URL: https://www.therams.com/schedule/
Submission: On May 23 via api from US — Scanned from DE

Summary

This website contacted 53 IPs in 8 countries across 45 domains to perform 199 HTTP transactions. The main IP is 151.101.129.153, located in United States and belongs to FASTLY, US. The main domain is www.therams.com. The Cisco Umbrella rank of the primary domain is 537023.
TLS certificate: Issued by R3 on April 18th 2023. Valid for: 3 months.
This is the only time www.therams.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
44 151.101.129.153 54113 (FASTLY)
11 2606:4700::68... 13335 (CLOUDFLAR...)
9 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 151.101.65.153 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
17 52.85.132.103 16509 (AMAZON-02)
2 151.101.1.152 54113 (FASTLY)
1 2606:4700:440... 13335 (CLOUDFLAR...)
6 151.101.193.153 54113 (FASTLY)
2 14 52.49.215.81 16509 (AMAZON-02)
1 151.101.128.114 54113 (FASTLY)
1 52.215.114.201 16509 (AMAZON-02)
8 8 52.209.38.88 16509 (AMAZON-02)
1 66.235.152.113 16509 (AMAZON-02)
1 1 185.29.134.248 30419 (MEDIAMATH...)
2 2 54.78.254.47 16509 (AMAZON-02)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2 52.58.134.213 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 3 185.89.210.244 29990 (ASN-APPNEX)
1 23.35.237.2 16625 (AKAMAI-AS)
4 151.101.1.153 54113 (FASTLY)
1 1 2001:678:cb4:... 56396 (AMOBEE)
9 18.165.83.110 16509 (AMAZON-02)
4 52.31.36.112 16509 (AMAZON-02)
1 1 69.192.160.219 16625 (AKAMAI-AS)
3 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
4 2600:9000:223... 16509 (AMAZON-02)
7 8 216.58.212.162 15169 (GOOGLE)
10 2600:1f13:800... 16509 (AMAZON-02)
1 104.244.42.131 13414 (TWITTER)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 12 52.208.194.197 16509 (AMAZON-02)
1 35.71.131.137 16509 (AMAZON-02)
2 3 3.75.62.37 16509 (AMAZON-02)
2 2 2a02:2638:d::d 44788 (ASN-CRITE...)
1 1 3.122.214.165 16509 (AMAZON-02)
1 1 212.82.100.182 34010 (YAHOO-IRD)
1 34.160.236.64 15169 (GOOGLE)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
8 8 151.101.194.49 54113 (FASTLY)
1 69.173.144.138 26667 (RUBICONPR...)
1 52.85.151.12 16509 (AMAZON-02)
1 2 185.80.39.216 27381 (CASALE-MEDIA)
1 34.98.64.218 396982 (GOOGLE-CL...)
1 185.64.190.80 62713 (AS-PUBMATIC)
1 2 185.94.180.125 35220 (SPOTX-AMS)
2 2a03:2880:f17... 32934 (FACEBOOK)
1 2a04:4e42::300 54113 (FASTLY)
1 1 18.154.227.77 16509 (AMAZON-02)
1 1 18.165.98.4 16509 (AMAZON-02)
2 3 209.54.182.161 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f08... 32934 (FACEBOOK)
199 53
Apex Domain
Subdomains
Transfer
45 therams.com
www.therams.com — Cisco Umbrella Rank: 537023
auth-id.therams.com
517 KB
28 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1022
pixel.everesttech.net — Cisco Umbrella Rank: 4412
sync-tm.everesttech.net — Cisco Umbrella Rank: 606
10 KB
21 nfl.com
api.nfl.com — Cisco Umbrella Rank: 24377
static.clubs.nfl.com — Cisco Umbrella Rank: 32016
static.www.nfl.com — Cisco Umbrella Rank: 30494
auth-id.nfl.com — Cisco Umbrella Rank: 31128
663 KB
18 adsafeprotected.com
pixel.adsafeprotected.com — Cisco Umbrella Rank: 685
static.adsafeprotected.com — Cisco Umbrella Rank: 595
dt.adsafeprotected.com — Cisco Umbrella Rank: 569
200 KB
17 formstack.com
rams.formstack.com
static.formstack.com — Cisco Umbrella Rank: 24850
321 KB
17 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
cm.g.doubleclick.net — Cisco Umbrella Rank: 210
stats.g.doubleclick.net — Cisco Umbrella Rank: 76
170 KB
15 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 200
nfl.demdex.net — Cisco Umbrella Rank: 33080
18 KB
13 googlesyndication.com
a9f75a4194adab9f33c5a1e95130639d.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 132
pagead2.googlesyndication.com — Cisco Umbrella Rank: 93
120 KB
11 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 368
215 KB
5 google.com
adservice.google.com — Cisco Umbrella Rank: 68
www.google.com — Cisco Umbrella Rank: 2
apis.google.com — Cisco Umbrella Rank: 109
117 KB
4 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 272
cms.analytics.yahoo.com — Cisco Umbrella Rank: 991
ads.yahoo.com — Cisco Umbrella Rank: 5909
1 KB
4 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 448
112 KB
3 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 273
2 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
21 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 214
3 KB
3 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 1397
load77.exelator.com — Cisco Umbrella Rank: 3435
2 KB
3 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 437
ajax.googleapis.com — Cisco Umbrella Rank: 320
fonts.googleapis.com — Cisco Umbrella Rank: 35
35 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 157
88 KB
2 undertone.com
ads.undertone.com — Cisco Umbrella Rank: 5675
evt.undertone.com — Cisco Umbrella Rank: 5357
1 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 102
889 B
2 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 694
1 KB
2 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530
1 KB
2 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 413
758 B
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 181
107 KB
2 gstatic.com
fonts.gstatic.com
46 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 752
1 KB
2 google.de
adservice.google.de — Cisco Umbrella Rank: 9037
www.google.de — Cisco Umbrella Rank: 6080
939 B
1 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 635
374 B
1 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 820
451 B
1 openx.net
us-u.openx.net — Cisco Umbrella Rank: 436
273 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 315
239 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1108
213 B
1 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 924
418 B
1 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 1375
331 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 306
265 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 637
394 B
1 addthis.com
x.dlx.addthis.com — Cisco Umbrella Rank: 1269
175 B
1 turn.com
d.turn.com — Cisco Umbrella Rank: 1144
402 B
1 gigya.com
cdns.us1.gigya.com — Cisco Umbrella Rank: 10999
164 KB
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 482
696 B
1 omtrdc.net
nflenterprises.tt.omtrdc.net — Cisco Umbrella Rank: 31507
847 B
1 evgnet.com
cdn.evgnet.com — Cisco Umbrella Rank: 3699
46 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 587
303 B
1 nfltags.com
p.nfltags.com — Cisco Umbrella Rank: 31123
92 KB
0 netmng.com Failed
adb2waycm-atl.netmng.com Failed
199 45
Domain Requested by
44 www.therams.com www.therams.com
14 dpm.demdex.net 2 redirects www.therams.com
13 static.formstack.com rams.formstack.com
12 pixel.everesttech.net 6 redirects
11 cdn.cookielaw.org www.therams.com
cdn.cookielaw.org
10 dt.adsafeprotected.com
9 auth-id.nfl.com cdns.us1.gigya.com
auth-id.nfl.com
8 sync-tm.everesttech.net 8 redirects
8 cm.g.doubleclick.net 7 redirects
8 cm.everesttech.net 8 redirects
8 securepubads.g.doubleclick.net www.therams.com
securepubads.g.doubleclick.net
www.googletagservices.com
7 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
6 static.clubs.nfl.com www.therams.com
5 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
4 static.adsafeprotected.com pixel.adsafeprotected.com
www.therams.com
4 pixel.adsafeprotected.com www.therams.com
4 static.www.nfl.com www.therams.com
4 rams.formstack.com www.therams.com
static.formstack.com
4 assets.adobedtm.com www.therams.com
assets.adobedtm.com
3 s.amazon-adsystem.com 2 redirects
3 www.google-analytics.com static.formstack.com
www.google-analytics.com
3 ib.adnxs.com 2 redirects
2 connect.facebook.net cdns.us1.gigya.com
connect.facebook.net
2 apis.google.com cdns.us1.gigya.com
apis.google.com
2 www.facebook.com connect.facebook.net
2 sync.search.spotxchange.com 1 redirects
2 dsum-sec.casalemedia.com 1 redirects
2 gum.criteo.com 2 redirects
2 ups.analytics.yahoo.com 1 redirects
2 www.google.com tpc.googlesyndication.com
2 www.googletagservices.com securepubads.g.doubleclick.net
2 fonts.gstatic.com fonts.googleapis.com
2 pm.w55c.net 2 redirects
2 loadm.exelator.com 2 redirects
2 api.nfl.com p.nfltags.com
1 evt.undertone.com 1 redirects
1 ads.undertone.com 1 redirects
1 trc.taboola.com
1 image2.pubmatic.com
1 us-u.openx.net
1 auth-id.therams.com cdns.us1.gigya.com
1 pixel.rubiconproject.com
1 ads.yahoo.com
1 odr.mookie1.com
1 cms.analytics.yahoo.com 1 redirects
1 ps.eyeota.net 1 redirects
1 pixel.advertising.com 1 redirects
1 match.adsrvr.org
1 www.google.de
1 stats.g.doubleclick.net www.google-analytics.com
1 analytics.twitter.com
1 x.dlx.addthis.com 1 redirects
1 d.turn.com 1 redirects
1 cdns.us1.gigya.com www.therams.com
1 a9f75a4194adab9f33c5a1e95130639d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 fonts.googleapis.com ajax.googleapis.com
1 load77.exelator.com www.therams.com
1 sync.mathtag.com 1 redirects
1 nflenterprises.tt.omtrdc.net assets.adobedtm.com
1 nfl.demdex.net assets.adobedtm.com
1 cdn.evgnet.com rams.formstack.com
1 geolocation.onetrust.com cdn.cookielaw.org
1 ajax.googleapis.com www.therams.com
1 p.nfltags.com www.therams.com
1 imasdk.googleapis.com www.therams.com
0 adb2waycm-atl.netmng.com Failed
199 68
Subject Issuer Validity Valid
clubs.nfl.com
R3
2023-04-18 -
2023-07-17
3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3
2023-04-01 -
2024-03-31
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-05-08 -
2023-07-31
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-05-08 -
2023-07-31
3 months crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1
2022-07-19 -
2023-08-19
a year crt.sh
ndc-production-san.nfl.com
R3
2023-04-11 -
2023-07-10
3 months crt.sh
*.formstack.com
Amazon RSA 2048 M02
2023-03-20 -
2024-04-17
a year crt.sh
clubsweb.san1.nfl.com
R3
2023-04-15 -
2023-07-14
3 months crt.sh
onetrust.com
Cloudflare Inc ECC CA-3
2022-12-13 -
2023-12-13
a year crt.sh
cdn.evergage.com
DigiCert TLS RSA SHA256 2020 CA1
2023-03-06 -
2024-03-04
a year crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1
2022-09-26 -
2023-10-27
a year crt.sh
*.tt.omtrdc.net
DigiCert TLS RSA SHA256 2020 CA1
2022-08-01 -
2023-09-01
a year crt.sh
*.google.de
GTS CA 1C3
2023-05-08 -
2023-07-31
3 months crt.sh
*.google.com
GTS CA 1C3
2023-05-08 -
2023-07-31
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-05-08 -
2023-07-31
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-05-08 -
2023-07-31
3 months crt.sh
cdns.gigya.com
DigiCert TLS RSA SHA256 2020 CA1
2022-12-07 -
2023-12-07
a year crt.sh
static.www.nfl.com
R3
2023-04-23 -
2023-07-22
3 months crt.sh
auth-id.nfl.com
Amazon RSA 2048 M01
2023-02-17 -
2023-11-20
9 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02
2023-03-29 -
2024-04-27
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-05-08 -
2023-07-31
3 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M01
2023-02-24 -
2023-09-04
6 months crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M01
2023-05-09 -
2024-06-06
a year crt.sh
*.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-02-05 -
2024-02-05
a year crt.sh
www.google.com
GTS CA 1C3
2023-05-08 -
2023-07-31
3 months crt.sh
www.google.de
GTS CA 1C3
2023-05-08 -
2023-07-31
3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2023-04-12 -
2024-05-13
a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1
2023-02-27 -
2024-03-29
a year crt.sh
auth-id.therams.com
Amazon RSA 2048 M02
2023-03-01 -
2023-11-16
9 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1
2022-12-08 -
2023-12-31
a year crt.sh
*.apis.google.com
GTS CA 1C3
2023-05-08 -
2023-07-31
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-03-02 -
2023-05-31
3 months crt.sh

This page contains 15 frames:

Primary Page: https://www.therams.com/schedule/
Frame ID: 2E8092A2EE7202A0BD30B3EB6CE25B40
Requests: 135 HTTP requests in this frame

Frame: https://nfl.demdex.net/dest5.html?d_nsid=0
Frame ID: 57C1D8693EBCFE3F1D988461B6688F95
Requests: 34 HTTP requests in this frame

Frame: https://a9f75a4194adab9f33c5a1e95130639d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4FF18CE2ADF6FE8A0D6F318048BB9AAA
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu8pT0bmYJ59v9VHxNH-eC5oIJsUfOHTsFbNR3DB0MrQIqbyBQCFrjjNMzXt_JqJpsDRrMJ17CcAaUMkTqGBDdd7tRRZuvwq3DrRA6TBouwAzuZHBpDhRQsKMksvHZNhIi_VG88UnJbqndqnTcZQKxYiILhbnAvzoP5hGUxXHavZfKaW5G1_-_4CgUeqr6rRFvwD34_DoRupBD5UQehPD4081yA7FHtrvxTcR9XrZtzwsOi5UqJX-lSH9auv24BnTIB4PLbqTMFP1RuMSMzYc4JWvb3J439q5VtgNI8y-YFv4jm-g0qv7UpUYdfJP7DTHQTszk&sai=AMfl-YTEnE3YAxMI0LZmuHkMZLhmKQ7fYD_aDt9lzm8Iv5rbCEZK7Vcz4Iegyibqr898AGLNr_c55IbFb9LBk64FnlJR9Ra_NNEpG8FfpRVhwpt3RuzUxkhLYbNyPJrFt4U17R_-Kvj4rkKi9KroHAQO&sig=Cg0ArKJSzJ_4sSkMDUoNEAE&uach_m=[UACH]&adurl=
Frame ID: BA67DEE26E0771D2C7D7245AF7AE0F5C
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvfgEKjxSNyAY-mYQAK4RMtVvTsMIBCDiuLPyUf7KdhUb1643q9TOxM-dVz2l6JVrDJ97Yt2dM4r6o19PzOZoNE_QMNhzOPG6BdtT1VjJCbkPQoHkOaBpkUjglcZk_hHbypRJZNMycQFZxFluCDLl-P10QDiqSfgdcUDzS9pLoGYgJOZrjUw_EF3dXPtXjuQP0z8rjx7ZnuBAQajVEhETgYYhjfP59GTW9lZcTQbBZk1I1zElX5a_i0minGZSeJcA4w4yBcozZL_VN2Tfh0umVUC4kUwC7tWyaX1BcethCzI3kt5yHSG705Sggc--Vu9QeUK0M&sai=AMfl-YQQvM4O7H2I2vLPU7bc-EVLVv6D9PEfxcQryE8nv1kZndaT-pu-lDC2nOZwj_ou5XNVQVMH9YYOM1Y5OqLXXoRsb782IeNh1Wc4kOjPkGH9pyoLWHVqL34wRA1DZmacCi73Q5hWAUbFhvWIjTlo&sig=Cg0ArKJSzNdQVHvbTkaAEAE&uach_m=[UACH]&adurl=
Frame ID: 3D0EFCDA5310BC3F2231F492CB9F82AD
Requests: 6 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=929781&campId=100x30&pubId=30702453&chanId=182654973&placementId=5362858293&pubCreative=138310656510&pubOrder=2691141984&cb=865396118&adsafe_par&impId=&custom=logo&custom2=schedule&custom3=
Frame ID: 9D28247F8980AA8DE41B6DC85217310D
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=929781&campId=728x90&pubId=5226435748&chanId=182654973&placementId=6287660768&pubCreative=138431504884&pubOrder=3193859903&cb=775113353&adsafe_par&impId=&custom=bottom&custom2=schedule&custom3=
Frame ID: 0FB15198CA974B9A2803578844F091FE
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 561B69AD69E190311AE17F146F2EA649
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 4E2D849E6F4C0CB137DE046092791CAF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C8B4FBA414D2E5742D111799EAD58385
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D3CBEF13C7318D66207B39A66E9678F2
Requests: 2 HTTP requests in this frame

Frame: https://auth-id.nfl.com/gs/webSdk/Api.aspx?apiKey=4_9uJbeFZZVmtKTfSv1bjUVQ&version=latest&build=13905
Frame ID: 070259935945F417DEECDF24FD0EA390
Requests: 2 HTTP requests in this frame

Frame: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=13905
Frame ID: DC1E92C39B26FB74D579609D24D5C2BC
Requests: 2 HTTP requests in this frame

Frame: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=13905
Frame ID: 15DD9713C73906ABFBA52B9E4952733B
Requests: 2 HTTP requests in this frame

Frame: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=13905
Frame ID: AD8277E6E19F89549DEF7CAF423295AE
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Rams Schedule | Los Angeles Rams - therams.comBack ButtonFilter Button

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.gigya\.com/JS/gigya\.js

Overall confidence: 100%
Detected patterns
  • require.*\.js

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery-ui[.-]([\d.]*\d)[^/]*\.js
  • jquery-ui.*\.js

Page Statistics

199
Requests

84 %
HTTPS

42 %
IPv6

45
Domains

68
Subdomains

53
IPs

8
Countries

3061 kB
Transfer

8175 kB
Size

55
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1684872884089 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1684872884089
Request Chain 51
  • https://cm.everesttech.net/cm/dd?d_uuid=64200240131507681293472648398654314580 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZG0etAAAAICEgQOY
Request Chain 53
  • https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=64200240131507681293472648398654314580&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d64200240131507681293472648398654314580 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=269&dpuuid=3ab5646d-1eb4-4000-8547-a31c89bcda9c&ddsuuid=64200240131507681293472648398654314580
Request Chain 54
  • https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=64200240131507681293472648398654314580 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=64200240131507681293472648398654314580&xl8blockcheck=1 HTTP 302
  • https://load77.exelator.com/pixel.gif
Request Chain 66
  • https://pm.w55c.net/ping_match.gif?st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_ HTTP 302
  • https://dpm.demdex.net/ibs:dpid=359&dpuuid=FaXYjxDi1Q1yp65
Request Chain 77
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=3955446442563860411
Request Chain 100
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=470&dpuuid=8677260299256887821
Request Chain 114
  • https://x.dlx.addthis.com/e/demdex_sync?na_exid=64200240131507681293472648398654314580&ru=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%3Cna_id%3E%20 HTTP 301
  • https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2023052320144500011943829943
Request Chain 135
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NjQyMDAyNDAxMzE1MDc2ODEyOTM0NzI2NDgzOTg2NTQzMTQ1ODA= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEESjrqVI3IDE82WGrvo9bps&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 154
  • https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.everesttech.net%2F1x1%3F HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WkcwZXRBQUFBSUNFZ1FPWQ&url=/1/gr%3furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F HTTP 302
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F&google_gid=CAESEGoy5RFLJt12OmbZe0T9Pug&google_cver=1 HTTP 302
  • https://pixel.everesttech.net/1x1
Request Chain 155
  • https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072980%26val%3D__EFGSURFER__.__EFGCK__ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WkcwZXRBQUFBSUNFZ1FPWQ&url=/1/gr%3furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__ HTTP 302
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEGoy5RFLJt12OmbZe0T9Pug&google_cver=1 HTTP 302
  • https://pixel.everesttech.net/1x1
Request Chain 159
  • https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fib.adnxs.com%2Fpxj%3Faction%3Dsetuid(%27__EFGSURFER__.__EFGCK__%27)%26bidder%3D51%26seg%3D2634060der%3D51%26seg%3D2634060 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WkcwZXRBQUFBSUNFZ1FPWQ&url=/1/gr%3furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D2634060der%253D51%2526seg%253D2634060 HTTP 302
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D2634060der%253D51%2526seg%253D2634060&google_gid=CAESEGoy5RFLJt12OmbZe0T9Pug&google_cver=1 HTTP 302
  • https://pixel.everesttech.net/1x1
Request Chain 160
  • https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fexpires%3D30%26nid%3D2181%26put%3D__EFGSURFER__.__EFGCK__%26v%3D11782 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WkcwZXRBQUFBSUNFZ1FPWQ&url=/1/gr%3furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2526v%253D11782 HTTP 302
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2526v%253D11782&google_gid=CAESEGoy5RFLJt12OmbZe0T9Pug&google_cver=1 HTTP 302
  • https://pixel.everesttech.net/1x1
Request Chain 162
  • https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%3D%26piggybackCookie%3D__EFGSURFER__.__EFGCK__ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WkcwZXRBQUFBSUNFZ1FPWQ&url=/1/gr%3furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggybackCookie%253D__EFGSURFER__.__EFGCK__ HTTP 302
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggybackCookie%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEGoy5RFLJt12OmbZe0T9Pug&google_cver=1 HTTP 302
  • https://pixel.everesttech.net/1x1
Request Chain 166
  • https://pixel.advertising.com/ups/28/sync?uid=64200240131507681293472648398654314580&_origin=1&redir=true HTTP 301
  • https://ups.analytics.yahoo.com/ups/28/sync?uid=64200240131507681293472648398654314580&_origin=1&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/28/sync?uid=64200240131507681293472648398654314580&_origin=1&redir=true&verify=true
Request Chain 167
  • https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D71%26external_user_id%3D__EFGSURFER__.__EFGCK__ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WkcwZXRBQUFBSUNFZ1FPWQ&url=/1/gr%3furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__ HTTP 302
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEGoy5RFLJt12OmbZe0T9Pug&google_cver=1 HTTP 302
  • https://pixel.everesttech.net/1x1
Request Chain 169
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://gum.criteo.com/sync?s=1&c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=ftvldYBxwPHyv3AWH4i3TTqWtAnX3kPQ&gdpr=0&gdpr_consent=
Request Chain 173
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=64200240131507681293472648398654314580&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
Request Chain 174
  • https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=64200240131507681293472648398654314580&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-bllBEyBE2pHqg2suVWHF7AG7gSWxccQnt8M-~A
Request Chain 176
  • https://cm.everesttech.net/cm/yh HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=ZG0etAAAAICEgQOY&sigv=1&esig=1~caf4a255b4487a5bd6379f69f6f7683ed405748c
Request Chain 178
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WkcwZXRBQUFBSUNFZ1FPWQ==
Request Chain 179
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZG0etAAAAICEgQOY&expires=90
Request Chain 181
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZG0etAAAAICEgQOY HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZG0etAAAAICEgQOY&C=1
Request Chain 182
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://ib.adnxs.com/setuid?entity=158&code=ZG0etAAAAICEgQOY
Request Chain 183
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZG0etAAAAICEgQOY
Request Chain 184
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZG0etAAAAICEgQOY
Request Chain 187
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZG0etAAAAICEgQOY&img=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZG0etAAAAICEgQOY&img=1&__user_check__=1&sync_id=7714558c-f9a6-11ed-87b2-14c817940206
Request Chain 189
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZG0etAAAAICEgQOY&t=2592000&o=0
Request Chain 192
  • https://ads.undertone.com/u?dp=32&url=https%3A//dpm.demdex.net/ibs%3Adpid%3D152416%26dpuuid%3D HTTP 307
  • https://evt.undertone.com/u?dp=32&url=https%3A//dpm.demdex.net/ibs%3Adpid%3D152416%26dpuuid%3D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=152416&dpuuid=
Request Chain 193
  • https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433&dcc=t HTTP 302
  • https://dpm.demdex.net/ibs:dpid=139200&dpuuid=lUOMxqVEQ6OINgxNhzw7fw&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=64200240131507681293472648398654314580

199 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.therams.com/schedule/
298 KB
62 KB
Document
General
Full URL
https://www.therams.com/schedule/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
9a5d3afc3b518783756dc20b021980021add445dd44fd89349e65f8662f865fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Age
0
Cache-Control
public, max-age=5
Connection
keep-alive
Content-Length
63049
Date
Tue, 23 May 2023 20:14:43 GMT
Vary
Accept-Encoding,X-NFL-Geo,Origin
Via
1.1 varnish, 1.1 varnish
X-Cache
MISS, MISS
X-Cache-Hits
0, 0
X-NFL-Dma
276003
X-NFL-Geo
country_code=DE
X-Served-By
cache-bur-kbur8200087-BUR, cache-fra-eddf8230067-FRA
X-Timer
S1684872883.710784,VS0,VE379
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html
origin-site
LA3
server
envoy
service-worker-allowed
/
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-envoy-upstream-service-time
210
x-html-minification-powered-by
WebMarkupMin
x-xss-protection
1; mode=block
base.css
www.therams.com/compiledassets/css/
626 KB
112 KB
Stylesheet
General
Full URL
https://www.therams.com/compiledassets/css/base.css?_t=7c622c33563f55e9ff12803d8ffb56eb
Requested by
Host: www.therams.com
URL: https://www.therams.com/schedule/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
7868e53cbd486bbe29c810cad65ef89b42cfd45131db5e570a0776245ddafe23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.therams.com/schedule/
Origin
https://www.therams.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
Date
Tue, 23 May 2023 20:14:43 GMT
Via
1.1 varnish, 1.1 varnish
Age
0
origin-site
LA3
X-Cache
HIT, HIT
x-envoy-upstream-service-time
1
Connection
keep-alive
X-NFL-Geo
country_code=DE
Content-Length
113395
x-xss-protection
1; mode=block
service-worker-allowed
/
X-Served-By
cache-bur-kbur8200044-BUR, cache-fra-eddf8230067-FRA
X-NFL-Dma
276003
last-modified
Mon, 15 May 2023 16:43:56 GMT
server
envoy
X-Timer
S1684872883.127101,VS0,VE155
etag
"1d9874c709868d2"
Vary
Accept-Encoding,X-NFL-Geo,Origin
content-type
text/css
access-control-allow-origin
https://www.therams.com
Cache-Control
public, max-age=5
Accept-Ranges
bytes
X-Cache-Hits
1, 1
30e9f848f389db282054c914c30dd755
www.therams.com/compiledassets/theming/
17 KB
4 KB
Stylesheet
General
Full URL
https://www.therams.com/compiledassets/theming/30e9f848f389db282054c914c30dd755
Requested by
Host: www.therams.com
URL: https://www.therams.com/schedule/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
9ae6500d15aff263584a9da3cce4af73cb6480e0d494013f607a130fb2a6671e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.therams.com/schedule/
Origin
https://www.therams.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
Date
Tue, 23 May 2023 20:14:43 GMT
Via
1.1 varnish, 1.1 varnish
Age
1798781
origin-site
LV1
X-Cache
MISS, HIT
x-envoy-upstream-service-time
25
Connection
keep-alive
X-NFL-Geo
country_code=DE
Content-Length
3710
x-xss-protection
1; mode=block
service-worker-allowed
/
X-Served-By
cache-bur-kbur8200137-BUR, cache-fra-eddf8230136-FRA
X-NFL-Dma
276003
server
envoy
X-Timer
S1684872883.138736,VS0,VE2
Vary
Accept-Encoding,X-NFL-Geo,Origin
content-type
text/css
access-control-allow-origin
https://www.therams.com
Cache-Control
public, max-age=5
Accept-Ranges
bytes
X-Cache-Hits
0, 1
otSDKStub.js
cdn.cookielaw.org/scripttemplates/
21 KB
7 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.therams.com
URL: https://www.therams.com/schedule/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c756b0b024a435129eca9014e98cc955dd97481285d9191b8d6c0a5749982d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 23 May 2023 20:14:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
JYwMFRCSwBZdNsd6Nb17qg==
age
84682
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6766
x-ms-lease-status
unlocked
last-modified
Thu, 18 May 2023 12:19:51 GMT
server
cloudflare
etag
0x8DB579A2E2978A8
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b5f45f37-701e-0174-5be1-8918f5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7cbff77fa8672c72-FRA
gpt.js
securepubads.g.doubleclick.net/tag/js/
76 KB
25 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.therams.com
URL: https://www.therams.com/schedule/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5729198a882b488f06ba05ce31230648a7a63650f2f5e863ae937f00cabf57b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 20:14:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25345
x-xss-protection
0
server
cafe
etag
112 / 19500 / 31074815 / config-hash: 3349684995448228437
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 23 May 2023 20:14:43 GMT
gpt_proxy.js
imasdk.googleapis.com/js/sdkloader/
78 KB
28 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/gpt_proxy.js
Requested by
Host: www.therams.com
URL: https://www.therams.com/schedule/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bcad30472d959caa42adf95b1e12c0d0cf8ca99ee5ac7bf0d2734dfdd153e68a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 20:06:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
512
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28640
x-xss-protection
0
last-modified
Mon, 22 May 2023 19:38:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=900
accept-ranges
bytes
expires
Tue, 23 May 2023 20:21:11 GMT
launch-43d0dff5e3ff.min.js
assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/
314 KB
89 KB
Script
General
Full URL
https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js
Requested by
Host: www.therams.com
URL: https://www.therams.com/schedule/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:58f::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
bdf96b01cde1b036361c160832a5f698dc9781a2c73972124bbe07b3f3a6c9fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 20:14:44 GMT
content-encoding
gzip
last-modified
Thu, 11 May 2023 22:57:52 GMT
server
AkamaiNetStorage
etag
"316862f17602b1fe8d4c5eed251707dd:1683845872.457083"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.therams.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
90584
expires
Tue, 23 May 2023 21:14:44 GMT
NflUmdComponents.NFLToken.js
p.nfltags.com/nfl/
271 KB
92 KB
Script
General
Full URL
https://p.nfltags.com/nfl/NflUmdComponents.NFLToken.js
Requested by
Host: www.therams.com
URL: https://www.therams.com/schedule/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
e504538b0e71c48c3a1747e2a2ea3587ae91506582adcadee07aa7af978203e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Expires
Tue, 23 May 2023 20:15:13 GMT
Date
Tue, 23 May 2023 20:14:43 GMT
content-encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
18
origin-site
LV1
X-Cache
HIT, HIT
x-envoy-upstream-service-time
5
Connection
keep-alive
Content-Length
93737
X-Served-By
cache-bur-kbur8200079-BUR, cache-fra-eddf8230049-FRA
last-modified
Mon, 24 Apr 2023 17:41:19 GMT
server
envoy
X-Timer
S1684872883.159921,VS0,VE1
etag
W/"6446bf3f-43c46"
Vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
Cache-Control
max-age=30
Accept-Ranges
bytes
X-Cache-Hits
1440278, 1
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1/
13 KB
6 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Requested by
Host: www.therams.com
URL: https://www.therams.com/schedule/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 12:21:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
114812
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 21 May 2024 12:21:11 GMT
2020singleschedule
rams.formstack.com/forms/js.php//
157 KB
158 KB
Script
General
Full URL
https://rams.formstack.com/forms/js.php//2020singleschedule?
Requested by
Host: www.therams.com
URL: https://www.therams.com/schedule/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.132.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-132-103.iad50.r.cloudfront.net
Software
nginx /
Resource Hash
69f8090fb59cb79bb1d56d99512d91d5fd2f297ee69490aeb91bca904c04add7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 20:14:43 GMT
strict-transport-security
max-age=63072000; includeSubDomains
via
1.1 1717f995f2ca7c5df4d0a972f90c1564.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
IAD50-C2
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
public, max-age=5, public
x-amz-cf-id
XnW5SIueUEXZVtATxPdQ4Eb11HjUE5LI7lfmm4sNfpPRh3ZYDxvH6g==
expires
Tue, 23 May 2023 20:14:48 GMT
require-2.3.5.min.js
www.therams.com/compiledassets/js/vendor/requirejs/
17 KB
8 KB
Script
General
Full URL
https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895
Requested by
Host: www.therams.com
URL: https://www.therams.com/schedule/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
55723e64f42b1751419803799a21651fdcfa9fb1df025344a07f5b619fc09155
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/schedule/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
Date
Tue, 23 May 2023 20:14:44 GMT
Via
1.1 varnish, 1.1 varnish
Age
0
origin-site
LV1
X-Cache
HIT, HIT
x-envoy-upstream-service-time
1
Connection
keep-alive
X-NFL-Geo
country_code=DE
Content-Length
7427
x-xss-protection
1; mode=block
service-worker-allowed
/
X-Served-By
cache-bur-kbur8200030-BUR, cache-fra-eddf8230131-FRA
X-NFL-Dma
276003
last-modified
Mon, 15 May 2023 16:36:47 GMT
server
envoy
X-Timer
S1684872884.905638,VS0,VE156
etag
"1d9874b70dd3cca"
Vary
Accept-Encoding,X-NFL-Geo,Origin
content-type
application/javascript
access-control-allow-origin
*
Cache-Control
public, max-age=5
Accept-Ranges
bytes
X-Cache-Hits
1, 1
base.css
www.therams.com/compiledassets/css/
626 KB
112 KB
Stylesheet
General
Full URL
https://www.therams.com/compiledassets/css/base.css?_t=7c622c33563f55e9ff12803d8ffb56eb
Requested by
Host: www.therams.com
URL: https://www.therams.com/schedule/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
7868e53cbd486bbe29c810cad65ef89b42cfd45131db5e570a0776245ddafe23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/schedule/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
Date
Tue, 23 May 2023 20:14:43 GMT
Via
1.1 varnish, 1.1 varnish
Age
0
origin-site
LV1
X-Cache
HIT, HIT
x-envoy-upstream-service-time
1
Connection
keep-alive
X-NFL-Geo
country_code=DE
Content-Length
113395
x-xss-protection
1; mode=block
service-worker-allowed
/
X-Served-By
cache-bur-kbur8200044-BUR, cache-fra-eddf8230131-FRA
X-NFL-Dma
276003
last-modified
Mon, 15 May 2023 16:43:56 GMT
server
envoy
X-Timer
S1684872883.143342,VS0,VE611
etag
"1d9874c709868d2"
Vary
Accept-Encoding,X-NFL-Geo,Origin
content-type
text/css
access-control-allow-origin
*
Cache-Control
public, max-age=5
Accept-Ranges
bytes
X-Cache-Hits
1, 1
30e9f848f389db282054c914c30dd755
www.therams.com/compiledassets/theming/
17 KB
4 KB
Stylesheet
General
Full URL
https://www.therams.com/compiledassets/theming/30e9f848f389db282054c914c30dd755
Requested by
Host: www.therams.com
URL: https://www.therams.com/schedule/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
9ae6500d15aff263584a9da3cce4af73cb6480e0d494013f607a130fb2a6671e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/schedule/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
Date
Tue, 23 May 2023 20:14:43 GMT
Via
1.1 varnish, 1.1 varnish
Age
1799219
origin-site
LV1
X-Cache
MISS, HIT
x-envoy-upstream-service-time
30
Connection
keep-alive
X-NFL-Geo
country_code=DE
Content-Length
3710
x-xss-protection
1; mode=block
service-worker-allowed
/
X-Served-By
cache-bur-kbur8200137-BUR, cache-fra-eddf8230074-FRA
X-NFL-Dma
276003
server
envoy
X-Timer
S1684872883.144889,VS0,VE3
Vary
Accept-Encoding,X-NFL-Geo,Origin
content-type
text/css
access-control-allow-origin
*
Cache-Control
public, max-age=5
Accept-Ranges
bytes
X-Cache-Hits
0, 1
token
api.nfl.com/identity/v3/ Frame
0
0
Preflight
General
Full URL
https://api.nfl.com/identity/v3/token
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.therams.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Authorization,Content-Type,Cache-Control,nfl_session
access-control-allow-methods
PUT,POST,OPTIONS,GET,PATCH,DELETE
access-control-allow-origin
*
access-control-max-age
600
content-length
2
content-type
text/html
date
Tue, 23 May 2023 20:14:44 GMT
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-fra-eddf8230072-FRA
84aeb24d-03a4-4fdc-8d4b-371212102069.json
cdn.cookielaw.org/consent/84aeb24d-03a4-4fdc-8d4b-371212102069/
4 KB
2 KB
XHR
General
Full URL
https://cdn.cookielaw.org/consent/84aeb24d-03a4-4fdc-8d4b-371212102069/84aeb24d-03a4-4fdc-8d4b-371212102069.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3809d41298c5c400bb68f7d47dbd764f71f21eb9c6ed3d6044c8005e883df513
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 23 May 2023 20:14:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
yuxzHqWqr1FdB4xcsrriIQ==
age
33223
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
1699
x-ms-lease-status
unlocked
last-modified
Mon, 24 Apr 2023 22:28:00 GMT
server
cloudflare
etag
0x8DB451329399762
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
05fdf205-c01e-0144-04fc-7642df000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7cbff78418373678-FRA
expires
Wed, 24 May 2023 20:14:43 GMT
token
api.nfl.com/identity/v3/
1 KB
1 KB
Fetch
General
Full URL
https://api.nfl.com/identity/v3/token
Requested by
Host: p.nfltags.com
URL: https://p.nfltags.com/nfl/NflUmdComponents.NFLToken.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
b30c3b9d0cd13249fa7e9e449bc22a7bc59eac4be62b6cf7f80940b2055f06ca

Request headers

Referer
https://www.therams.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 23 May 2023 20:14:44 GMT
via
1.1 varnish, 1.1 varnish
origin-site
LV1
x-cache
MISS, MISS
x-envoy-upstream-service-time
134
content-length
1164
x-served-by
cache-bur-kbur8200118-BUR, cache-fra-eddf8230072-FRA
server
envoy
x-timer
S1684872884.062986,VS0,VE326
vary
Accept-Encoding
access-control-allow-methods
PUT,POST,OPTIONS,GET,PATCH,DELETE
content-type
application/json
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Authorization,Content-Type,Cache-Control,nfl_session
x-cache-hits
0, 0
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/
66 B
303 B
XHR
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://www.therams.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 20:14:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
7cbff78558472be0-FRA
access-control-allow-headers
Content-Type
truncated
/
73 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
476e7eb397d8ad4c1c63798669d2b7011f69f14add6f5ad92d8df3ace8456355

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
43 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/gif
zu7jn37mbhghu3v14ypt
static.clubs.nfl.com/image/private/f_auto/rams/
13 KB
14 KB
Image
General
Full URL
https://static.clubs.nfl.com/image/private/f_auto/rams/zu7jn37mbhghu3v14ypt
Requested by
Host: www.therams.com
URL: https://www.therams.com/schedule/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
6de95ed9ac949a7a36c2c60405c79958779b21938ce2b245b9c153c7196bcfa4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Tue, 23 May 2023 20:14:44 GMT
Via
1.1 varnish, 1.1 varnish, 1.1 varnish
Age
1838995
Edge-Cache-Tag
559253892405784975896444583664749918160,427243639673637129188351318415228242347,c34f21cfe162ce329654d565922e8c70
Cache-Tag
559253892405784975896444583664749918160,427243639673637129188351318415228242347,c34f21cfe162ce329654d565922e8c70
X-Cache
HIT, HIT, HIT
Content-Disposition
inline; filename="zu7jn37mbhghu3v14ypt.webp"
Connection
keep-alive
Content-Length
13496
X-Served-By
cache-iad-kjyo7100156-IAD, cache-iad-kjyo7100156-IAD, cache-fra-eddf8230045-FRA
Last-Modified
Wed, 06 May 2020 12:43:09 GMT
Server
cloudinary
X-Timer
S1684872884.055045,VS0,VE2
Etag
"e8136697b9999e08d7022257ce3885aa"
Vary
X-NFL-Image-Support
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31557600
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1, 4718, 1
dropdown.png
www.therams.com/compiledassets/assets/img/
1 KB
2 KB
Image
General
Full URL
https://www.therams.com/compiledassets/assets/img/dropdown.png
Requested by
Host: www.therams.com
URL: https://www.therams.com/compiledassets/css/base.css?_t=7c622c33563f55e9ff12803d8ffb56eb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
3df33152cd65eb45b9203090a7678540a27a9f44ef4641ee66de9a47b7a0a43c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/compiledassets/css/base.css?_t=7c622c33563f55e9ff12803d8ffb56eb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
Via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
Date
Tue, 23 May 2023 20:14:44 GMT
Age
0
origin-site
LA3
X-Cache
HIT, HIT
x-envoy-upstream-service-time
2
Connection
keep-alive
X-NFL-Geo
country_code=DE
Content-Length
1024
x-xss-protection
1; mode=block
service-worker-allowed
/
X-Served-By
cache-bur-kbur8200148-BUR, cache-fra-eddf8230067-FRA
X-NFL-Dma
276003
last-modified
Mon, 15 May 2023 16:36:47 GMT
server
envoy
X-Timer
S1684872884.924821,VS0,VE156
etag
"1d9874b70dd7d80"
Vary
X-NFL-Geo,Origin
content-type
image/png
access-control-allow-origin
*
Cache-Control
public, max-age=5
Accept-Ranges
bytes
X-Cache-Hits
1, 1
All-ProSans--medium.woff2
www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/
19 KB
20 KB
Font
General
Full URL
https://www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/All-ProSans--medium.woff2
Requested by
Host: www.therams.com
URL: https://www.therams.com/compiledassets/css/base.css?_t=7c622c33563f55e9ff12803d8ffb56eb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
237fafbe2ec2c8c9d2a4d99222662bb633d20ce82c5cf176b2d23c2fd9a5e2d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.therams.com/compiledassets/css/base.css?_t=7c622c33563f55e9ff12803d8ffb56eb
Origin
https://www.therams.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
Via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
Date
Tue, 23 May 2023 20:14:44 GMT
Age
0
origin-site
LV1
X-Cache
HIT, HIT
x-envoy-upstream-service-time
1
Connection
keep-alive
X-NFL-Geo
country_code=DE
Content-Length
19260
x-xss-protection
1; mode=block
service-worker-allowed
/
X-Served-By
cache-bur-kbur8200115-BUR, cache-fra-eddf8230074-FRA
X-NFL-Dma
276003
last-modified
Mon, 15 May 2023 16:36:47 GMT
server
envoy
X-Timer
S1684872884.930416,VS0,VE162
etag
"1d9874b70dd32bc"
Vary
X-NFL-Geo,Origin
content-type
font/woff2
access-control-allow-origin
https://www.therams.com
Cache-Control
public, max-age=5
Accept-Ranges
bytes
X-Cache-Hits
1, 1
All-ProSans--regular.woff2
www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/
18 KB
19 KB
Font
General
Full URL
https://www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/All-ProSans--regular.woff2
Requested by
Host: www.therams.com
URL: https://www.therams.com/compiledassets/css/base.css?_t=7c622c33563f55e9ff12803d8ffb56eb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
5e6c3117716df8ad5f588f72e116cc9d5f7005e317cbf0675f3c96f505cab7fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.therams.com/compiledassets/css/base.css?_t=7c622c33563f55e9ff12803d8ffb56eb
Origin
https://www.therams.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
Via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
Date
Tue, 23 May 2023 20:14:44 GMT
Age
0
origin-site
LV1
X-Cache
MISS, HIT
x-envoy-upstream-service-time
3
Connection
keep-alive
X-NFL-Geo
country_code=DE
Content-Length
18232
x-xss-protection
1; mode=block
service-worker-allowed
/
X-Served-By
cache-bur-kbur8200169-BUR, cache-fra-eddf8230136-FRA
X-NFL-Dma
276003
last-modified
Mon, 15 May 2023 16:36:47 GMT
server
envoy
X-Timer
S1684872884.930873,VS0,VE155
etag
"1d9874b70dd3eb8"
Vary
X-NFL-Geo,Origin
content-type
font/woff2
access-control-allow-origin
https://www.therams.com
Cache-Control
public, max-age=5
Accept-Ranges
bytes
X-Cache-Hits
0, 1
All-ProSans--bold.woff2
www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/
19 KB
20 KB
Font
General
Full URL
https://www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/All-ProSans--bold.woff2
Requested by
Host: www.therams.com
URL: https://www.therams.com/compiledassets/css/base.css?_t=7c622c33563f55e9ff12803d8ffb56eb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
df3f8f6397a3d0f19f4f05d165b97a51eeb0ee64d7bd2c4a19dc8a12eb580652
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.therams.com/compiledassets/css/base.css?_t=7c622c33563f55e9ff12803d8ffb56eb
Origin
https://www.therams.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
Via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
Date
Tue, 23 May 2023 20:14:44 GMT
Age
0
origin-site
LV1
X-Cache
MISS, HIT
x-envoy-upstream-service-time
2
Connection
keep-alive
X-NFL-Geo
country_code=DE
Content-Length
19208
x-xss-protection
1; mode=block
service-worker-allowed
/
X-Served-By
cache-bur-kbur8200160-BUR, cache-fra-eddf8230068-FRA
X-NFL-Dma
276003
last-modified
Mon, 15 May 2023 16:36:47 GMT
server
envoy
X-Timer
S1684872884.945005,VS0,VE160
etag
"1d9874b70dd3288"
Vary
X-NFL-Geo,Origin
content-type
font/woff2
access-control-allow-origin
https://www.therams.com
Cache-Control
public, max-age=5
Accept-Ranges
bytes
X-Cache-Hits
0, 1
All-ProSans--light.woff2
www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/
18 KB
19 KB
Font
General
Full URL
https://www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/All-ProSans--light.woff2
Requested by
Host: www.therams.com
URL: https://www.therams.com/compiledassets/css/base.css?_t=7c622c33563f55e9ff12803d8ffb56eb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
c8b2af23d0402c8c3b153c173e2613a33cc2806f467e322599e1ef108cb26ecb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.therams.com/compiledassets/css/base.css?_t=7c622c33563f55e9ff12803d8ffb56eb
Origin
https://www.therams.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
Via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
Date
Tue, 23 May 2023 20:14:44 GMT
Age
0
origin-site
LV1
X-Cache
MISS, HIT
x-envoy-upstream-service-time
11
Connection
keep-alive
X-NFL-Geo
country_code=DE
Content-Length
18524
x-xss-protection
1; mode=block
service-worker-allowed
/
X-Served-By
cache-bur-kbur8200160-BUR, cache-fra-eddf8230114-FRA
X-NFL-Dma
276003
last-modified
Mon, 15 May 2023 16:36:47 GMT
server
envoy
X-Timer
S1684872884.947463,VS0,VE169
etag
"1d9874b70dd31dc"
Vary
X-NFL-Geo,Origin
content-type
font/woff2
access-control-allow-origin
https://www.therams.com
Cache-Control
public, max-age=5
Accept-Ranges
bytes
X-Cache-Hits
0, 1
All-ProSans--thin.woff2
www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/
18 KB
19 KB
Font
General
Full URL
https://www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/All-ProSans--thin.woff2
Requested by
Host: www.therams.com
URL: https://www.therams.com/compiledassets/css/base.css?_t=7c622c33563f55e9ff12803d8ffb56eb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
d5a2e7738047c9fc62dbe182004f3050664967a941d5199236df72386921c7b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.therams.com/compiledassets/css/base.css?_t=7c622c33563f55e9ff12803d8ffb56eb
Origin
https://www.therams.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
Via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
Date
Tue, 23 May 2023 20:14:44 GMT
Age
0
origin-site
LV1
X-Cache
HIT, HIT
x-envoy-upstream-service-time
1
Connection
keep-alive
X-NFL-Geo
country_code=DE
Content-Length
18244
x-xss-protection
1; mode=block
service-worker-allowed
/
X-Served-By
cache-bur-kbur8200038-BUR, cache-fra-eddf8230131-FRA
X-NFL-Dma
276003
last-modified
Mon, 15 May 2023 16:36:47 GMT
server
envoy
X-Timer
S1684872884.069075,VS0,VE154
etag
"1d9874b70dd3ec4"
Vary
X-NFL-Geo,Origin
content-type
font/woff2
access-control-allow-origin
https://www.therams.com
Cache-Control
public, max-age=5
Accept-Ranges
bytes
X-Cache-Hits
1, 1
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305180101/
408 KB
126 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305180101/pubads_impl.js?cb=31074815
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef30c883b4b4e4b45057fb38e75477aa1b847d061b19ff032e26c5d3a789961c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 17:36:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
9502
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128769
x-xss-protection
0
server
cafe
etag
11452098575748349983
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 22 May 2024 17:36:22 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
46 B
66 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.therams.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e806084d55d68b4b35cbf911c796a50cf4fac0c5df539d896358c20805a24f04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 20:14:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Tue, 23 May 2023 20:14:44 GMT
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1684872884089
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1684872884089
7 KB
3 KB
XHR
General
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1684872884089
Requested by
Host: www.therams.com
URL: https://www.therams.com/schedule/
Protocol
HTTP/1.1
Server
52.49.215.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-215-81.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
292ae61e9c86c92c18b191ffd3b1fb865420eae411d5125c8518fd2ea5d77dc8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v048-0d3695a9b.edge-irl1.demdex.com 10 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
7IAsz1moT1k=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.therams.com
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2008
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v048-08db0995a.edge-irl1.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
JbdlKMOXQVg=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.therams.com
Location
https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1684872884089
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/
34 KB
12 KB
Script
General
Full URL
https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:58f::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 20:14:44 GMT
content-encoding
gzip
last-modified
Thu, 22 Sep 2022 16:16:49 GMT
server
AkamaiNetStorage
etag
"dfdd9e1f988805f0c2fbb10cd6b8f034:1663863409.614694"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.therams.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12384
expires
Tue, 23 May 2023 21:14:44 GMT
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/
3 KB
2 KB
Script
General
Full URL
https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:58f::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 20:14:44 GMT
content-encoding
gzip
last-modified
Thu, 22 Sep 2022 16:16:49 GMT
server
AkamaiNetStorage
etag
"b89fcb8870ac40eecb6d3cc844d35389:1663863409.92483"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.therams.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
1598
expires
Tue, 23 May 2023 21:14:44 GMT
AppMeasurement_Module_AudienceManagement.min.js
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/
25 KB
9 KB
Script
General
Full URL
https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_AudienceManagement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:58f::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
b01bd01687b15585b2740273c8c3c6674dd9f559cfe52eeffdf43b1f93a12d05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 20:14:44 GMT
content-encoding
gzip
last-modified
Thu, 22 Sep 2022 16:16:50 GMT
server
AkamaiNetStorage
etag
"d220d501715e0484d0dddeac614f902c:1663863410.217006"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.therams.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
8755
expires
Tue, 23 May 2023 21:14:44 GMT
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202303.2.0/
400 KB
97 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202303.2.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8e166157d90ed13492b8627e50c606aeab874cd0a5d6ed3b7c8a7988a3d46d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 23 May 2023 20:14:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Sw59qQKTUz8IJh2hCY03KQ==
age
38898
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
98810
x-ms-lease-status
unlocked
last-modified
Tue, 16 May 2023 03:39:51 GMT
server
cloudflare
etag
0x8DB55BF34FA32B5
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
33d48d17-101e-00ca-25d3-874b2b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7cbff785b8852c72-FRA
en.json
cdn.cookielaw.org/consent/84aeb24d-03a4-4fdc-8d4b-371212102069/32f2fbc0-2781-4bbb-b8b2-7e4796647e1c/
80 KB
17 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/consent/84aeb24d-03a4-4fdc-8d4b-371212102069/32f2fbc0-2781-4bbb-b8b2-7e4796647e1c/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202303.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b2d4349345f1d8565e48dadbb4d70ea493ff614b58f83e568885881245ac2e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 23 May 2023 20:14:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
0whruBlMgi/2LbrpJXb5Yg==
age
13363
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
17690
x-ms-lease-status
unlocked
last-modified
Mon, 24 Apr 2023 22:28:02 GMT
server
cloudflare
etag
0x8DB45132A7371D4
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
5bd6d081-e01e-0057-0cfc-76316b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7cbff7860af23678-FRA
expires
Wed, 24 May 2023 20:14:44 GMT
otFlat.json
cdn.cookielaw.org/scripttemplates/202303.2.0/assets/
13 KB
3 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202303.2.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202303.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa355c393e03f831dbdbcc678ba16396aab95930b1bc5b0549695d40cc955ca1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 23 May 2023 20:14:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
pRHDWyQMLvXwKY458EnqRw==
age
13363
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3019
x-ms-lease-status
unlocked
last-modified
Tue, 16 May 2023 03:39:45 GMT
server
cloudflare
etag
0x8DB55BF315FAED9
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
df5fe3f4-601e-00c5-3047-88a6dd000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7cbff7864b4a3678-FRA
otPcTab.json
cdn.cookielaw.org/scripttemplates/202303.2.0/assets/v2/
62 KB
13 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202303.2.0/assets/v2/otPcTab.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202303.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32a8c8c75e0574d43215424909195c56e950e04c0839abec5e7cf5b0c0ac4282
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 23 May 2023 20:14:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
UgqWqpl5qGBlgacC8J2b6A==
age
13363
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
13388
x-ms-lease-status
unlocked
last-modified
Tue, 16 May 2023 03:39:48 GMT
server
cloudflare
etag
0x8DB55BF32DD687C
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
af93df67-701e-009e-5147-88a1a1000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7cbff7864b4b3678-FRA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202303.2.0/assets/
21 KB
4 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202303.2.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202303.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 23 May 2023 20:14:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
oWkBTLgDDXvrUsd93y/Zxg==
age
885
x-ms-lease-status
unlocked
last-modified
Tue, 16 May 2023 03:39:56 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
90ab7831-301e-013c-4647-882a68000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
7cbff7864b4d3678-FRA
reset_3d1cc6d59f.css
static.formstack.com/forms/css/3/
2 KB
871 B
Stylesheet
General
Full URL
https://static.formstack.com/forms/css/3/reset_3d1cc6d59f.css
Requested by
Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//2020singleschedule?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.132.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-132-103.iad50.r.cloudfront.net
Software
nginx /
Resource Hash
86d5823df9f96c928e9981519128e09bf8f745ca88e690be0b342b5ce904d394

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 11:52:44 GMT
content-encoding
gzip
via
1.1 1717f995f2ca7c5df4d0a972f90c1564.cloudfront.net (CloudFront)
last-modified
Mon, 22 May 2023 16:16:00 GMT
server
nginx
x-amz-cf-pop
IAD50-C2
age
30120
etag
W/"646b9540-616"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
public, s-maxage=86400
x-amz-cf-id
Sj9t7gz7RsZhV_doPfb2MFadRdUPKdQXw4SgSNIftlNy5kvJDdusnw==
jquery-ui-1.12.1_f735107ad2.css
static.formstack.com/forms/css/3/
21 KB
5 KB
Stylesheet
General
Full URL
https://static.formstack.com/forms/css/3/jquery-ui-1.12.1_f735107ad2.css
Requested by
Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//2020singleschedule?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.132.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-132-103.iad50.r.cloudfront.net
Software
nginx /
Resource Hash
5093c70019b3501c2eb8b2e8597e253bb2f8cf367cf5a305395a0ff7d238a643

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 09:41:13 GMT
content-encoding
gzip
via
1.1 1717f995f2ca7c5df4d0a972f90c1564.cloudfront.net (CloudFront)
last-modified
Mon, 22 May 2023 16:16:01 GMT
server
nginx
x-amz-cf-pop
IAD50-C2
age
38011
etag
W/"646b9541-5364"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
public, s-maxage=86400
x-amz-cf-id
I9YTG_xJqlj9Ec4je9u8mwKLgcrjLXyjp6nPUzDpWPaiFqg8TGYNTA==
default-v4_29cde3be75.css
static.formstack.com/forms/css/3/
35 KB
6 KB
Stylesheet
General
Full URL
https://static.formstack.com/forms/css/3/default-v4_29cde3be75.css
Requested by
Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//2020singleschedule?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.132.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-132-103.iad50.r.cloudfront.net
Software
nginx /
Resource Hash
e2781619082fe50667bce285f562c3dfa98b589f0854da4a333a00d0f4b6c318

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 08:01:27 GMT
content-encoding
gzip
via
1.1 1717f995f2ca7c5df4d0a972f90c1564.cloudfront.net (CloudFront)
last-modified
Mon, 22 May 2023 16:13:22 GMT
server
nginx
x-amz-cf-pop
IAD50-C2
age
43997
etag
W/"646b94a2-8aef"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
public, s-maxage=86400
x-amz-cf-id
kdimbSs97DtTPvKX8FwLc3ao8ENmZeG_RkP6-fF0kll4EE576wPyYw==
uil-static.css
static.formstack.com/common/css/
51 KB
8 KB
Stylesheet
General
Full URL
https://static.formstack.com/common/css/uil-static.css
Requested by
Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//2020singleschedule?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.132.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-132-103.iad50.r.cloudfront.net
Software
nginx /
Resource Hash
5ec11883dbd19aa91c86ade182cfe7037a9b9f954daca64f341ffd0595e429c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 09:41:13 GMT
content-encoding
gzip
via
1.1 1717f995f2ca7c5df4d0a972f90c1564.cloudfront.net (CloudFront)
last-modified
Mon, 22 May 2023 16:07:27 GMT
server
nginx
x-amz-cf-pop
IAD50-C2
age
38011
etag
W/"646b933f-cc55"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
public, s-maxage=86400
x-amz-cf-id
SP9sb1ajk-UKOs9S2QJGdN5ZkJL-lzkRCPD-udYsd1X1mQ7cXtEz8A==
dialogs_00a7ec5f05.css
static.formstack.com/forms/css/common/
170 B
497 B
Stylesheet
General
Full URL
https://static.formstack.com/forms/css/common/dialogs_00a7ec5f05.css
Requested by
Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//2020singleschedule?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.132.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-132-103.iad50.r.cloudfront.net
Software
nginx /
Resource Hash
9fc43e8f6f26a254c4570b6ccd4e08a2a5f97bedcd1f3491ede9bbb8b5012d90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 14:38:08 GMT
via
1.1 1717f995f2ca7c5df4d0a972f90c1564.cloudfront.net (CloudFront)
last-modified
Mon, 22 May 2023 16:16:00 GMT
server
nginx
x-amz-cf-pop
IAD50-C2
age
20196
etag
"646b9540-aa"
x-cache
Hit from cloudfront
content-type
text/css
cache-control
public, s-maxage=86400
accept-ranges
bytes
content-length
170
x-amz-cf-id
m1jlu6QeYZZKfyli7VrPtsd-pEv3f5NGv8cgzzHT2WwH6qdFQ7LTYA==
evergage.min.js
cdn.evgnet.com/beacon/losangelesrams/production/scripts/
173 KB
46 KB
Script
General
Full URL
https://cdn.evgnet.com/beacon/losangelesrams/production/scripts/evergage.min.js
Requested by
Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//2020singleschedule?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
75a58f2aee7291da5efa4d6d0aceed2bebf39c283346a3269a7811d1910f9d43

Request headers

Referer
https://www.therams.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-amz-version-id
yLvr.kLAqNnXwnOYPf.7utkYTHXpXAU5
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Tue, 23 May 2023 20:14:44 GMT
x-amz-request-id
MYQPR8V1T2A7RVTQ
age
41
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-replication-status
PENDING
content-length
46641
x-amz-id-2
LpVqfSKLavb6RCh7h6lAyDepqoICDGdKJBC9Gov6AmvGsCNyVRMtrMfrbbJx1u5VFtEhBLZKjaX/q8we1knmiA==
x-served-by
cache-iad-kcgs7200120-IAD, cache-fra-eddf8230028-FRA
x-amz-meta-evergage-sum
b2bf9f5e3c122c6c64f9641d11aa0aea7c8077a4
last-modified
Mon, 15 May 2023 22:50:19 GMT
server
AmazonS3
x-timer
S1684872884.302348,VS0,VE92
etag
"ee6145b9d93c890117721c763da58ce9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=120
accept-ranges
bytes
timing-allow-origin
*
x-amz-meta-evergage-beacon-ver
16
x-cache-hits
35040, 1
jquery-3.5.1.min_dc5e7f18c8.js
static.formstack.com/forms/js/3/
87 KB
31 KB
Script
General
Full URL
https://static.formstack.com/forms/js/3/jquery-3.5.1.min_dc5e7f18c8.js
Requested by
Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//2020singleschedule?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.132.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-132-103.iad50.r.cloudfront.net
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer
https://www.therams.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Tue, 23 May 2023 11:52:44 GMT
content-encoding
gzip
via
1.1 1717f995f2ca7c5df4d0a972f90c1564.cloudfront.net (CloudFront)
last-modified
Mon, 22 May 2023 16:16:01 GMT
server
nginx
x-amz-cf-pop
IAD50-C2
age
30120
etag
W/"646b9541-15d84"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, s-maxage=86400
x-amz-cf-id
jOsKQZgHJBtiF3ndLTKOpZVf-sfsPXh_vtosU3thvy-Sw-z19oLNJg==
jquery-ui-1.12.1.min_d71fd11517.js
static.formstack.com/forms/js/3/
83 KB
25 KB
Script
General
Full URL
https://static.formstack.com/forms/js/3/jquery-ui-1.12.1.min_d71fd11517.js
Requested by
Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//2020singleschedule?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.132.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-132-103.iad50.r.cloudfront.net
Software
nginx /
Resource Hash
550eacf0b0dde64399a52fd7e8935fb9ebec1ca81b4c9a94c96c7b2f691f1706

Request headers

Referer
https://www.therams.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Tue, 23 May 2023 16:18:15 GMT
content-encoding
gzip
via
1.1 1717f995f2ca7c5df4d0a972f90c1564.cloudfront.net (CloudFront)
last-modified
Tue, 23 May 2023 16:13:52 GMT
server
nginx
x-amz-cf-pop
IAD50-C2
age
14189
etag
W/"646ce640-14dc1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, s-maxage=86400
x-amz-cf-id
9cWTcA69_SXE1EIIdPMXqxrL8iSz6xiNoOmEBFWP0bY2NgPlM9xY6w==
scripts_0edcde2e8b.js
static.formstack.com/forms/js/3/
79 KB
23 KB
Script
General
Full URL
https://static.formstack.com/forms/js/3/scripts_0edcde2e8b.js
Requested by
Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//2020singleschedule?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.132.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-132-103.iad50.r.cloudfront.net
Software
nginx /
Resource Hash
74bf23cb58f15f0a5828b81f3285e56f3917d80c4834cc990645c5aa5ba4c254

Request headers

Referer
https://www.therams.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Tue, 23 May 2023 12:40:37 GMT
content-encoding
gzip
via
1.1 1717f995f2ca7c5df4d0a972f90c1564.cloudfront.net (CloudFront)
last-modified
Mon, 22 May 2023 16:18:41 GMT
server
nginx
x-amz-cf-pop
IAD50-C2
age
27247
etag
W/"646b95e1-13d02"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, s-maxage=86400
x-amz-cf-id
sxdPkTMKDfTJX1v8toTl322xSh5X70wrw-XjHvhhFjVbao0k9CJgVw==
analytics_7d49daa365.js
static.formstack.com/forms/js/3/
2 KB
1 KB
Script
General
Full URL
https://static.formstack.com/forms/js/3/analytics_7d49daa365.js
Requested by
Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//2020singleschedule?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.132.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-132-103.iad50.r.cloudfront.net
Software
nginx /
Resource Hash
af897a5f18c00a272750446a9c34d8e024e18813260c4cfef79db22dc4fdf2bb

Request headers

Referer
https://www.therams.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Tue, 23 May 2023 14:38:08 GMT
content-encoding
gzip
via
1.1 1717f995f2ca7c5df4d0a972f90c1564.cloudfront.net (CloudFront)
last-modified
Tue, 23 May 2023 14:37:48 GMT
server
nginx
x-amz-cf-pop
IAD50-C2
age
20196
etag
W/"646ccfbc-839"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, s-maxage=86400
x-amz-cf-id
GQBdrjBTZrLa0U7E_VbfGeYA3oZjmhZoOzRWXWgw2X7MVFK37FNd8Q==
libphonenumber-min_6f64debfdd.js
static.formstack.com/forms/js/3/
165 KB
41 KB
Script
General
Full URL
https://static.formstack.com/forms/js/3/libphonenumber-min_6f64debfdd.js
Requested by
Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//2020singleschedule?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.132.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-132-103.iad50.r.cloudfront.net
Software
nginx /
Resource Hash
be488c0f242b432e7109eebf228368139abbeff37eb8fad1b3c510d41e362bd7

Request headers

Referer
https://www.therams.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Tue, 23 May 2023 16:18:15 GMT
content-encoding
gzip
via
1.1 1717f995f2ca7c5df4d0a972f90c1564.cloudfront.net (CloudFront)
last-modified
Tue, 23 May 2023 16:13:52 GMT
server
nginx
x-amz-cf-pop
IAD50-C2
age
14189
etag
W/"646ce640-29364"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, s-maxage=86400
x-amz-cf-id
JD96LegnyqCN5mvtDq6Afr4wSTX97kutpmVBVEBIr1OewgfsngMO6Q==
googleanalytics_c118a241fb.js
static.formstack.com/forms/js/3/plugins/
2 KB
1 KB
Script
General
Full URL
https://static.formstack.com/forms/js/3/plugins/googleanalytics_c118a241fb.js
Requested by
Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//2020singleschedule?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.132.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-132-103.iad50.r.cloudfront.net
Software
nginx /
Resource Hash
d163164bb749cfdea6b29289c061df192d7fb36cc10f20b1583e3ab81156149a

Request headers

Referer
https://www.therams.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Tue, 23 May 2023 11:01:03 GMT
content-encoding
gzip
via
1.1 1717f995f2ca7c5df4d0a972f90c1564.cloudfront.net (CloudFront)
last-modified
Mon, 22 May 2023 16:16:00 GMT
server
nginx
x-amz-cf-pop
IAD50-C2
age
33221
etag
W/"646b9540-9cb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, s-maxage=86400
x-amz-cf-id
QCj7KlcYeUsK6Ao4rxETO89I51L42hC7T5GbHRgJjcsK84pelhVleQ==
utm_tracking_dd0b5a32b7.js
static.formstack.com/forms/js/3/plugins/
790 B
1 KB
Script
General
Full URL
https://static.formstack.com/forms/js/3/plugins/utm_tracking_dd0b5a32b7.js
Requested by
Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//2020singleschedule?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.132.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-132-103.iad50.r.cloudfront.net
Software
nginx /
Resource Hash
15d01c709fdf293cbb036c2bfabbf58a06a8b66bcc35df2455f485185b9d01bb

Request headers

Referer
https://www.therams.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Tue, 23 May 2023 12:40:37 GMT
via
1.1 1717f995f2ca7c5df4d0a972f90c1564.cloudfront.net (CloudFront)
last-modified
Mon, 22 May 2023 16:18:41 GMT
server
nginx
x-amz-cf-pop
IAD50-C2
age
27247
etag
"646b95e1-316"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, s-maxage=86400
accept-ranges
bytes
content-length
790
x-amz-cf-id
3PTwSODsrC2tW6KG7owvjfCwNkajvUESU34ZjO7MXuY8HZMKkmN6Bg==
modernizr_60a2d5aeb5.js
static.formstack.com/forms/js/3/
13 KB
6 KB
Script
General
Full URL
https://static.formstack.com/forms/js/3/modernizr_60a2d5aeb5.js
Requested by
Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//2020singleschedule?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.132.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-132-103.iad50.r.cloudfront.net
Software
nginx /
Resource Hash
af420c807b04fdb5136ef53f3bab83b81f2b94e43fa9856f1fad2fde88383744

Request headers

Referer
https://www.therams.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Tue, 23 May 2023 08:01:29 GMT
content-encoding
gzip
via
1.1 1717f995f2ca7c5df4d0a972f90c1564.cloudfront.net (CloudFront)
last-modified
Mon, 22 May 2023 16:18:43 GMT
server
nginx
x-amz-cf-pop
IAD50-C2
age
43995
etag
W/"646b95e3-33bc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, s-maxage=86400
x-amz-cf-id
6UbtLKfcAJxpE1hpILtYgNTj2fujxFRBSJhVtgQKV7swPO65H4IkpQ==
dest5.html
nfl.demdex.net/ Frame 57C1
7 KB
3 KB
Document
General
Full URL
https://nfl.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.114.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-114-201.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.therams.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-irl1-1-v048-0b9efa3f3.edge-irl1.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
bve1y6y9R60=
content-encoding
gzip
date
Tue, 23 May 2023 20:14:44 GMT
last-modified
Wed, 10 May 2023 10:46:53 GMT
transfer-encoding
chunked
vary
accept-encoding
ibs:dpid=411&dpuuid=ZG0etAAAAICEgQOY
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=64200240131507681293472648398654314580
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZG0etAAAAICEgQOY
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZG0etAAAAICEgQOY
Requested by
Host: www.therams.com
URL: https://www.therams.com/schedule/
Protocol
HTTP/1.1
Server
52.49.215.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-215-81.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v048-0b9efa3f3.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
tYTlyCweTFw=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZG0etAAAAICEgQOY
Date
Tue, 23 May 2023 20:14:44 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
delivery
nflenterprises.tt.omtrdc.net/rest/v1/
357 B
847 B
XHR
General
Full URL
https://nflenterprises.tt.omtrdc.net/rest/v1/delivery?client=nflenterprises&sessionId=27aa3d5c2e574cdea4b273c12ecb6ab7&version=2.10.2
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.235.152.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-66-235-152-113.data.adobedc.net
Software
jag /
Resource Hash
21716ff9c6690bee89ff577997021a3e2e3d8c6538ab3524c66c4a67e5954cb0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.therams.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 23 May 2023 20:14:44 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
server
jag
x-content-type-options
nosniff
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.therams.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
x-request-id
c2719e0c-2490-4cfd-901e-39972ad33cd3
ibs:dpid=269&dpuuid=3ab5646d-1eb4-4000-8547-a31c89bcda9c&ddsuuid=64200240131507681293472648398654314580
dpm.demdex.net/ Frame 57C1
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=64200240131507681293472648398654314580&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d64200240131507...
  • https://dpm.demdex.net/ibs:dpid=269&dpuuid=3ab5646d-1eb4-4000-8547-a31c89bcda9c&ddsuuid=64200240131507681293472648398654314580
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=269&dpuuid=3ab5646d-1eb4-4000-8547-a31c89bcda9c&ddsuuid=64200240131507681293472648398654314580
Requested by
Host: www.therams.com
URL: https://www.therams.com/schedule/
Protocol
HTTP/1.1
Server
52.49.215.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-215-81.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v048-04d6aa4f0.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
95JS/tiRRiM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date
Tue, 23 May 2023 20:14:44 GMT
Server
MT3 851 9bd98ae master cdg-pixel-x34 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dpm.demdex.net/ibs:dpid=269&dpuuid=3ab5646d-1eb4-4000-8547-a31c89bcda9c&ddsuuid=64200240131507681293472648398654314580
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 23 May 2023 20:14:43 GMT
pixel.gif
load77.exelator.com/ Frame 57C1
Redirect Chain
  • https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=64200240131507681293472648398654314580
  • https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=64200240131507681293472648398654314580&xl8blockcheck=1
  • https://load77.exelator.com/pixel.gif
43 B
365 B
Image
General
Full URL
https://load77.exelator.com/pixel.gif
Requested by
Host: www.therams.com
URL: https://www.therams.com/schedule/
Protocol
H2
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 23 May 2023 20:14:44 GMT
x-cache
HIT
x-77-cache
HIT
x-age
874111
x-accel-date
1683998773
content-length
43
x-77-nzt
AcO1rycppK7/f1YNAA
x-accel-expires
@1685035573
last-modified
Wed, 25 Oct 2017 17:03:56 GMT
server
CDN77-Turbo
etag
"59f0c3fc-2b"
x-77-nzt-ray
25b021319246b3b9b41e6d64fdf1ad2d
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes

Redirect headers

date
Tue, 23 May 2023 20:14:44 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://load77.exelator.com/pixel.gif
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
css
fonts.googleapis.com/
1 KB
817 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
83bb47871b3895cd8f4bf5da67037710b6d9a9e1fab80d03b579cd83a448fe23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 23 May 2023 20:14:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 23 May 2023 18:23:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 23 May 2023 20:14:44 GMT
integrator.js
adservice.google.de/adsid/
107 B
531 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.therams.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305180101/pubads_impl.js?cb=31074815
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 20:14:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
456 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.therams.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305180101/pubads_impl.js?cb=31074815
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 20:14:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
77 KB
17 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=72258887751063&correlator=3697160983282414&eid=31074678%2C31074723%2C31074815%2C31074695%2C21065725&output=ldjh&gdfp_req=1&vrg=202305180101&ptt=17&impl=fifs&iu_parts=4595%2Cteam.la%2Cschedule&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=100x30%2C100x30%2C100x30%2C728x90%7C970x90%7C970x250%2C728x90%7C970x250%7C970x90%2C1x4%2C1x1&ifi=1&adks=207209546%2C1080922568%2C1208089488%2C321486337%2C3662562588%2C995991317%2C2915423114&sfv=1-0-40&ists=1&prev_scp=slot%3Dbrandedspon%7Cslot%3Dbrandedspon1%7Cpartner%3Dticketmaster%26slot%3Dlogo%7Cslot%3Dtop%26club%3Dla%7Cslot%3Dbottom%7Cslot%3Dinterstitial%7Cslot%3Doop&eri=1&cust_params=s1%3Dschedule&sc=1&cookie_enabled=1&abxe=1&dt=1684872884628&lmt=1684872884&dlt=1684872883104&idt=1060&adxs=1376%2C1484%2C1324%2C436%2C436%2C800%2C800&adys=159%2C159%2C1173%2C311%2C10190%2C10871%2C0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0%7C1%7C2%7C0&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.therams.com%2Fschedule%2F&frm=20&vis=1&psz=248x32%7C248x32%7C174x16%7C1600x0%7C1600x0%7C1600x10871%7C1600x10871&msz=116x0%7C100x0%7C100x0%7C728x0%7C728x0%7C1600x0%7C1600x0&fws=4%2C4%2C0%2C0%2C0%2C4%2C4&ohw=1600%2C1600%2C0%2C0%2C0%2C1600%2C1600&ga_vid=1256100219.1684872885&ga_sid=1684872885&ga_hid=1966049212&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305180101/pubads_impl.js?cb=31074815
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18b057ba8c9ab17fa25f398c46f9b71b5127b70ef49ef4cc2faf44062b8a3049
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 20:14:44 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17027
x-xss-protection
0
google-lineitem-id
-2,-2,5362858293,-2,6287660768,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,138310656510,-2,138431504884,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.therams.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a9f75a4194adab9f33c5a1e95130639d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4FF1
6 KB
3 KB
Document
General
Full URL
https://a9f75a4194adab9f33c5a1e95130639d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305180101/pubads_impl.js?cb=31074815
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.therams.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 23 May 2023 20:14:44 GMT
expires
Wed, 22 May 2024 20:14:44 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ot_close.svg
cdn.cookielaw.org/logos/static/
651 B
600 B
Image
General
Full URL
https://cdn.cookielaw.org/logos/static/ot_close.svg
Requested by
Host: www.therams.com
URL: https://www.therams.com/schedule/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 23 May 2023 20:14:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
pcXWFGpuVeSg/jVnYCseRg==
age
57775
x-ms-lease-status
unlocked
last-modified
Mon, 22 May 2023 02:34:44 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
439ec356-901e-009f-0868-8ca05c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
7cbff7891cf12c72-FRA
All-ProSans--semiBold.woff2
www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/
19 KB
19 KB
Font
General
Full URL
https://www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/All-ProSans--semiBold.woff2
Requested by
Host: www.therams.com
URL: https://www.therams.com/compiledassets/css/base.css?_t=7c622c33563f55e9ff12803d8ffb56eb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
0dcdb2b2a47908a600d75aebd990877a582cb137d50a10066f9ebc484de79a46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.therams.com/compiledassets/css/base.css?_t=7c622c33563f55e9ff12803d8ffb56eb
Origin
https://www.therams.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
Via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
Date
Tue, 23 May 2023 20:14:44 GMT
Age
0
origin-site
LA3
X-Cache
MISS, HIT
x-envoy-upstream-service-time
1
Connection
keep-alive
X-NFL-Geo
country_code=DE
Content-Length
19112
x-xss-protection
1; mode=block
service-worker-allowed
/
X-Served-By
cache-bur-kbur8200053-BUR, cache-fra-eddf8230131-FRA
X-NFL-Dma
276003
last-modified
Mon, 15 May 2023 16:36:47 GMT
server
envoy
X-Timer
S1684872885.655252,VS0,VE160
etag
"1d9874b70dd3328"
Vary
X-NFL-Geo,Origin
content-type
font/woff2
access-control-allow-origin
https://www.therams.com
Cache-Control
public, max-age=5
Accept-Ranges
bytes
X-Cache-Hits
0, 1
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/
497 B
493 B
Fetch
General
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202303.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 23 May 2023 20:14:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
tXyZydHjxQshFMbbBT1/8A==
age
7601
x-ms-lease-status
unlocked
last-modified
Mon, 22 May 2023 17:17:57 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
af24b6e0-401e-0073-1872-8da825000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
7cbff7892f2d3678-FRA
National_Football_League_logo.svg.png
cdn.cookielaw.org/logos/46acd508-0e8d-40cd-af22-1a8bdfa6da60/e9c29623-f807-422e-9944-964ce7fff1e0/a67792a1-43d4-44d0-8d5e-99ce69b835d9/
68 KB
68 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/46acd508-0e8d-40cd-af22-1a8bdfa6da60/e9c29623-f807-422e-9944-964ce7fff1e0/a67792a1-43d4-44d0-8d5e-99ce69b835d9/National_Football_League_logo.svg.png
Requested by
Host: www.therams.com
URL: https://www.therams.com/schedule/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2d3d05d0d1428ea50277aee6c9e425bf29863861209cbef9ab97bc184f8f525
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 23 May 2023 20:14:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Gz5DzPx+xXH6/nhkr1Zhpg==
age
52339
content-length
69278
x-ms-lease-status
unlocked
last-modified
Mon, 22 Aug 2022 17:40:20 GMT
server
cloudflare
etag
0x8DA846562873955
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
55d0ada0-101e-00ca-4fe1-5a4b2b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7cbff7893d272c72-FRA
powered_by_logo.svg
cdn.cookielaw.org/logos/static/
5 KB
2 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Requested by
Host: www.therams.com
URL: https://www.therams.com/schedule/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 23 May 2023 20:14:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
6947
x-ms-lease-status
unlocked
last-modified
Mon, 22 May 2023 17:17:58 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
0a756ff8-801e-0008-30d3-8cc395000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
7cbff7893d292c72-FRA
main.js
www.therams.com/compiledassets/js/
7 KB
3 KB
Script
General
Full URL
https://www.therams.com/compiledassets/js/main.js?_t=bc019a14e50a0a7921ed567de291bd74
Requested by
Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
f63b6991810ec4f98212762bc0ab61f08e0400d05718019ee4ff280a55f93604
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/schedule/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
Date
Tue, 23 May 2023 20:14:44 GMT
Via
1.1 varnish, 1.1 varnish
Age
0
origin-site
LA3
X-Cache
HIT, HIT
x-envoy-upstream-service-time
1
Connection
keep-alive
X-NFL-Geo
country_code=DE
Content-Length
2036
x-xss-protection
1; mode=block
service-worker-allowed
/
X-Served-By
cache-bur-kbur8200062-BUR, cache-fra-eddf8230114-FRA
X-NFL-Dma
276003
last-modified
Mon, 15 May 2023 16:44:18 GMT
server
envoy
X-Timer
S1684872885.683436,VS0,VE160
etag
"1d9874c7dae81ae"
Vary
Accept-Encoding,X-NFL-Geo,Origin
content-type
application/javascript
access-control-allow-origin
*
Cache-Control
public, max-age=5
Accept-Ranges
bytes
X-Cache-Hits
1, 1
ibs:dpid=359&dpuuid=FaXYjxDi1Q1yp65
dpm.demdex.net/ Frame 57C1
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_
  • https://dpm.demdex.net/ibs:dpid=359&dpuuid=FaXYjxDi1Q1yp65
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=359&dpuuid=FaXYjxDi1Q1yp65
Requested by
Host: www.therams.com
URL: https://www.therams.com/schedule/
Protocol
HTTP/1.1
Server
52.49.215.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-215-81.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v048-076739d48.edge-irl1.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
van7U/X0Qvc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma
no-cache
Date
Tue, 23 May 2023 20:14:44 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-777-g304ac51#rel-ec2-master i-0a1a90ed6ac66fe36@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://dpm.demdex.net/ibs:dpid=359&dpuuid=FaXYjxDi1Q1yp65
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.therams.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 15:41:45 GMT
x-content-type-options
nosniff
age
275579
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 May 2024 15:41:45 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.therams.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 13:31:10 GMT
x-content-type-options
nosniff
age
283414
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 May 2024 13:31:10 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame BA67
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu8pT0bmYJ59v9VHxNH-eC5oIJsUfOHTsFbNR3DB0MrQIqbyBQCFrjjNMzXt_JqJpsDRrMJ17CcAaUMkTqGBDdd7tRRZuvwq3DrRA6TBouwAzuZHBpDhRQsKMksvHZNhIi_VG88UnJbqndqnTcZQKxYiILhbnAvzoP5hGUxXHavZfKaW5G1_-_4CgUeqr6rRFvwD34_DoRupBD5UQehPD4081yA7FHtrvxTcR9XrZtzwsOi5UqJX-lSH9auv24BnTIB4PLbqTMFP1RuMSMzYc4JWvb3J439q5VtgNI8y-YFv4jm-g0qv7UpUYdfJP7DTHQTszk&sai=AMfl-YTEnE3YAxMI0LZmuHkMZLhmKQ7fYD_aDt9lzm8Iv5rbCEZK7Vcz4Iegyibqr898AGLNr_c55IbFb9LBk64FnlJR9Ra_NNEpG8FfpRVhwpt3RuzUxkhLYbNyPJrFt4U17R_-Kvj4rkKi9KroHAQO&sig=Cg0ArKJSzJ_4sSkMDUoNEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.therams.com
URL: https://www.therams.com/schedule/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 20:14:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 23 May 2023 20:14:44 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame BA67
3 KB
2 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305180101/pubads_impl.js?cb=31074815
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 13:46:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
23289
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Jun 2023 13:46:35 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BA67
171 KB
54 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305180101/pubads_impl.js?cb=31074815
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
452f096c720b3e3f9bef10090f461ce08ab38e64159263e9939a7c60067aa32f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 20:14:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54262
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684757038394838"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 May 2023 20:14:44 GMT
7476150962692212385
tpc.googlesyndication.com/simgad/ Frame BA67
5 KB
5 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/7476150962692212385
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305180101/pubads_impl.js?cb=31074815
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b884aa073ae0995039e442f97eaa0523fa02913747029e74e717248812a476d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 19:55:50 GMT
x-content-type-options
nosniff
age
519534
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4709
x-xss-protection
0
last-modified
Tue, 05 May 2020 00:44:53 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 16 May 2024 19:55:50 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3D0E
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvfgEKjxSNyAY-mYQAK4RMtVvTsMIBCDiuLPyUf7KdhUb1643q9TOxM-dVz2l6JVrDJ97Yt2dM4r6o19PzOZoNE_QMNhzOPG6BdtT1VjJCbkPQoHkOaBpkUjglcZk_hHbypRJZNMycQFZxFluCDLl-P10QDiqSfgdcUDzS9pLoGYgJOZrjUw_EF3dXPtXjuQP0z8rjx7ZnuBAQajVEhETgYYhjfP59GTW9lZcTQbBZk1I1zElX5a_i0minGZSeJcA4w4yBcozZL_VN2Tfh0umVUC4kUwC7tWyaX1BcethCzI3kt5yHSG705Sggc--Vu9QeUK0M&sai=AMfl-YQQvM4O7H2I2vLPU7bc-EVLVv6D9PEfxcQryE8nv1kZndaT-pu-lDC2nOZwj_ou5XNVQVMH9YYOM1Y5OqLXXoRsb782IeNh1Wc4kOjPkGH9pyoLWHVqL34wRA1DZmacCi73Q5hWAUbFhvWIjTlo&sig=Cg0ArKJSzNdQVHvbTkaAEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.therams.com
URL: https://www.therams.com/schedule/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 20:14:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 23 May 2023 20:14:44 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame 3D0E
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305180101/pubads_impl.js?cb=31074815
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 13:46:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
23289
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Jun 2023 13:46:35 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3D0E
171 KB
53 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305180101/pubads_impl.js?cb=31074815
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
452f096c720b3e3f9bef10090f461ce08ab38e64159263e9939a7c60067aa32f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 20:14:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54262
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684757038394838"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 May 2023 20:14:44 GMT
15074156624295062743
tpc.googlesyndication.com/simgad/ Frame 3D0E
72 KB
72 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/15074156624295062743
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305180101/pubads_impl.js?cb=31074815
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
834f03082e3c1b45fd4fcd805ec415f07236a6586e08db572985f38c8b735e31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 20:14:44 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73763
x-xss-protection
0
last-modified
Wed, 26 Apr 2023 16:47:43 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 22 May 2024 20:14:44 GMT
ibs:dpid=358&dpuuid=3955446442563860411
dpm.demdex.net/ Frame 57C1
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=3955446442563860411
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=358&dpuuid=3955446442563860411
Requested by
Host: www.therams.com
URL: https://www.therams.com/schedule/
Protocol
HTTP/1.1
Server
52.49.215.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-215-81.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v048-0e3ebe570.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
hU67S5ZdQFo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date
Tue, 23 May 2023 20:14:44 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.164; 185.213.155.164; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
73ec196d-97c6-4af1-b129-e9a1aa2aca04
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dpm.demdex.net/ibs:dpid=358&dpuuid=3955446442563860411
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame BA67
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ddd2c7c2acb3ed80cc30441a7e075fc0acf43b15ba5b7459c89d0729188fc963

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3D0E
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6daa2c4303a3ea37647e5a33af5c9c1c34c8003eb03b76c93d1c0a2f36a8d7e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
requireModule.js
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/functions/
1 KB
1 KB
Script
General
Full URL
https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/functions/requireModule.js
Requested by
Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
1690e605ce0b7b17dadf5cfa24a8ce211b424c4b1f22702d34fd624e727b68de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/schedule/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
Date
Tue, 23 May 2023 20:14:44 GMT
Via
1.1 varnish, 1.1 varnish
Age
702901
origin-site
LA3
X-Cache
MISS, HIT
x-envoy-upstream-service-time
5
Connection
keep-alive
X-NFL-Geo
country_code=DE
Content-Length
558
x-xss-protection
1; mode=block
service-worker-allowed
/
X-Served-By
cache-bur-kbur8200105-BUR, cache-fra-eddf8230114-FRA
X-NFL-Dma
276003
last-modified
Mon, 15 May 2023 16:44:18 GMT
server
envoy
X-Timer
S1684872885.856870,VS0,VE2
etag
"1d9874c7dae9905"
Vary
Accept-Encoding,X-NFL-Geo,Origin
content-type
application/javascript
access-control-allow-origin
*
Cache-Control
public, max-age=5
Accept-Ranges
bytes
X-Cache-Hits
0, 1
intersectionObserver.js
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/functions/
808 B
1 KB
Script
General
Full URL
https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/functions/intersectionObserver.js
Requested by
Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
8182161d54abafd67e6e11122131bc2bcd65a4a86bf80617e655aa88265000f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/schedule/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
Date
Tue, 23 May 2023 20:14:44 GMT
Via
1.1 varnish, 1.1 varnish
Age
702901
origin-site
LV1
X-Cache
HIT, HIT
x-envoy-upstream-service-time
4
Connection
keep-alive
X-NFL-Geo
country_code=DE
Content-Length
428
x-xss-protection
1; mode=block
service-worker-allowed
/
X-Served-By
cache-bur-kbur8200052-BUR, cache-fra-eddf8230131-FRA
X-NFL-Dma
276003
last-modified
Mon, 15 May 2023 16:44:18 GMT
server
envoy
X-Timer
S1684872885.857154,VS0,VE1
etag
"1d9874c7dae9e28"
Vary
Accept-Encoding,X-NFL-Geo,Origin
content-type
application/javascript
access-control-allow-origin
*
Cache-Control
public, max-age=5
Accept-Ranges
bytes
X-Cache-Hits
1, 1
adobeLaunch.js
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/
3 KB
2 KB
Script
General
Full URL
https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/adobeLaunch.js
Requested by
Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
cfd88d77357dcdbf67e882d6771b4404fa9040c966ebeb859dd903418f11875c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/schedule/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
Date
Tue, 23 May 2023 20:14:44 GMT
Via
1.1 varnish, 1.1 varnish
Age
66038
origin-site
LA3
X-Cache
MISS, HIT
x-envoy-upstream-service-time
1
Connection
keep-alive
X-NFL-Geo
country_code=DE
Content-Length
923
x-xss-protection
1; mode=block
service-worker-allowed
/
X-Served-By
cache-bur-kbur8200100-BUR, cache-fra-eddf8230068-FRA
X-NFL-Dma
276003
last-modified
Mon, 15 May 2023 16:44:18 GMT
server
envoy
X-Timer
S1684872885.857527,VS0,VE1
etag
"1d9874c7dae97c3"
Vary
Accept-Encoding,X-NFL-Geo,Origin
content-type
application/javascript
access-control-allow-origin
*
Cache-Control
public, max-age=5
Accept-Ranges
bytes
X-Cache-Hits
0, 1
lazyload.js
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/
2 KB
2 KB
Script
General
Full URL
https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/lazyload.js
Requested by
Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
5377c77436bfcc620e2d5bebb1779b5daf63a9cabd28022ba959323d1d8e9b0b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/schedule/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
Date
Tue, 23 May 2023 20:14:44 GMT
Via
1.1 varnish, 1.1 varnish
Age
636550
origin-site
LA3
X-Cache
HIT, HIT
x-envoy-upstream-service-time
1
Connection
keep-alive
X-NFL-Geo
country_code=DE
Content-Length
846
x-xss-protection
1; mode=block
service-worker-allowed
/
X-Served-By
cache-bur-kbur8200054-BUR, cache-fra-eddf8230074-FRA
X-NFL-Dma
276003
last-modified
Mon, 15 May 2023 16:44:18 GMT
server
envoy
X-Timer
S1684872885.857526,VS0,VE1
etag
"1d9874c7dae9a96"
Vary
Accept-Encoding,X-NFL-Geo,Origin
content-type
application/javascript
access-control-allow-origin
*
Cache-Control
public, max-age=5
Accept-Ranges
bytes
X-Cache-Hits
1, 1
gigya.js
cdns.us1.gigya.com/js/
496 KB
164 KB
Script
General
Full URL
https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ
Requested by
Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.2 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-2.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
673089261a490c7c06604429afc843813446902e59322da97745929aaec615f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 20:14:44 GMT
content-encoding
gzip
x-soa
true, Gator
vary
Accept-Encoding
p3p
CP="IDC COR PSA DEV ADM OUR IND ONL"
access-control-allow-origin
*
x-callid
e027a5ac51e243fdbc40155ac6155c39
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=900, s-maxage=3600
x-server
us1d-nomad-t12
x-error-code
0
x-robots-tag
none
content-length
166868
expires
Tue, 23 May 2023 20:29:44 GMT
gigyaLoggedInChecker.js
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/common/
2 KB
2 KB
Script
General
Full URL
https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/common/gigyaLoggedInChecker.js
Requested by
Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
c06f3fcb3a93af5c96f6d7eda17c8bf3bb02fc99b8d68e4fea7cfecd1d0fe948
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/schedule/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
Date
Tue, 23 May 2023 20:14:44 GMT
Via
1.1 varnish, 1.1 varnish
Age
702901
origin-site
LV1
X-Cache
HIT, HIT
x-envoy-upstream-service-time
3
Connection
keep-alive
X-NFL-Geo
country_code=DE
Content-Length
909
x-xss-protection
1; mode=block
service-worker-allowed
/
X-Served-By
cache-bur-kbur8200066-BUR, cache-fra-eddf8230136-FRA
X-NFL-Dma
276003
last-modified
Mon, 15 May 2023 16:44:18 GMT
server
envoy
X-Timer
S1684872885.857545,VS0,VE3
etag
"1d9874c7dae9a71"
Vary
Accept-Encoding,X-NFL-Geo,Origin
content-type
application/javascript
access-control-allow-origin
*
Cache-Control
public, max-age=5
Accept-Ranges
bytes
X-Cache-Hits
1, 1
noconflict.js
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/
93 B
910 B
Script
General
Full URL
https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/noconflict.js
Requested by
Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
61ed9ec4c536d2eb2e32389cfff1656afce90aa7715968876853a1ac3439ca88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/schedule/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
Date
Tue, 23 May 2023 20:14:44 GMT
Via
1.1 varnish, 1.1 varnish
Age
702901
origin-site
LV1
X-Cache
MISS, HIT
x-envoy-upstream-service-time
2
Connection
keep-alive
X-NFL-Geo
country_code=DE
Content-Length
108
x-xss-protection
1; mode=block
service-worker-allowed
/
X-Served-By
cache-bur-kbur8200025-BUR, cache-fra-eddf8230114-FRA
X-NFL-Dma
276003
last-modified
Mon, 15 May 2023 16:44:18 GMT
server
envoy
X-Timer
S1684872885.887842,VS0,VE1
etag
"1d9874c7dae9d5d"
Vary
Accept-Encoding,X-NFL-Geo,Origin
content-type
application/javascript
access-control-allow-origin
*
Cache-Control
public, max-age=5
Accept-Ranges
bytes
X-Cache-Hits
0, 1
adobeLaunchService.js
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/addons/services/
180 B
950 B
Script
General
Full URL
https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/addons/services/adobeLaunchService.js
Requested by
Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
a72891ab6e9b44ba1dab6cda81cb196e7a93913a05c7b8d772bbe35c402f14f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/schedule/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
Date
Tue, 23 May 2023 20:14:44 GMT
Via
1.1 varnish, 1.1 varnish
Age
702901
origin-site
LV1
X-Cache
HIT, HIT
x-envoy-upstream-service-time
6
Connection
keep-alive
X-NFL-Geo
country_code=DE
Content-Length
149
x-xss-protection
1; mode=block
service-worker-allowed
/
X-Served-By
cache-bur-kbur8200168-BUR, cache-fra-eddf8230136-FRA
X-NFL-Dma
276003
last-modified
Mon, 15 May 2023 16:44:18 GMT
server
envoy
X-Timer
S1684872885.892227,VS0,VE1
etag
"1d9874c7dae9db4"
Vary
Accept-Encoding,X-NFL-Geo,Origin
content-type
application/javascript
access-control-allow-origin
*
Cache-Control
public, max-age=5
Accept-Ranges
bytes
X-Cache-Hits
1, 1
iconHelper.js
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/
530 B
1 KB
Script
General
Full URL
https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/iconHelper.js
Requested by
Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
8bcd1a4901c7753af609970d77e8a023a889afdb02bb7ee6b343b05ca5069598
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/schedule/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
Date
Tue, 23 May 2023 20:14:44 GMT
Via
1.1 varnish, 1.1 varnish
Age
702901
origin-site
LA3
X-Cache
HIT, HIT
x-envoy-upstream-service-time
2
Connection
keep-alive
X-NFL-Geo
country_code=DE
Content-Length
380
x-xss-protection
1; mode=block
service-worker-allowed
/
X-Served-By
cache-bur-kbur8200131-BUR, cache-fra-eddf8230074-FRA
X-NFL-Dma
276003
last-modified
Mon, 15 May 2023 16:44:18 GMT
server
envoy
X-Timer
S1684872885.892452,VS0,VE1
etag
"1d9874c7dae9f12"
Vary
Accept-Encoding,X-NFL-Geo,Origin
content-type
application/javascript
access-control-allow-origin
*
Cache-Control
public, max-age=5
Accept-Ranges
bytes
X-Cache-Hits
1, 1
gigyaHelper.js
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/helpers/
3 KB
2 KB
Script
General
Full URL
https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/helpers/gigyaHelper.js
Requested by
Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
e9166b6dead256e5e723626e7344660a24e0c5e99b4688bc4f60633886a5e0bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/schedule/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
Date
Tue, 23 May 2023 20:14:44 GMT
Via
1.1 varnish, 1.1 varnish
Age
702900
origin-site
LA3
X-Cache
HIT, HIT
x-envoy-upstream-service-time
4
Connection
keep-alive
X-NFL-Geo
country_code=DE
Content-Length
1209
x-xss-protection
1; mode=block
service-worker-allowed
/
X-Served-By
cache-bur-kbur8200151-BUR, cache-fra-eddf8230068-FRA
X-NFL-Dma
276003
last-modified
Mon, 15 May 2023 16:44:18 GMT
server
envoy
X-Timer
S1684872885.901514,VS0,VE2
etag
"1d9874c7dae9662"
Vary
Accept-Encoding,X-NFL-Geo,Origin
content-type
application/javascript
access-control-allow-origin
*
Cache-Control
public, max-age=5
Accept-Ranges
bytes
X-Cache-Hits
1, 1
accountButtonService.js
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/addons/services/
831 B
1 KB
Script
General
Full URL
https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/addons/services/accountButtonService.js
Requested by
Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
d564ecea790280585429959b133a75bad092b20be35041c735d9c3fb1b800c14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/schedule/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
Date
Tue, 23 May 2023 20:14:44 GMT
Via
1.1 varnish, 1.1 varnish
Age
702901
origin-site
LV1
X-Cache
MISS, HIT
x-envoy-upstream-service-time
7
Connection
keep-alive
X-NFL-Geo
country_code=DE
Content-Length
488
x-xss-protection
1; mode=block
service-worker-allowed
/
X-Served-By
cache-bur-kbur8200124-BUR, cache-fra-eddf8230131-FRA
X-NFL-Dma
276003
last-modified
Mon, 15 May 2023 16:44:18 GMT
server
envoy
X-Timer
S1684872885.899155,VS0,VE1
etag
"1d9874c7dae9e3f"
Vary
Accept-Encoding,X-NFL-Geo,Origin
content-type
application/javascript
access-control-allow-origin
*
Cache-Control
public, max-age=5
Accept-Ranges
bytes
X-Cache-Hits
0, 1
LA
static.www.nfl.com/t_q-best/league/api/clubs/logos/
8 KB
4 KB
Image
General
Full URL
https://static.www.nfl.com/t_q-best/league/api/clubs/logos/LA
Requested by
Host: www.therams.com
URL: https://www.therams.com/schedule/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
bcec1a47d702627a87baa373da863f22a6133d09fabad9fa9182380dd654134e
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Tue, 23 May 2023 20:14:44 GMT
Via
1.1 varnish, 1.1 varnish
Age
571007
X-Cache
HIT, HIT
Content-Disposition
attachment; filename="LA"
Connection
keep-alive
Server-Timing
cld-fastly;mitm=f;dur=134;cpu=0;start=2023-05-17T05:37:57.862Z;desc=miss,rtt;dur=0,cloudinary;dur=129;start=2023-05-17T05:37:57.862Z
Content-Length
3390
X-Served-By
cache-iad-kcgs7200127-IAD, cache-fra-eddf8230072-FRA
Last-Modified
Tue, 27 Oct 2020 18:38:40 GMT
Server
Cloudinary
X-Timer
S1684872885.928317,VS0,VE1
Etag
W/"f3c7a18a8a089614f6d239bc13034f14"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
Cache-Control
public, no-transform, immutable, max-age=31557600,no-cache
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Cache-Hits
5711, 1
x4bfi8idjpvcb0pwctto
static.clubs.nfl.com/image/private/f_auto/rams/
41 KB
42 KB
Image
General
Full URL
https://static.clubs.nfl.com/image/private/f_auto/rams/x4bfi8idjpvcb0pwctto
Requested by
Host: www.therams.com
URL: https://www.therams.com/schedule/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
3d73b5f59d6f4925cfdee376ad7738ec527111ae462a4ec9598b0e35beacccd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Tue, 23 May 2023 20:14:44 GMT
Via
1.1 varnish, 1.1 varnish, 1.1 varnish
Age
1026002
Edge-Cache-Tag
550201907655763978091652480802525651315,427243639673637129188351318415228242347,c34f21cfe162ce329654d565922e8c70
Cache-Tag
550201907655763978091652480802525651315,427243639673637129188351318415228242347,c34f21cfe162ce329654d565922e8c70
Status
200 OK
X-Cache
MISS, HIT, HIT
Content-Disposition
inline; filename="x4bfi8idjpvcb0pwctto.webp"
Connection
keep-alive
Content-Length
42082
X-Request-Id
9adcd01473aecf151b94d49eaefdee55
X-Served-By
cache-iad-kcgs7200150-IAD, cache-iad-kjyo7100100-IAD, cache-fra-eddf8230045-FRA
Last-Modified
Thu, 11 May 2023 23:14:43 GMT
Server
cloudinary
X-Timer
S1684872885.902636,VS0,VE1
Etag
"0368e7a16ec7c581b8e5097b6021c567"
Vary
X-NFL-Image-Support
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31557600
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
0, 2430, 1
o83urxdquppaniilfg3g
static.clubs.nfl.com/image/private/f_auto/rams/
32 KB
33 KB
Image
General
Full URL
https://static.clubs.nfl.com/image/private/f_auto/rams/o83urxdquppaniilfg3g
Requested by
Host: www.therams.com
URL: https://www.therams.com/schedule/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
1e1de3e64b75a760b1fb4593b869ad888230f8b2daae2b418b017d206135a6e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Tue, 23 May 2023 20:14:44 GMT
Via
1.1 varnish, 1.1 varnish, 1.1 varnish
Age
1293894
Edge-Cache-Tag
430180814662264295397231375559549420306,427243639673637129188351318415228242347,c34f21cfe162ce329654d565922e8c70
Cache-Tag
430180814662264295397231375559549420306,427243639673637129188351318415228242347,c34f21cfe162ce329654d565922e8c70
X-Cache
MISS, HIT, HIT
Content-Disposition
inline; filename="o83urxdquppaniilfg3g.webp"
Connection
keep-alive
Content-Length
32856
X-Served-By
cache-iad-kiad7000120-IAD, cache-iad-kjyo7100163-IAD, cache-fra-eddf8230084-FRA
Last-Modified
Mon, 01 May 2023 23:58:58 GMT
Server
cloudinary
X-Timer
S1684872885.915590,VS0,VE2
Etag
"b43d835d75cc70cfee848a80ae6eca8d"
Vary
X-NFL-Image-Support
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31557600
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
0, 78, 1
jquery-3.6.0.min.js
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/vendor/jquery/
105 KB
40 KB
Script
General
Full URL
https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/vendor/jquery/jquery-3.6.0.min.js
Requested by
Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
878796facbcbeadeddda79c14175bb3967519b61d1db46ae49a36b5dc84e5dd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/schedule/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
Date
Tue, 23 May 2023 20:14:44 GMT
Via
1.1 varnish, 1.1 varnish
Age
702900
origin-site
LV1
X-Cache
HIT, HIT
x-envoy-upstream-service-time
2
Connection
keep-alive
X-NFL-Geo
country_code=DE
Content-Length
39864
x-xss-protection
1; mode=block
service-worker-allowed
/
X-Served-By
cache-bur-kbur8200091-BUR, cache-fra-eddf8230074-FRA
X-NFL-Dma
276003
last-modified
Mon, 15 May 2023 16:44:18 GMT
server
envoy
X-Timer
S1684872885.903648,VS0,VE2
etag
"1d9874c7daf39e7"
Vary
Accept-Encoding,X-NFL-Geo,Origin
content-type
application/javascript
access-control-allow-origin
*
Cache-Control
public, max-age=5
Accept-Ranges
bytes
X-Cache-Hits
1, 1
navigation.js
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/
6 KB
3 KB
Script
General
Full URL
https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/navigation.js
Requested by
Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
54fbe08cd567b05b1c11dc37745a2b278c0521d1af11d8076ad50f685ea889ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/schedule/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
Date
Tue, 23 May 2023 20:14:44 GMT
Via
1.1 varnish, 1.1 varnish
Age
702901
origin-site
LA3
X-Cache
MISS, HIT
x-envoy-upstream-service-time
8
Connection
keep-alive
X-NFL-Geo
country_code=DE
Content-Length
2299
x-xss-protection
1; mode=block
service-worker-allowed
/
X-Served-By
cache-bur-kbur8200084-BUR, cache-fra-eddf8230136-FRA
X-NFL-Dma
276003
last-modified
Mon, 15 May 2023 16:44:18 GMT
server
envoy
X-Timer
S1684872885.904677,VS0,VE1
etag
"1d9874c7dae84ba"
Vary
Accept-Encoding,X-NFL-Geo,Origin
content-type
application/javascript
access-control-allow-origin
*
Cache-Control
public, max-age=5
Accept-Ranges
bytes
X-Cache-Hits
0, 1
search.js
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/
2 KB
2 KB
Script
General
Full URL
https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/search.js
Requested by
Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
d5fff1784193807b9cd03e9babd9b017375f622351e7024b591e6b337295e47a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/schedule/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
Date
Tue, 23 May 2023 20:14:44 GMT
Via
1.1 varnish, 1.1 varnish
Age
702901
origin-site
LV1
X-Cache
HIT, HIT
x-envoy-upstream-service-time
3
Connection
keep-alive
X-NFL-Geo
country_code=DE
Content-Length
880
x-xss-protection
1; mode=block
service-worker-allowed
/
X-Served-By
cache-bur-kbur8200091-BUR, cache-fra-eddf8230131-FRA
X-NFL-Dma
276003
last-modified
Mon, 15 May 2023 16:44:18 GMT
server
envoy
X-Timer
S1684872885.911884,VS0,VE1
etag
"1d9874c7dae9acf"
Vary
Accept-Encoding,X-NFL-Geo,Origin
content-type
application/javascript
access-control-allow-origin
*
Cache-Control
public, max-age=5
Accept-Ranges
bytes
X-Cache-Hits
1, 1
calendarOptions.js
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/
1 KB
1 KB
Script
General
Full URL
https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/calendarOptions.js
Requested by
Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
7f48123723251fde71c5aff246bfcf33cd9abdd69ebe1140eed0ae364e8a7e44
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/schedule/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
Date
Tue, 23 May 2023 20:14:44 GMT
Via
1.1 varnish, 1.1 varnish
Age
701729
origin-site
LA3
X-Cache
MISS, HIT
x-envoy-upstream-service-time
1
Connection
keep-alive
X-NFL-Geo
country_code=DE
Content-Length
529
x-xss-protection
1; mode=block
service-worker-allowed
/
X-Served-By
cache-bur-kbur8200101-BUR, cache-fra-eddf8230068-FRA
X-NFL-Dma
276003
last-modified
Mon, 15 May 2023 16:44:18 GMT
server
envoy
X-Timer
S1684872885.913837,VS0,VE3
etag
"1d9874c7dae99a4"
Vary
Accept-Encoding,X-NFL-Geo,Origin
content-type
application/javascript
access-control-allow-origin
*
Cache-Control
public, max-age=5
Accept-Ranges
bytes
X-Cache-Hits
0, 1
locationHelper.js
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/helpers/
1 KB
1 KB
Script
General
Full URL
https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/helpers/locationHelper.js
Requested by
Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
8630299a25d2e6e488149c269c4e70b09e7e4c82e7aaaf108432cf047572f74b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/schedule/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
Date
Tue, 23 May 2023 20:14:44 GMT
Via
1.1 varnish, 1.1 varnish
Age
702900
origin-site
LA3
X-Cache
HIT, HIT
x-envoy-upstream-service-time
5
Connection
keep-alive
X-NFL-Geo
country_code=DE
Content-Length
550
x-xss-protection
1; mode=block
service-worker-allowed
/
X-Served-By
cache-bur-kbur8200173-BUR, cache-fra-eddf8230136-FRA
X-NFL-Dma
276003
last-modified
Mon, 15 May 2023 16:44:18 GMT
server
envoy
X-Timer
S1684872885.916451,VS0,VE1
etag
"1d9874c7dae995f"
Vary
Accept-Encoding,X-NFL-Geo,Origin
content-type
application/javascript
access-control-allow-origin
*
Cache-Control
public, max-age=5
Accept-Ranges
bytes
X-Cache-Hits
1, 1
browserHelper.js
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/helpers/
2 KB
2 KB
Script
General
Full URL
https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/helpers/browserHelper.js
Requested by
Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
51f9f21b7ac45e48dea3f02ead3b3ed2151936f28cb0f7a3bf26af88bb30adb1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/schedule/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
Date
Tue, 23 May 2023 20:14:44 GMT
Via
1.1 varnish, 1.1 varnish
Age
702776
origin-site
LV1
X-Cache
MISS, HIT
x-envoy-upstream-service-time
2
Connection
keep-alive
X-NFL-Geo
country_code=DE
Content-Length
761
x-xss-protection
1; mode=block
service-worker-allowed
/
X-Served-By
cache-bur-kbur8200069-BUR, cache-fra-eddf8230074-FRA
X-NFL-Dma
276003
last-modified
Mon, 15 May 2023 16:44:18 GMT
server
envoy
X-Timer
S1684872885.915240,VS0,VE1
etag
"1d9874c7dae9b20"
Vary
Accept-Encoding,X-NFL-Geo,Origin
content-type
application/javascript
access-control-allow-origin
*
Cache-Control
public, max-age=5
Accept-Ranges
bytes
X-Cache-Hits
0, 1
ibs:dpid=470&dpuuid=8677260299256887821
dpm.demdex.net/ Frame 57C1
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
  • https://dpm.demdex.net/ibs:dpid=470&dpuuid=8677260299256887821
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=470&dpuuid=8677260299256887821
Requested by
Host: www.therams.com
URL: https://www.therams.com/schedule/
Protocol
HTTP/1.1
Server
52.49.215.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-215-81.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v048-0b9d35258.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
9A6/LgEORl4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=470&dpuuid=8677260299256887821
pragma
no-cache
date
Tue, 23 May 2023 20:14:44 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sha256.min.js
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/vendor/sha256/
9 KB
5 KB
Script
General
Full URL
https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/vendor/sha256/sha256.min.js
Requested by
Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
7157511697db744d384a5a2a8646af23f3c90560abf93bb240fdd690b29a898a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/schedule/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
Date
Tue, 23 May 2023 20:14:44 GMT
Via
1.1 varnish, 1.1 varnish
Age
702901
origin-site
LA3
X-Cache
HIT, HIT
x-envoy-upstream-service-time
3
Connection
keep-alive
X-NFL-Geo
country_code=DE
Content-Length
3888
x-xss-protection
1; mode=block
service-worker-allowed
/
X-Served-By
cache-bur-kbur8200073-BUR, cache-fra-eddf8230136-FRA
X-NFL-Dma
276003
last-modified
Mon, 15 May 2023 16:44:18 GMT
server
envoy
X-Timer
S1684872885.968967,VS0,VE2
etag
"1d9874c7daebe39"
Vary
Accept-Encoding,X-NFL-Geo,Origin
content-type
application/javascript
access-control-allow-origin
*
Cache-Control
public, max-age=5
Accept-Ranges
bytes
X-Cache-Hits
1, 1
nflTokenHelper.js
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/helpers/
3 KB
2 KB
Script
General
Full URL
https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/helpers/nflTokenHelper.js
Requested by
Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
1526ac09d5d3d44e09a9b34462a2d7bdbb2582940b9bb3c5f9e5d67a00fa92e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/schedule/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
Date
Tue, 23 May 2023 20:14:44 GMT
Via
1.1 varnish, 1.1 varnish
Age
702900
origin-site
LV1
X-Cache
MISS, HIT
x-envoy-upstream-service-time
5
Connection
keep-alive
X-NFL-Geo
country_code=DE
Content-Length
1146
x-xss-protection
1; mode=block
service-worker-allowed
/
X-Served-By
cache-bur-kbur8200078-BUR, cache-fra-eddf8230068-FRA
X-NFL-Dma
276003
last-modified
Mon, 15 May 2023 16:44:18 GMT
server
envoy
X-Timer
S1684872885.966763,VS0,VE2
etag
"1d9874c7dae9616"
Vary
Accept-Encoding,X-NFL-Geo,Origin
content-type
application/javascript
access-control-allow-origin
*
Cache-Control
public, max-age=5
Accept-Ranges
bytes
X-Cache-Hits
0, 1
js.cookie.min.js
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/vendor/js-cookie/
2 KB
2 KB
Script
General
Full URL
https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/vendor/js-cookie/js.cookie.min.js
Requested by
Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
a1e8ff6e3433451a637658e81616852233d86684186eab93629b79c94d15b28f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/schedule/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
Date
Tue, 23 May 2023 20:14:44 GMT
Via
1.1 varnish, 1.1 varnish
Age
702900
origin-site
LV1
X-Cache
HIT, HIT
x-envoy-upstream-service-time
3
Connection
keep-alive
X-NFL-Geo
country_code=DE
Content-Length
1126
x-xss-protection
1; mode=block
service-worker-allowed
/
X-Served-By
cache-bur-kbur8200034-BUR, cache-fra-eddf8230136-FRA
X-NFL-Dma
276003
last-modified
Mon, 15 May 2023 16:44:18 GMT
server
envoy
X-Timer
S1684872885.980452,VS0,VE1
etag
"1d9874c7dae9ae6"
Vary
Accept-Encoding,X-NFL-Geo,Origin
content-type
application/javascript
access-control-allow-origin
*
Cache-Control
public, max-age=5
Accept-Ranges
bytes
X-Cache-Hits
1, 1
jquery.visible.min.js
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/vendor/jquery/plugins/
803 B
1 KB
Script
General
Full URL
https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/vendor/jquery/plugins/jquery.visible.min.js
Requested by
Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
5735dc0f41e6575b3c446749ff221fed891988e66b7313e985a0e9c0cfbea52b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/schedule/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
Date
Tue, 23 May 2023 20:14:44 GMT
Via
1.1 varnish, 1.1 varnish
Age
50411
origin-site
LA3
X-Cache
MISS, HIT
x-envoy-upstream-service-time
1
Connection
keep-alive
X-NFL-Geo
country_code=DE
Content-Length
443
x-xss-protection
1; mode=block
service-worker-allowed
/
X-Served-By
cache-bur-kbur8200164-BUR, cache-fra-eddf8230068-FRA
X-NFL-Dma
276003
last-modified
Mon, 15 May 2023 16:44:18 GMT
server
envoy
X-Timer
S1684872885.980877,VS0,VE2
etag
"1d9874c7dae9e23"
Vary
Accept-Encoding,X-NFL-Geo,Origin
content-type
application/javascript
access-control-allow-origin
*
Cache-Control
public, max-age=5
Accept-Ranges
bytes
X-Cache-Hits
0, 1
LAC
static.www.nfl.com/t_q-best/league/api/clubs/logos/
2 KB
2 KB
Image
General
Full URL
https://static.www.nfl.com/t_q-best/league/api/clubs/logos/LAC
Requested by
Host: www.therams.com
URL: https://www.therams.com/schedule/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
37fea85cfef13b0d55bf066260eb7f48a6101970d8eb86c9696f23ebaffa1c52
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Tue, 23 May 2023 20:14:45 GMT
Via
1.1 varnish, 1.1 varnish
Age
4192118
X-Cache
HIT, HIT
Content-Disposition
attachment; filename="LAC"
Connection
keep-alive
Server-Timing
cld-fastly;mitm=f;dur=78;cpu=0;start=2023-04-05T07:46:06.167Z;desc=miss,rtt;dur=0,cloudinary;dur=73;start=2023-04-05T07:46:06.168Z
Content-Length
1041
X-Served-By
cache-iad-kiad7000160-IAD, cache-fra-eddf8230072-FRA
Last-Modified
Tue, 27 Oct 2020 18:22:09 GMT
Server
Cloudinary
X-Timer
S1684872885.003306,VS0,VE1
Etag
W/"c35c63d2b0f344f428310ecb37a3d2eb"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
Cache-Control
public, no-transform, immutable, max-age=31557600,no-cache
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Cache-Hits
43484, 1
md5.js
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/vendor/md5/
4 KB
2 KB
Script
General
Full URL
https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/vendor/md5/md5.js
Requested by
Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
eec3e00ec5297b3e3a9fdfda04e1eb3495b871c01db06e469146a731fd726f98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/schedule/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
Date
Tue, 23 May 2023 20:14:45 GMT
Via
1.1 varnish, 1.1 varnish
Age
75092
origin-site
LA3
X-Cache
HIT, HIT
x-envoy-upstream-service-time
2
Connection
keep-alive
X-NFL-Geo
country_code=DE
Content-Length
1714
x-xss-protection
1; mode=block
service-worker-allowed
/
X-Served-By
cache-bur-kbur8200076-BUR, cache-fra-eddf8230068-FRA
X-NFL-Dma
276003
last-modified
Mon, 15 May 2023 16:44:18 GMT
server
envoy
X-Timer
S1684872885.003657,VS0,VE1
etag
"1d9874c7dae9226"
Vary
Accept-Encoding,X-NFL-Geo,Origin
content-type
application/javascript
access-control-allow-origin
*
Cache-Control
public, max-age=5
Accept-Ranges
bytes
X-Cache-Hits
1, 1
dropdownNative.js
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/
894 B
1 KB
Script
General
Full URL
https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/dropdownNative.js
Requested by
Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
e8bc22931893b2046382a9a4d7edb1591fa4d5fd49ad288891bd14b39448f958
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/schedule/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
Date
Tue, 23 May 2023 20:14:45 GMT
Via
1.1 varnish, 1.1 varnish
Age
701729
origin-site
LV1
X-Cache
MISS, HIT
x-envoy-upstream-service-time
2
Connection
keep-alive
X-NFL-Geo
country_code=DE
Content-Length
559
x-xss-protection
1; mode=block
service-worker-allowed
/
X-Served-By
cache-bur-kbur8200174-BUR, cache-fra-eddf8230068-FRA
X-NFL-Dma
276003
last-modified
Mon, 15 May 2023 16:44:18 GMT
server
envoy
X-Timer
S1684872885.026300,VS0,VE2
etag
"1d9874c7dae9e7e"
Vary
Accept-Encoding,X-NFL-Geo,Origin
content-type
application/javascript
access-control-allow-origin
*
Cache-Control
public, max-age=5
Accept-Ranges
bytes
X-Cache-Hits
0, 1
smoothScroller.js
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/
2 KB
2 KB
Script
General
Full URL
https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/smoothScroller.js
Requested by
Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
6eeb370855e4f16067a57797064c296fe2ec6bf7eadb9e49db1df31d712339ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/schedule/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
Date
Tue, 23 May 2023 20:14:45 GMT
Via
1.1 varnish, 1.1 varnish
Age
702901
origin-site
LV1
X-Cache
MISS, HIT
x-envoy-upstream-service-time
6
Connection
keep-alive
X-NFL-Geo
country_code=DE
Content-Length
742
x-xss-protection
1; mode=block
service-worker-allowed
/
X-Served-By
cache-bur-kbur8200020-BUR, cache-fra-eddf8230136-FRA
X-NFL-Dma
276003
last-modified
Mon, 15 May 2023 16:44:18 GMT
server
envoy
X-Timer
S1684872885.026841,VS0,VE1
etag
"1d9874c7dae9b17"
Vary
Accept-Encoding,X-NFL-Geo,Origin
content-type
application/javascript
access-control-allow-origin
*
Cache-Control
public, max-age=5
Accept-Ranges
bytes
X-Cache-Hits
0, 1
jquery.autocomplete.min.js
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/vendor/autocomplete/
13 KB
6 KB
Script
General
Full URL
https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/vendor/autocomplete/jquery.autocomplete.min.js
Requested by
Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
83b8975d97ad572af9b9c7bf861913699ac5d14f1ad14521e0ef5c451b71ac55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/schedule/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
Date
Tue, 23 May 2023 20:14:45 GMT
Via
1.1 varnish, 1.1 varnish
Age
702775
origin-site
LA3
X-Cache
MISS, HIT
x-envoy-upstream-service-time
2
Connection
keep-alive
X-NFL-Geo
country_code=DE
Content-Length
4972
x-xss-protection
1; mode=block
service-worker-allowed
/
X-Served-By
cache-bur-kbur8200056-BUR, cache-fra-eddf8230074-FRA
X-NFL-Dma
276003
last-modified
Mon, 15 May 2023 16:44:18 GMT
server
envoy
X-Timer
S1684872885.027120,VS0,VE15
etag
"1d9874c7daeaf9b"
Vary
Accept-Encoding,X-NFL-Geo,Origin
content-type
application/javascript
access-control-allow-origin
*
Cache-Control
public, max-age=5
Accept-Ranges
bytes
X-Cache-Hits
0, 1
sdk.config.get
auth-id.nfl.com/
5 KB
2 KB
Fetch
General
Full URL
https://auth-id.nfl.com/sdk.config.get?apiKey=4_9uJbeFZZVmtKTfSv1bjUVQ&httpStatusCodes=true
Requested by
Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.83.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-83-110.iad55.r.cloudfront.net
Software
/
Resource Hash
47adb1be0669d98db3ba38103f9a0b125f9444a5704bdb9135ecd20eb5620b10

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 20:13:16 GMT
content-encoding
gzip
via
1.1 035e691ec6c773baa108d5dd3cdf6b28.cloudfront.net (CloudFront)
x-soa
true, Gator
x-amz-cf-pop
IAD55-P3
age
89
edge-cache-tag
siteid_748934946734
p3p
CP="IDC COR PSA DEV ADM OUR IND ONL"
edge-control
!no-store,max-age=1h
x-cache
Hit from cloudfront
x-error-code
0
content-length
2002
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-callid
72e37c4017a542419f7621f3eb53bba6
cache-control
public, s-maxage=120, max-age=60
x-server
us1d-nomad-t14
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
okOkb3hq-gwbKw1Ck-fyeqdDuLtV4ZLux4VfA2BaaIc2kTs_l-edHQ==
clipboard.min.js
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/vendor/clipboard/
11 KB
4 KB
Script
General
Full URL
https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/vendor/clipboard/clipboard.min.js
Requested by
Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
0da7fc1ae23678b2872653962d147fcd1cbd0a5a9c8f84d44ae99bc581fd9062
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/schedule/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
Date
Tue, 23 May 2023 20:14:45 GMT
Via
1.1 varnish, 1.1 varnish
Age
636483
origin-site
LV1
X-Cache
HIT, HIT
x-envoy-upstream-service-time
4
Connection
keep-alive
X-NFL-Geo
country_code=DE
Content-Length
3790
x-xss-protection
1; mode=block
service-worker-allowed
/
X-Served-By
cache-bur-kbur8200054-BUR, cache-fra-eddf8230074-FRA
X-NFL-Dma
276003
last-modified
Mon, 15 May 2023 16:44:18 GMT
server
envoy
X-Timer
S1684872885.060202,VS0,VE4
etag
"1d9874c7daeb7a5"
Vary
Accept-Encoding,X-NFL-Geo,Origin
content-type
application/javascript
access-control-allow-origin
*
Cache-Control
public, max-age=5
Accept-Ranges
bytes
X-Cache-Hits
1, 1
view
securepubads.g.doubleclick.net/pcs/ Frame BA67
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvDAcQh_MT3rKArLsW0F5dH1kRcHhhNbKCUURerif-LAk6pt7J1g4GL7rGtzRqFqDjEz6fMtNHq3Ybw4phFI6Annd62IN2K5HT9a1Sjb89_kvHcgJesaDxS4_KYoEoc5GhYIwQ65OoRQoaleL4io9nS7N2EWLbPHZk7XTC3Lcxf0idOJ2zwZRhux-e6lgjVeh-Wl9KMv2lTEYuasNxdADd3nY3q8hyvAp5v0eACZ10U3fOd6rRS5T4IFOwFLLC3wcwK2QG-anku-EA95Kt8ok7kiiRzfoM4RheRVtvcKHl5Vf1qRqTxmpyqBei98NocPV5sy3ViqQ&sai=AMfl-YSBSTf-5FI-63has8zq83f_-9QhvP7RVS_iIaJKV5oRHpkIncYFBjaZ8-hjXLTR_MjfSaYdnxgMpSMCJ2bo6NtzuLq8-a6SrdIuL29EXGuTX3kFH2Xf5yXSISjhyHPJ8-6qs0_E2UgGlsRC6D5v&sig=Cg0ArKJSzCuNhM5jRbwHEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 20:14:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 23 May 2023 20:14:45 GMT
jload
pixel.adsafeprotected.com/ Frame 9D28
47 KB
13 KB
Script
General
Full URL
https://pixel.adsafeprotected.com/jload?anId=929781&campId=100x30&pubId=30702453&chanId=182654973&placementId=5362858293&pubCreative=138310656510&pubOrder=2691141984&cb=865396118&adsafe_par&impId=&custom=logo&custom2=schedule&custom3=
Requested by
Host: www.therams.com
URL: https://www.therams.com/schedule/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.36.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-36-112.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6692a6ffe0a5ac028579a19ff69865d0a9f3bfb743dd262870c0a27fabff56df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 May 2023 20:14:45 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
ibs:dpid=134096&dpuuid=2023052320144500011943829943
dpm.demdex.net/ Frame 57C1
Redirect Chain
  • https://x.dlx.addthis.com/e/demdex_sync?na_exid=64200240131507681293472648398654314580&ru=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%3Cna_id%3E%20
  • https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2023052320144500011943829943
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2023052320144500011943829943
Protocol
HTTP/1.1
Server
52.49.215.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-215-81.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v048-0ec12bf84.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
8I5Ipk8iSiI=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2023052320144500011943829943
pragma
no-cache
date
Tue, 23 May 2023 20:14:45 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
0
expires
Tue, 23 May 2023 20:14:45 GMT
deferredService.js
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/services/
751 B
1 KB
Script
General
Full URL
https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/services/deferredService.js
Requested by
Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
2d347443d3ac1363e31281915b1a5a239c9905bfdbabb7f897dbb07ef981d71b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/schedule/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
Date
Tue, 23 May 2023 20:14:45 GMT
Via
1.1 varnish, 1.1 varnish
Age
702900
origin-site
LV1
X-Cache
MISS, HIT
x-envoy-upstream-service-time
3
Connection
keep-alive
X-NFL-Geo
country_code=DE
Content-Length
402
x-xss-protection
1; mode=block
service-worker-allowed
/
X-Served-By
cache-bur-kbur8200100-BUR, cache-fra-eddf8230074-FRA
X-NFL-Dma
276003
last-modified
Mon, 15 May 2023 16:44:18 GMT
server
envoy
X-Timer
S1684872885.098953,VS0,VE1
etag
"1d9874c7dae9fef"
Vary
Accept-Encoding,X-NFL-Geo,Origin
content-type
application/javascript
access-control-allow-origin
*
Cache-Control
public, max-age=5
Accept-Ranges
bytes
X-Cache-Hits
0, 1
stringHelper.js
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/helpers/
586 B
1 KB
Script
General
Full URL
https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/helpers/stringHelper.js
Requested by
Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
788ab74adefb14b2710f86b1de56bc0040c935d09e5ba8a1825ca6d3c15dc8a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/schedule/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
Date
Tue, 23 May 2023 20:14:45 GMT
Via
1.1 varnish, 1.1 varnish
Age
49114
origin-site
LV1
X-Cache
HIT, HIT
x-envoy-upstream-service-time
1
Connection
keep-alive
X-NFL-Geo
country_code=DE
Content-Length
392
x-xss-protection
1; mode=block
service-worker-allowed
/
X-Served-By
cache-bur-kbur8200084-BUR, cache-fra-eddf8230068-FRA
X-NFL-Dma
276003
last-modified
Mon, 15 May 2023 16:44:18 GMT
server
envoy
X-Timer
S1684872885.099296,VS0,VE1
etag
"1d9874c7dae9f4a"
Vary
Accept-Encoding,X-NFL-Geo,Origin
content-type
application/javascript
access-control-allow-origin
*
Cache-Control
public, max-age=5
Accept-Ranges
bytes
X-Cache-Hits
2, 1
dateHelper.js
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/helpers/
287 B
1004 B
Script
General
Full URL
https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/helpers/dateHelper.js
Requested by
Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
7fe19ed9f52e04a6932f63b7de463fd9c8593b2ddbcbd4469fe0db31a0fabf30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/schedule/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
Date
Tue, 23 May 2023 20:14:45 GMT
Via
1.1 varnish, 1.1 varnish
Age
702900
origin-site
LA3
X-Cache
MISS, HIT
x-envoy-upstream-service-time
3
Connection
keep-alive
X-NFL-Geo
country_code=DE
Content-Length
202
x-xss-protection
1; mode=block
service-worker-allowed
/
X-Served-By
cache-bur-kbur8200143-BUR, cache-fra-eddf8230136-FRA
X-NFL-Dma
276003
last-modified
Mon, 15 May 2023 16:44:18 GMT
server
envoy
X-Timer
S1684872885.099363,VS0,VE1
etag
"1d9874c7dae9c1f"
Vary
Accept-Encoding,X-NFL-Geo,Origin
content-type
application/javascript
access-control-allow-origin
*
Cache-Control
public, max-age=5
Accept-Ranges
bytes
X-Cache-Hits
0, 1
objectHelper.js
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/helpers/
395 B
1 KB
Script
General
Full URL
https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/modules/helpers/objectHelper.js
Requested by
Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
ab2e2395cef5812ed20caae0b0a178b1edace5036be869f62709efbfbee0580f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/schedule/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
Date
Tue, 23 May 2023 20:14:45 GMT
Via
1.1 varnish, 1.1 varnish
Age
702899
origin-site
LA3
X-Cache
HIT, HIT
x-envoy-upstream-service-time
4
Connection
keep-alive
X-NFL-Geo
country_code=DE
Content-Length
262
x-xss-protection
1; mode=block
service-worker-allowed
/
X-Served-By
cache-bur-kbur8200088-BUR, cache-fra-eddf8230131-FRA
X-NFL-Dma
276003
last-modified
Mon, 15 May 2023 16:44:18 GMT
server
envoy
X-Timer
S1684872885.099510,VS0,VE1
etag
"1d9874c7dae9c8b"
Vary
Accept-Encoding,X-NFL-Geo,Origin
content-type
application/javascript
access-control-allow-origin
*
Cache-Control
public, max-age=5
Accept-Ranges
bytes
X-Cache-Hits
3, 1
smooth-scroll.polyfills.min.js
www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/vendor/smooth-scroll/
6 KB
4 KB
Script
General
Full URL
https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/vendor/smooth-scroll/smooth-scroll.polyfills.min.js
Requested by
Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
bb6c08579f871753ec3d3bcd1e49757fa8342e136fd5a485b871a4068bc32623
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/schedule/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
Date
Tue, 23 May 2023 20:14:45 GMT
Via
1.1 varnish, 1.1 varnish
Age
702900
origin-site
LV1
X-Cache
MISS, HIT
x-envoy-upstream-service-time
3
Connection
keep-alive
X-NFL-Geo
country_code=DE
Content-Length
2828
x-xss-protection
1; mode=block
service-worker-allowed
/
X-Served-By
cache-bur-kbur8200063-BUR, cache-fra-eddf8230136-FRA
X-NFL-Dma
276003
last-modified
Mon, 15 May 2023 16:44:18 GMT
server
envoy
X-Timer
S1684872885.109885,VS0,VE1
etag
"1d9874c7dae8472"
Vary
Accept-Encoding,X-NFL-Geo,Origin
content-type
application/javascript
access-control-allow-origin
*
Cache-Control
public, max-age=5
Accept-Ranges
bytes
X-Cache-Hits
0, 1
view
securepubads.g.doubleclick.net/pcs/ Frame 3D0E
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss44AVcXY4S4HxnzqhyddxVS264rJt9uDp_YG8zQVx53iqoxMf4fPpiWoTtpzfz8asKwne3oQROfvLVyfzSqoqHS5g1UAQNnl_DSyxKXIsJv5c4YrwDL15bzqkJGYap6JYtiZ54RHU3KqmRGrdOjV9lyTbmpI9DYG8R-ieXlYoTDXePAoUDlFUQg-6--2gfDEBItyp95r8puNAJRAhGE8NfAFoVKxxNw2MRt955_2dm21KSPuLWP7HeHUeSzuwb_CZeRMTuNo5VKjYbgNHr6q2IwXJ5tWlM5-irFc10P87VisTxSBneEG9io878EPKzfYx8yafyaQ&sai=AMfl-YSC1MSxxeKO_0RVMq_zytnRw4BOKP2UUo-WSBlYo4MviH9KrS0FYAcTSvIhKXH18e-aALDQhDmJl2_TCeb9GVTfDIDqbeIXaGLP8ijEcG-0BWnyS24bip6VPZvYXySrafy_bI1qD1PG1Tn7eId5&sig=Cg0ArKJSzChxcSyMX9xjEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 20:14:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 23 May 2023 20:14:45 GMT
jload
pixel.adsafeprotected.com/ Frame 0FB1
47 KB
13 KB
Script
General
Full URL
https://pixel.adsafeprotected.com/jload?anId=929781&campId=728x90&pubId=5226435748&chanId=182654973&placementId=6287660768&pubCreative=138431504884&pubOrder=3193859903&cb=775113353&adsafe_par&impId=&custom=bottom&custom2=schedule&custom3=
Requested by
Host: www.therams.com
URL: https://www.therams.com/schedule/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.36.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-36-112.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
39f65b2c21e77841920e7b26b5db6b0ab85db163c342a65ffc0df8922d6b4db5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 May 2023 20:14:45 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
w5l0jldl8st1fptifcyr.jpg
static.clubs.nfl.com/image/upload/v1683820199/rams/
331 KB
331 KB
Image
General
Full URL
https://static.clubs.nfl.com/image/upload/v1683820199/rams/w5l0jldl8st1fptifcyr.jpg
Requested by
Host: www.therams.com
URL: https://www.therams.com/schedule/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
1492c17d9b641b3e9026659fe3ebff0a5e5f27319d91b66cf49dac37066ecada

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Tue, 23 May 2023 20:14:45 GMT
Via
1.1 varnish, 1.1 varnish, 1.1 varnish
Age
1024294
Edge-Cache-Tag
565647521439268793942587637920995210964,c34f21cfe162ce329654d565922e8c70
Cache-Tag
565647521439268793942587637920995210964,c34f21cfe162ce329654d565922e8c70
X-Cache
MISS, HIT, HIT
Connection
keep-alive
Content-Length
338540
X-Served-By
cache-iad-kiad7000148-IAD, cache-iad-kiad7000109-IAD, cache-fra-eddf8230084-FRA
Last-Modified
Thu, 11 May 2023 15:50:00 GMT
Server
cloudinary
X-Timer
S1684872885.142024,VS0,VE2
Etag
"0a6655caf808574124af9c28b734d46f"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31557600
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
0, 8356, 1
analytics.php
rams.formstack.com/forms/
0
322 B
Script
General
Full URL
https://rams.formstack.com/forms/analytics.php?f=3703620&a=fv&m=embedded
Requested by
Host: static.formstack.com
URL: https://static.formstack.com/forms/js/3/analytics_7d49daa365.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.132.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-132-103.iad50.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 20:14:45 GMT
via
1.1 1717f995f2ca7c5df4d0a972f90c1564.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubDomains
server
nginx
x-amz-cf-pop
IAD50-C2
x-frame-options
sameorigin
x-cache
Miss from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public
x-amz-cf-id
uNAy-ikL25hAE0OBZ4HdJdIOtc144gVoTX5Y0X62UVePwgPOFrK0LA==
analytics.js
www.google-analytics.com/
51 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: static.formstack.com
URL: https://static.formstack.com/forms/js/3/plugins/googleanalytics_c118a241fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 23 May 2023 19:04:54 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
4191
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Tue, 23 May 2023 21:04:54 GMT
fsa.js
rams.formstack.com/js/
54 KB
14 KB
Script
General
Full URL
https://rams.formstack.com/js/fsa.js
Requested by
Host: static.formstack.com
URL: https://static.formstack.com/forms/js/3/scripts_0edcde2e8b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.132.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-132-103.iad50.r.cloudfront.net
Software
nginx /
Resource Hash
179478bddb718a61355c3f83b9fc32dcb9c22ed470b3c63080475ab78ed9da15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 13:58:25 GMT
content-encoding
gzip
via
1.1 1717f995f2ca7c5df4d0a972f90c1564.cloudfront.net (CloudFront)
last-modified
Mon, 22 May 2023 16:07:29 GMT
server
nginx
x-amz-cf-pop
IAD50-C2
age
22580
etag
W/"646b9341-d8a9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, s-maxage=86400
x-amz-cf-id
5AIM2L-nFds0_H8pVVtEP9Z0LHpgdEfdmSUsxoUV-3_xADXyZm65Nw==
calendar.png
rams.formstack.com/forms/images/2/
529 B
866 B
Image
General
Full URL
https://rams.formstack.com/forms/images/2/calendar.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.132.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-132-103.iad50.r.cloudfront.net
Software
nginx /
Resource Hash
7cc54e74e6dbf5322743ddbf9d3eff9fc6a8015015eab90b7b4532c4e715b390

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 12:40:40 GMT
via
1.1 1717f995f2ca7c5df4d0a972f90c1564.cloudfront.net (CloudFront)
last-modified
Mon, 22 May 2023 16:07:27 GMT
server
nginx
x-amz-cf-pop
IAD50-C2
age
27245
etag
"646b933f-211"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, s-maxage=86400
accept-ranges
bytes
content-length
529
x-amz-cf-id
8bBinKi7ulheDMA9JqG743Md4enWkAotspp28Dvcs5O-DdZHVl7OdQ==
sodar
pagead2.googlesyndication.com/getconfig/
15 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305180101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305180101/pubads_impl.js?cb=31074815
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5276394b2ab219cc6aeee203359779930ad8022f44e6ecdd38dcf9f620dd0fcd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 20:14:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11264
x-xss-protection
0
LA
static.www.nfl.com/t_q-best/league/api/clubs/logos/
8 KB
4 KB
Image
General
Full URL
https://static.www.nfl.com/t_q-best/league/api/clubs/logos/LA
Requested by
Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/functions/intersectionObserver.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
bcec1a47d702627a87baa373da863f22a6133d09fabad9fa9182380dd654134e
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Tue, 23 May 2023 20:14:45 GMT
Via
1.1 varnish, 1.1 varnish
Age
571007
X-Cache
HIT, HIT
Content-Disposition
attachment; filename="LA"
Connection
keep-alive
Server-Timing
cld-fastly;mitm=f;dur=134;cpu=0;start=2023-05-17T05:37:57.862Z;desc=miss,rtt;dur=0,cloudinary;dur=129;start=2023-05-17T05:37:57.862Z
Content-Length
3390
X-Served-By
cache-iad-kcgs7200127-IAD, cache-fra-eddf8230072-FRA
Last-Modified
Tue, 27 Oct 2020 18:38:40 GMT
Server
Cloudinary
X-Timer
S1684872885.197242,VS0,VE0
Etag
W/"f3c7a18a8a089614f6d239bc13034f14"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
Cache-Control
public, no-transform, immutable, max-age=31557600,no-cache
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Cache-Hits
5711, 2
x4bfi8idjpvcb0pwctto
static.clubs.nfl.com/image/private/f_auto/rams/
41 KB
42 KB
Image
General
Full URL
https://static.clubs.nfl.com/image/private/f_auto/rams/x4bfi8idjpvcb0pwctto
Requested by
Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/functions/intersectionObserver.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
3d73b5f59d6f4925cfdee376ad7738ec527111ae462a4ec9598b0e35beacccd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Tue, 23 May 2023 20:14:45 GMT
Via
1.1 varnish, 1.1 varnish, 1.1 varnish
Age
1026003
Edge-Cache-Tag
550201907655763978091652480802525651315,427243639673637129188351318415228242347,c34f21cfe162ce329654d565922e8c70
Cache-Tag
550201907655763978091652480802525651315,427243639673637129188351318415228242347,c34f21cfe162ce329654d565922e8c70
Status
200 OK
X-Cache
MISS, HIT, HIT
Content-Disposition
inline; filename="x4bfi8idjpvcb0pwctto.webp"
Connection
keep-alive
Content-Length
42082
X-Request-Id
9adcd01473aecf151b94d49eaefdee55
X-Served-By
cache-iad-kcgs7200150-IAD, cache-iad-kjyo7100100-IAD, cache-fra-eddf8230084-FRA
Last-Modified
Thu, 11 May 2023 23:14:43 GMT
Server
cloudinary
X-Timer
S1684872885.197795,VS0,VE1
Etag
"0368e7a16ec7c581b8e5097b6021c567"
Vary
X-NFL-Image-Support
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31557600
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
0, 2430, 1
o83urxdquppaniilfg3g
static.clubs.nfl.com/image/private/f_auto/rams/
32 KB
33 KB
Image
General
Full URL
https://static.clubs.nfl.com/image/private/f_auto/rams/o83urxdquppaniilfg3g
Requested by
Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/functions/intersectionObserver.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
1e1de3e64b75a760b1fb4593b869ad888230f8b2daae2b418b017d206135a6e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Tue, 23 May 2023 20:14:45 GMT
Via
1.1 varnish, 1.1 varnish, 1.1 varnish
Age
1293894
Edge-Cache-Tag
430180814662264295397231375559549420306,427243639673637129188351318415228242347,c34f21cfe162ce329654d565922e8c70
Cache-Tag
430180814662264295397231375559549420306,427243639673637129188351318415228242347,c34f21cfe162ce329654d565922e8c70
X-Cache
MISS, HIT, HIT
Content-Disposition
inline; filename="o83urxdquppaniilfg3g.webp"
Connection
keep-alive
Content-Length
32856
X-Served-By
cache-iad-kiad7000120-IAD, cache-iad-kjyo7100163-IAD, cache-fra-eddf8230045-FRA
Last-Modified
Mon, 01 May 2023 23:58:58 GMT
Server
cloudinary
X-Timer
S1684872885.197735,VS0,VE1
Etag
"b43d835d75cc70cfee848a80ae6eca8d"
Vary
X-NFL-Image-Support
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31557600
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
0, 78, 1
LAC
static.www.nfl.com/t_q-best/league/api/clubs/logos/
2 KB
2 KB
Image
General
Full URL
https://static.www.nfl.com/t_q-best/league/api/clubs/logos/LAC
Requested by
Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/866a0e85b96aaf8c2f889d57e4e445a8/functions/intersectionObserver.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
37fea85cfef13b0d55bf066260eb7f48a6101970d8eb86c9696f23ebaffa1c52
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Tue, 23 May 2023 20:14:45 GMT
Via
1.1 varnish, 1.1 varnish
Age
4192118
X-Cache
HIT, HIT
Content-Disposition
attachment; filename="LAC"
Connection
keep-alive
Server-Timing
cld-fastly;mitm=f;dur=78;cpu=0;start=2023-04-05T07:46:06.167Z;desc=miss,rtt;dur=0,cloudinary;dur=73;start=2023-04-05T07:46:06.168Z
Content-Length
1041
X-Served-By
cache-iad-kiad7000160-IAD, cache-fra-eddf8230072-FRA
Last-Modified
Tue, 27 Oct 2020 18:22:09 GMT
Server
Cloudinary
X-Timer
S1684872885.204848,VS0,VE0
Etag
W/"c35c63d2b0f344f428310ecb37a3d2eb"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
Cache-Control
public, no-transform, immutable, max-age=31557600,no-cache
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Cache-Hits
43484, 2
/
adb2waycm-atl.netmng.com/cm/ Frame 57C1
0
0

main.19.8.411.js
static.adsafeprotected.com/ Frame 0FB1
202 KB
63 KB
Script
General
Full URL
https://static.adsafeprotected.com/main.19.8.411.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=929781&campId=728x90&pubId=5226435748&chanId=182654973&placementId=6287660768&pubCreative=138431504884&pubOrder=3193859903&cb=775113353&adsafe_par&impId=&custom=bottom&custom2=schedule&custom3=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:9000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6549333829c184ad798ef63121bdae7af134db23f02f95f04b786bfcbe915c28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 09 May 2023 14:42:33 GMT
x-amz-version-id
VSvIdS_ZoKv.KP06_jGcx3TdJOJ7jNTw
content-encoding
gzip
via
1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
1229533
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 08 May 2023 20:43:27 GMT
server
AmazonS3
etag
W/"a39db77f2b09751cf3516d6055fd0496"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
OmtNSMiFXaa34wLH9dk_famCm5UAAD_SDowQNyBFOZKPZQo327Rh2Q==
main.19.8.411.js
static.adsafeprotected.com/ Frame 9D28
202 KB
63 KB
Script
General
Full URL
https://static.adsafeprotected.com/main.19.8.411.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=929781&campId=100x30&pubId=30702453&chanId=182654973&placementId=5362858293&pubCreative=138310656510&pubOrder=2691141984&cb=865396118&adsafe_par&impId=&custom=logo&custom2=schedule&custom3=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:9000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6549333829c184ad798ef63121bdae7af134db23f02f95f04b786bfcbe915c28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 09 May 2023 14:42:33 GMT
x-amz-version-id
VSvIdS_ZoKv.KP06_jGcx3TdJOJ7jNTw
content-encoding
gzip
via
1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
1229533
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 08 May 2023 20:43:27 GMT
server
AmazonS3
etag
W/"a39db77f2b09751cf3516d6055fd0496"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
7QkIbwCew-oDxJJedMSKtQJPC5aX6hmx10CzwLrCyAMc0K99tQ1uuQ==
ibs:dpid=771&dpuuid=CAESEESjrqVI3IDE82WGrvo9bps&google_cver=1
dpm.demdex.net/ Frame 57C1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NjQyMDAyNDAxMzE1MDc2ODEyOTM0NzI2NDgzOTg2NTQzMTQ1ODA=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEESjrqVI3IDE82WGrvo9bps&google_cver=1?gdpr=0&gdpr_consent=
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEESjrqVI3IDE82WGrvo9bps&google_cver=1?gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
52.49.215.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-215-81.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v048-0f7ff0385.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
3L1FD9lgQX4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Tue, 23 May 2023 20:14:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEESjrqVI3IDE82WGrvo9bps&google_cver=1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sca.17.6.2.js
static.adsafeprotected.com/ Frame 561B
91 KB
23 KB
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.therams.com
URL: https://www.therams.com/schedule/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:9000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
21098309
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
gvh8hI-g7NmLM6PAm33RK134Mt1ViW9dXX90yAp6MzP6nmgB0AKbPA==
mon
pixel.adsafeprotected.com/
43 B
216 B
Image
General
Full URL
https://pixel.adsafeprotected.com/mon?anId=929781&campId=728x90&pubId=5226435748&chanId=182654973&placementId=6287660768&pubCreative=138431504884&pubOrder=3193859903&cb=775113353&adsafe_par&impId=&custom=bottom&custom2=schedule&custom3=&adsafe_url=https%3A%2F%2Fwww.therams.com%2Fschedule%2F&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.therams.com%2F&adsafe_type=f&adsafe_jsinfo=,id:dffb0e7d-dba0-cee4-a2c0-aebd037605f6,c:dtes8P,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-5cf46fd95f-g6sjs,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:436.9734.728.90,am:i,cc:436.9734.728.90,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:79,mot:0,app:0,maw:0,fm:tF74V6B+11%7C12%7C13%7C141%7C15*.929781%7C151,idMap:15*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:103,oid:75a2bc03-f9a6-11ed-947b-223e88b92099,v:19.8.411,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.36.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-36-112.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 May 2023 20:14:45 GMT
server
nginx
x-server-name
app15.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sca.17.6.2.js
static.adsafeprotected.com/ Frame 4E2D
91 KB
23 KB
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.therams.com
URL: https://www.therams.com/schedule/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:9000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
21098309
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
NndZ5I2akCGOHkyY6kg3JWTiexIYOrMN-cSxUE39upMy-1giUMHZXQ==
mon
pixel.adsafeprotected.com/
43 B
216 B
Image
General
Full URL
https://pixel.adsafeprotected.com/mon?anId=929781&campId=100x30&pubId=30702453&chanId=182654973&placementId=5362858293&pubCreative=138310656510&pubOrder=2691141984&cb=865396118&adsafe_par&impId=&custom=logo&custom2=schedule&custom3=&adsafe_url=https%3A%2F%2Fwww.therams.com%2Fschedule%2F&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.therams.com%2F&adsafe_type=f&adsafe_jsinfo=,id:75e466df-b0f2-d806-ef62-a2729e531441,c:dtes9k,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-5cf46fd95f-84jz7,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:1324.717.100.30,am:i,cc:1324.717.100.30,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:123,mot:0,app:0,maw:0,fm:tF74V6F+11%7C12%7C13%7C14*.929781%7C141%7C151%7C152,idMap:14*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:129,oid:75a2bcae-f9a6-11ed-80be-2a066c6a54f1,v:19.8.411,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.36.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-36-112.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 May 2023 20:14:45 GMT
server
nginx
x-server-name
app07.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
collect
www.google-analytics.com/j/
4 B
147 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1966049212&t=pageview&ni=1&_s=1&dl=https%3A%2F%2Fwww.therams.com%2Fschedule%2F&ul=en-us&de=UTF-8&dt=Rams%20Schedule%20%7C%20Los%20Angeles%20Rams%20-%20therams.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABCAAAACAAI~&jid=2139771882&gjid=1342273510&cid=1256100219.1684872885&tid=UA-122484269-1&_gid=1544759918.1684872885&_r=1&_slc=1&z=1094625023
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.therams.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 May 2023 20:14:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.therams.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
193 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=1966049212&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.therams.com%2Fschedule%2F&ul=en-us&de=UTF-8&dt=Rams%20Schedule%20%7C%20Los%20Angeles%20Rams%20-%20therams.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Formstack%20Form%203703620&ea=view&el=form%20view&_u=IAhAAEABCAAAACAAI~&jid=&gjid=&cid=1256100219.1684872885&tid=UA-122484269-1&_gid=1544759918.1684872885&z=1306169402
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 May 2023 18:21:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
6787
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305180101/pubads_impl.js?cb=31074815
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 20:14:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 23 May 2023 20:14:45 GMT
dt
dt.adsafeprotected.com/
43 B
216 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=929781&asId=dffb0e7d-dba0-cee4-a2c0-aebd037605f6&tv=%7Bc:dtes9F,pingTime:-2,time:154,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:101,beZ:102,mfA:180,cmA:181,inA:181,inZ:185,prA:186,prZ:196,si:203,poA:204,poZ:220,cmZ:220,mfZ:220,loA:224,loZ:227,ltA:254,ltZ:254,mdA:102,mdZ:151%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:728,h:90,t:102%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:154,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:102,wc:0.0.1600.1200,ac:436.9734.728.90,am:i,cc:436.9734.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B73~0%5D,as:%5B73~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tF74V6B+11%7C12%7C13%7C141%7C15*.929781%7C151,idMap:15*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:IMG.qs,siq:103,slid:%5Bgoogle_ads_iframe_/4595/team.la/schedule_4,google_ads_iframe_/4595/team.la/schedule_4__container__,adv_club,main-content%5D,sinceFw:51,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:68f0:a33:9e57:b3d0 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 May 2023 20:14:45 GMT
server
nginx
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=929781&asId=75e466df-b0f2-d806-ef62-a2729e531441&tv=%7Bc:dtes9H,pingTime:0,time:152,type:pf,im:%7BpBlk:135%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:100,h:30,t:129%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:152,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:129,wc:0.0.1600.1200,ac:1324.717.100.30,am:i,cc:1324.717.100.30,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B28~100%5D,as:%5B28~100.30%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tF74V6F+11%7C12%7C13%7C14*.929781%7C141%7C151%7C152,idMap:14*,rmeas:1,rend:1,renddet:IMG.qs,siq:129%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:68f0:a33:9e57:b3d0 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 May 2023 20:14:45 GMT
server
nginx
x-server-name
dt15.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=929781&asId=75e466df-b0f2-d806-ef62-a2729e531441&tv=%7Bc:dtes9M,pingTime:-2,time:157,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:144,beZ:145,mfA:268,cmA:268,inA:268,inZ:269,prA:269,prZ:271,si:273,poA:273,bl:279,poZ:279,cmZ:279,mfZ:279,loA:298,loZ:299,ltA:301,ltZ:301,mdA:145,mdZ:196%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:100,h:30,t:129%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:157,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:129,wc:0.0.1600.1200,ac:1324.717.100.30,am:i,cc:1324.717.100.30,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B33~100%5D,as:%5B33~100.30%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tF74V6F+11%7C12%7C13%7C14*.929781%7C141%7C151%7C152,idMap:14*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:IMG.qs,siq:129,slid:%5Bgoogle_ads_iframe_/4595/team.la/schedule_2,google_ads_iframe_/4595/team.la/schedule_2__container__,6d7098a7-4ae1-4e5c-806a-be476bbb8c35,main-content%5D,sinceFw:28,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:68f0:a33:9e57:b3d0 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 May 2023 20:14:45 GMT
server
nginx
x-server-name
dt02.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
adsct
analytics.twitter.com/i/ Frame 57C1
43 B
394 B
Image
General
Full URL
https://analytics.twitter.com/i/adsct?p_user_id=64200240131507681293472648398654314580&p_id=38594
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-response-time
103
date
Tue, 23 May 2023 20:14:45 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
93a3f2e3c5229068
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
1cca46d9f119866be630bef074ebe72948915bbbe5ae39ce2a5898b942b25e05
content-length
43
collect
stats.g.doubleclick.net/j/
4 B
349 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-122484269-1&cid=1256100219.1684872885&jid=2139771882&gjid=1342273510&_gid=1544759918.1684872885&_u=IAhAAEAACAAAACAAI~&z=65426265
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.therams.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 23 May 2023 20:14:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.therams.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=929781&asId=75e466df-b0f2-d806-ef62-a2729e531441&tv=%7Bc:dtesaD,time:210,type:e,im:%7BpWait:5%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:210,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:129,wc:0.0.1600.1200,ac:1324.717.100.30,am:i,cc:1324.717.100.30,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B86~100%5D,as:%5B86~100.30%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tF74V6F+11%7C12%7C13%7C14*.929781%7C141%7C151%7C152,idMap:14*,rmeas:1,rend:1,renddet:IMG.qs,siq:129,sis:209%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:68f0:a33:9e57:b3d0 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 May 2023 20:14:45 GMT
server
nginx
x-server-name
dt17.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C8B4
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.therams.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2076
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 23 May 2023 19:40:09 GMT
expires
Wed, 22 May 2024 19:40:09 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame D3CB
783 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f774732e9e100253eca83ea89c1cd064721d52f80072effc3a013e5ac278ba66
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-R7FmsQhsJH0w2zW8Y6K5ZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.therams.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
516
content-security-policy
script-src 'report-sample' 'nonce-R7FmsQhsJH0w2zW8Y6K5ZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 23 May 2023 20:14:45 GMT
expires
Tue, 23 May 2023 20:14:45 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ga-audiences
www.google.com/ads/
42 B
296 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-122484269-1&cid=1256100219.1684872885&jid=2139771882&_u=IAhAAEAACAAAACAAI~&z=832315607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 May 2023 20:14:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
408 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-122484269-1&cid=1256100219.1684872885&jid=2139771882&_u=IAhAAEAACAAAACAAI~&z=832315607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 May 2023 20:14:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js
pagead2.googlesyndication.com/bg/ Frame C8B4
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3c762b4ef4de2b480e630fc6f8397bcd169cbce56bc922f3d5ddc79a728c3cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 19:04:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
4245
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14579
x-xss-protection
0
last-modified
Mon, 15 May 2023 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 May 2024 19:04:00 GMT
1x1
pixel.everesttech.net/ Frame 57C1
Redirect Chain
  • https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.everesttech.net%2F1x1%3F
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WkcwZXRBQUFBSUNFZ1FPWQ&url=/1/gr%3furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F&google_gid=CAESEGoy5RFLJt12OmbZe0T9Pug&google_cver=1
  • https://pixel.everesttech.net/1x1
128 B
796 B
Image
General
Full URL
https://pixel.everesttech.net/1x1
Protocol
HTTP/1.1
Server
52.208.194.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-194-197.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Tue, 23 May 2023 20:14:45 GMT
Last-Modified
Mon, 19 Jul 2021 07:56:25 GMT
Server
Apache
ETag
"36b521-80-5c775461d9c40"
P3P
CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type
image/png
Cache-Control
no-cache, no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
128

Redirect headers

Location
https://pixel.everesttech.net/1x1
Date
Tue, 23 May 2023 20:14:45 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
1x1
pixel.everesttech.net/ Frame 57C1
Redirect Chain
  • https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072980%26val%3D__EFGSURFER__.__EFGCK__
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WkcwZXRBQUFBSUNFZ1FPWQ&url=/1/gr%3furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253...
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEG...
  • https://pixel.everesttech.net/1x1
128 B
691 B
Image
General
Full URL
https://pixel.everesttech.net/1x1
Protocol
HTTP/1.1
Server
52.208.194.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-194-197.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Tue, 23 May 2023 20:14:45 GMT
Last-Modified
Mon, 19 Jul 2021 07:56:25 GMT
Server
Apache
ETag
"36b51f-80-5c775461d9c40"
P3P
CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type
image/png
Cache-Control
no-cache, no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
128

Redirect headers

Location
https://pixel.everesttech.net/1x1
Date
Tue, 23 May 2023 20:14:45 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
sodar
pagead2.googlesyndication.com/pagead/ Frame D3CB
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305180101&jk=72258887751063&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=929781&asId=dffb0e7d-dba0-cee4-a2c0-aebd037605f6&tv=%7Bc:dteseI,pingTime:-10,time:467,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEzLjAuNTY3Mi4xMjYgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1684872885695%7C%7Cb789d0b143c7b59c7546d2211781d851%7C%7Ce680db45f58fb4c44533cfaed40b3e29%7C%7C22df30d3bd66e159a6620c524a68b0d9%7C%7C84943b5c63370920c4bd392a32a4da49%7C%7Ccc9e962880932c839ae889d20ac73b10%7C%7C6b0909b8de2bc1c634ef483782923316%7C%7Cd2cd2459465f47d0a16479db8374d812%7C%7C1663701684%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:68f0:a33:9e57:b3d0 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 May 2023 20:14:45 GMT
server
nginx
x-server-name
dt06.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
generate_204
tpc.googlesyndication.com/ Frame C8B4
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?C_wP5g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 20:14:45 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
1x1
pixel.everesttech.net/ Frame 57C1
Redirect Chain
  • https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fib.adnxs.com%2Fpxj%3Faction%3Dsetuid(%27__EFGSURFER__.__EFGCK__%27)%26bidder%3D51%26seg%3D2634060der%3D51%26seg%3D2634060
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WkcwZXRBQUFBSUNFZ1FPWQ&url=/1/gr%3furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%25...
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D26...
  • https://pixel.everesttech.net/1x1
128 B
691 B
Image
General
Full URL
https://pixel.everesttech.net/1x1
Protocol
HTTP/1.1
Server
52.208.194.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-194-197.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Tue, 23 May 2023 20:14:45 GMT
Last-Modified
Mon, 19 Jul 2021 07:56:25 GMT
Server
Apache
ETag
"b3b521-80-5c775461d9c40"
P3P
CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type
image/png
Cache-Control
no-cache, no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
128

Redirect headers

Location
https://pixel.everesttech.net/1x1
Date
Tue, 23 May 2023 20:14:45 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
1x1
pixel.everesttech.net/ Frame 57C1
Redirect Chain
  • https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fexpires%3D30%26nid%3D2181%26put%3D__EFGSURFER__.__EFGCK__%26v%3D11782
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WkcwZXRBQUFBSUNFZ1FPWQ&url=/1/gr%3furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpir...
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2...
  • https://pixel.everesttech.net/1x1
128 B
691 B
Image
General
Full URL
https://pixel.everesttech.net/1x1
Protocol
HTTP/1.1
Server
52.208.194.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-194-197.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Tue, 23 May 2023 20:14:45 GMT
Last-Modified
Mon, 19 Jul 2021 07:56:25 GMT
Server
Apache
ETag
"b3b521-80-5c775461d9c40"
P3P
CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type
image/png
Cache-Control
no-cache, no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
128

Redirect headers

Location
https://pixel.everesttech.net/1x1
Date
Tue, 23 May 2023 20:14:45 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Api.aspx
auth-id.nfl.com/gs/webSdk/ Frame 0702
121 KB
43 KB
Document
General
Full URL
https://auth-id.nfl.com/gs/webSdk/Api.aspx?apiKey=4_9uJbeFZZVmtKTfSv1bjUVQ&version=latest&build=13905
Requested by
Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.83.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-83-110.iad55.r.cloudfront.net
Software
/
Resource Hash
5867a7357896e38bf8f5516e3f267b0ad90f3b379f4754e62ed7914f1fc8ba1b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.therams.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1585
cache-control
public, s-maxage=3600, max-age=900
content-encoding
gzip
content-length
43452
content-type
text/html; charset=utf-8
date
Tue, 23 May 2023 19:48:21 GMT
edge-cache-tag
siteid_748934946734,ver_latest
edge-control
!no-store,max-age=1h
p3p
CP="IDC COR PSA DEV ADM OUR IND ONL"
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 50d543ccd342bc50b5f1439e7bdddcc8.cloudfront.net (CloudFront)
x-amz-cf-id
SiT9AFzEhbBudKI5Rw2i6eL48x5ItWpGGlkdp77MJxLMAHKrN3AS8A==
x-amz-cf-pop
IAD55-P3
x-cache
Hit from cloudfront
x-callid
2a51e92d6e0a4457822bd14a6856b006
x-error-code
0
x-robots-tag
none
x-server
us1d-nomad-t12
x-soa
true, Gator
1x1
pixel.everesttech.net/ Frame 57C1
Redirect Chain
  • https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%3D%26piggybackCookie%3D__EFGSURFER__.__EFGCK__
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WkcwZXRBQUFBSUNFZ1FPWQ&url=/1/gr%3furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fv...
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggyb...
  • https://pixel.everesttech.net/1x1
128 B
691 B
Image
General
Full URL
https://pixel.everesttech.net/1x1
Protocol
HTTP/1.1
Server
52.208.194.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-194-197.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Tue, 23 May 2023 20:14:46 GMT
Last-Modified
Mon, 19 Jul 2021 07:56:25 GMT
Server
Apache
ETag
"b3b521-80-5c775461d9c40"
P3P
CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type
image/png
Cache-Control
no-cache, no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
128

Redirect headers

Location
https://pixel.everesttech.net/1x1
Date
Tue, 23 May 2023 20:14:46 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
generic
match.adsrvr.org/track/cmf/ Frame 57C1
70 B
265 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.therams.com&ttd_tpi=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 23 May 2023 20:14:46 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=929781&asId=75e466df-b0f2-d806-ef62-a2729e531441&tv=%7Bc:dteskJ,pingTime:-10,time:836,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEzLjAuNTY3Mi4xMjYgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1684872885695%7C%7Cb789d0b143c7b59c7546d2211781d851%7C%7Ce680db45f58fb4c44533cfaed40b3e29%7C%7C22df30d3bd66e159a6620c524a68b0d9%7C%7C84943b5c63370920c4bd392a32a4da49%7C%7Ccc9e962880932c839ae889d20ac73b10%7C%7C6b0909b8de2bc1c634ef483782923316%7C%7Cd2cd2459465f47d0a16479db8374d812%7C%7C1663701684,sca:%7Bspg:dffb0e7d-dba0-cee4-a2c0-aebd037605f6%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:68f0:a33:9e57:b3d0 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 May 2023 20:14:46 GMT
server
nginx
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
activeview
pagead2.googlesyndication.com/pcs/ Frame BA67
42 B
174 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuB_7kBDfSn74Va3_UShY8OgRXGFjfWvtgwCSEpWPHIX_0B1qrPYIy1hWjYrVPkcDme0xtWY3u6MCs69PpmO0cOiow2eNtdWhhXSIDB_KQuEg68-OGh&sig=Cg0ArKJSzN-izpy2v_xqEAE&id=lidar2&mcvt=1000&p=690,1324,720,1424&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230522&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1208089488&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684872884795&rpt=289&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 May 2023 20:14:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ups.analytics.yahoo.com/ups/28/ Frame 57C1
Redirect Chain
  • https://pixel.advertising.com/ups/28/sync?uid=64200240131507681293472648398654314580&_origin=1&redir=true
  • https://ups.analytics.yahoo.com/ups/28/sync?uid=64200240131507681293472648398654314580&_origin=1&redir=true
  • https://ups.analytics.yahoo.com/ups/28/sync?uid=64200240131507681293472648398654314580&_origin=1&redir=true&verify=true
0
17 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/28/sync?uid=64200240131507681293472648398654314580&_origin=1&redir=true&verify=true
Protocol
H2
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 20:14:46 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/28/sync?uid=64200240131507681293472648398654314580&_origin=1&redir=true&verify=true
date
Tue, 23 May 2023 20:14:46 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
1x1
pixel.everesttech.net/ Frame 57C1
Redirect Chain
  • https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D71%26external_user_id%3D__EFGSURFER__.__EFGCK__
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WkcwZXRBQUFBSUNFZ1FPWQ&url=/1/gr%3furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id...
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__&google_...
  • https://pixel.everesttech.net/1x1
128 B
691 B
Image
General
Full URL
https://pixel.everesttech.net/1x1
Protocol
HTTP/1.1
Server
52.208.194.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-194-197.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Tue, 23 May 2023 20:14:46 GMT
Last-Modified
Mon, 19 Jul 2021 07:56:25 GMT
Server
Apache
ETag
"36b521-80-5c775461d9c40"
P3P
CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type
image/png
Cache-Control
no-cache, no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
128

Redirect headers

Location
https://pixel.everesttech.net/1x1
Date
Tue, 23 May 2023 20:14:46 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305180101&jk=72258887751063&bg=!zc6lzprNAAZ8_aWmXP07ADkAdvg8Wihvg10j0wJnO1-UwYtBBPdZJgSp9VOSXep6a9fuiy6CeKJEr1ydliHU9mRpwLhX5X8DWvECAAAAaVIAAAAMaAEHCgCd5hI3yShN8vhf9L00kiJnfWZg6ROphtvadfP2egOGjmuj3x5K3MF-J1ZUWxjM5KiX9is35VDBcJRJis-sKIUdmz5Rz1DvrDAgxZqQpiJg1_HjlH3o2LaS7MDCO7me26c_44TitPhYlpt3GSFhs6jzldEGjD2AXOM6dHlp4vfbxQvWT0rcRxiTz3j0LbCCEQryFza6dWn7G5xmoWrrC5kClCJ5YuXdOMZ4LUBm_ZlZDlFcDzZ4CoaAt4qbf1pdGZfCCLKhBKOuH8LG3nI4yV8LFdfUUXGS3ubSy5UyYhT-X-0CFgpfjsJJ_aij1AsO909XcTCcR5JhEGUmVB7A7WXgX8vszQqdeshb_ZkBxKlBsvxiY0eYlWYg2s1fv572AbyoJuNDs8X1n40LyHcvpw0u-YZLXs-hTlI5lUB_shEyyXHpCOInAEJKk0dl5JhKu2LYWMfad297vktabXzQtdFGgIG0-UXjnOoyzgHf8Veg9_htzsvJN8pX_h_J13OWjclMAOzyOwEXBoeEVMfS6d7WngZmeJDwndqAxE31P1yA2Jnvuu6iusq2zEkdA4G-0tGsB9zjYgJ_FiE0t50LVn44jXHspZFqlRtBleHePAeDtJWVQKhubZQjD9Iqr-cRXbuSlZtp00hnZAwWVbLODmx-VWJdXoVL1FgyLpRp9O9R1nad43TTzdfC2CtQ44EhBHS00iDgQqE_KF6Ryrbr4nuQDEkgbOqO30ggAhb9HQnmeweDMSJufy-WfqRhz8oWDexe3SNu82c0B1j_7sIVRQ86SRexM4XhQopXtnN250VNe4aOgIT6UNd5A0HDNMYllgL9PVWmq9b8H4sqKSue3UH2T7ogDc19iBnoe-6IXwbZ_oux9YKji_sRsOUguIZ21uhqumggOeNUYA4ELJ1Pc5zy9cvU4FEXG4zSDjzqryZ4mC3heYR2PLcnZ5eBY0DLWB5IQfSNhEvlBUW5bU3O3x3GPwkNIX_zc7WncZC5H8j25JSlpt4U7F6pkGG3cyIX-0pmGOTdTcyKGk0cRExZgZvZhH94svzZ3LL7ItkNI1M0MC_Cz2rPlnD6U1kk_2PSrDAhLYzq_g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

ibs:dpid=28645&dpuuid=ftvldYBxwPHyv3AWH4i3TTqWtAnX3kPQ&gdpr=0&gdpr_consent=
dpm.demdex.net/ Frame 57C1
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://gum.criteo.com/sync?s=1&c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=ftvldYBxwPHyv3AWH4i3TTqWtAnX3kPQ&gdpr=0&gdpr_consent=
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=ftvldYBxwPHyv3AWH4i3TTqWtAnX3kPQ&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
52.49.215.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-215-81.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v048-02089365e.edge-irl1.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
SXnjWNYRT0o=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=ftvldYBxwPHyv3AWH4i3TTqWtAnX3kPQ&gdpr=0&gdpr_consent=
date
Tue, 23 May 2023 20:14:46 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
1084688
content-length
0
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=929781&asId=75e466df-b0f2-d806-ef62-a2729e531441&tv=%7Bc:dtespQ,pingTime:1,time:1153,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:100,h:30,t:129%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1153,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:129,wc:0.0.1600.1200,ac:1324.717.100.30,am:i,cc:1324.717.100.30,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1030~100%5D,as:%5B1030~100.30%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:187,fm:tF74V6F+11%7C12%7C13%7C14*.929781%7C141%7C151%7C152,idMap:14*,rmeas:1,rend:1,renddet:IMG.qs,siq:129,sis:209%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:68f0:a33:9e57:b3d0 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 May 2023 20:14:46 GMT
server
nginx
x-server-name
dt21.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=929781&asId=75e466df-b0f2-d806-ef62-a2729e531441&tv=%7Bc:dtespR,pingTime:1,time:1154,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:100,h:30,t:129%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1154,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:129,wc:0.0.1600.1200,ac:1324.717.100.30,am:i,cc:1324.717.100.30,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1030~100%5D,as:%5B1030~100.30%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:187,fm:tF74V6F+11%7C12%7C13%7C14*.929781%7C141%7C151%7C152,idMap:14*,rmeas:1,rend:1,renddet:IMG.qs,siq:129,sis:209,metricId:publ1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:68f0:a33:9e57:b3d0 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 May 2023 20:14:46 GMT
server
nginx
x-server-name
dt18.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=929781&asId=75e466df-b0f2-d806-ef62-a2729e531441&tv=%7Bc:dtespS,pingTime:1,time:1155,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:100,h:30,t:129%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1155,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:129,wc:0.0.1600.1200,ac:1324.717.100.30,am:i,cc:1324.717.100.30,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1031~100%5D,as:%5B1031~100.30%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:187,fm:tF74V6F+11%7C12%7C13%7C14*.929781%7C141%7C151%7C152,idMap:14*,rmeas:1,rend:1,renddet:IMG.qs,siq:129,sis:209,metricId:grpm1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:68f0:a33:9e57:b3d0 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 May 2023 20:14:46 GMT
server
nginx
x-server-name
dt26.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
dpm.demdex.net/ Frame 57C1
Redirect Chain
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=64200240131507681293472648398654314580&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
42 B
960 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
Protocol
HTTP/1.1
Server
52.49.215.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-215-81.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v048-0fa970038.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
gq4O4sGJRqM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error
104,303
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=30064&dpuuid={UUID_6j5b2cv}
Date
Tue, 23 May 2023 20:14:46 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
ibs:dpid=30646
dpm.demdex.net/ Frame 57C1
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=64200240131507681293472648398654314580&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-bllBEyBE2pHqg2suVWHF7AG7gSWxccQnt8M-~A
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-bllBEyBE2pHqg2suVWHF7AG7gSWxccQnt8M-~A
Protocol
HTTP/1.1
Server
52.49.215.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-215-81.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v048-090422bc6.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
lGjtqCyKQqQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date
Tue, 23 May 2023 20:14:46 GMT
strict-transport-security
max-age=31536000
via
http/1.1 spdc0102.pbp.ir2.yahoo.com (ApacheTrafficServer)
server
ATS
age
0
content-type
text/html;charset=utf-8
location
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-bllBEyBE2pHqg2suVWHF7AG7gSWxccQnt8M-~A
content-length
0
v2
odr.mookie1.com/t/ Frame 57C1
42 B
213 B
Image
General
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_676804&src.visitorId=64200240131507681293472648398654314580&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.236.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.236.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 20:14:46 GMT
via
1.1 google
last-modified
Tue, 28 Jun 2022 14:08:50 GMT
server
nginx
etag
"62bb0b72-2a"
content-type
image/gif
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
v1
ads.yahoo.com/cms/ Frame 57C1
Redirect Chain
  • https://cm.everesttech.net/cm/yh
  • https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=ZG0etAAAAICEgQOY&sigv=1&esig=1~caf4a255b4487a5bd6379f69f6f7683ed405748c
0
194 B
Image
General
Full URL
https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=ZG0etAAAAICEgQOY&sigv=1&esig=1~caf4a255b4487a5bd6379f69f6f7683ed405748c
Protocol
H2
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 20:14:46 GMT
strict-transport-security
max-age=31536000
cache-control
no-store
x-content-type-options
nosniff
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=ZG0etAAAAICEgQOY&sigv=1&esig=1~caf4a255b4487a5bd6379f69f6f7683ed405748c
Date
Tue, 23 May 2023 20:14:46 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
sdk.config.get
auth-id.nfl.com/ Frame 0702
5 KB
2 KB
Fetch
General
Full URL
https://auth-id.nfl.com/sdk.config.get?apiKey=4_9uJbeFZZVmtKTfSv1bjUVQ&httpStatusCodes=true
Requested by
Host: auth-id.nfl.com
URL: https://auth-id.nfl.com/gs/webSdk/Api.aspx?apiKey=4_9uJbeFZZVmtKTfSv1bjUVQ&version=latest&build=13905
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.83.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-83-110.iad55.r.cloudfront.net
Software
/
Resource Hash
47adb1be0669d98db3ba38103f9a0b125f9444a5704bdb9135ecd20eb5620b10

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth-id.nfl.com/gs/webSdk/Api.aspx?apiKey=4_9uJbeFZZVmtKTfSv1bjUVQ&version=latest&build=13905
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 20:13:16 GMT
content-encoding
gzip
via
1.1 50d543ccd342bc50b5f1439e7bdddcc8.cloudfront.net (CloudFront)
x-soa
true, Gator
x-amz-cf-pop
IAD55-P3
age
90
edge-cache-tag
siteid_748934946734
p3p
CP="IDC COR PSA DEV ADM OUR IND ONL"
edge-control
!no-store,max-age=1h
x-cache
Hit from cloudfront
x-error-code
0
content-length
2002
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-callid
72e37c4017a542419f7621f3eb53bba6
cache-control
public, s-maxage=120, max-age=60
x-server
us1d-nomad-t14
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
iKDmaskHaZoyD4MTwr2zeIFCG4AE98gIumXNtzw7EpKKCO1ds-3AJw==
pixel
cm.g.doubleclick.net/ Frame 57C1
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WkcwZXRBQUFBSUNFZ1FPWQ==
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WkcwZXRBQUFBSUNFZ1FPWQ==
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 May 2023 20:14:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-eddf8230095-FRA
pragma
no-cache
date
Tue, 23 May 2023 20:14:46 GMT
via
1.1 varnish
server
Varnish
x-timer
S1684872887.903195,VS0,VE0
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WkcwZXRBQUFBSUNFZ1FPWQ==
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tap.php
pixel.rubiconproject.com/ Frame 57C1
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZG0etAAAAICEgQOY&expires=90
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZG0etAAAAICEgQOY&expires=90
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by
cache-fra-eddf8230095-FRA
pragma
no-cache
date
Tue, 23 May 2023 20:14:46 GMT
via
1.1 varnish
server
Varnish
x-timer
S1684872887.980910,VS0,VE0
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZG0etAAAAICEgQOY&expires=90
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
accounts.webSdkBootstrap
auth-id.therams.com/
199 B
1 KB
XHR
General
Full URL
https://auth-id.therams.com/accounts.webSdkBootstrap?apiKey=4_9uJbeFZZVmtKTfSv1bjUVQ&pageURL=https%3A%2F%2Fwww.therams.com%2Fschedule%2F&sdk=js_latest&sdkBuild=13905&format=json
Requested by
Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-12.iad89.r.cloudfront.net
Software
/
Resource Hash
4b2cd5f5312c929a7b88c849b835ae23744142442c387622a1aae04c5703ee6d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 20:14:46 GMT
content-encoding
gzip
via
1.1 7ba3a61255419c2e0d9e131796899e10.cloudfront.net (CloudFront)
x-soa
true, Gator
x-amz-cf-pop
IAD89-C3
x-cache
Miss from cloudfront
p3p
CP="IDC COR PSA DEV ADM OUR IND ONL"
x-error-code
0
content-length
174
access-control-max-age
86400
access-control-allow-methods
GET,PUT,DELETE,HEAD,OPTIONS,POST,PATCH
content-type
text/javascript; charset=utf-8
access-control-allow-origin
https://www.therams.com
x-callid
c821d0473a7c46b09d345083af878f13
cache-control
private
access-control-allow-credentials
true
x-server
us1d-nomad-t5
vary
Origin, Accept-Encoding
x-robots-tag
none
x-amz-cf-id
CyG45zscX3Abvp-d4ofxMhvyPqEMjFy0TD_QWg3YxILTAA1f7dI51w==
rum
dsum-sec.casalemedia.com/ Frame 57C1
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZG0etAAAAICEgQOY
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZG0etAAAAICEgQOY&C=1
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZG0etAAAAICEgQOY&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 May 2023 20:14:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 23 May 2023 20:14:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=88&external_user_id=ZG0etAAAAICEgQOY&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
setuid
ib.adnxs.com/ Frame 57C1
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
  • https://ib.adnxs.com/setuid?entity=158&code=ZG0etAAAAICEgQOY
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=158&code=ZG0etAAAAICEgQOY
Protocol
HTTP/1.1
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 May 2023 20:14:47 GMT
AN-X-Request-Uuid
12768e79-02cd-4a08-a6d4-cb12d42fdcf7
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.164; 185.213.155.164; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

x-served-by
cache-fra-eddf8230095-FRA
pragma
no-cache
date
Tue, 23 May 2023 20:14:47 GMT
via
1.1 varnish
server
Varnish
x-timer
S1684872887.185296,VS0,VE0
x-cache
HIT
location
https://ib.adnxs.com/setuid?entity=158&code=ZG0etAAAAICEgQOY
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
sd
us-u.openx.net/w/1.0/ Frame 57C1
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZG0etAAAAICEgQOY
43 B
273 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZG0etAAAAICEgQOY
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 May 2023 20:14:47 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-fra-eddf8230095-FRA
pragma
no-cache
date
Tue, 23 May 2023 20:14:47 GMT
via
1.1 varnish
server
Varnish
x-timer
S1684872887.287063,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZG0etAAAAICEgQOY
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
image2.pubmatic.com/AdServer/ Frame 57C1
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZG0etAAAAICEgQOY
1 B
451 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZG0etAAAAICEgQOY
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 23 May 2023 20:14:47 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

x-served-by
cache-fra-eddf8230095-FRA
pragma
no-cache
date
Tue, 23 May 2023 20:14:47 GMT
via
1.1 varnish
server
Varnish
x-timer
S1684872887.389783,VS0,VE0
x-cache
HIT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZG0etAAAAICEgQOY
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
sso.htm
auth-id.nfl.com/gs/ Frame DC1E
92 KB
32 KB
Document
General
Full URL
https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=13905
Requested by
Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.83.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-83-110.iad55.r.cloudfront.net
Software
/
Resource Hash
87a82d481e925f978a405e757393442f8e18d268c1925520dc8589af04982eaa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.therams.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1746
cache-control
public, s-maxage=3600, max-age=900
content-encoding
gzip
content-length
32594
content-type
text/html; charset=utf-8
date
Tue, 23 May 2023 19:45:41 GMT
edge-cache-tag
siteid_7827621,ver_latest
edge-control
!no-store,max-age=1h
p3p
CP="IDC COR PSA DEV ADM OUR IND ONL"
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 50d543ccd342bc50b5f1439e7bdddcc8.cloudfront.net (CloudFront)
x-amz-cf-id
b0UvSDVcAcRlOmZAzJJpDgBN_Xbz7nRz3cqHA563ZWCXAsmoAXYI2Q==
x-amz-cf-pop
IAD55-P3
x-cache
Hit from cloudfront
x-callid
0fcb77470b9542649b2f26979f3595f9
x-error-code
0
x-robots-tag
none
x-server
us1d-nomad-t3
x-soa
true, Gator
sso.htm
auth-id.nfl.com/gs/ Frame 15DD
92 KB
32 KB
Document
General
Full URL
https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=13905
Requested by
Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.83.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-83-110.iad55.r.cloudfront.net
Software
/
Resource Hash
87a82d481e925f978a405e757393442f8e18d268c1925520dc8589af04982eaa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.therams.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1746
cache-control
public, s-maxage=3600, max-age=900
content-encoding
gzip
content-length
32594
content-type
text/html; charset=utf-8
date
Tue, 23 May 2023 19:45:41 GMT
edge-cache-tag
siteid_7827621,ver_latest
edge-control
!no-store,max-age=1h
p3p
CP="IDC COR PSA DEV ADM OUR IND ONL"
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 50d543ccd342bc50b5f1439e7bdddcc8.cloudfront.net (CloudFront)
x-amz-cf-id
JBooCIJRj9Chp4NY-K-HlxJPJfOOSLkzzjACWorDWTGARRrVdQ7Sfg==
x-amz-cf-pop
IAD55-P3
x-cache
Hit from cloudfront
x-callid
0fcb77470b9542649b2f26979f3595f9
x-error-code
0
x-robots-tag
none
x-server
us1d-nomad-t3
x-soa
true, Gator
partner
sync.search.spotxchange.com/ Frame 57C1
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZG0etAAAAICEgQOY&img=1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZG0etAAAAICEgQOY&img=1&__user_check__=1&sync_id=7714558c-f9a6-11ed-87b2-14c817940206
43 B
549 B
Image
General
Full URL
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZG0etAAAAICEgQOY&img=1&__user_check__=1&sync_id=7714558c-f9a6-11ed-87b2-14c817940206
Protocol
HTTP/1.1
Server
185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Tue, 23 May 2023 20:14:47 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
105
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Tue, 23 May 2023 20:14:47 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
/partner?adv_id=6409&uid=ZG0etAAAAICEgQOY&img=1&__user_check__=1&sync_id=7714558c-f9a6-11ed-87b2-14c817940206
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
33
Connection
keep-alive
Content-Length
0
sdk.config.get
auth-id.nfl.com/ Frame DC1E
5 KB
2 KB
Fetch
General
Full URL
https://auth-id.nfl.com/sdk.config.get?apiKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&httpStatusCodes=true
Requested by
Host: auth-id.nfl.com
URL: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=13905
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.83.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-83-110.iad55.r.cloudfront.net
Software
/
Resource Hash
a7bc4377adaac203747e4a3d22bd42b058ce1e26a377b158b2b8edd086c36ea5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=13905
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 20:14:11 GMT
content-encoding
gzip
via
1.1 50d543ccd342bc50b5f1439e7bdddcc8.cloudfront.net (CloudFront)
x-soa
true, Gator
x-amz-cf-pop
IAD55-P3
age
36
edge-cache-tag
siteid_7827621
p3p
CP="IDC COR PSA DEV ADM OUR IND ONL"
edge-control
!no-store,max-age=1h
x-cache
Hit from cloudfront
x-error-code
0
content-length
2002
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-callid
59d6d8c48dd74ea59f7cd6400537d936
cache-control
public, s-maxage=120, max-age=60
x-server
us1d-nomad-t17
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
FfX4fCcWTAsZAf4JnLIkI0eFbbaSZo4ItqOF_LwejlUhJ1E2dEfU7g==
b.php
www.facebook.com/fr/ Frame 57C1
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZG0etAAAAICEgQOY&t=2592000&o=0
43 B
889 B
Image
General
Full URL
https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZG0etAAAAICEgQOY&t=2592000&o=0
Protocol
H2
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 13:14:47 PDT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
pragma
public
x-fb-debug
EbFkyYRs1Mhhz+xVgQYFdbnFhEUevXKXk8KEZ/SCzKC1TqtCqZw5Kt3xOsIwI0G0TwpFHoiqvi8gwfFQeKaDHQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
image/gif
origin-agent-cluster
?0
cache-control
public, max-age=0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Tue, 23 May 2023 13:14:47 PDT

Redirect headers

x-served-by
cache-fra-eddf8230095-FRA
pragma
no-cache
date
Tue, 23 May 2023 20:14:47 GMT
via
1.1 varnish
server
Varnish
x-timer
S1684872888.623150,VS0,VE0
x-cache
HIT
location
https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZG0etAAAAICEgQOY&t=2592000&o=0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
cm
trc.taboola.com/sg/adobe/1/ Frame 57C1
43 B
374 B
Image
General
Full URL
https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-vcl-time-ms
10
pragma
no-cache
date
Tue, 23 May 2023 20:14:47 GMT
via
1.1 varnish
x-served-by
cache-fra-eddf8230020-FRA
server
nginx
x-timer
S1684872888.759801,VS0,VE10
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
sdk.config.get
auth-id.nfl.com/ Frame 15DD
5 KB
2 KB
Fetch
General
Full URL
https://auth-id.nfl.com/sdk.config.get?apiKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&httpStatusCodes=true
Requested by
Host: auth-id.nfl.com
URL: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=13905
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.83.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-83-110.iad55.r.cloudfront.net
Software
/
Resource Hash
a7bc4377adaac203747e4a3d22bd42b058ce1e26a377b158b2b8edd086c36ea5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=13905
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 20:14:11 GMT
content-encoding
gzip
via
1.1 50d543ccd342bc50b5f1439e7bdddcc8.cloudfront.net (CloudFront)
x-soa
true, Gator
x-amz-cf-pop
IAD55-P3
age
38
edge-cache-tag
siteid_7827621
p3p
CP="IDC COR PSA DEV ADM OUR IND ONL"
edge-control
!no-store,max-age=1h
x-cache
Hit from cloudfront
x-error-code
0
content-length
2002
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-callid
59d6d8c48dd74ea59f7cd6400537d936
cache-control
public, s-maxage=120, max-age=60
x-server
us1d-nomad-t17
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
oJru4xblm3T0bhYTID3fyoFsFdR5U9gxIpyccsCcwVIRxeBAYAQkWQ==
ibs:dpid=152416&dpuuid=
dpm.demdex.net/ Frame 57C1
Redirect Chain
  • https://ads.undertone.com/u?dp=32&url=https%3A//dpm.demdex.net/ibs%3Adpid%3D152416%26dpuuid%3D
  • https://evt.undertone.com/u?dp=32&url=https%3A//dpm.demdex.net/ibs%3Adpid%3D152416%26dpuuid%3D
  • https://dpm.demdex.net/ibs:dpid=152416&dpuuid=
42 B
960 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=152416&dpuuid=
Protocol
HTTP/1.1
Server
52.49.215.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-215-81.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v048-0f9a9001c.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
hC/2HdHNQf4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error
300,104
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Tue, 23 May 2023 20:14:48 GMT
via
1.1 4ce044af637284f41cd11c7043e8eaaa.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
IAD55-P4
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
location
https://dpm.demdex.net/ibs:dpid=152416&dpuuid=
cache-control
private, max-age=0, no-cache
x-envoy-upstream-service-time
1
content-length
0
x-amz-cf-id
2V6ueza5i8la5G3QWYqwJ9gZC7OOXiWvZ21YHjpJWX9bnCCuj8uemw==
expires
Mon, 26 Jul 1997 05:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 57C1
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433
  • https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433&dcc=t
  • https://dpm.demdex.net/ibs:dpid=139200&dpuuid=lUOMxqVEQ6OINgxNhzw7fw&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=64200240131507681293472648398654314580
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=64200240131507681293472648398654314580
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 May 2023 20:14:48 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
S864FM2CA65SG4DATTPZ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS
dcs-prod-irl1-1-v048-0d6340410.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
j/lt3cSKQUk=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=64200240131507681293472648398654314580
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
client.js
apis.google.com/js/
17 KB
7 KB
Script
General
Full URL
https://apis.google.com/js/client.js?onload=__gigya_handleClientLoad
Requested by
Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ae0778253dda8b156d65084c6265a3e26630e097b93a9e847d03c44462b8952
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 23 May 2023 20:14:49 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6906
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"3fc94a4cf91bdd80"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 May 2023 20:14:49 GMT
sso.htm
auth-id.nfl.com/gs/ Frame AD82
92 KB
32 KB
Document
General
Full URL
https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=13905
Requested by
Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.83.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-83-110.iad55.r.cloudfront.net
Software
/
Resource Hash
87a82d481e925f978a405e757393442f8e18d268c1925520dc8589af04982eaa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.therams.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1748
cache-control
public, s-maxage=3600, max-age=900
content-encoding
gzip
content-length
32594
content-type
text/html; charset=utf-8
date
Tue, 23 May 2023 19:45:41 GMT
edge-cache-tag
siteid_7827621,ver_latest
edge-control
!no-store,max-age=1h
p3p
CP="IDC COR PSA DEV ADM OUR IND ONL"
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 50d543ccd342bc50b5f1439e7bdddcc8.cloudfront.net (CloudFront)
x-amz-cf-id
4Mu9Kg2ZNAFDVj83svtV7g5PG2hlT5QE8Lds8UDfImYDj6uBpVD17A==
x-amz-cf-pop
IAD55-P3
x-cache
Hit from cloudfront
x-callid
0fcb77470b9542649b2f26979f3595f9
x-error-code
0
x-robots-tag
none
x-server
us1d-nomad-t3
x-soa
true, Gator
sdk.js
connect.facebook.net/en_EN/
3 KB
3 KB
Script
General
Full URL
https://connect.facebook.net/en_EN/sdk.js
Requested by
Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5b8b7e82182ce6c7a0f003f041272d7e74fe85f82e79b658e1953fc4c6822e37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 23 May 2023 20:14:49 GMT
content-md5
MvHVkbi6iQOukZ3Ui0NKlw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
PQlwk5NYCEC+AJddr5Uo4MjAyGMtrpqd7euLyfXYziC2cvE7VhEqHO8q6iG09+LgeVbv+MQjgTwKJc4vUBm31w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
x-fb-content-md5
92956e57d6f27a399eb25ac3a6914e50
cross-origin-opener-policy
same-origin-allow-popups
etag
"2677fd127c5cd769aaba7d138fdf5973"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options
DENY
timing-allow-origin
*
expires
Tue, 23 May 2023 20:19:04 GMT
sdk.js
connect.facebook.net/en_US/
301 KB
85 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=be591c5071875aea3ad87cf4388c8362
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_EN/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3413f9d07e1894f9029aeb0dcf5457395d8ad2fab7023093fcbd5f75f4c80e71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.therams.com/
Origin
https://www.therams.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 23 May 2023 20:14:49 GMT
content-md5
41uERgG3mR50bBWbHXxkOg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87160
x-fb-rlafr
0
x-fb-debug
znsyDanUrcZXwvsGDJLT6Q3yvdU0ITzTLTsl+xl6C+CsmikLzHZ5RM0/1rKQsuyvN7G5oNyt9sIIIiyBPfYj7g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
b90917280c4fb42de392bd6eeb6521c4
cross-origin-opener-policy
same-origin-allow-popups
etag
"773cbba89ecc8fc242a808517ed1d0e4"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Wed, 22 May 2024 11:16:23 GMT
status
www.facebook.com/x/oauth/
0
0
Fetch
General
Full URL
https://www.facebook.com/x/oauth/status?client_id=404205130228139&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.therams.com%2Fschedule%2F&sdk=joey&wants_cookie_data=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=be591c5071875aea3ad87cf4388c8362
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
date
Tue, 23 May 2023 20:14:49 GMT
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
2bA02CILHUQ0aDqqXOEJ6u+huvlJvBoQ5PwUSzB24yJZf3OPi5xq3keY93UOPNScxB8hTOahkA41XnG/yJoaJQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
fb-s
unknown
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.therams.com
origin-agent-cluster
?0
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
sdk.config.get
auth-id.nfl.com/ Frame AD82
5 KB
2 KB
Fetch
General
Full URL
https://auth-id.nfl.com/sdk.config.get?apiKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&httpStatusCodes=true
Requested by
Host: auth-id.nfl.com
URL: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=13905
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.83.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-83-110.iad55.r.cloudfront.net
Software
/
Resource Hash
a7bc4377adaac203747e4a3d22bd42b058ce1e26a377b158b2b8edd086c36ea5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=13905
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 20:14:11 GMT
content-encoding
gzip
via
1.1 50d543ccd342bc50b5f1439e7bdddcc8.cloudfront.net (CloudFront)
x-soa
true, Gator
x-amz-cf-pop
IAD55-P3
age
38
edge-cache-tag
siteid_7827621
p3p
CP="IDC COR PSA DEV ADM OUR IND ONL"
edge-control
!no-store,max-age=1h
x-cache
Hit from cloudfront
x-error-code
0
content-length
2002
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-callid
59d6d8c48dd74ea59f7cd6400537d936
cache-control
public, s-maxage=120, max-age=60
x-server
us1d-nomad-t17
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
9fww5VSIs8ROqnxNMl2OtY-jNA0NBrbOSGS_ZjuqV9YmW1i3EFnYwA==
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.quWKHAGG1QE.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-FBhA1aZ_gWZ06fFcx8vCwNNGKoQ/
315 KB
108 KB
Script
General
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.quWKHAGG1QE.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-FBhA1aZ_gWZ06fFcx8vCwNNGKoQ/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/client.js?onload=__gigya_handleClientLoad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e779992ace543f715102af0c31dd34d3b2f65bff0ba108d0a10cfef268ea32b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 08:54:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40807
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
109921
x-xss-protection
0
last-modified
Sat, 01 Apr 2023 15:23:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 May 2024 08:54:42 GMT
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=929781&asId=75e466df-b0f2-d806-ef62-a2729e531441&tv=%7Bc:dtetsm,pingTime:5,time:5153,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:100,h:30,t:129%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5153,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:129,wc:0.0.1600.1200,ac:1324.717.100.30,am:i,cc:1324.717.100.30,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5029~100%5D,as:%5B5029~100.30%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:183,fm:tF74V6F+11%7C12%7C13%7C14*.929781%7C141%7C151%7C152,idMap:14*,rmeas:1,rend:1,renddet:IMG.qs,siq:129,sis:209%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:68f0:a33:9e57:b3d0 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.therams.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 May 2023 20:14:50 GMT
server
nginx
x-server-name
dt05.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
adb2waycm-atl.netmng.com
URL
https://adb2waycm-atl.netmng.com/cm/

Verdicts & Comments Add Verdict or Comment

153 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 boolean| credentialless string| baseUrl string| fbappid string| marketoHostName string| gigyaUrl string| gigyaApiKey object| OneTrustStub function| OptanonWrapper function| oneTrustInsertScriptHelper function| oneTrustDataRequire function| setAdsRestrictDataProcessingLocalStorage function| getCookie function| refreshPageAfterCookiesSettingsChange object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator object| google object| closure_lm_604427 object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| googletag object| advPageInfo string| adUnitName string| leagueAdvId string| clubAdvId string| testParameter object| gptconfig object| gptSlots string| adUnit object| trackingPageInfo object| utag_data object| identityProvider object| _taboola string| nflLibHostName string| environment boolean| adBlockEnabled object| testAd object| utagParts object| pageName string| part object| NflUmdComponents object| regeneratorRuntime object| nflToken object| slot object| _DMAMenuItems function| 6d7098a7-4ae1-4e5c-806a-be476bbb8c35_refreshAdv object| WebFont object| ggeac object| google_tag_data boolean| google_plmetrics object| google_js_reporting_queue object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| objOptin object| s_c_il number| s_c_in object| dynamicHostResolver object| aryOptin object| __target_telemetry object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate object| otStubData function| AppMeasurement_Module_AudienceManagement function| DIL function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq function| AppMeasurement_Module_ActivityMap object| s undefined| google_measure_js_timing object| Optanon object| OneTrust function| gtag object| dataLayer string| OnetrustActiveGroups string| OptanonActiveGroups object| Evergage string| VE_CUSTOM_EVENT_NAME string| TO_LAUNCHER_MESSAGE_TYPE string| TO_LAUNCHER_PAYLOAD_TYPE object| eventLinkId object| evgr function| sendMessageToEvergageLauncher number| evergageBeaconParseTimeStart object| SalesforceInteractions number| evergageBeaconParseTimeEnd function| render function| myFunction object| FS_FIELD_DATA_3703620 undefined| $ function| jQuery object| Formstack object| libphonenumber object| html5 object| Modernizr function| yepnope function| loadFormstack function| awaitPub object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal function| requirejs function| require function| define string| distFolder function| time function| timeEnd function| isMobileViewport function| requireQueue object| gigya function| sha256 function| sha224 object| lazyLoadHelper function| md5 string| GoogleAnalyticsObject function| fsGa object| form3703620 object| FSA object| FSATracker object| gaplugins object| gaData object| GoogleGcLKhOms object| google_image_requests function| fbAsyncInit object| FB object| __buffer object| gapi object| ___jsl object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| googleapis

55 Cookies

Domain/Path Name / Value
.therams.com/ Name: at_check
Value: true
.therams.com/ Name: adobeujs-optin
Value: %7B%22aam%22%3Afalse%2C%22adcloud%22%3Afalse%2C%22aa%22%3Afalse%2C%22campaign%22%3Afalse%2C%22ecid%22%3Afalse%2C%22livefyre%22%3Afalse%2C%22target%22%3Afalse%2C%22mediaaa%22%3Afalse%7D
.demdex.net/ Name: demdex
Value: 64200240131507681293472648398654314580
.therams.com/ Name: AMCVS_F75C3025512D2C1D0A490D44%40AdobeOrg
Value: 1
static.formstack.com/ Name: AWSALBCORS
Value: CsIkv9EhTHZ9b3pJgYMJsg2KvSD7dQzbGDOpCbxCWaacDHr5YzyRafj/aDInnza8gmRlh++iUkoAy9pMo0wkwhoDDL52MdSCMdusNA/RgT4W2Ole5QaNbQWX+2K4
.therams.com/ Name: mbox
Value: session#27aa3d5c2e574cdea4b273c12ecb6ab7#1684874745|PC#27aa3d5c2e574cdea4b273c12ecb6ab7.37_0#1748117685
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZG0etAAAAICEgQOY
.dpm.demdex.net/ Name: dpm
Value: 64200240131507681293472648398654314580
.therams.com/ Name: AMCV_F75C3025512D2C1D0A490D44%40AdobeOrg
Value: 179643557%7CMCIDTS%7C19501%7CMCMID%7C64366209744294176623493291579693294827%7CMCAAMLH-1685477684%7C6%7CMCAAMB-1685477684%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1684880084s%7CNONE%7CMCSYNCSOP%7C411-19508%7CvVersion%7C5.5.0
.mathtag.com/ Name: uuid
Value: 3ab5646d-1eb4-4000-8547-a31c89bcda9c
.exelator.com/ Name: EE
Value: "23ed69ad3da43af1305796d376d7394a"
.therams.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Tue+May+23+2023+20%3A14%3A44+GMT%2B0000+(GMT)&version=202303.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=1d0cd07d-f96f-4ecd-ac20-71150a3777c0&interactionCount=0&landingPath=https%3A%2F%2Fwww.therams.com%2Fschedule%2F&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcHIODXFzDIxxTgl0cQ4Mc3Q2MDU3NIsxdjcLMXc2NIkcXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQeEl%252BUWb6IhfXxUUpaQyLSopPBR9RVQAAlyQpcg%253D%253D"
.w55c.net/ Name: wfivefivec
Value: FaXYjxDi1Q1yp65
.w55c.net/ Name: matchdmx
Value: 5
.therams.com/ Name: __gads
Value: ID=e52bc9d806854855:T=1684872884:S=ALNI_MZ7lXj6YUf01Q2nR1U8Q-3KyO4BxQ
.therams.com/ Name: __gpi
Value: UID=00000c1a3a94dc46:T=1684872884:RT=1684872884:S=ALNI_MYc62WCRnelGh2gMvl3nOCPC9rdTQ
.adnxs.com/ Name: uuid2
Value: 3955446442563860411
.doubleclick.net/ Name: IDE
Value: AHWqTUkBTi_r_ElDt2uxYD4uYxrCvSBhn8JYNfIh38SemFIZFCy2aCrqeYRc58E3_Ug
.www.therams.com/ Name: gig_canary
Value: false
.www.therams.com/ Name: gig_canary_ver
Value: 13905-3-28081200
.turn.com/ Name: uid
Value: 8677260299256887821
rams.formstack.com/ Name: AWSALBCORS
Value: ALFNK64xq8q0M6rmF/p7S0IBhPT6P9Muw8xoYzPSot9UTgZOBrJ4mtwMKlRVUxqRE75U3XLST1nkuHRzdSBHp5cSYi3i7g0NIRnPXsDXIe+TV9rmgYwM3sliqSDp
.therams.com/ Name: FSAV
Value: 1263112057.501713755.1684872885.1684872885.1684872885.1.
.therams.com/ Name: FSAC
Value: 1263112057.1684872885.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)
.therams.com/ Name: _ga
Value: GA1.2.1256100219.1684872885
.therams.com/ Name: _gid
Value: GA1.2.1544759918.1684872885
.therams.com/ Name: _gat
Value: 1
.twitter.com/ Name: personalization_id
Value: "v1_hukUgUeOBb0CE6rEC3lbqg=="
.everesttech.net/ Name: ev_sync_ax
Value: 20230523
.everesttech.net/ Name: everest_session_v2
Value: ZG0etQAAAGfStXIZ
.advertising.com/ Name: A3
Value: d=AQABBLYebWQCEIJTNWA7K4-dHHcuqv1wARIFEgEBAQFwbmR3ZOANyiMA_eMAAA&S=AQAAAvtRp8ukxOBnnYc_dX7UMsc
.yahoo.com/ Name: A3
Value: d=AQABBLYebWQCENyZsabH7zDFw0aaPDI82JkFEgEBAQFwbmR3ZOANyiMA_eMAAA&S=AQAAAgsmUlJWzOd64gA2pMQ2SlQ
.criteo.com/ Name: uid
Value: a0a89fa4-1593-4bdd-a673-3e15371363c6
.eyeota.net/ Name: SERVERID
Value: 22511~DM
.everesttech.net/ Name: ev_sync_yh
Value: 20230523
.auth-id.nfl.com/ Name: apiDomain_3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P
Value: auth-id.therams.com
.casalemedia.com/ Name: CMID
Value: ZG0et39AcHOwkXZjNkd-2AAA
.casalemedia.com/ Name: CMPS
Value: 1187
.casalemedia.com/ Name: CMPRO
Value: 1187
.auth-id.therams.com/ Name: gmid
Value: gmid.ver4.AcbH9ZSpgw.z86bC8ozUGlQJ2RKyRz5tOsEW5LRGziymQ90SsN5jZda5dgIAYRBYHR95cmwE9EA.len_txN6u81cOdxAR9imEGBP6mFaEsWi2TT6ZmeK7xZt_w-0qCKwOV2CczqnM6IXWpzr_vLFXEVLt6N0QIQGxA.sc3
.auth-id.therams.com/ Name: ucid
Value: khyz_lMyHLHWZU4MOYpUUA
.auth-id.therams.com/ Name: hasGmid
Value: ver4
.therams.com/ Name: gig_bootstrap_4_9uJbeFZZVmtKTfSv1bjUVQ
Value: auth-id_ver4
.adnxs.com/ Name: anj
Value: dTM7k!M4.FErk#WF']wIg2In@k<J0%!]tbPl1MwL(!R7qUY%jM9$+9%(=u:NZChwk%BjZ6EQO^[9RFMZ9bmtwgM/]vGiOa(8!80tDYw?IEBnq=!'q^?2LBgR
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-ZG0etAAAAICEgQOY&KRTB&22978-ZG0etAAAAICEgQOY&KRTB&23194-ZG0etAAAAICEgQOY&KRTB&23209-ZG0etAAAAICEgQOY
.pubmatic.com/ Name: PugT
Value: 1684872887
.spotxchange.com/ Name: audience
Value: 77145538-f9a6-11ed-87b2-14c817940206
.auth-id.nfl.com/ Name: gig_canary_3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P
Value: false
.auth-id.nfl.com/ Name: gig_canary_ver_3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P
Value: 13905-3-28081200
.demdex.net/ Name: dextp
Value: 269-1-1684872884452|3-1-1684872884553|359-1-1684872884682|358-1-1684872884815|470-1-1684872884937|843-1-1684872885096|640-1-1684872885197|771-1-1684872885298|1123-1-1684872885402|1083-1-1684872885503|1085-1-1684872885620|1086-1-1684872885724|1087-1-1684872885825|1088-1-1684872885926|903-1-1684872886028|6835-1-1684872886130|19913-1-1684872886231|28645-1-1684872886332|30064-1-1684872886433|30646-1-1684872886534|30862-1-1684872886636|83349-1-1684872886760|144230-1-1684872886860|144231-1-1684872886977|144232-1-1684872887080|144233-1-1684872887182|144234-1-1684872887284|144235-1-1684872887386|144236-1-1684872887518|144237-1-1684872887620|147592-1-1684872887722|152416-1-1684872887848|139200-1-1684872887950
.amazon-adsystem.com/ Name: ad-id
Value: A4abx_Tgq0aqiZ3Ps3eEplk
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.undertone.com/ Name: UTID
Value: d94975858531431f80c7b8de2dbd721c
.undertone.com/ Name: UTID_ENC
Value: cv3mql7qv1nmeustkizm2ya70

12 Console Messages

Source Level URL
Text
other warning URL: https://www.therams.com/schedule/
Message:
A preload for 'https://www.therams.com/compiledassets/css/base.css?_t=7c622c33563f55e9ff12803d8ffb56eb' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other warning URL: https://www.therams.com/schedule/
Message:
A preload for 'https://www.therams.com/compiledassets/theming/30e9f848f389db282054c914c30dd755' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
javascript warning URL: https://rams.formstack.com/forms/js.php//2020singleschedule?(Line 1477)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.evgnet.com/beacon/losangelesrams/production/scripts/evergage.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://rams.formstack.com/forms/js.php//2020singleschedule?(Line 2398)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://static.formstack.com/forms/js/3/jquery-3.5.1.min_dc5e7f18c8.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://rams.formstack.com/forms/js.php//2020singleschedule?(Line 2399)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://static.formstack.com/forms/js/3/jquery-ui-1.12.1.min_d71fd11517.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://rams.formstack.com/forms/js.php//2020singleschedule?(Line 2400)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://static.formstack.com/forms/js/3/scripts_0edcde2e8b.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://rams.formstack.com/forms/js.php//2020singleschedule?(Line 2401)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://static.formstack.com/forms/js/3/analytics_7d49daa365.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://rams.formstack.com/forms/js.php//2020singleschedule?(Line 2402)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://static.formstack.com/forms/js/3/libphonenumber-min_6f64debfdd.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://rams.formstack.com/forms/js.php//2020singleschedule?(Line 2403)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://static.formstack.com/forms/js/3/plugins/googleanalytics_c118a241fb.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://rams.formstack.com/forms/js.php//2020singleschedule?(Line 2404)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://static.formstack.com/forms/js/3/plugins/utm_tracking_dd0b5a32b7.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://rams.formstack.com/forms/js.php//2020singleschedule?(Line 2405)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://static.formstack.com/forms/js/3/modernizr_60a2d5aeb5.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://ups.analytics.yahoo.com/ups/28/sync?uid=64200240131507681293472648398654314580&_origin=1&redir=true&verify=true
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a9f75a4194adab9f33c5a1e95130639d.safeframe.googlesyndication.com
adb2waycm-atl.netmng.com
ads.undertone.com
ads.yahoo.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
analytics.twitter.com
api.nfl.com
apis.google.com
assets.adobedtm.com
auth-id.nfl.com
auth-id.therams.com
cdn.cookielaw.org
cdn.evgnet.com
cdns.us1.gigya.com
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
d.turn.com
dpm.demdex.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
evt.undertone.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
gum.criteo.com
ib.adnxs.com
image2.pubmatic.com
imasdk.googleapis.com
load77.exelator.com
loadm.exelator.com
match.adsrvr.org
nfl.demdex.net
nflenterprises.tt.omtrdc.net
odr.mookie1.com
p.nfltags.com
pagead2.googlesyndication.com
pixel.adsafeprotected.com
pixel.advertising.com
pixel.everesttech.net
pixel.rubiconproject.com
pm.w55c.net
ps.eyeota.net
rams.formstack.com
s.amazon-adsystem.com
securepubads.g.doubleclick.net
static.adsafeprotected.com
static.clubs.nfl.com
static.formstack.com
static.www.nfl.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
sync.search.spotxchange.com
tpc.googlesyndication.com
trc.taboola.com
ups.analytics.yahoo.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.therams.com
x.dlx.addthis.com
adb2waycm-atl.netmng.com
104.244.42.131
151.101.1.152
151.101.1.153
151.101.128.114
151.101.129.153
151.101.193.153
151.101.194.49
151.101.65.153
18.154.227.77
18.165.83.110
18.165.98.4
185.29.134.248
185.64.190.80
185.80.39.216
185.89.210.244
185.94.180.125
2001:678:cb4:bbbb::13
209.54.182.161
212.82.100.182
216.58.212.162
23.35.237.2
2600:1f13:800:7780:68f0:a33:9e57:b3d0
2600:9000:223f:9000:8:48e:53c0:93a1
2606:4700:4400::6812:2b9e
2606:4700::6813:bb61
2a00:1288:80:807::2
2a00:1450:4001:801::200a
2a00:1450:4001:802::2002
2a00:1450:4001:806::2001
2a00:1450:4001:806::200a
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:813::200e
2a00:1450:4001:828::2004
2a00:1450:4001:828::200e
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2001
2a00:1450:400c:c0c::9d
2a02:2638:d::d
2a02:26f0:3500:58f::1e80
2a02:6ea0:c700::11
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42::300
3.122.214.165
3.75.62.37
34.160.236.64
34.98.64.218
35.71.131.137
52.208.194.197
52.209.38.88
52.215.114.201
52.31.36.112
52.49.215.81
52.58.134.213
52.85.132.103
52.85.151.12
54.78.254.47
66.235.152.113
69.173.144.138
69.192.160.219
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c756b0b024a435129eca9014e98cc955dd97481285d9191b8d6c0a5749982d1
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0da7fc1ae23678b2872653962d147fcd1cbd0a5a9c8f84d44ae99bc581fd9062
0dcdb2b2a47908a600d75aebd990877a582cb137d50a10066f9ebc484de79a46
1492c17d9b641b3e9026659fe3ebff0a5e5f27319d91b66cf49dac37066ecada
1526ac09d5d3d44e09a9b34462a2d7bdbb2582940b9bb3c5f9e5d67a00fa92e9
15d01c709fdf293cbb036c2bfabbf58a06a8b66bcc35df2455f485185b9d01bb
1690e605ce0b7b17dadf5cfa24a8ce211b424c4b1f22702d34fd624e727b68de
179478bddb718a61355c3f83b9fc32dcb9c22ed470b3c63080475ab78ed9da15
18b057ba8c9ab17fa25f398c46f9b71b5127b70ef49ef4cc2faf44062b8a3049
1e1de3e64b75a760b1fb4593b869ad888230f8b2daae2b418b017d206135a6e1
21716ff9c6690bee89ff577997021a3e2e3d8c6538ab3524c66c4a67e5954cb0
237fafbe2ec2c8c9d2a4d99222662bb633d20ce82c5cf176b2d23c2fd9a5e2d2
292ae61e9c86c92c18b191ffd3b1fb865420eae411d5125c8518fd2ea5d77dc8
2d347443d3ac1363e31281915b1a5a239c9905bfdbabb7f897dbb07ef981d71b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32a8c8c75e0574d43215424909195c56e950e04c0839abec5e7cf5b0c0ac4282
3413f9d07e1894f9029aeb0dcf5457395d8ad2fab7023093fcbd5f75f4c80e71
37fea85cfef13b0d55bf066260eb7f48a6101970d8eb86c9696f23ebaffa1c52
3809d41298c5c400bb68f7d47dbd764f71f21eb9c6ed3d6044c8005e883df513
39f65b2c21e77841920e7b26b5db6b0ab85db163c342a65ffc0df8922d6b4db5
3b2d4349345f1d8565e48dadbb4d70ea493ff614b58f83e568885881245ac2e3
3d73b5f59d6f4925cfdee376ad7738ec527111ae462a4ec9598b0e35beacccd5
3df33152cd65eb45b9203090a7678540a27a9f44ef4641ee66de9a47b7a0a43c
452f096c720b3e3f9bef10090f461ce08ab38e64159263e9939a7c60067aa32f
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
476e7eb397d8ad4c1c63798669d2b7011f69f14add6f5ad92d8df3ace8456355
47adb1be0669d98db3ba38103f9a0b125f9444a5704bdb9135ecd20eb5620b10
4b2cd5f5312c929a7b88c849b835ae23744142442c387622a1aae04c5703ee6d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5093c70019b3501c2eb8b2e8597e253bb2f8cf367cf5a305395a0ff7d238a643
51f9f21b7ac45e48dea3f02ead3b3ed2151936f28cb0f7a3bf26af88bb30adb1
5276394b2ab219cc6aeee203359779930ad8022f44e6ecdd38dcf9f620dd0fcd
5377c77436bfcc620e2d5bebb1779b5daf63a9cabd28022ba959323d1d8e9b0b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54fbe08cd567b05b1c11dc37745a2b278c0521d1af11d8076ad50f685ea889ce
550eacf0b0dde64399a52fd7e8935fb9ebec1ca81b4c9a94c96c7b2f691f1706
55723e64f42b1751419803799a21651fdcfa9fb1df025344a07f5b619fc09155
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5729198a882b488f06ba05ce31230648a7a63650f2f5e863ae937f00cabf57b3
5735dc0f41e6575b3c446749ff221fed891988e66b7313e985a0e9c0cfbea52b
5867a7357896e38bf8f5516e3f267b0ad90f3b379f4754e62ed7914f1fc8ba1b
5b8b7e82182ce6c7a0f003f041272d7e74fe85f82e79b658e1953fc4c6822e37
5e6c3117716df8ad5f588f72e116cc9d5f7005e317cbf0675f3c96f505cab7fe
5ec11883dbd19aa91c86ade182cfe7037a9b9f954daca64f341ffd0595e429c0
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61ed9ec4c536d2eb2e32389cfff1656afce90aa7715968876853a1ac3439ca88
6549333829c184ad798ef63121bdae7af134db23f02f95f04b786bfcbe915c28
6692a6ffe0a5ac028579a19ff69865d0a9f3bfb743dd262870c0a27fabff56df
673089261a490c7c06604429afc843813446902e59322da97745929aaec615f4
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
69f8090fb59cb79bb1d56d99512d91d5fd2f297ee69490aeb91bca904c04add7
6daa2c4303a3ea37647e5a33af5c9c1c34c8003eb03b76c93d1c0a2f36a8d7e1
6de95ed9ac949a7a36c2c60405c79958779b21938ce2b245b9c153c7196bcfa4
6eeb370855e4f16067a57797064c296fe2ec6bf7eadb9e49db1df31d712339ba
7157511697db744d384a5a2a8646af23f3c90560abf93bb240fdd690b29a898a
74bf23cb58f15f0a5828b81f3285e56f3917d80c4834cc990645c5aa5ba4c254
75a58f2aee7291da5efa4d6d0aceed2bebf39c283346a3269a7811d1910f9d43
7868e53cbd486bbe29c810cad65ef89b42cfd45131db5e570a0776245ddafe23
788ab74adefb14b2710f86b1de56bc0040c935d09e5ba8a1825ca6d3c15dc8a1
78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa
7ae0778253dda8b156d65084c6265a3e26630e097b93a9e847d03c44462b8952
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7cc54e74e6dbf5322743ddbf9d3eff9fc6a8015015eab90b7b4532c4e715b390
7f48123723251fde71c5aff246bfcf33cd9abdd69ebe1140eed0ae364e8a7e44
7fe19ed9f52e04a6932f63b7de463fd9c8593b2ddbcbd4469fe0db31a0fabf30
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8182161d54abafd67e6e11122131bc2bcd65a4a86bf80617e655aa88265000f1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
834f03082e3c1b45fd4fcd805ec415f07236a6586e08db572985f38c8b735e31
83b8975d97ad572af9b9c7bf861913699ac5d14f1ad14521e0ef5c451b71ac55
83bb47871b3895cd8f4bf5da67037710b6d9a9e1fab80d03b579cd83a448fe23
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8630299a25d2e6e488149c269c4e70b09e7e4c82e7aaaf108432cf047572f74b
86d5823df9f96c928e9981519128e09bf8f745ca88e690be0b342b5ce904d394
878796facbcbeadeddda79c14175bb3967519b61d1db46ae49a36b5dc84e5dd9
87a82d481e925f978a405e757393442f8e18d268c1925520dc8589af04982eaa
8bcd1a4901c7753af609970d77e8a023a889afdb02bb7ee6b343b05ca5069598
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a5d3afc3b518783756dc20b021980021add445dd44fd89349e65f8662f865fc
9ae6500d15aff263584a9da3cce4af73cb6480e0d494013f607a130fb2a6671e
9fc43e8f6f26a254c4570b6ccd4e08a2a5f97bedcd1f3491ede9bbb8b5012d90
a1e8ff6e3433451a637658e81616852233d86684186eab93629b79c94d15b28f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a72891ab6e9b44ba1dab6cda81cb196e7a93913a05c7b8d772bbe35c402f14f7
a7bc4377adaac203747e4a3d22bd42b058ce1e26a377b158b2b8edd086c36ea5
aa355c393e03f831dbdbcc678ba16396aab95930b1bc5b0549695d40cc955ca1
ab2e2395cef5812ed20caae0b0a178b1edace5036be869f62709efbfbee0580f
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af420c807b04fdb5136ef53f3bab83b81f2b94e43fa9856f1fad2fde88383744
af897a5f18c00a272750446a9c34d8e024e18813260c4cfef79db22dc4fdf2bb
b01bd01687b15585b2740273c8c3c6674dd9f559cfe52eeffdf43b1f93a12d05
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b30c3b9d0cd13249fa7e9e449bc22a7bc59eac4be62b6cf7f80940b2055f06ca
b3c762b4ef4de2b480e630fc6f8397bcd169cbce56bc922f3d5ddc79a728c3cf
b884aa073ae0995039e442f97eaa0523fa02913747029e74e717248812a476d9
bb6c08579f871753ec3d3bcd1e49757fa8342e136fd5a485b871a4068bc32623
bcad30472d959caa42adf95b1e12c0d0cf8ca99ee5ac7bf0d2734dfdd153e68a
bcec1a47d702627a87baa373da863f22a6133d09fabad9fa9182380dd654134e
bdf96b01cde1b036361c160832a5f698dc9781a2c73972124bbe07b3f3a6c9fd
be488c0f242b432e7109eebf228368139abbeff37eb8fad1b3c510d41e362bd7
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f
c06f3fcb3a93af5c96f6d7eda17c8bf3bb02fc99b8d68e4fea7cfecd1d0fe948
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2d3d05d0d1428ea50277aee6c9e425bf29863861209cbef9ab97bc184f8f525
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c8b2af23d0402c8c3b153c173e2613a33cc2806f467e322599e1ef108cb26ecb
cfd88d77357dcdbf67e882d6771b4404fa9040c966ebeb859dd903418f11875c
d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719
d163164bb749cfdea6b29289c061df192d7fb36cc10f20b1583e3ab81156149a
d564ecea790280585429959b133a75bad092b20be35041c735d9c3fb1b800c14
d5a2e7738047c9fc62dbe182004f3050664967a941d5199236df72386921c7b2
d5fff1784193807b9cd03e9babd9b017375f622351e7024b591e6b337295e47a
d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf
d8e166157d90ed13492b8627e50c606aeab874cd0a5d6ed3b7c8a7988a3d46d3
ddd2c7c2acb3ed80cc30441a7e075fc0acf43b15ba5b7459c89d0729188fc963
df3f8f6397a3d0f19f4f05d165b97a51eeb0ee64d7bd2c4a19dc8a12eb580652
e2781619082fe50667bce285f562c3dfa98b589f0854da4a333a00d0f4b6c318
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e504538b0e71c48c3a1747e2a2ea3587ae91506582adcadee07aa7af978203e5
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e779992ace543f715102af0c31dd34d3b2f65bff0ba108d0a10cfef268ea32b1
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e806084d55d68b4b35cbf911c796a50cf4fac0c5df539d896358c20805a24f04
e8bc22931893b2046382a9a4d7edb1591fa4d5fd49ad288891bd14b39448f958
e9166b6dead256e5e723626e7344660a24e0c5e99b4688bc4f60633886a5e0bb
eec3e00ec5297b3e3a9fdfda04e1eb3495b871c01db06e469146a731fd726f98
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef30c883b4b4e4b45057fb38e75477aa1b847d061b19ff032e26c5d3a789961c
f63b6991810ec4f98212762bc0ab61f08e0400d05718019ee4ff280a55f93604
f774732e9e100253eca83ea89c1cd064721d52f80072effc3a013e5ac278ba66
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b