xml 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.www.nfl.com/t_q-best/league/api/clubs/logos/LA

Requested by

Host: www.therams.com
URL: https://www.therams.com/schedule/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

bcec1a47d702627a87baa373da863f22a6133d09fabad9fa9182380dd654134e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 23 May 2023 20:14:44 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 571007
X-Cache: HIT, HIT
Content-Disposition: attachment; filename="LA"
Connection: keep-alive
Server-Timing: cld-fastly;mitm=f;dur=134;cpu=0;start=2023-05-17T05:37:57.862Z;desc=miss,rtt;dur=0,cloudinary;dur=129;start=2023-05-17T05:37:57.862Z
Content-Length: 3390
X-Served-By: cache-iad-kcgs7200127-IAD, cache-fra-eddf8230072-FRA
Last-Modified: Tue, 27 Oct 2020 18:38:40 GMT
Server: Cloudinary
X-Timer: S1684872885.928317,VS0,VE1
Etag: W/"f3c7a18a8a089614f6d239bc13034f14"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
Cache-Control: public, no-transform, immutable, max-age=31557600,no-cache
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Cache-Hits: 5711, 1

GET
H/1.1 200
OK x4bfi8idjpvcb0pwctto
static.clubs.nfl.com/image/private/f_auto/rams/ 41 KB
42 KB 13ms
9ms Image
image/webp 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/f_auto/rams/x4bfi8idjpvcb0pwctto
Requested by: Host: www.therams.com
URL: https://www.therams.com/schedule/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 3d73b5f59d6f4925cfdee376ad7738ec527111ae462a4ec9598b0e35beacccd5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 23 May 2023 20:14:44 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 1026002
Edge-Cache-Tag: 550201907655763978091652480802525651315,427243639673637129188351318415228242347,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 550201907655763978091652480802525651315,427243639673637129188351318415228242347,c34f21cfe162ce329654d565922e8c70
Status: 200 OK
X-Cache: MISS, HIT, HIT
Content-Disposition: inline; filename="x4bfi8idjpvcb0pwctto.webp"
Connection: keep-alive
Content-Length: 42082
X-Request-Id: 9adcd01473aecf151b94d49eaefdee55
X-Served-By: cache-iad-kcgs7200150-IAD, cache-iad-kjyo7100100-IAD, cache-fra-eddf8230045-FRA
Last-Modified: Thu, 11 May 2023 23:14:43 GMT
Server: cloudinary
X-Timer: S1684872885.902636,VS0,VE1
Etag: "0368e7a16ec7c581b8e5097b6021c567"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 2430, 1

GET
H/1.1 200
OK o83urxdquppaniilfg3g
static.clubs.nfl.com/image/private/f_auto/rams/ 32 KB
33 KB 22ms
9ms Image
image/webp 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/f_auto/rams/o83urxdquppaniilfg3g
Requested by: Host: www.therams.com
URL: https://www.therams.com/schedule/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 1e1de3e64b75a760b1fb4593b869ad888230f8b2daae2b418b017d206135a6e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 23 May 2023 20:14:44 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 1293894
Edge-Cache-Tag: 430180814662264295397231375559549420306,427243639673637129188351318415228242347,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 430180814662264295397231375559549420306,427243639673637129188351318415228242347,c34f21cfe162ce329654d565922e8c70
X-Cache: MISS, HIT, HIT
Content-Disposition: inline; filename="o83urxdquppaniilfg3g.webp"
Connection: keep-alive
Content-Length: 32856
X-Served-By: cache-iad-kiad7000120-IAD, cache-iad-kjyo7100163-IAD, cache-fra-eddf8230084-FRA
Last-Modified: Mon, 01 May 2023 23:58:58 GMT
Server: cloudinary
X-Timer: S1684872885.915590,VS0,VE2
Etag: "b43d835d75cc70cfee848a80ae6eca8d"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 78, 1

GET
H/1.1 200
OK jquery-3.6.0.min.js Show response
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/vendor/jquery/ 105 KB
40 KB 10ms
9ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/vendor/jquery/jquery-3.6.0.min.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

878796facbcbeadeddda79c14175bb3967519b61d1db46ae49a36b5dc84e5dd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:14:44 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 702900
origin-site: LV1
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 39864
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200091-BUR, cache-fra-eddf8230074-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:44:18 GMT
server: envoy
X-Timer: S1684872885.903648,VS0,VE2
etag: "1d9874c7daf39e7"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK navigation.js Show response
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/ 6 KB
3 KB 10ms
9ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/navigation.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

54fbe08cd567b05b1c11dc37745a2b278c0521d1af11d8076ad50f685ea889ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:14:44 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 702901
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 8
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 2299
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200084-BUR, cache-fra-eddf8230136-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:44:18 GMT
server: envoy
X-Timer: S1684872885.904677,VS0,VE1
etag: "1d9874c7dae84ba"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK search.js Show response
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/ 2 KB
2 KB 9ms
8ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/search.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

d5fff1784193807b9cd03e9babd9b017375f622351e7024b591e6b337295e47a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:14:44 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 702901
origin-site: LV1
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 3
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 880
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200091-BUR, cache-fra-eddf8230131-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:44:18 GMT
server: envoy
X-Timer: S1684872885.911884,VS0,VE1
etag: "1d9874c7dae9acf"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK calendarOptions.js Show response
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/ 1 KB
1 KB 11ms
9ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/calendarOptions.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

7f48123723251fde71c5aff246bfcf33cd9abdd69ebe1140eed0ae364e8a7e44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:14:44 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 701729
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 529
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200101-BUR, cache-fra-eddf8230068-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:44:18 GMT
server: envoy
X-Timer: S1684872885.913837,VS0,VE3
etag: "1d9874c7dae99a4"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK locationHelper.js Show response
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/helpers/ 1 KB
1 KB 10ms
9ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/helpers/locationHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

8630299a25d2e6e488149c269c4e70b09e7e4c82e7aaaf108432cf047572f74b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:14:44 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 702900
origin-site: LA3
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 5
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 550
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200173-BUR, cache-fra-eddf8230136-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:44:18 GMT
server: envoy
X-Timer: S1684872885.916451,VS0,VE1
etag: "1d9874c7dae995f"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK browserHelper.js Show response
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/helpers/ 2 KB
2 KB 8ms
8ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/helpers/browserHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

51f9f21b7ac45e48dea3f02ead3b3ed2151936f28cb0f7a3bf26af88bb30adb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:14:44 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 702776
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 761
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200069-BUR, cache-fra-eddf8230074-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:44:18 GMT
server: envoy
X-Timer: S1684872885.915240,VS0,VE1
etag: "1d9874c7dae9b20"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1

200
OK

ibs:dpid=470&dpuuid=8677260299256887821
dpm.demdex.net/ Frame 57C1
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
https://dpm.demdex.net/ibs:dpid=470&dpuuid=8677260299256887821

42 B
942 B

30ms
30ms

Image
image/gif

52.49.215.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=470&dpuuid=8677260299256887821

Requested by

Host: www.therams.com
URL: https://www.therams.com/schedule/

Protocol

HTTP/1.1

Server

52.49.215.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-215-81.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v048-0b9d35258.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 9A6/LgEORl4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=470&dpuuid=8677260299256887821
pragma: no-cache
date: Tue, 23 May 2023 20:14:44 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1 200
OK sha256.min.js Show response
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/vendor/sha256/ 9 KB
5 KB 11ms
11ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/vendor/sha256/sha256.min.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

7157511697db744d384a5a2a8646af23f3c90560abf93bb240fdd690b29a898a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:14:44 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 702901
origin-site: LA3
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 3
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 3888
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200073-BUR, cache-fra-eddf8230136-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:44:18 GMT
server: envoy
X-Timer: S1684872885.968967,VS0,VE2
etag: "1d9874c7daebe39"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK nflTokenHelper.js Show response
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/helpers/ 3 KB
2 KB 9ms
9ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/helpers/nflTokenHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

1526ac09d5d3d44e09a9b34462a2d7bdbb2582940b9bb3c5f9e5d67a00fa92e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:14:44 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 702900
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 5
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 1146
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200078-BUR, cache-fra-eddf8230068-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:44:18 GMT
server: envoy
X-Timer: S1684872885.966763,VS0,VE2
etag: "1d9874c7dae9616"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK js.cookie.min.js Show response
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/vendor/js-cookie/ 2 KB
2 KB 8ms
8ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/vendor/js-cookie/js.cookie.min.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

a1e8ff6e3433451a637658e81616852233d86684186eab93629b79c94d15b28f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:14:44 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 702900
origin-site: LV1
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 3
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 1126
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200034-BUR, cache-fra-eddf8230136-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:44:18 GMT
server: envoy
X-Timer: S1684872885.980452,VS0,VE1
etag: "1d9874c7dae9ae6"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK jquery.visible.min.js Show response
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/vendor/jquery/plugins/ 803 B
1 KB 10ms
9ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/vendor/jquery/plugins/jquery.visible.min.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

5735dc0f41e6575b3c446749ff221fed891988e66b7313e985a0e9c0cfbea52b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:14:44 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 50411
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 443
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200164-BUR, cache-fra-eddf8230068-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:44:18 GMT
server: envoy
X-Timer: S1684872885.980877,VS0,VE2
etag: "1d9874c7dae9e23"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK LAC
static.www.nfl.com/t_q-best/league/api/clubs/logos/ 2 KB
2 KB 8ms
8ms Image
image/svg+xml 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.www.nfl.com/t_q-best/league/api/clubs/logos/LAC

Requested by

Host: www.therams.com
URL: https://www.therams.com/schedule/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

37fea85cfef13b0d55bf066260eb7f48a6101970d8eb86c9696f23ebaffa1c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 23 May 2023 20:14:45 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 4192118
X-Cache: HIT, HIT
Content-Disposition: attachment; filename="LAC"
Connection: keep-alive
Server-Timing: cld-fastly;mitm=f;dur=78;cpu=0;start=2023-04-05T07:46:06.167Z;desc=miss,rtt;dur=0,cloudinary;dur=73;start=2023-04-05T07:46:06.168Z
Content-Length: 1041
X-Served-By: cache-iad-kiad7000160-IAD, cache-fra-eddf8230072-FRA
Last-Modified: Tue, 27 Oct 2020 18:22:09 GMT
Server: Cloudinary
X-Timer: S1684872885.003306,VS0,VE1
Etag: W/"c35c63d2b0f344f428310ecb37a3d2eb"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
Cache-Control: public, no-transform, immutable, max-age=31557600,no-cache
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Cache-Hits: 43484, 1

GET
H/1.1 200
OK md5.js Show response
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/vendor/md5/ 4 KB
2 KB 10ms
10ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/vendor/md5/md5.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

eec3e00ec5297b3e3a9fdfda04e1eb3495b871c01db06e469146a731fd726f98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:14:45 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 75092
origin-site: LA3
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 1714
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200076-BUR, cache-fra-eddf8230068-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:44:18 GMT
server: envoy
X-Timer: S1684872885.003657,VS0,VE1
etag: "1d9874c7dae9226"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK dropdownNative.js Show response
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/ 894 B
1 KB 10ms
10ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/dropdownNative.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

e8bc22931893b2046382a9a4d7edb1591fa4d5fd49ad288891bd14b39448f958

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:14:45 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 701729
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 559
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200174-BUR, cache-fra-eddf8230068-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:44:18 GMT
server: envoy
X-Timer: S1684872885.026300,VS0,VE2
etag: "1d9874c7dae9e7e"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK smoothScroller.js Show response
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/ 2 KB
2 KB 8ms
8ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/smoothScroller.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

6eeb370855e4f16067a57797064c296fe2ec6bf7eadb9e49db1df31d712339ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:14:45 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 702901
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 6
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 742
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200020-BUR, cache-fra-eddf8230136-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:44:18 GMT
server: envoy
X-Timer: S1684872885.026841,VS0,VE1
etag: "1d9874c7dae9b17"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK jquery.autocomplete.min.js Show response
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/vendor/autocomplete/ 13 KB
6 KB 22ms
22ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/vendor/autocomplete/jquery.autocomplete.min.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

83b8975d97ad572af9b9c7bf861913699ac5d14f1ad14521e0ef5c451b71ac55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:14:45 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 702775
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 4972
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200056-BUR, cache-fra-eddf8230074-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:44:18 GMT
server: envoy
X-Timer: S1684872885.027120,VS0,VE15
etag: "1d9874c7daeaf9b"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H2 200 sdk.config.get Show response
auth-id.nfl.com/ 5 KB
2 KB 815ms
101ms Fetch
text/javascript 18.165.83.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-id.nfl.com/sdk.config.get?apiKey=4_9uJbeFZZVmtKTfSv1bjUVQ&httpStatusCodes=true
Requested by: Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.83.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-83-110.iad55.r.cloudfront.net
Software: /
Resource Hash: 47adb1be0669d98db3ba38103f9a0b125f9444a5704bdb9135ecd20eb5620b10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:13:16 GMT
content-encoding: gzip
via: 1.1 035e691ec6c773baa108d5dd3cdf6b28.cloudfront.net (CloudFront)
x-soa: true, Gator
x-amz-cf-pop: IAD55-P3
age: 89
edge-cache-tag: siteid_748934946734
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
edge-control: !no-store,max-age=1h
x-cache: Hit from cloudfront
x-error-code: 0
content-length: 2002
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-callid: 72e37c4017a542419f7621f3eb53bba6
cache-control: public, s-maxage=120, max-age=60
x-server: us1d-nomad-t14
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: okOkb3hq-gwbKw1Ck-fyeqdDuLtV4ZLux4VfA2BaaIc2kTs_l-edHQ==

GET
H/1.1 200
OK clipboard.min.js Show response
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/vendor/clipboard/ 11 KB
4 KB 11ms
10ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/vendor/clipboard/clipboard.min.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

0da7fc1ae23678b2872653962d147fcd1cbd0a5a9c8f84d44ae99bc581fd9062

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:14:45 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 636483
origin-site: LV1
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 4
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 3790
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200054-BUR, cache-fra-eddf8230074-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:44:18 GMT
server: envoy
X-Timer: S1684872885.060202,VS0,VE4
etag: "1d9874c7daeb7a5"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 1, 1

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame BA67 0
0 76ms
76ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvDAcQh_MT3rKArLsW0F5dH1kRcHhhNbKCUURerif-LAk6pt7J1g4GL7rGtzRqFqDjEz6fMtNHq3Ybw4phFI6Annd62IN2K5HT9a1Sjb89_kvHcgJesaDxS4_KYoEoc5GhYIwQ65OoRQoaleL4io9nS7N2EWLbPHZk7XTC3Lcxf0idOJ2zwZRhux-e6lgjVeh-Wl9KMv2lTEYuasNxdADd3nY3q8hyvAp5v0eACZ10U3fOd6rRS5T4IFOwFLLC3wcwK2QG-anku-EA95Kt8ok7kiiRzfoM4RheRVtvcKHl5Vf1qRqTxmpyqBei98NocPV5sy3ViqQ&sai=AMfl-YSBSTf-5FI-63has8zq83f_-9QhvP7RVS_iIaJKV5oRHpkIncYFBjaZ8-hjXLTR_MjfSaYdnxgMpSMCJ2bo6NtzuLq8-a6SrdIuL29EXGuTX3kFH2Xf5yXSISjhyHPJ8-6qs0_E2UgGlsRC6D5v&sig=Cg0ArKJSzCuNhM5jRbwHEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:14:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 23 May 2023 20:14:45 GMT

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 9D28 47 KB
13 KB 108ms
33ms Script
application/javascript 52.31.36.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=929781&campId=100x30&pubId=30702453&chanId=182654973&placementId=5362858293&pubCreative=138310656510&pubOrder=2691141984&cb=865396118&adsafe_par&impId=&custom=logo&custom2=schedule&custom3=
Requested by: Host: www.therams.com
URL: https://www.therams.com/schedule/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.36.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-36-112.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6692a6ffe0a5ac028579a19ff69865d0a9f3bfb743dd262870c0a27fabff56df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 20:14:45 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H/1.1

200
OK

ibs:dpid=134096&dpuuid=2023052320144500011943829943
dpm.demdex.net/ Frame 57C1
Redirect Chain

https://x.dlx.addthis.com/e/demdex_sync?na_exid=64200240131507681293472648398654314580&ru=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%3Cna_id%3E%20
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2023052320144500011943829943

42 B
942 B

31ms
30ms

Image
image/gif

52.49.215.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2023052320144500011943829943

Protocol

HTTP/1.1

Server

52.49.215.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-215-81.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v048-0ec12bf84.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 8I5Ipk8iSiI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2023052320144500011943829943
pragma: no-cache
date: Tue, 23 May 2023 20:14:45 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Tue, 23 May 2023 20:14:45 GMT

GET
H/1.1 200
OK deferredService.js Show response
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/services/ 751 B
1 KB 8ms
8ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/services/deferredService.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

2d347443d3ac1363e31281915b1a5a239c9905bfdbabb7f897dbb07ef981d71b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:14:45 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 702900
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 3
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 402
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200100-BUR, cache-fra-eddf8230074-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:44:18 GMT
server: envoy
X-Timer: S1684872885.098953,VS0,VE1
etag: "1d9874c7dae9fef"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK stringHelper.js Show response
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/helpers/ 586 B
1 KB 9ms
8ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/helpers/stringHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

788ab74adefb14b2710f86b1de56bc0040c935d09e5ba8a1825ca6d3c15dc8a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:14:45 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 49114
origin-site: LV1
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 392
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200084-BUR, cache-fra-eddf8230068-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:44:18 GMT
server: envoy
X-Timer: S1684872885.099296,VS0,VE1
etag: "1d9874c7dae9f4a"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 2, 1

GET
H/1.1 200
OK dateHelper.js Show response
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/helpers/ 287 B
1004 B 9ms
9ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/helpers/dateHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

7fe19ed9f52e04a6932f63b7de463fd9c8593b2ddbcbd4469fe0db31a0fabf30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:14:45 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 702900
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 3
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 202
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200143-BUR, cache-fra-eddf8230136-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:44:18 GMT
server: envoy
X-Timer: S1684872885.099363,VS0,VE1
etag: "1d9874c7dae9c1f"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK objectHelper.js Show response
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/helpers/ 395 B
1 KB 9ms
8ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/helpers/objectHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

ab2e2395cef5812ed20caae0b0a178b1edace5036be869f62709efbfbee0580f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:14:45 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 702899
origin-site: LA3
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 4
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 262
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200088-BUR, cache-fra-eddf8230131-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:44:18 GMT
server: envoy
X-Timer: S1684872885.099510,VS0,VE1
etag: "1d9874c7dae9c8b"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 3, 1

GET
H/1.1 200
OK smooth-scroll.polyfills.min.js Show response
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/vendor/smooth-scroll/ 6 KB
4 KB 10ms
9ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/vendor/smooth-scroll/smooth-scroll.polyfills.min.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

bb6c08579f871753ec3d3bcd1e49757fa8342e136fd5a485b871a4068bc32623

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/schedule/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Date: Tue, 23 May 2023 20:14:45 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 702900
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 3
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 2828
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-bur-kbur8200063-BUR, cache-fra-eddf8230136-FRA
X-NFL-Dma: 276003
last-modified: Mon, 15 May 2023 16:44:18 GMT
server: envoy
X-Timer: S1684872885.109885,VS0,VE1
etag: "1d9874c7dae8472"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3D0E 0
0 77ms
76ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss44AVcXY4S4HxnzqhyddxVS264rJt9uDp_YG8zQVx53iqoxMf4fPpiWoTtpzfz8asKwne3oQROfvLVyfzSqoqHS5g1UAQNnl_DSyxKXIsJv5c4YrwDL15bzqkJGYap6JYtiZ54RHU3KqmRGrdOjV9lyTbmpI9DYG8R-ieXlYoTDXePAoUDlFUQg-6--2gfDEBItyp95r8puNAJRAhGE8NfAFoVKxxNw2MRt955_2dm21KSPuLWP7HeHUeSzuwb_CZeRMTuNo5VKjYbgNHr6q2IwXJ5tWlM5-irFc10P87VisTxSBneEG9io878EPKzfYx8yafyaQ&sai=AMfl-YSC1MSxxeKO_0RVMq_zytnRw4BOKP2UUo-WSBlYo4MviH9KrS0FYAcTSvIhKXH18e-aALDQhDmJl2_TCeb9GVTfDIDqbeIXaGLP8ijEcG-0BWnyS24bip6VPZvYXySrafy_bI1qD1PG1Tn7eId5&sig=Cg0ArKJSzChxcSyMX9xjEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:14:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 23 May 2023 20:14:45 GMT

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 0FB1 47 KB
13 KB 69ms
33ms Script
application/javascript 52.31.36.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=929781&campId=728x90&pubId=5226435748&chanId=182654973&placementId=6287660768&pubCreative=138431504884&pubOrder=3193859903&cb=775113353&adsafe_par&impId=&custom=bottom&custom2=schedule&custom3=
Requested by: Host: www.therams.com
URL: https://www.therams.com/schedule/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.36.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-36-112.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 39f65b2c21e77841920e7b26b5db6b0ab85db163c342a65ffc0df8922d6b4db5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 20:14:45 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H/1.1 200
OK w5l0jldl8st1fptifcyr.jpg
static.clubs.nfl.com/image/upload/v1683820199/rams/ 331 KB
331 KB 9ms
9ms Image
image/jpeg 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/upload/v1683820199/rams/w5l0jldl8st1fptifcyr.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/schedule/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 1492c17d9b641b3e9026659fe3ebff0a5e5f27319d91b66cf49dac37066ecada

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 23 May 2023 20:14:45 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 1024294
Edge-Cache-Tag: 565647521439268793942587637920995210964,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 565647521439268793942587637920995210964,c34f21cfe162ce329654d565922e8c70
X-Cache: MISS, HIT, HIT
Connection: keep-alive
Content-Length: 338540
X-Served-By: cache-iad-kiad7000148-IAD, cache-iad-kiad7000109-IAD, cache-fra-eddf8230084-FRA
Last-Modified: Thu, 11 May 2023 15:50:00 GMT
Server: cloudinary
X-Timer: S1684872885.142024,VS0,VE2
Etag: "0a6655caf808574124af9c28b734d46f"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 8356, 1

GET
H2 200 analytics.php Show response
rams.formstack.com/forms/ 0
322 B 166ms
166ms Script
application/javascript 52.85.132.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rams.formstack.com/forms/analytics.php?f=3703620&a=fv&m=embedded

Requested by

Host: static.formstack.com
URL: https://static.formstack.com/forms/js/3/analytics_7d49daa365.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.132.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-132-103.iad50.r.cloudfront.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:14:45 GMT
via: 1.1 1717f995f2ca7c5df4d0a972f90c1564.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains
server: nginx
x-amz-cf-pop: IAD50-C2
x-frame-options: sameorigin
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public
x-amz-cf-id: uNAy-ikL25hAE0OBZ4HdJdIOtc144gVoTX5Y0X62UVePwgPOFrK0LA==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 121ms
38ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: static.formstack.com
URL: https://static.formstack.com/forms/js/3/plugins/googleanalytics_c118a241fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 23 May 2023 19:04:54 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 4191
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Tue, 23 May 2023 21:04:54 GMT

GET
H2 200 fsa.js Show response
rams.formstack.com/js/ 54 KB
14 KB 108ms
108ms Script
application/javascript 52.85.132.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rams.formstack.com/js/fsa.js
Requested by: Host: static.formstack.com
URL: https://static.formstack.com/forms/js/3/scripts_0edcde2e8b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.132.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-132-103.iad50.r.cloudfront.net
Software: nginx /
Resource Hash: 179478bddb718a61355c3f83b9fc32dcb9c22ed470b3c63080475ab78ed9da15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:58:25 GMT
content-encoding: gzip
via: 1.1 1717f995f2ca7c5df4d0a972f90c1564.cloudfront.net (CloudFront)
last-modified: Mon, 22 May 2023 16:07:29 GMT
server: nginx
x-amz-cf-pop: IAD50-C2
age: 22580
etag: W/"646b9341-d8a9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, s-maxage=86400
x-amz-cf-id: 5AIM2L-nFds0_H8pVVtEP9Z0LHpgdEfdmSUsxoUV-3_xADXyZm65Nw==

GET
H2 200 calendar.png
rams.formstack.com/forms/images/2/ 529 B
866 B 109ms
109ms Image
image/png 52.85.132.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rams.formstack.com/forms/images/2/calendar.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.132.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-132-103.iad50.r.cloudfront.net
Software: nginx /
Resource Hash: 7cc54e74e6dbf5322743ddbf9d3eff9fc6a8015015eab90b7b4532c4e715b390

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 12:40:40 GMT
via: 1.1 1717f995f2ca7c5df4d0a972f90c1564.cloudfront.net (CloudFront)
last-modified: Mon, 22 May 2023 16:07:27 GMT
server: nginx
x-amz-cf-pop: IAD50-C2
age: 27245
etag: "646b933f-211"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, s-maxage=86400
accept-ranges: bytes
content-length: 529
x-amz-cf-id: 8bBinKi7ulheDMA9JqG743Md4enWkAotspp28Dvcs5O-DdZHVl7OdQ==

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 175ms
84ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305180101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305180101/pubads_impl.js?cb=31074815

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5276394b2ab219cc6aeee203359779930ad8022f44e6ecdd38dcf9f620dd0fcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:14:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11264
x-xss-protection: 0

GET
H/1.1 200
OK LA
static.www.nfl.com/t_q-best/league/api/clubs/logos/ 8 KB
4 KB 7ms
7ms Image
image/svg+xml 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.www.nfl.com/t_q-best/league/api/clubs/logos/LA

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/functions/intersectionObserver.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

bcec1a47d702627a87baa373da863f22a6133d09fabad9fa9182380dd654134e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 23 May 2023 20:14:45 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 571007
X-Cache: HIT, HIT
Content-Disposition: attachment; filename="LA"
Connection: keep-alive
Server-Timing: cld-fastly;mitm=f;dur=134;cpu=0;start=2023-05-17T05:37:57.862Z;desc=miss,rtt;dur=0,cloudinary;dur=129;start=2023-05-17T05:37:57.862Z
Content-Length: 3390
X-Served-By: cache-iad-kcgs7200127-IAD, cache-fra-eddf8230072-FRA
Last-Modified: Tue, 27 Oct 2020 18:38:40 GMT
Server: Cloudinary
X-Timer: S1684872885.197242,VS0,VE0
Etag: W/"f3c7a18a8a089614f6d239bc13034f14"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
Cache-Control: public, no-transform, immutable, max-age=31557600,no-cache
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Cache-Hits: 5711, 2

GET
H/1.1 200
OK x4bfi8idjpvcb0pwctto
static.clubs.nfl.com/image/private/f_auto/rams/ 41 KB
42 KB 9ms
8ms Image
image/webp 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/f_auto/rams/x4bfi8idjpvcb0pwctto
Requested by: Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/functions/intersectionObserver.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 3d73b5f59d6f4925cfdee376ad7738ec527111ae462a4ec9598b0e35beacccd5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 23 May 2023 20:14:45 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 1026003
Edge-Cache-Tag: 550201907655763978091652480802525651315,427243639673637129188351318415228242347,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 550201907655763978091652480802525651315,427243639673637129188351318415228242347,c34f21cfe162ce329654d565922e8c70
Status: 200 OK
X-Cache: MISS, HIT, HIT
Content-Disposition: inline; filename="x4bfi8idjpvcb0pwctto.webp"
Connection: keep-alive
Content-Length: 42082
X-Request-Id: 9adcd01473aecf151b94d49eaefdee55
X-Served-By: cache-iad-kcgs7200150-IAD, cache-iad-kjyo7100100-IAD, cache-fra-eddf8230084-FRA
Last-Modified: Thu, 11 May 2023 23:14:43 GMT
Server: cloudinary
X-Timer: S1684872885.197795,VS0,VE1
Etag: "0368e7a16ec7c581b8e5097b6021c567"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 2430, 1

GET
H/1.1 200
OK o83urxdquppaniilfg3g
static.clubs.nfl.com/image/private/f_auto/rams/ 32 KB
33 KB 8ms
8ms Image
image/webp 151.101.193.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/f_auto/rams/o83urxdquppaniilfg3g
Requested by: Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/functions/intersectionObserver.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 1e1de3e64b75a760b1fb4593b869ad888230f8b2daae2b418b017d206135a6e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 23 May 2023 20:14:45 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 1293894
Edge-Cache-Tag: 430180814662264295397231375559549420306,427243639673637129188351318415228242347,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 430180814662264295397231375559549420306,427243639673637129188351318415228242347,c34f21cfe162ce329654d565922e8c70
X-Cache: MISS, HIT, HIT
Content-Disposition: inline; filename="o83urxdquppaniilfg3g.webp"
Connection: keep-alive
Content-Length: 32856
X-Served-By: cache-iad-kiad7000120-IAD, cache-iad-kjyo7100163-IAD, cache-fra-eddf8230045-FRA
Last-Modified: Mon, 01 May 2023 23:58:58 GMT
Server: cloudinary
X-Timer: S1684872885.197735,VS0,VE1
Etag: "b43d835d75cc70cfee848a80ae6eca8d"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 78, 1

GET
H/1.1 200
OK LAC
static.www.nfl.com/t_q-best/league/api/clubs/logos/ 2 KB
2 KB 14ms
7ms Image
image/svg+xml 151.101.1.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.www.nfl.com/t_q-best/league/api/clubs/logos/LAC

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/functions/intersectionObserver.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

37fea85cfef13b0d55bf066260eb7f48a6101970d8eb86c9696f23ebaffa1c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 23 May 2023 20:14:45 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 4192118
X-Cache: HIT, HIT
Content-Disposition: attachment; filename="LAC"
Connection: keep-alive
Server-Timing: cld-fastly;mitm=f;dur=78;cpu=0;start=2023-04-05T07:46:06.167Z;desc=miss,rtt;dur=0,cloudinary;dur=73;start=2023-04-05T07:46:06.168Z
Content-Length: 1041
X-Served-By: cache-iad-kiad7000160-IAD, cache-fra-eddf8230072-FRA
Last-Modified: Tue, 27 Oct 2020 18:22:09 GMT
Server: Cloudinary
X-Timer: S1684872885.204848,VS0,VE0
Etag: W/"c35c63d2b0f344f428310ecb37a3d2eb"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
Cache-Control: public, no-transform, immutable, max-age=31557600,no-cache
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Cache-Hits: 43484, 2

GET /
adb2waycm-atl.netmng.com/cm/ Frame 57C1 0
0

GET
H2 200 main.19.8.411.js Show response
static.adsafeprotected.com/ Frame 0FB1 202 KB
63 KB 41ms
8ms Script
application/javascript 2600:9000:223f:9000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.411.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=929781&campId=728x90&pubId=5226435748&chanId=182654973&placementId=6287660768&pubCreative=138431504884&pubOrder=3193859903&cb=775113353&adsafe_par&impId=&custom=bottom&custom2=schedule&custom3=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:9000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6549333829c184ad798ef63121bdae7af134db23f02f95f04b786bfcbe915c28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:42:33 GMT
x-amz-version-id: VSvIdS_ZoKv.KP06_jGcx3TdJOJ7jNTw
content-encoding: gzip
via: 1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1229533
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 08 May 2023 20:43:27 GMT
server: AmazonS3
etag: W/"a39db77f2b09751cf3516d6055fd0496"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: OmtNSMiFXaa34wLH9dk_famCm5UAAD_SDowQNyBFOZKPZQo327Rh2Q==

GET
H2 200 main.19.8.411.js Show response
static.adsafeprotected.com/ Frame 9D28 202 KB
63 KB 45ms
16ms Script
application/javascript 2600:9000:223f:9000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.411.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=929781&campId=100x30&pubId=30702453&chanId=182654973&placementId=5362858293&pubCreative=138310656510&pubOrder=2691141984&cb=865396118&adsafe_par&impId=&custom=logo&custom2=schedule&custom3=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:9000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6549333829c184ad798ef63121bdae7af134db23f02f95f04b786bfcbe915c28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:42:33 GMT
x-amz-version-id: VSvIdS_ZoKv.KP06_jGcx3TdJOJ7jNTw
content-encoding: gzip
via: 1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1229533
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 08 May 2023 20:43:27 GMT
server: AmazonS3
etag: W/"a39db77f2b09751cf3516d6055fd0496"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: 7QkIbwCew-oDxJJedMSKtQJPC5aX6hmx10CzwLrCyAMc0K99tQ1uuQ==

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEESjrqVI3IDE82WGrvo9bps&google_cver=1
dpm.demdex.net/ Frame 57C1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NjQyMDAyNDAxMzE1MDc2ODEyOTM0NzI2NDgzOTg2NTQzMTQ1ODA=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEESjrqVI3IDE82WGrvo9bps&google_cver=1?gdpr=0&gdpr_consent=

42 B
942 B

30ms
30ms

Image
image/gif

52.49.215.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEESjrqVI3IDE82WGrvo9bps&google_cver=1?gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

52.49.215.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-215-81.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v048-0f7ff0385.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 3L1FD9lgQX4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Tue, 23 May 2023 20:14:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEESjrqVI3IDE82WGrvo9bps&google_cver=1?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 561B 91 KB
23 KB 7ms
7ms Script
application/javascript 2600:9000:223f:9000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: www.therams.com
URL: https://www.therams.com/schedule/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:9000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 21098309
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: gvh8hI-g7NmLM6PAm33RK134Mt1ViW9dXX90yAp6MzP6nmgB0AKbPA==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 40ms
39ms Image
image/gif 52.31.36.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=929781&campId=728x90&pubId=5226435748&chanId=182654973&placementId=6287660768&pubCreative=138431504884&pubOrder=3193859903&cb=775113353&adsafe_par&impId=&custom=bottom&custom2=schedule&custom3=&adsafe_url=https%3A%2F%2Fwww.therams.com%2Fschedule%2F&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.therams.com%2F&adsafe_type=f&adsafe_jsinfo=,id:dffb0e7d-dba0-cee4-a2c0-aebd037605f6,c:dtes8P,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-5cf46fd95f-g6sjs,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:436.9734.728.90,am:i,cc:436.9734.728.90,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:79,mot:0,app:0,maw:0,fm:tF74V6B+11%7C12%7C13%7C141%7C15*.929781%7C151,idMap:15*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:103,oid:75a2bc03-f9a6-11ed-947b-223e88b92099,v:19.8.411,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.36.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-36-112.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 20:14:45 GMT
server: nginx
x-server-name: app15.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 4E2D 91 KB
23 KB 7ms
7ms Script
application/javascript 2600:9000:223f:9000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: www.therams.com
URL: https://www.therams.com/schedule/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:9000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 21098309
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: NndZ5I2akCGOHkyY6kg3JWTiexIYOrMN-cSxUE39upMy-1giUMHZXQ==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 73ms
73ms Image
image/gif 52.31.36.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=929781&campId=100x30&pubId=30702453&chanId=182654973&placementId=5362858293&pubCreative=138310656510&pubOrder=2691141984&cb=865396118&adsafe_par&impId=&custom=logo&custom2=schedule&custom3=&adsafe_url=https%3A%2F%2Fwww.therams.com%2Fschedule%2F&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.therams.com%2F&adsafe_type=f&adsafe_jsinfo=,id:75e466df-b0f2-d806-ef62-a2729e531441,c:dtes9k,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-5cf46fd95f-84jz7,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:1324.717.100.30,am:i,cc:1324.717.100.30,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:123,mot:0,app:0,maw:0,fm:tF74V6F+11%7C12%7C13%7C14*.929781%7C141%7C151%7C152,idMap:14*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:129,oid:75a2bcae-f9a6-11ed-80be-2a066c6a54f1,v:19.8.411,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.36.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-36-112.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 20:14:45 GMT
server: nginx
x-server-name: app07.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
147 B 45ms
44ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1966049212&t=pageview&ni=1&_s=1&dl=https%3A%2F%2Fwww.therams.com%2Fschedule%2F&ul=en-us&de=UTF-8&dt=Rams%20Schedule%20%7C%20Los%20Angeles%20Rams%20-%20therams.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABCAAAACAAI~&jid=2139771882&gjid=1342273510&cid=1256100219.1684872885&tid=UA-122484269-1&_gid=1544759918.1684872885&_r=1&_slc=1&z=1094625023

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.therams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 May 2023 20:14:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.therams.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
193 B 37ms
37ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=1966049212&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.therams.com%2Fschedule%2F&ul=en-us&de=UTF-8&dt=Rams%20Schedule%20%7C%20Los%20Angeles%20Rams%20-%20therams.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Formstack%20Form%203703620&ea=view&el=form%20view&_u=IAhAAEABCAAAACAAI~&jid=&gjid=&cid=1256100219.1684872885&tid=UA-122484269-1&_gid=1544759918.1684872885&z=1306169402

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 18:21:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 6787
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305180101/pubads_impl.js?cb=31074815

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:14:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 23 May 2023 20:14:45 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
216 B 559ms
176ms Image
image/gif 2600:1f13:800:7780:68f0:a33:9e57:b3d0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=929781&asId=dffb0e7d-dba0-cee4-a2c0-aebd037605f6&tv=%7Bc:dtes9F,pingTime:-2,time:154,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:101,beZ:102,mfA:180,cmA:181,inA:181,inZ:185,prA:186,prZ:196,si:203,poA:204,poZ:220,cmZ:220,mfZ:220,loA:224,loZ:227,ltA:254,ltZ:254,mdA:102,mdZ:151%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:728,h:90,t:102%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:154,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:102,wc:0.0.1600.1200,ac:436.9734.728.90,am:i,cc:436.9734.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B73~0%5D,as:%5B73~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tF74V6B+11%7C12%7C13%7C141%7C15*.929781%7C151,idMap:15*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:IMG.qs,siq:103,slid:%5Bgoogle_ads_iframe_/4595/team.la/schedule_4,google_ads_iframe_/4595/team.la/schedule_4__container__,adv_club,main-content%5D,sinceFw:51,readyFired:true%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:68f0:a33:9e57:b3d0 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 20:14:45 GMT
server: nginx
x-server-name: dt08.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 559ms
177ms Image
image/gif 2600:1f13:800:7780:68f0:a33:9e57:b3d0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=929781&asId=75e466df-b0f2-d806-ef62-a2729e531441&tv=%7Bc:dtes9H,pingTime:0,time:152,type:pf,im:%7BpBlk:135%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:100,h:30,t:129%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:152,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:129,wc:0.0.1600.1200,ac:1324.717.100.30,am:i,cc:1324.717.100.30,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B28~100%5D,as:%5B28~100.30%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tF74V6F+11%7C12%7C13%7C14*.929781%7C141%7C151%7C152,idMap:14*,rmeas:1,rend:1,renddet:IMG.qs,siq:129%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:68f0:a33:9e57:b3d0 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 20:14:45 GMT
server: nginx
x-server-name: dt15.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 555ms
178ms Image
image/gif 2600:1f13:800:7780:68f0:a33:9e57:b3d0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=929781&asId=75e466df-b0f2-d806-ef62-a2729e531441&tv=%7Bc:dtes9M,pingTime:-2,time:157,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:144,beZ:145,mfA:268,cmA:268,inA:268,inZ:269,prA:269,prZ:271,si:273,poA:273,bl:279,poZ:279,cmZ:279,mfZ:279,loA:298,loZ:299,ltA:301,ltZ:301,mdA:145,mdZ:196%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:100,h:30,t:129%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:157,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:129,wc:0.0.1600.1200,ac:1324.717.100.30,am:i,cc:1324.717.100.30,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B33~100%5D,as:%5B33~100.30%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tF74V6F+11%7C12%7C13%7C14*.929781%7C141%7C151%7C152,idMap:14*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:IMG.qs,siq:129,slid:%5Bgoogle_ads_iframe_/4595/team.la/schedule_2,google_ads_iframe_/4595/team.la/schedule_2__container__,6d7098a7-4ae1-4e5c-806a-be476bbb8c35,main-content%5D,sinceFw:28,readyFired:true%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:68f0:a33:9e57:b3d0 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 20:14:45 GMT
server: nginx
x-server-name: dt02.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ Frame 57C1 43 B
394 B 143ms
110ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_user_id=64200240131507681293472648398654314580&p_id=38594

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-response-time: 103
date: Tue, 23 May 2023 20:14:45 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 93a3f2e3c5229068
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 1cca46d9f119866be630bef074ebe72948915bbbe5ae39ce2a5898b942b25e05
content-length: 43

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
349 B 56ms
18ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-122484269-1&cid=1256100219.1684872885&jid=2139771882&gjid=1342273510&_gid=1544759918.1684872885&_u=IAhAAEAACAAAACAAI~&z=65426265

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.therams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 23 May 2023 20:14:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.therams.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 501ms
176ms Image
image/gif 2600:1f13:800:7780:68f0:a33:9e57:b3d0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=929781&asId=75e466df-b0f2-d806-ef62-a2729e531441&tv=%7Bc:dtesaD,time:210,type:e,im:%7BpWait:5%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:210,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:129,wc:0.0.1600.1200,ac:1324.717.100.30,am:i,cc:1324.717.100.30,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B86~100%5D,as:%5B86~100.30%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tF74V6F+11%7C12%7C13%7C14*.929781%7C141%7C151%7C152,idMap:14*,rmeas:1,rend:1,renddet:IMG.qs,siq:129,sis:209%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:68f0:a33:9e57:b3d0 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 20:14:45 GMT
server: nginx
x-server-name: dt17.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C8B4 13 KB
5 KB 39ms
38ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.therams.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2076
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 19:40:09 GMT
expires: Wed, 22 May 2024 19:40:09 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D3CB 783 B
1 KB 139ms
49ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f774732e9e100253eca83ea89c1cd064721d52f80072effc3a013e5ac278ba66

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-R7FmsQhsJH0w2zW8Y6K5ZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 516
content-security-policy: script-src 'report-sample' 'nonce-R7FmsQhsJH0w2zW8Y6K5ZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 20:14:45 GMT
expires: Tue, 23 May 2023 20:14:45 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
296 B 136ms
76ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-122484269-1&cid=1256100219.1684872885&jid=2139771882&_u=IAhAAEAACAAAACAAI~&z=832315607

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 20:14:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 165ms
74ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-122484269-1&cid=1256100219.1684872885&jid=2139771882&_u=IAhAAEAACAAAACAAI~&z=832315607

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 20:14:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js Show response
pagead2.googlesyndication.com/bg/ Frame C8B4 37 KB
14 KB 112ms
37ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3c762b4ef4de2b480e630fc6f8397bcd169cbce56bc922f3d5ddc79a728c3cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 19:04:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4245
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14579
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 May 2024 19:04:00 GMT

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 57C1
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.everesttech.net%2F1x1%3F
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WkcwZXRBQUFBSUNFZ1FPWQ&url=/1/gr%3furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F&google_gid=CAESEGoy5RFLJt12OmbZe0T9Pug&google_cver=1
https://pixel.everesttech.net/1x1

128 B
796 B

30ms
29ms

Image
image/png

52.208.194.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 52.208.194.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-194-197.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 23 May 2023 20:14:45 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "36b521-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type: image/png
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Tue, 23 May 2023 20:14:45 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 57C1
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072980%26val%3D__EFGSURFER__.__EFGCK__
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WkcwZXRBQUFBSUNFZ1FPWQ&url=/1/gr%3furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEG...
https://pixel.everesttech.net/1x1

128 B
691 B

29ms
29ms

Image
image/png

52.208.194.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 52.208.194.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-194-197.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 23 May 2023 20:14:45 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "36b51f-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type: image/png
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Tue, 23 May 2023 20:14:45 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D3CB 0
0 69ms
69ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305180101&jk=72258887751063&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 248ms
177ms Image
image/gif 2600:1f13:800:7780:68f0:a33:9e57:b3d0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=929781&asId=dffb0e7d-dba0-cee4-a2c0-aebd037605f6&tv=%7Bc:dteseI,pingTime:-10,time:467,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEzLjAuNTY3Mi4xMjYgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1684872885695%7C%7Cb789d0b143c7b59c7546d2211781d851%7C%7Ce680db45f58fb4c44533cfaed40b3e29%7C%7C22df30d3bd66e159a6620c524a68b0d9%7C%7C84943b5c63370920c4bd392a32a4da49%7C%7Ccc9e962880932c839ae889d20ac73b10%7C%7C6b0909b8de2bc1c634ef483782923316%7C%7Cd2cd2459465f47d0a16479db8374d812%7C%7C1663701684%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:68f0:a33:9e57:b3d0 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 20:14:45 GMT
server: nginx
x-server-name: dt06.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C8B4 0
10 B 42ms
42ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?C_wP5g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:14:45 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 57C1
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fib.adnxs.com%2Fpxj%3Faction%3Dsetuid(%27__EFGSURFER__.__EFGCK__%27)%26bidder%3D51%26seg%3D2634060der%3D51%26seg%3D2634060
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WkcwZXRBQUFBSUNFZ1FPWQ&url=/1/gr%3furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%25...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D26...
https://pixel.everesttech.net/1x1

128 B
691 B

31ms
30ms

Image
image/png

52.208.194.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 52.208.194.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-194-197.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 23 May 2023 20:14:45 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b521-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type: image/png
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Tue, 23 May 2023 20:14:45 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 57C1
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fexpires%3D30%26nid%3D2181%26put%3D__EFGSURFER__.__EFGCK__%26v%3D11782
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WkcwZXRBQUFBSUNFZ1FPWQ&url=/1/gr%3furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpir...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2...
https://pixel.everesttech.net/1x1

128 B
691 B

29ms
28ms

Image
image/png

52.208.194.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 52.208.194.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-194-197.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 23 May 2023 20:14:45 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b521-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type: image/png
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Tue, 23 May 2023 20:14:45 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 Api.aspx Show response
auth-id.nfl.com/gs/webSdk/ Frame 0702 121 KB
43 KB 833ms
628ms Document
text/html 18.165.83.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-id.nfl.com/gs/webSdk/Api.aspx?apiKey=4_9uJbeFZZVmtKTfSv1bjUVQ&version=latest&build=13905

Requested by

Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.165.83.110 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-165-83-110.iad55.r.cloudfront.net

Software

Resource Hash

5867a7357896e38bf8f5516e3f267b0ad90f3b379f4754e62ed7914f1fc8ba1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.therams.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1585
cache-control: public, s-maxage=3600, max-age=900
content-encoding: gzip
content-length: 43452
content-type: text/html; charset=utf-8
date: Tue, 23 May 2023 19:48:21 GMT
edge-cache-tag: siteid_748934946734,ver_latest
edge-control: !no-store,max-age=1h
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 50d543ccd342bc50b5f1439e7bdddcc8.cloudfront.net (CloudFront)
x-amz-cf-id: SiT9AFzEhbBudKI5Rw2i6eL48x5ItWpGGlkdp77MJxLMAHKrN3AS8A==
x-amz-cf-pop: IAD55-P3
x-cache: Hit from cloudfront
x-callid: 2a51e92d6e0a4457822bd14a6856b006
x-error-code: 0
x-robots-tag: none
x-server: us1d-nomad-t12
x-soa: true, Gator

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 57C1
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%3D%26piggybackCookie%3D__EFGSURFER__.__EFGCK__
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WkcwZXRBQUFBSUNFZ1FPWQ&url=/1/gr%3furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fv...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggyb...
https://pixel.everesttech.net/1x1

128 B
691 B

32ms
31ms

Image
image/png

52.208.194.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 52.208.194.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-194-197.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 23 May 2023 20:14:46 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b521-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type: image/png
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Tue, 23 May 2023 20:14:46 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 57C1 70 B
265 B 112ms
32ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.therams.com&ttd_tpi=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 23 May 2023 20:14:46 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 177ms
176ms Image
image/gif 2600:1f13:800:7780:68f0:a33:9e57:b3d0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=929781&asId=75e466df-b0f2-d806-ef62-a2729e531441&tv=%7Bc:dteskJ,pingTime:-10,time:836,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEzLjAuNTY3Mi4xMjYgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1684872885695%7C%7Cb789d0b143c7b59c7546d2211781d851%7C%7Ce680db45f58fb4c44533cfaed40b3e29%7C%7C22df30d3bd66e159a6620c524a68b0d9%7C%7C84943b5c63370920c4bd392a32a4da49%7C%7Ccc9e962880932c839ae889d20ac73b10%7C%7C6b0909b8de2bc1c634ef483782923316%7C%7Cd2cd2459465f47d0a16479db8374d812%7C%7C1663701684,sca:%7Bspg:dffb0e7d-dba0-cee4-a2c0-aebd037605f6%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:68f0:a33:9e57:b3d0 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 20:14:46 GMT
server: nginx
x-server-name: dt04.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BA67 42 B
174 B 74ms
71ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuB_7kBDfSn74Va3_UShY8OgRXGFjfWvtgwCSEpWPHIX_0B1qrPYIy1hWjYrVPkcDme0xtWY3u6MCs69PpmO0cOiow2eNtdWhhXSIDB_KQuEg68-OGh&sig=Cg0ArKJSzN-izpy2v_xqEAE&id=lidar2&mcvt=1000&p=690,1324,720,1424&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230522&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1208089488&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684872884795&rpt=289&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 20:14:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

404

sync
ups.analytics.yahoo.com/ups/28/ Frame 57C1
Redirect Chain

https://pixel.advertising.com/ups/28/sync?uid=64200240131507681293472648398654314580&_origin=1&redir=true
https://ups.analytics.yahoo.com/ups/28/sync?uid=64200240131507681293472648398654314580&_origin=1&redir=true
https://ups.analytics.yahoo.com/ups/28/sync?uid=64200240131507681293472648398654314580&_origin=1&redir=true&verify=true

0
17 B

12ms
11ms

Image
text/plain

3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/28/sync?uid=64200240131507681293472648398654314580&_origin=1&redir=true&verify=true

Protocol

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.57 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:14:46 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/28/sync?uid=64200240131507681293472648398654314580&_origin=1&redir=true&verify=true
date: Tue, 23 May 2023 20:14:46 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 57C1
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D71%26external_user_id%3D__EFGSURFER__.__EFGCK__
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WkcwZXRBQUFBSUNFZ1FPWQ&url=/1/gr%3furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__&google_...
https://pixel.everesttech.net/1x1

128 B
691 B

29ms
28ms

Image
image/png

52.208.194.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 52.208.194.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-194-197.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 23 May 2023 20:14:46 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "36b521-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type: image/png
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Tue, 23 May 2023 20:14:46 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 73ms
72ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305180101&jk=72258887751063&bg=!zc6lzprNAAZ8_aWmXP07ADkAdvg8Wihvg10j0wJnO1-UwYtBBPdZJgSp9VOSXep6a9fuiy6CeKJEr1ydliHU9mRpwLhX5X8DWvECAAAAaVIAAAAMaAEHCgCd5hI3yShN8vhf9L00kiJnfWZg6ROphtvadfP2egOGjmuj3x5K3MF-J1ZUWxjM5KiX9is35VDBcJRJis-sKIUdmz5Rz1DvrDAgxZqQpiJg1_HjlH3o2LaS7MDCO7me26c_44TitPhYlpt3GSFhs6jzldEGjD2AXOM6dHlp4vfbxQvWT0rcRxiTz3j0LbCCEQryFza6dWn7G5xmoWrrC5kClCJ5YuXdOMZ4LUBm_ZlZDlFcDzZ4CoaAt4qbf1pdGZfCCLKhBKOuH8LG3nI4yV8LFdfUUXGS3ubSy5UyYhT-X-0CFgpfjsJJ_aij1AsO909XcTCcR5JhEGUmVB7A7WXgX8vszQqdeshb_ZkBxKlBsvxiY0eYlWYg2s1fv572AbyoJuNDs8X1n40LyHcvpw0u-YZLXs-hTlI5lUB_shEyyXHpCOInAEJKk0dl5JhKu2LYWMfad297vktabXzQtdFGgIG0-UXjnOoyzgHf8Veg9_htzsvJN8pX_h_J13OWjclMAOzyOwEXBoeEVMfS6d7WngZmeJDwndqAxE31P1yA2Jnvuu6iusq2zEkdA4G-0tGsB9zjYgJ_FiE0t50LVn44jXHspZFqlRtBleHePAeDtJWVQKhubZQjD9Iqr-cRXbuSlZtp00hnZAwWVbLODmx-VWJdXoVL1FgyLpRp9O9R1nad43TTzdfC2CtQ44EhBHS00iDgQqE_KF6Ryrbr4nuQDEkgbOqO30ggAhb9HQnmeweDMSJufy-WfqRhz8oWDexe3SNu82c0B1j_7sIVRQ86SRexM4XhQopXtnN250VNe4aOgIT6UNd5A0HDNMYllgL9PVWmq9b8H4sqKSue3UH2T7ogDc19iBnoe-6IXwbZ_oux9YKji_sRsOUguIZ21uhqumggOeNUYA4ELJ1Pc5zy9cvU4FEXG4zSDjzqryZ4mC3heYR2PLcnZ5eBY0DLWB5IQfSNhEvlBUW5bU3O3x3GPwkNIX_zc7WncZC5H8j25JSlpt4U7F6pkGG3cyIX-0pmGOTdTcyKGk0cRExZgZvZhH94svzZ3LL7ItkNI1M0MC_Cz2rPlnD6U1kk_2PSrDAhLYzq_g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H/1.1

200
OK

ibs:dpid=28645&dpuuid=ftvldYBxwPHyv3AWH4i3TTqWtAnX3kPQ&gdpr=0&gdpr_consent=
dpm.demdex.net/ Frame 57C1
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
https://gum.criteo.com/sync?s=1&c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=ftvldYBxwPHyv3AWH4i3TTqWtAnX3kPQ&gdpr=0&gdpr_consent=

42 B
942 B

30ms
29ms

Image
image/gif

52.49.215.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=28645&dpuuid=ftvldYBxwPHyv3AWH4i3TTqWtAnX3kPQ&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

52.49.215.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-215-81.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v048-02089365e.edge-irl1.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: SXnjWNYRT0o=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=ftvldYBxwPHyv3AWH4i3TTqWtAnX3kPQ&gdpr=0&gdpr_consent=
date: Tue, 23 May 2023 20:14:46 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1084688
content-length: 0

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 177ms
176ms Image
image/gif 2600:1f13:800:7780:68f0:a33:9e57:b3d0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=929781&asId=75e466df-b0f2-d806-ef62-a2729e531441&tv=%7Bc:dtespQ,pingTime:1,time:1153,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:100,h:30,t:129%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1153,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:129,wc:0.0.1600.1200,ac:1324.717.100.30,am:i,cc:1324.717.100.30,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1030~100%5D,as:%5B1030~100.30%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:187,fm:tF74V6F+11%7C12%7C13%7C14*.929781%7C141%7C151%7C152,idMap:14*,rmeas:1,rend:1,renddet:IMG.qs,siq:129,sis:209%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:68f0:a33:9e57:b3d0 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 20:14:46 GMT
server: nginx
x-server-name: dt21.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 178ms
177ms Image
image/gif 2600:1f13:800:7780:68f0:a33:9e57:b3d0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=929781&asId=75e466df-b0f2-d806-ef62-a2729e531441&tv=%7Bc:dtespR,pingTime:1,time:1154,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:100,h:30,t:129%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1154,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:129,wc:0.0.1600.1200,ac:1324.717.100.30,am:i,cc:1324.717.100.30,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1030~100%5D,as:%5B1030~100.30%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:187,fm:tF74V6F+11%7C12%7C13%7C14*.929781%7C141%7C151%7C152,idMap:14*,rmeas:1,rend:1,renddet:IMG.qs,siq:129,sis:209,metricId:publ1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:68f0:a33:9e57:b3d0 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 20:14:46 GMT
server: nginx
x-server-name: dt18.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 180ms
179ms Image
image/gif 2600:1f13:800:7780:68f0:a33:9e57:b3d0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=929781&asId=75e466df-b0f2-d806-ef62-a2729e531441&tv=%7Bc:dtespS,pingTime:1,time:1155,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:100,h:30,t:129%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1155,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:129,wc:0.0.1600.1200,ac:1324.717.100.30,am:i,cc:1324.717.100.30,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1031~100%5D,as:%5B1031~100.30%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:187,fm:tF74V6F+11%7C12%7C13%7C14*.929781%7C141%7C151%7C152,idMap:14*,rmeas:1,rend:1,renddet:IMG.qs,siq:129,sis:209,metricId:grpm1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:68f0:a33:9e57:b3d0 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 20:14:46 GMT
server: nginx
x-server-name: dt26.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H/1.1

200
OK

ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
dpm.demdex.net/ Frame 57C1
Redirect Chain

https://ps.eyeota.net/match?bid=6j5b2cv&uid=64200240131507681293472648398654314580&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

42 B
960 B

30ms
29ms

Image
image/gif

52.49.215.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

Protocol

HTTP/1.1

Server

52.49.215.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-215-81.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v048-0fa970038.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: gq4O4sGJRqM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error: 104,303
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=30064&dpuuid={UUID_6j5b2cv}
Date: Tue, 23 May 2023 20:14:46 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H/1.1

200
OK

ibs:dpid=30646
dpm.demdex.net/ Frame 57C1
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=64200240131507681293472648398654314580&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-bllBEyBE2pHqg2suVWHF7AG7gSWxccQnt8M-~A

42 B
942 B

32ms
31ms

Image
image/gif

52.49.215.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-bllBEyBE2pHqg2suVWHF7AG7gSWxccQnt8M-~A

Protocol

HTTP/1.1

Server

52.49.215.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-215-81.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v048-090422bc6.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: lGjtqCyKQqQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Tue, 23 May 2023 20:14:46 GMT
strict-transport-security: max-age=31536000
via: http/1.1 spdc0102.pbp.ir2.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
content-type: text/html;charset=utf-8
location: https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-bllBEyBE2pHqg2suVWHF7AG7gSWxccQnt8M-~A
content-length: 0

GET
H2 200 v2
odr.mookie1.com/t/ Frame 57C1 42 B
213 B 77ms
23ms Image
image/gif 34.160.236.64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2?tagid=V2_676804&src.visitorId=64200240131507681293472648398654314580&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.236.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.236.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:14:46 GMT
via: 1.1 google
last-modified: Tue, 28 Jun 2022 14:08:50 GMT
server: nginx
etag: "62bb0b72-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 57C1
Redirect Chain

https://cm.everesttech.net/cm/yh
https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=ZG0etAAAAICEgQOY&sigv=1&esig=1~caf4a255b4487a5bd6379f69f6f7683ed405748c

0
194 B

80ms
21ms

Image
text/plain

2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=ZG0etAAAAICEgQOY&sigv=1&esig=1~caf4a255b4487a5bd6379f69f6f7683ed405748c

Protocol

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:14:46 GMT
strict-transport-security: max-age=31536000
cache-control: no-store
x-content-type-options: nosniff
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=ZG0etAAAAICEgQOY&sigv=1&esig=1~caf4a255b4487a5bd6379f69f6f7683ed405748c
Date: Tue, 23 May 2023 20:14:46 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 sdk.config.get Show response
auth-id.nfl.com/ Frame 0702 5 KB
2 KB 103ms
102ms Fetch
text/javascript 18.165.83.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-id.nfl.com/sdk.config.get?apiKey=4_9uJbeFZZVmtKTfSv1bjUVQ&httpStatusCodes=true
Requested by: Host: auth-id.nfl.com
URL: https://auth-id.nfl.com/gs/webSdk/Api.aspx?apiKey=4_9uJbeFZZVmtKTfSv1bjUVQ&version=latest&build=13905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.83.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-83-110.iad55.r.cloudfront.net
Software: /
Resource Hash: 47adb1be0669d98db3ba38103f9a0b125f9444a5704bdb9135ecd20eb5620b10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-id.nfl.com/gs/webSdk/Api.aspx?apiKey=4_9uJbeFZZVmtKTfSv1bjUVQ&version=latest&build=13905
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:13:16 GMT
content-encoding: gzip
via: 1.1 50d543ccd342bc50b5f1439e7bdddcc8.cloudfront.net (CloudFront)
x-soa: true, Gator
x-amz-cf-pop: IAD55-P3
age: 90
edge-cache-tag: siteid_748934946734
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
edge-control: !no-store,max-age=1h
x-cache: Hit from cloudfront
x-error-code: 0
content-length: 2002
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-callid: 72e37c4017a542419f7621f3eb53bba6
cache-control: public, s-maxage=120, max-age=60
x-server: us1d-nomad-t14
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: iKDmaskHaZoyD4MTwr2zeIFCG4AE98gIumXNtzw7EpKKCO1ds-3AJw==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 57C1
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WkcwZXRBQUFBSUNFZ1FPWQ==

170 B
188 B

54ms
53ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WkcwZXRBQUFBSUNFZ1FPWQ==

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 20:14:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230095-FRA
pragma: no-cache
date: Tue, 23 May 2023 20:14:46 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1684872887.903195,VS0,VE0
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WkcwZXRBQUFBSUNFZ1FPWQ==
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 57C1
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZG0etAAAAICEgQOY&expires=90

0
239 B

83ms
10ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZG0etAAAAICEgQOY&expires=90
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by: cache-fra-eddf8230095-FRA
pragma: no-cache
date: Tue, 23 May 2023 20:14:46 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1684872887.980910,VS0,VE0
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZG0etAAAAICEgQOY&expires=90
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 accounts.webSdkBootstrap Show response
auth-id.therams.com/ 199 B
1 KB 417ms
127ms XHR
text/javascript 52.85.151.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-id.therams.com/accounts.webSdkBootstrap?apiKey=4_9uJbeFZZVmtKTfSv1bjUVQ&pageURL=https%3A%2F%2Fwww.therams.com%2Fschedule%2F&sdk=js_latest&sdkBuild=13905&format=json
Requested by: Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.151.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-151-12.iad89.r.cloudfront.net
Software: /
Resource Hash: 4b2cd5f5312c929a7b88c849b835ae23744142442c387622a1aae04c5703ee6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:14:46 GMT
content-encoding: gzip
via: 1.1 7ba3a61255419c2e0d9e131796899e10.cloudfront.net (CloudFront)
x-soa: true, Gator
x-amz-cf-pop: IAD89-C3
x-cache: Miss from cloudfront
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
x-error-code: 0
content-length: 174
access-control-max-age: 86400
access-control-allow-methods: GET,PUT,DELETE,HEAD,OPTIONS,POST,PATCH
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://www.therams.com
x-callid: c821d0473a7c46b09d345083af878f13
cache-control: private
access-control-allow-credentials: true
x-server: us1d-nomad-t5
vary: Origin, Accept-Encoding
x-robots-tag: none
x-amz-cf-id: CyG45zscX3Abvp-d4ofxMhvyPqEMjFy0TD_QWg3YxILTAA1f7dI51w==

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 57C1
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZG0etAAAAICEgQOY
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZG0etAAAAICEgQOY&C=1

43 B
766 B

9ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZG0etAAAAICEgQOY&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 May 2023 20:14:47 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 23 May 2023 20:14:47 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=88&external_user_id=ZG0etAAAAICEgQOY&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 57C1
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
https://ib.adnxs.com/setuid?entity=158&code=ZG0etAAAAICEgQOY

43 B
1 KB

250ms
250ms

Image
image/gif

185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=158&code=ZG0etAAAAICEgQOY

Protocol

HTTP/1.1

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 May 2023 20:14:47 GMT
AN-X-Request-Uuid: 12768e79-02cd-4a08-a6d4-cb12d42fdcf7
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.164; 185.213.155.164; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230095-FRA
pragma: no-cache
date: Tue, 23 May 2023 20:14:47 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1684872887.185296,VS0,VE0
x-cache: HIT
location: https://ib.adnxs.com/setuid?entity=158&code=ZG0etAAAAICEgQOY
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 57C1
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZG0etAAAAICEgQOY

43 B
273 B

69ms
20ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZG0etAAAAICEgQOY
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 20:14:47 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230095-FRA
pragma: no-cache
date: Tue, 23 May 2023 20:14:47 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1684872887.287063,VS0,VE0
x-cache: HIT
location: https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZG0etAAAAICEgQOY
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 57C1
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZG0etAAAAICEgQOY

1 B
451 B

71ms
16ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZG0etAAAAICEgQOY
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Tue, 23 May 2023 20:14:47 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

x-served-by: cache-fra-eddf8230095-FRA
pragma: no-cache
date: Tue, 23 May 2023 20:14:47 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1684872887.389783,VS0,VE0
x-cache: HIT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZG0etAAAAICEgQOY
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 sso.htm Show response
auth-id.nfl.com/gs/ Frame DC1E 92 KB
32 KB 114ms
113ms Document
text/html 18.165.83.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=13905

Requested by

Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.165.83.110 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-165-83-110.iad55.r.cloudfront.net

Software

Resource Hash

87a82d481e925f978a405e757393442f8e18d268c1925520dc8589af04982eaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.therams.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1746
cache-control: public, s-maxage=3600, max-age=900
content-encoding: gzip
content-length: 32594
content-type: text/html; charset=utf-8
date: Tue, 23 May 2023 19:45:41 GMT
edge-cache-tag: siteid_7827621,ver_latest
edge-control: !no-store,max-age=1h
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 50d543ccd342bc50b5f1439e7bdddcc8.cloudfront.net (CloudFront)
x-amz-cf-id: b0UvSDVcAcRlOmZAzJJpDgBN_Xbz7nRz3cqHA563ZWCXAsmoAXYI2Q==
x-amz-cf-pop: IAD55-P3
x-cache: Hit from cloudfront
x-callid: 0fcb77470b9542649b2f26979f3595f9
x-error-code: 0
x-robots-tag: none
x-server: us1d-nomad-t3
x-soa: true, Gator

GET
H2 200 sso.htm Show response
auth-id.nfl.com/gs/ Frame 15DD 92 KB
32 KB 341ms
340ms Document
text/html 18.165.83.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=13905

Requested by

Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.165.83.110 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-165-83-110.iad55.r.cloudfront.net

Software

Resource Hash

87a82d481e925f978a405e757393442f8e18d268c1925520dc8589af04982eaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.therams.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1746
cache-control: public, s-maxage=3600, max-age=900
content-encoding: gzip
content-length: 32594
content-type: text/html; charset=utf-8
date: Tue, 23 May 2023 19:45:41 GMT
edge-cache-tag: siteid_7827621,ver_latest
edge-control: !no-store,max-age=1h
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 50d543ccd342bc50b5f1439e7bdddcc8.cloudfront.net (CloudFront)
x-amz-cf-id: JBooCIJRj9Chp4NY-K-HlxJPJfOOSLkzzjACWorDWTGARRrVdQ7Sfg==
x-amz-cf-pop: IAD55-P3
x-cache: Hit from cloudfront
x-callid: 0fcb77470b9542649b2f26979f3595f9
x-error-code: 0
x-robots-tag: none
x-server: us1d-nomad-t3
x-soa: true, Gator

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 57C1
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZG0etAAAAICEgQOY&img=1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZG0etAAAAICEgQOY&img=1&__user_check__=1&sync_id=7714558c-f9a6-11ed-87b2-14c817940206

43 B
549 B

23ms
22ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZG0etAAAAICEgQOY&img=1&__user_check__=1&sync_id=7714558c-f9a6-11ed-87b2-14c817940206
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 23 May 2023 20:14:47 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 105
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Tue, 23 May 2023 20:14:47 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: /partner?adv_id=6409&uid=ZG0etAAAAICEgQOY&img=1&__user_check__=1&sync_id=7714558c-f9a6-11ed-87b2-14c817940206
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 33
Connection: keep-alive
Content-Length: 0

GET
H2 200 sdk.config.get Show response
auth-id.nfl.com/ Frame DC1E 5 KB
2 KB 229ms
229ms Fetch
text/javascript 18.165.83.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-id.nfl.com/sdk.config.get?apiKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&httpStatusCodes=true
Requested by: Host: auth-id.nfl.com
URL: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=13905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.83.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-83-110.iad55.r.cloudfront.net
Software: /
Resource Hash: a7bc4377adaac203747e4a3d22bd42b058ce1e26a377b158b2b8edd086c36ea5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=13905
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:14:11 GMT
content-encoding: gzip
via: 1.1 50d543ccd342bc50b5f1439e7bdddcc8.cloudfront.net (CloudFront)
x-soa: true, Gator
x-amz-cf-pop: IAD55-P3
age: 36
edge-cache-tag: siteid_7827621
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
edge-control: !no-store,max-age=1h
x-cache: Hit from cloudfront
x-error-code: 0
content-length: 2002
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-callid: 59d6d8c48dd74ea59f7cd6400537d936
cache-control: public, s-maxage=120, max-age=60
x-server: us1d-nomad-t17
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: FfX4fCcWTAsZAf4JnLIkI0eFbbaSZo4ItqOF_LwejlUhJ1E2dEfU7g==

GET
H2

200

b.php
www.facebook.com/fr/ Frame 57C1
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZG0etAAAAICEgQOY&t=2592000&o=0

43 B
889 B

70ms
31ms

Image
image/gif

2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZG0etAAAAICEgQOY&t=2592000&o=0

Protocol

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:14:47 PDT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
pragma: public
x-fb-debug: EbFkyYRs1Mhhz+xVgQYFdbnFhEUevXKXk8KEZ/SCzKC1TqtCqZw5Kt3xOsIwI0G0TwpFHoiqvi8gwfFQeKaDHQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: image/gif
origin-agent-cluster: ?0
cache-control: public, max-age=0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Tue, 23 May 2023 13:14:47 PDT

Redirect headers

x-served-by: cache-fra-eddf8230095-FRA
pragma: no-cache
date: Tue, 23 May 2023 20:14:47 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1684872888.623150,VS0,VE0
x-cache: HIT
location: https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZG0etAAAAICEgQOY&t=2592000&o=0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 cm
trc.taboola.com/sg/adobe/1/ Frame 57C1 43 B
374 B 53ms
17ms Image
image/gif 2a04:4e42::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-vcl-time-ms: 10
pragma: no-cache
date: Tue, 23 May 2023 20:14:47 GMT
via: 1.1 varnish
x-served-by: cache-fra-eddf8230020-FRA
server: nginx
x-timer: S1684872888.759801,VS0,VE10
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 sdk.config.get Show response
auth-id.nfl.com/ Frame 15DD 5 KB
2 KB 1388ms
1387ms Fetch
text/javascript 18.165.83.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-id.nfl.com/sdk.config.get?apiKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&httpStatusCodes=true
Requested by: Host: auth-id.nfl.com
URL: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=13905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.83.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-83-110.iad55.r.cloudfront.net
Software: /
Resource Hash: a7bc4377adaac203747e4a3d22bd42b058ce1e26a377b158b2b8edd086c36ea5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=13905
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:14:11 GMT
content-encoding: gzip
via: 1.1 50d543ccd342bc50b5f1439e7bdddcc8.cloudfront.net (CloudFront)
x-soa: true, Gator
x-amz-cf-pop: IAD55-P3
age: 38
edge-cache-tag: siteid_7827621
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
edge-control: !no-store,max-age=1h
x-cache: Hit from cloudfront
x-error-code: 0
content-length: 2002
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-callid: 59d6d8c48dd74ea59f7cd6400537d936
cache-control: public, s-maxage=120, max-age=60
x-server: us1d-nomad-t17
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: oJru4xblm3T0bhYTID3fyoFsFdR5U9gxIpyccsCcwVIRxeBAYAQkWQ==

GET
H/1.1

200
OK

ibs:dpid=152416&dpuuid=
dpm.demdex.net/ Frame 57C1
Redirect Chain

https://ads.undertone.com/u?dp=32&url=https%3A//dpm.demdex.net/ibs%3Adpid%3D152416%26dpuuid%3D
https://evt.undertone.com/u?dp=32&url=https%3A//dpm.demdex.net/ibs%3Adpid%3D152416%26dpuuid%3D
https://dpm.demdex.net/ibs:dpid=152416&dpuuid=

42 B
960 B

30ms
29ms

Image
image/gif

52.49.215.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=152416&dpuuid=

Protocol

HTTP/1.1

Server

52.49.215.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-215-81.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v048-0f9a9001c.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: hC/2HdHNQf4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error: 300,104
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Tue, 23 May 2023 20:14:48 GMT
via: 1.1 4ce044af637284f41cd11c7043e8eaaa.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: IAD55-P4
x-cache: Miss from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
location: https://dpm.demdex.net/ibs:dpid=152416&dpuuid=
cache-control: private, max-age=0, no-cache
x-envoy-upstream-service-time: 1
content-length: 0
x-amz-cf-id: 2V6ueza5i8la5G3QWYqwJ9gZC7OOXiWvZ21YHjpJWX9bnCCuj8uemw==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 57C1
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433
https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433&dcc=t
https://dpm.demdex.net/ibs:dpid=139200&dpuuid=lUOMxqVEQ6OINgxNhzw7fw&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=64200240131507681293472648398654314580

43 B
479 B

118ms
117ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=64200240131507681293472648398654314580

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 May 2023 20:14:48 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: S864FM2CA65SG4DATTPZ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS: dcs-prod-irl1-1-v048-0d6340410.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: j/lt3cSKQUk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=64200240131507681293472648398654314580
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 client.js Show response
apis.google.com/js/ 17 KB
7 KB 132ms
48ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/client.js?onload=__gigya_handleClientLoad

Requested by

Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ae0778253dda8b156d65084c6265a3e26630e097b93a9e847d03c44462b8952

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 23 May 2023 20:14:49 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6906
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "3fc94a4cf91bdd80"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 May 2023 20:14:49 GMT

GET
H2 200 sso.htm Show response
auth-id.nfl.com/gs/ Frame AD82 92 KB
32 KB 113ms
113ms Document
text/html 18.165.83.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=13905

Requested by

Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.165.83.110 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-165-83-110.iad55.r.cloudfront.net

Software

Resource Hash

87a82d481e925f978a405e757393442f8e18d268c1925520dc8589af04982eaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.therams.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1748
cache-control: public, s-maxage=3600, max-age=900
content-encoding: gzip
content-length: 32594
content-type: text/html; charset=utf-8
date: Tue, 23 May 2023 19:45:41 GMT
edge-cache-tag: siteid_7827621,ver_latest
edge-control: !no-store,max-age=1h
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 50d543ccd342bc50b5f1439e7bdddcc8.cloudfront.net (CloudFront)
x-amz-cf-id: 4Mu9Kg2ZNAFDVj83svtV7g5PG2hlT5QE8Lds8UDfImYDj6uBpVD17A==
x-amz-cf-pop: IAD55-P3
x-cache: Hit from cloudfront
x-callid: 0fcb77470b9542649b2f26979f3595f9
x-error-code: 0
x-robots-tag: none
x-server: us1d-nomad-t3
x-soa: true, Gator

GET
H2 200 sdk.js Show response
connect.facebook.net/en_EN/ 3 KB
3 KB 39ms
8ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_EN/sdk.js

Requested by

Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5b8b7e82182ce6c7a0f003f041272d7e74fe85f82e79b658e1953fc4c6822e37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 23 May 2023 20:14:49 GMT
content-md5: MvHVkbi6iQOukZ3Ui0NKlw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: PQlwk5NYCEC+AJddr5Uo4MjAyGMtrpqd7euLyfXYziC2cvE7VhEqHO8q6iG09+LgeVbv+MQjgTwKJc4vUBm31w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
x-fb-content-md5: 92956e57d6f27a399eb25ac3a6914e50
cross-origin-opener-policy: same-origin-allow-popups
etag: "2677fd127c5cd769aaba7d138fdf5973"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options: DENY
timing-allow-origin: *
expires: Tue, 23 May 2023 20:19:04 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 301 KB
85 KB 19ms
10ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=be591c5071875aea3ad87cf4388c8362

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_EN/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3413f9d07e1894f9029aeb0dcf5457395d8ad2fab7023093fcbd5f75f4c80e71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.therams.com/
Origin: https://www.therams.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 23 May 2023 20:14:49 GMT
content-md5: 41uERgG3mR50bBWbHXxkOg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87160
x-fb-rlafr: 0
x-fb-debug: znsyDanUrcZXwvsGDJLT6Q3yvdU0ITzTLTsl+xl6C+CsmikLzHZ5RM0/1rKQsuyvN7G5oNyt9sIIIiyBPfYj7g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: b90917280c4fb42de392bd6eeb6521c4
cross-origin-opener-policy: same-origin-allow-popups
etag: "773cbba89ecc8fc242a808517ed1d0e4"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Wed, 22 May 2024 11:16:23 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 30ms
29ms Fetch
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=404205130228139&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.therams.com%2Fschedule%2F&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=be591c5071875aea3ad87cf4388c8362

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
date: Tue, 23 May 2023 20:14:49 GMT
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: 2bA02CILHUQ0aDqqXOEJ6u+huvlJvBoQ5PwUSzB24yJZf3OPi5xq3keY93UOPNScxB8hTOahkA41XnG/yJoaJQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.therams.com
origin-agent-cluster: ?0
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sdk.config.get Show response
auth-id.nfl.com/ Frame AD82 5 KB
2 KB 103ms
103ms Fetch
text/javascript 18.165.83.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-id.nfl.com/sdk.config.get?apiKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&httpStatusCodes=true
Requested by: Host: auth-id.nfl.com
URL: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=13905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.83.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-83-110.iad55.r.cloudfront.net
Software: /
Resource Hash: a7bc4377adaac203747e4a3d22bd42b058ce1e26a377b158b2b8edd086c36ea5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=13905
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:14:11 GMT
content-encoding: gzip
via: 1.1 50d543ccd342bc50b5f1439e7bdddcc8.cloudfront.net (CloudFront)
x-soa: true, Gator
x-amz-cf-pop: IAD55-P3
age: 38
edge-cache-tag: siteid_7827621
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
edge-control: !no-store,max-age=1h
x-cache: Hit from cloudfront
x-error-code: 0
content-length: 2002
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-callid: 59d6d8c48dd74ea59f7cd6400537d936
cache-control: public, s-maxage=120, max-age=60
x-server: us1d-nomad-t17
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 9fww5VSIs8ROqnxNMl2OtY-jNA0NBrbOSGS_ZjuqV9YmW1i3EFnYwA==

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.quWKHAGG1QE.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-FBhA1aZ_gWZ06fFcx8vCwNNGKoQ/ 315 KB
108 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.quWKHAGG1QE.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-FBhA1aZ_gWZ06fFcx8vCwNNGKoQ/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/client.js?onload=__gigya_handleClientLoad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e779992ace543f715102af0c31dd34d3b2f65bff0ba108d0a10cfef268ea32b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 08:54:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40807
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 109921
x-xss-protection: 0
last-modified: Sat, 01 Apr 2023 15:23:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 May 2024 08:54:42 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 176ms
176ms Image
image/gif 2600:1f13:800:7780:68f0:a33:9e57:b3d0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=929781&asId=75e466df-b0f2-d806-ef62-a2729e531441&tv=%7Bc:dtetsm,pingTime:5,time:5153,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:100,h:30,t:129%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5153,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:129,wc:0.0.1600.1200,ac:1324.717.100.30,am:i,cc:1324.717.100.30,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5029~100%5D,as:%5B5029~100.30%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:183,fm:tF74V6F+11%7C12%7C13%7C14*.929781%7C141%7C151%7C152,idMap:14*,rmeas:1,rend:1,renddet:IMG.qs,siq:129,sis:209%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:68f0:a33:9e57:b3d0 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 20:14:50 GMT
server: nginx
x-server-name: dt05.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: adb2waycm-atl.netmng.com
URL: https://adb2waycm-atl.netmng.com/cm/

Verdicts & Comments Add Verdict or Comment

153 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

55 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.therams.com/	1969-12-31 23:59:59	Name: at_check Value: true
.therams.com/	1970-01-20 21:37:12	Name: adobeujs-optin Value: %7B%22aam%22%3Afalse%2C%22adcloud%22%3Afalse%2C%22aa%22%3Afalse%2C%22campaign%22%3Afalse%2C%22ecid%22%3Afalse%2C%22livefyre%22%3Afalse%2C%22target%22%3Afalse%2C%22mediaaa%22%3Afalse%7D
.demdex.net/	1970-01-20 16:20:24	Name: demdex Value: 64200240131507681293472648398654314580
.therams.com/	1969-12-31 23:59:59	Name: AMCVS_F75C3025512D2C1D0A490D44%40AdobeOrg Value: 1
static.formstack.com/	1970-01-20 12:11:17	Name: AWSALBCORS Value: CsIkv9EhTHZ9b3pJgYMJsg2KvSD7dQzbGDOpCbxCWaacDHr5YzyRafj/aDInnza8gmRlh++iUkoAy9pMo0wkwhoDDL52MdSCMdusNA/RgT4W2Ole5QaNbQWX+2K4
.therams.com/	1970-01-20 21:37:12	Name: mbox Value: session#27aa3d5c2e574cdea4b273c12ecb6ab7#1684874745\|PC#27aa3d5c2e574cdea4b273c12ecb6ab7.37_0#1748117685
.everesttech.net/	1970-01-20 20:46:48	Name: everest_g_v2 Value: g_surferid~ZG0etAAAAICEgQOY
.dpm.demdex.net/	1970-01-20 16:20:24	Name: dpm Value: 64200240131507681293472648398654314580
.therams.com/	1970-01-20 21:37:12	Name: AMCV_F75C3025512D2C1D0A490D44%40AdobeOrg Value: 179643557%7CMCIDTS%7C19501%7CMCMID%7C64366209744294176623493291579693294827%7CMCAAMLH-1685477684%7C6%7CMCAAMB-1685477684%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1684880084s%7CNONE%7CMCSYNCSOP%7C411-19508%7CvVersion%7C5.5.0
.mathtag.com/	1970-01-20 21:27:08	Name: uuid Value: 3ab5646d-1eb4-4000-8547-a31c89bcda9c
.exelator.com/	1970-01-20 14:54:00	Name: EE Value: "23ed69ad3da43af1305796d376d7394a"
.therams.com/	1970-01-20 20:46:48	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Tue+May+23+2023+20%3A14%3A44+GMT%2B0000+(GMT)&version=202303.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=1d0cd07d-f96f-4ecd-ac20-71150a3777c0&interactionCount=0&landingPath=https%3A%2F%2Fwww.therams.com%2Fschedule%2F&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0
.exelator.com/	1970-01-20 14:54:00	Name: ud Value: "eJxrXxzq6XKLQcHIODXFzDIxxTgl0cQ4Mc3Q2MDU3NIsxdjcLMXc2NIkcXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQeEl%252BUWb6IhfXxUUpaQyLSopPBR9RVQAAlyQpcg%253D%253D"
.w55c.net/	1970-01-20 21:32:53	Name: wfivefivec Value: FaXYjxDi1Q1yp65
.w55c.net/	1970-01-20 12:44:24	Name: matchdmx Value: 5
.therams.com/	1970-01-20 21:22:48	Name: __gads Value: ID=e52bc9d806854855:T=1684872884:S=ALNI_MZ7lXj6YUf01Q2nR1U8Q-3KyO4BxQ
.therams.com/	1970-01-20 21:22:48	Name: __gpi Value: UID=00000c1a3a94dc46:T=1684872884:RT=1684872884:S=ALNI_MYc62WCRnelGh2gMvl3nOCPC9rdTQ
.adnxs.com/	1970-01-20 14:10:48	Name: uuid2 Value: 3955446442563860411
.doubleclick.net/	1970-01-20 21:22:48	Name: IDE Value: AHWqTUkBTi_r_ElDt2uxYD4uYxrCvSBhn8JYNfIh38SemFIZFCy2aCrqeYRc58E3_Ug
.www.therams.com/	1969-12-31 23:59:59	Name: gig_canary Value: false
.www.therams.com/	1969-12-31 23:59:59	Name: gig_canary_ver Value: 13905-3-28081200
.turn.com/	1970-01-20 16:20:24	Name: uid Value: 8677260299256887821
rams.formstack.com/	1970-01-20 12:11:17	Name: AWSALBCORS Value: ALFNK64xq8q0M6rmF/p7S0IBhPT6P9Muw8xoYzPSot9UTgZOBrJ4mtwMKlRVUxqRE75U3XLST1nkuHRzdSBHp5cSYi3i7g0NIRnPXsDXIe+TV9rmgYwM3sliqSDp
.therams.com/	1970-01-20 21:37:12	Name: FSAV Value: 1263112057.501713755.1684872885.1684872885.1684872885.1.
.therams.com/	1970-01-20 16:24:00	Name: FSAC Value: 1263112057.1684872885.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)
.therams.com/	1970-01-20 21:37:12	Name: _ga Value: GA1.2.1256100219.1684872885
.therams.com/	1970-01-20 12:02:39	Name: _gid Value: GA1.2.1544759918.1684872885
.therams.com/	1970-01-20 12:01:12	Name: _gat Value: 1
.twitter.com/	1970-01-20 21:37:12	Name: personalization_id Value: "v1_hukUgUeOBb0CE6rEC3lbqg=="
.everesttech.net/	1970-01-20 12:45:51	Name: ev_sync_ax Value: 20230523
.everesttech.net/	1969-12-31 23:59:59	Name: everest_session_v2 Value: ZG0etQAAAGfStXIZ
.advertising.com/	1970-01-20 20:47:10	Name: A3 Value: d=AQABBLYebWQCEIJTNWA7K4-dHHcuqv1wARIFEgEBAQFwbmR3ZOANyiMA_eMAAA&S=AQAAAvtRp8ukxOBnnYc_dX7UMsc
.yahoo.com/	1970-01-20 20:47:10	Name: A3 Value: d=AQABBLYebWQCENyZsabH7zDFw0aaPDI82JkFEgEBAQFwbmR3ZOANyiMA_eMAAA&S=AQAAAgsmUlJWzOd64gA2pMQ2SlQ
.criteo.com/	1970-01-20 21:22:48	Name: uid Value: a0a89fa4-1593-4bdd-a673-3e15371363c6
.eyeota.net/	1970-01-20 12:01:13	Name: SERVERID Value: 22511~DM
.everesttech.net/	1970-01-20 12:45:51	Name: ev_sync_yh Value: 20230523
.auth-id.nfl.com/	1970-01-20 20:46:48	Name: apiDomain_3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P Value: auth-id.therams.com
.casalemedia.com/	1970-01-20 20:46:48	Name: CMID Value: ZG0et39AcHOwkXZjNkd-2AAA
.casalemedia.com/	1970-01-20 14:10:48	Name: CMPS Value: 1187
.casalemedia.com/	1970-01-20 14:10:48	Name: CMPRO Value: 1187
.auth-id.therams.com/	1970-01-20 20:48:15	Name: gmid Value: gmid.ver4.AcbH9ZSpgw.z86bC8ozUGlQJ2RKyRz5tOsEW5LRGziymQ90SsN5jZda5dgIAYRBYHR95cmwE9EA.len_txN6u81cOdxAR9imEGBP6mFaEsWi2TT6ZmeK7xZt_w-0qCKwOV2CczqnM6IXWpzr_vLFXEVLt6N0QIQGxA.sc3
.auth-id.therams.com/	1970-01-20 20:48:15	Name: ucid Value: khyz_lMyHLHWZU4MOYpUUA
.auth-id.therams.com/	1970-01-20 16:26:14	Name: hasGmid Value: ver4
.therams.com/	1970-01-20 20:46:48	Name: gig_bootstrap_4_9uJbeFZZVmtKTfSv1bjUVQ Value: auth-id_ver4
.adnxs.com/	1970-01-20 14:10:48	Name: anj Value: dTM7k!M4.FErk#WF']wIg2In@k<J0%!]tbPl1MwL(!R7qUY%jM9$+9%(=u:NZChwk%BjZ6EQO^[9RFMZ9bmtwgM/]vGiOa(8!80tDYw?IEBnq=!'q^?2LBgR
.pubmatic.com/	1970-01-20 14:10:48	Name: KRTBCOOKIE_218 Value: 4056-ZG0etAAAAICEgQOY&KRTB&22978-ZG0etAAAAICEgQOY&KRTB&23194-ZG0etAAAAICEgQOY&KRTB&23209-ZG0etAAAAICEgQOY
.pubmatic.com/	1970-01-20 12:44:24	Name: PugT Value: 1684872887
.spotxchange.com/	1970-01-20 12:41:32	Name: audience Value: 77145538-f9a6-11ed-87b2-14c817940206
.auth-id.nfl.com/	1970-01-20 20:46:48	Name: gig_canary_3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P Value: false
.auth-id.nfl.com/	1970-01-20 20:46:48	Name: gig_canary_ver_3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P Value: 13905-3-28081200
.demdex.net/	1970-01-20 16:20:24	Name: dextp Value: 269-1-1684872884452\|3-1-1684872884553\|359-1-1684872884682\|358-1-1684872884815\|470-1-1684872884937\|843-1-1684872885096\|640-1-1684872885197\|771-1-1684872885298\|1123-1-1684872885402\|1083-1-1684872885503\|1085-1-1684872885620\|1086-1-1684872885724\|1087-1-1684872885825\|1088-1-1684872885926\|903-1-1684872886028\|6835-1-1684872886130\|19913-1-1684872886231\|28645-1-1684872886332\|30064-1-1684872886433\|30646-1-1684872886534\|30862-1-1684872886636\|83349-1-1684872886760\|144230-1-1684872886860\|144231-1-1684872886977\|144232-1-1684872887080\|144233-1-1684872887182\|144234-1-1684872887284\|144235-1-1684872887386\|144236-1-1684872887518\|144237-1-1684872887620\|147592-1-1684872887722\|152416-1-1684872887848\|139200-1-1684872887950
.amazon-adsystem.com/	1970-01-20 17:22:20	Name: ad-id Value: A4abx_Tgq0aqiZ3Ps3eEplk
.amazon-adsystem.com/	1970-01-20 21:37:12	Name: ad-privacy Value: 0
.undertone.com/	1970-01-20 20:46:48	Name: UTID Value: d94975858531431f80c7b8de2dbd721c
.undertone.com/	1970-01-20 20:46:48	Name: UTID_ENC Value: cv3mql7qv1nmeustkizm2ya70

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.therams.com/schedule/ Message: A preload for 'https://www.therams.com/compiledassets/css/base.css?_t=7c622c33563f55e9ff12803d8ffb56eb' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other	warning	URL: https://www.therams.com/schedule/ Message: A preload for 'https://www.therams.com/compiledassets/theming/30e9f848f389db282054c914c30dd755' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
javascript	warning	URL: https://rams.formstack.com/forms/js.php//2020singleschedule?(Line 1477) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.evgnet.com/beacon/losangelesrams/production/scripts/evergage.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://rams.formstack.com/forms/js.php//2020singleschedule?(Line 2398) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://static.formstack.com/forms/js/3/jquery-3.5.1.min_dc5e7f18c8.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://rams.formstack.com/forms/js.php//2020singleschedule?(Line 2399) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://static.formstack.com/forms/js/3/jquery-ui-1.12.1.min_d71fd11517.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://rams.formstack.com/forms/js.php//2020singleschedule?(Line 2400) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://static.formstack.com/forms/js/3/scripts_0edcde2e8b.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://rams.formstack.com/forms/js.php//2020singleschedule?(Line 2401) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://static.formstack.com/forms/js/3/analytics_7d49daa365.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://rams.formstack.com/forms/js.php//2020singleschedule?(Line 2402) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://static.formstack.com/forms/js/3/libphonenumber-min_6f64debfdd.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://rams.formstack.com/forms/js.php//2020singleschedule?(Line 2403) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://static.formstack.com/forms/js/3/plugins/googleanalytics_c118a241fb.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://rams.formstack.com/forms/js.php//2020singleschedule?(Line 2404) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://static.formstack.com/forms/js/3/plugins/utm_tracking_dd0b5a32b7.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://rams.formstack.com/forms/js.php//2020singleschedule?(Line 2405) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://static.formstack.com/forms/js/3/modernizr_60a2d5aeb5.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://ups.analytics.yahoo.com/ups/28/sync?uid=64200240131507681293472648398654314580&_origin=1&redir=true&verify=true Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a9f75a4194adab9f33c5a1e95130639d.safeframe.googlesyndication.com
adb2waycm-atl.netmng.com
ads.undertone.com
ads.yahoo.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
analytics.twitter.com
api.nfl.com
apis.google.com
assets.adobedtm.com
auth-id.nfl.com
auth-id.therams.com
cdn.cookielaw.org
cdn.evgnet.com
cdns.us1.gigya.com
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
d.turn.com
dpm.demdex.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
evt.undertone.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
gum.criteo.com
ib.adnxs.com
image2.pubmatic.com
imasdk.googleapis.com
load77.exelator.com
loadm.exelator.com
match.adsrvr.org
nfl.demdex.net
nflenterprises.tt.omtrdc.net
odr.mookie1.com
p.nfltags.com
pagead2.googlesyndication.com
pixel.adsafeprotected.com
pixel.advertising.com
pixel.everesttech.net
pixel.rubiconproject.com
pm.w55c.net
ps.eyeota.net
rams.formstack.com
s.amazon-adsystem.com
securepubads.g.doubleclick.net
static.adsafeprotected.com
static.clubs.nfl.com
static.formstack.com
static.www.nfl.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
sync.search.spotxchange.com
tpc.googlesyndication.com
trc.taboola.com
ups.analytics.yahoo.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.therams.com
x.dlx.addthis.com
adb2waycm-atl.netmng.com
104.244.42.131
151.101.1.152
151.101.1.153
151.101.128.114
151.101.129.153
151.101.193.153
151.101.194.49
151.101.65.153
18.154.227.77
18.165.83.110
18.165.98.4
185.29.134.248
185.64.190.80
185.80.39.216
185.89.210.244
185.94.180.125
2001:678:cb4:bbbb::13
209.54.182.161
212.82.100.182
216.58.212.162
23.35.237.2
2600:1f13:800:7780:68f0:a33:9e57:b3d0
2600:9000:223f:9000:8:48e:53c0:93a1
2606:4700:4400::6812:2b9e
2606:4700::6813:bb61
2a00:1288:80:807::2
2a00:1450:4001:801::200a
2a00:1450:4001:802::2002
2a00:1450:4001:806::2001
2a00:1450:4001:806::200a
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:813::200e
2a00:1450:4001:828::2004
2a00:1450:4001:828::200e
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2001
2a00:1450:400c:c0c::9d
2a02:2638:d::d
2a02:26f0:3500:58f::1e80
2a02:6ea0:c700::11
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42::300
3.122.214.165
3.75.62.37
34.160.236.64
34.98.64.218
35.71.131.137
52.208.194.197
52.209.38.88
52.215.114.201
52.31.36.112
52.49.215.81
52.58.134.213
52.85.132.103
52.85.151.12
54.78.254.47
66.235.152.113
69.173.144.138
69.192.160.219
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c756b0b024a435129eca9014e98cc955dd97481285d9191b8d6c0a5749982d1
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0da7fc1ae23678b2872653962d147fcd1cbd0a5a9c8f84d44ae99bc581fd9062
0dcdb2b2a47908a600d75aebd990877a582cb137d50a10066f9ebc484de79a46
1492c17d9b641b3e9026659fe3ebff0a5e5f27319d91b66cf49dac37066ecada
1526ac09d5d3d44e09a9b34462a2d7bdbb2582940b9bb3c5f9e5d67a00fa92e9
15d01c709fdf293cbb036c2bfabbf58a06a8b66bcc35df2455f485185b9d01bb
1690e605ce0b7b17dadf5cfa24a8ce211b424c4b1f22702d34fd624e727b68de
179478bddb718a61355c3f83b9fc32dcb9c22ed470b3c63080475ab78ed9da15
18b057ba8c9ab17fa25f398c46f9b71b5127b70ef49ef4cc2faf44062b8a3049
1e1de3e64b75a760b1fb4593b869ad888230f8b2daae2b418b017d206135a6e1
21716ff9c6690bee89ff577997021a3e2e3d8c6538ab3524c66c4a67e5954cb0
237fafbe2ec2c8c9d2a4d99222662bb633d20ce82c5cf176b2d23c2fd9a5e2d2
292ae61e9c86c92c18b191ffd3b1fb865420eae411d5125c8518fd2ea5d77dc8
2d347443d3ac1363e31281915b1a5a239c9905bfdbabb7f897dbb07ef981d71b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32a8c8c75e0574d43215424909195c56e950e04c0839abec5e7cf5b0c0ac4282
3413f9d07e1894f9029aeb0dcf5457395d8ad2fab7023093fcbd5f75f4c80e71
37fea85cfef13b0d55bf066260eb7f48a6101970d8eb86c9696f23ebaffa1c52
3809d41298c5c400bb68f7d47dbd764f71f21eb9c6ed3d6044c8005e883df513
39f65b2c21e77841920e7b26b5db6b0ab85db163c342a65ffc0df8922d6b4db5
3b2d4349345f1d8565e48dadbb4d70ea493ff614b58f83e568885881245ac2e3
3d73b5f59d6f4925cfdee376ad7738ec527111ae462a4ec9598b0e35beacccd5
3df33152cd65eb45b9203090a7678540a27a9f44ef4641ee66de9a47b7a0a43c
452f096c720b3e3f9bef10090f461ce08ab38e64159263e9939a7c60067aa32f
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
476e7eb397d8ad4c1c63798669d2b7011f69f14add6f5ad92d8df3ace8456355
47adb1be0669d98db3ba38103f9a0b125f9444a5704bdb9135ecd20eb5620b10
4b2cd5f5312c929a7b88c849b835ae23744142442c387622a1aae04c5703ee6d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5093c70019b3501c2eb8b2e8597e253bb2f8cf367cf5a305395a0ff7d238a643
51f9f21b7ac45e48dea3f02ead3b3ed2151936f28cb0f7a3bf26af88bb30adb1
5276394b2ab219cc6aeee203359779930ad8022f44e6ecdd38dcf9f620dd0fcd
5377c77436bfcc620e2d5bebb1779b5daf63a9cabd28022ba959323d1d8e9b0b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54fbe08cd567b05b1c11dc37745a2b278c0521d1af11d8076ad50f685ea889ce
550eacf0b0dde64399a52fd7e8935fb9ebec1ca81b4c9a94c96c7b2f691f1706
55723e64f42b1751419803799a21651fdcfa9fb1df025344a07f5b619fc09155
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5729198a882b488f06ba05ce31230648a7a63650f2f5e863ae937f00cabf57b3
5735dc0f41e6575b3c446749ff221fed891988e66b7313e985a0e9c0cfbea52b
5867a7357896e38bf8f5516e3f267b0ad90f3b379f4754e62ed7914f1fc8ba1b
5b8b7e82182ce6c7a0f003f041272d7e74fe85f82e79b658e1953fc4c6822e37
5e6c3117716df8ad5f588f72e116cc9d5f7005e317cbf0675f3c96f505cab7fe
5ec11883dbd19aa91c86ade182cfe7037a9b9f954daca64f341ffd0595e429c0
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61ed9ec4c536d2eb2e32389cfff1656afce90aa7715968876853a1ac3439ca88
6549333829c184ad798ef63121bdae7af134db23f02f95f04b786bfcbe915c28
6692a6ffe0a5ac028579a19ff69865d0a9f3bfb743dd262870c0a27fabff56df
673089261a490c7c06604429afc843813446902e59322da97745929aaec615f4
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
69f8090fb59cb79bb1d56d99512d91d5fd2f297ee69490aeb91bca904c04add7
6daa2c4303a3ea37647e5a33af5c9c1c34c8003eb03b76c93d1c0a2f36a8d7e1
6de95ed9ac949a7a36c2c60405c79958779b21938ce2b245b9c153c7196bcfa4
6eeb370855e4f16067a57797064c296fe2ec6bf7eadb9e49db1df31d712339ba
7157511697db744d384a5a2a8646af23f3c90560abf93bb240fdd690b29a898a
74bf23cb58f15f0a5828b81f3285e56f3917d80c4834cc990645c5aa5ba4c254
75a58f2aee7291da5efa4d6d0aceed2bebf39c283346a3269a7811d1910f9d43
7868e53cbd486bbe29c810cad65ef89b42cfd45131db5e570a0776245ddafe23
788ab74adefb14b2710f86b1de56bc0040c935d09e5ba8a1825ca6d3c15dc8a1
78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa
7ae0778253dda8b156d65084c6265a3e26630e097b93a9e847d03c44462b8952
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7cc54e74e6dbf5322743ddbf9d3eff9fc6a8015015eab90b7b4532c4e715b390
7f48123723251fde71c5aff246bfcf33cd9abdd69ebe1140eed0ae364e8a7e44
7fe19ed9f52e04a6932f63b7de463fd9c8593b2ddbcbd4469fe0db31a0fabf30
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8182161d54abafd67e6e11122131bc2bcd65a4a86bf80617e655aa88265000f1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
834f03082e3c1b45fd4fcd805ec415f07236a6586e08db572985f38c8b735e31
83b8975d97ad572af9b9c7bf861913699ac5d14f1ad14521e0ef5c451b71ac55
83bb47871b3895cd8f4bf5da67037710b6d9a9e1fab80d03b579cd83a448fe23
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8630299a25d2e6e488149c269c4e70b09e7e4c82e7aaaf108432cf047572f74b
86d5823df9f96c928e9981519128e09bf8f745ca88e690be0b342b5ce904d394
878796facbcbeadeddda79c14175bb3967519b61d1db46ae49a36b5dc84e5dd9
87a82d481e925f978a405e757393442f8e18d268c1925520dc8589af04982eaa
8bcd1a4901c7753af609970d77e8a023a889afdb02bb7ee6b343b05ca5069598
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a5d3afc3b518783756dc20b021980021add445dd44fd89349e65f8662f865fc
9ae6500d15aff263584a9da3cce4af73cb6480e0d494013f607a130fb2a6671e
9fc43e8f6f26a254c4570b6ccd4e08a2a5f97bedcd1f3491ede9bbb8b5012d90
a1e8ff6e3433451a637658e81616852233d86684186eab93629b79c94d15b28f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a72891ab6e9b44ba1dab6cda81cb196e7a93913a05c7b8d772bbe35c402f14f7
a7bc4377adaac203747e4a3d22bd42b058ce1e26a377b158b2b8edd086c36ea5
aa355c393e03f831dbdbcc678ba16396aab95930b1bc5b0549695d40cc955ca1
ab2e2395cef5812ed20caae0b0a178b1edace5036be869f62709efbfbee0580f
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af420c807b04fdb5136ef53f3bab83b81f2b94e43fa9856f1fad2fde88383744
af897a5f18c00a272750446a9c34d8e024e18813260c4cfef79db22dc4fdf2bb
b01bd01687b15585b2740273c8c3c6674dd9f559cfe52eeffdf43b1f93a12d05
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b30c3b9d0cd13249fa7e9e449bc22a7bc59eac4be62b6cf7f80940b2055f06ca
b3c762b4ef4de2b480e630fc6f8397bcd169cbce56bc922f3d5ddc79a728c3cf
b884aa073ae0995039e442f97eaa0523fa02913747029e74e717248812a476d9
bb6c08579f871753ec3d3bcd1e49757fa8342e136fd5a485b871a4068bc32623
bcad30472d959caa42adf95b1e12c0d0cf8ca99ee5ac7bf0d2734dfdd153e68a
bcec1a47d702627a87baa373da863f22a6133d09fabad9fa9182380dd654134e
bdf96b01cde1b036361c160832a5f698dc9781a2c73972124bbe07b3f3a6c9fd
be488c0f242b432e7109eebf228368139abbeff37eb8fad1b3c510d41e362bd7
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f
c06f3fcb3a93af5c96f6d7eda17c8bf3bb02fc99b8d68e4fea7cfecd1d0fe948
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2d3d05d0d1428ea50277aee6c9e425bf29863861209cbef9ab97bc184f8f525
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c8b2af23d0402c8c3b153c173e2613a33cc2806f467e322599e1ef108cb26ecb
cfd88d77357dcdbf67e882d6771b4404fa9040c966ebeb859dd903418f11875c
d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719
d163164bb749cfdea6b29289c061df192d7fb36cc10f20b1583e3ab81156149a
d564ecea790280585429959b133a75bad092b20be35041c735d9c3fb1b800c14
d5a2e7738047c9fc62dbe182004f3050664967a941d5199236df72386921c7b2
d5fff1784193807b9cd03e9babd9b017375f622351e7024b591e6b337295e47a
d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf
d8e166157d90ed13492b8627e50c606aeab874cd0a5d6ed3b7c8a7988a3d46d3
ddd2c7c2acb3ed80cc30441a7e075fc0acf43b15ba5b7459c89d0729188fc963
df3f8f6397a3d0f19f4f05d165b97a51eeb0ee64d7bd2c4a19dc8a12eb580652
e2781619082fe50667bce285f562c3dfa98b589f0854da4a333a00d0f4b6c318
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e504538b0e71c48c3a1747e2a2ea3587ae91506582adcadee07aa7af978203e5
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e779992ace543f715102af0c31dd34d3b2f65bff0ba108d0a10cfef268ea32b1
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e806084d55d68b4b35cbf911c796a50cf4fac0c5df539d896358c20805a24f04
e8bc22931893b2046382a9a4d7edb1591fa4d5fd49ad288891bd14b39448f958
e9166b6dead256e5e723626e7344660a24e0c5e99b4688bc4f60633886a5e0bb
eec3e00ec5297b3e3a9fdfda04e1eb3495b871c01db06e469146a731fd726f98
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef30c883b4b4e4b45057fb38e75477aa1b847d061b19ff032e26c5d3a789961c
f63b6991810ec4f98212762bc0ab61f08e0400d05718019ee4ff280a55f93604
f774732e9e100253eca83ea89c1cd064721d52f80072effc3a013e5ac278ba66
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b

www.therams.com Open in urlscan Pro 151.101.129.153 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

199 Requests

84 %HTTPS

42 %IPv6

45 Domains

68 Subdomains

53 IPs

8 Countries

3061 kBTransfer

8175 kBSize

55 Cookies

94 Outgoing links

Redirected requests

199 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

www.therams.com Open in urlscan Pro
151.101.129.153 Public Scan

Screenshot
Live screenshot

Full Image

199
Requests

84 %
HTTPS

42 %
IPv6

45
Domains

68
Subdomains

53
IPs

8
Countries

3061 kB
Transfer

8175 kB
Size

55
Cookies

199 HTTP transactions
4 data transactions