www.therams.com Open in urlscan Pro
151.101.129.153 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.therams.com/stadium/sofi-stadium
Submission: On February 09 via manual (February 9th 2022, 10:26:52 pm UTC) from US — Scanned from DE

Summary HTTP 188 Redirects Links 54 Behaviour Indicators

Summary

This website contacted 58 IPs in 7 countries across 53 domains to perform 188 HTTP transactions. The main IP is 151.101.129.153, located in United States and belongs to FASTLY, US. The main domain is www.therams.com. The Cisco Umbrella rank of the primary domain is 177231.
TLS certificate: Issued by R3 on February 2nd 2022. Valid for: 3 months.

This is the only time www.therams.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
59	151.101.129.153 151.101.129.153	54113 (FASTLY) (FASTLY)
3	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a02:26f0:6c0... 2a02:26f0:6c00:28a::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2600:9000:224... 2600:9000:2240:bc00:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
15	18.66.122.60 18.66.122.60	16509 (AMAZON-02) (AMAZON-02)
2 15	34.242.49.38 34.242.49.38	16509 (AMAZON-02) (AMAZON-02)
1	54.155.222.85 54.155.222.85	16509 (AMAZON-02) (AMAZON-02)
2	15.188.95.229 15.188.95.229	16509 (AMAZON-02) (AMAZON-02)
8 8	34.248.191.66 34.248.191.66	16509 (AMAZON-02) (AMAZON-02)
1	63.35.80.202 63.35.80.202	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:225e:9800:3:a4cd:8380:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223f:2600:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	34.254.143.3 34.254.143.3	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c70... 2a02:6ea0:c700::1	60068 (CDN77 ^_^) (CDN77 ^_^)
1	3.70.102.167 3.70.102.167	16509 (AMAZON-02) (AMAZON-02)
2 2	3.120.29.221 3.120.29.221	16509 (AMAZON-02) (AMAZON-02)
1	52.217.206.224 52.217.206.224	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
2 3	185.33.220.243 185.33.220.243	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1 3	13.32.121.17 13.32.121.17	16509 (AMAZON-02) (AMAZON-02)
1	52.222.250.115 52.222.250.115	16509 (AMAZON-02) (AMAZON-02)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::13	56396 (AMOBEE) (AMOBEE)
1	52.205.167.202 52.205.167.202	14618 (AMAZON-AES) (AMAZON-AES)
5	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6811:d5cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	104.76.200.221 104.76.200.221	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2.18.234.36 2.18.234.36	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
9	52.222.236.97 52.222.236.97	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c06::9b	15169 (GOOGLE) (GOOGLE)
8 9	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
1	2606:4700::68... 2606:4700::6811:e6cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:43b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:15bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 12	52.210.63.97 52.210.63.97	16509 (AMAZON-02) (AMAZON-02)
2 2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 2	54.93.153.188 54.93.153.188	16509 (AMAZON-02) (AMAZON-02)
2 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	13.32.121.38 13.32.121.38	16509 (AMAZON-02) (AMAZON-02)
1 1	3.121.27.153 3.121.27.153	16509 (AMAZON-02) (AMAZON-02)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
1	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
8 8	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:600... 2a04:4e42:600::300	54113 (FASTLY) (FASTLY)
1 1	18.66.97.124 18.66.97.124	16509 (AMAZON-02) (AMAZON-02)
1 1	44.198.213.18 44.198.213.18	14618 (AMAZON-AES) (AMAZON-AES)
2 3	209.54.180.144 209.54.180.144	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:236... 2600:9000:236e:3600:6:4f98:bc40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
188	58

59 151.101.129.153 (United States)

ASN54113 (FASTLY, US)

www.therams.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.clubs.nfl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.www.nfl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:6c00:28a::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2240:bc00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 18.66.122.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-60.fra60.r.cloudfront.net

rams.formstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.formstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 34.242.49.38 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-49-38.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.155.222.85 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-222-85.eu-west-1.compute.amazonaws.com

nfl.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.188.95.229 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

smetrics.nfl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.248.191.66 (Dublin, Ireland) 8 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-191-66.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.35.80.202 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-80-202.eu-west-1.compute.amazonaws.com

nflenterprises.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:9800:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)

test.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:2600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.143.3 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::1 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.70.102.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-70-102-167.eu-central-1.compute.amazonaws.com

audit-tcfv2.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.29.221 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-29-221.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.206.224 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.220.243 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.121.17 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-17.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.250.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-250-115.fra60.r.cloudfront.net

d1z2jf7jlzjs58.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::13 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.205.167.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-167-202.compute-1.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d5cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.76.200.221 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-200-221.deploy.static.akamaitechnologies.com

x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.36 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-36.deploy.static.akamaitechnologies.com

cdns.us1.gigya.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.222.236.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-97.fra56.r.cloudfront.net

auth-id.nfl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.186.66 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e6cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:43b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 52.210.63.97 (Dublin, Ireland) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-63-97.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.93.153.188 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-153-188.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-38.fra60.r.cloudfront.net

auth-id.therams.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.121.27.153 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-27-153.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.130.49 (United States) 8 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.124 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-124.fra56.r.cloudfront.net

ads.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.198.213.18 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-198-213-18.compute-1.amazonaws.com

evt.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 209.54.180.144 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:236e:3600:6:4f98:bc40:93a1 (United States)

ASN16509 (AMAZON-02, US)

analytics.formstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	therams.com www.therams.com — Cisco Umbrella Rank: 177231 auth-id.therams.com — Cisco Umbrella Rank: 501153	424 KB
30	nfl.com static.clubs.nfl.com — Cisco Umbrella Rank: 31202 smetrics.nfl.com — Cisco Umbrella Rank: 23858 static.www.nfl.com — Cisco Umbrella Rank: 24358 auth-id.nfl.com — Cisco Umbrella Rank: 25829	990 KB
28	everesttech.net 22 redirects cm.everesttech.net — Cisco Umbrella Rank: 881 pixel.everesttech.net — Cisco Umbrella Rank: 2907 sync-tm.everesttech.net — Cisco Umbrella Rank: 491	10 KB
16	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 187 nfl.demdex.net — Cisco Umbrella Rank: 24809	19 KB
16	formstack.com rams.formstack.com static.formstack.com — Cisco Umbrella Rank: 23135 analytics.formstack.com — Cisco Umbrella Rank: 55035	303 KB
15	doubleclick.net 8 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 googleads.g.doubleclick.net — Cisco Umbrella Rank: 37 stats.g.doubleclick.net — Cisco Umbrella Rank: 67 cm.g.doubleclick.net — Cisco Umbrella Rank: 175	150 KB
7	consensu.org quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2040 test.quantcast.mgr.consensu.org — Cisco Umbrella Rank: 5726 audit-tcfv2.quantcast.mgr.consensu.org — Cisco Umbrella Rank: 9863	174 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	557 B
5	google.com www.google.com — Cisco Umbrella Rank: 2 apis.google.com — Cisco Umbrella Rank: 86	112 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 126	196 KB
4	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 505	103 KB
3	amazon-adsystem.com 2 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 266	2 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6342	718 B
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 129	3 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 210	3 KB
3	exelator.com 2 redirects loadm.exelator.com — Cisco Umbrella Rank: 891 load77.exelator.com — Cisco Umbrella Rank: 2952	2 KB
3	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 2951 onesignal.com — Cisco Umbrella Rank: 1314	73 KB
3	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 407 ajax.googleapis.com — Cisco Umbrella Rank: 250 fonts.googleapis.com — Cisco Umbrella Rank: 35	34 KB
2	hubspot.com track.hubspot.com — Cisco Umbrella Rank: 2223 forms.hubspot.com — Cisco Umbrella Rank: 3078	2 KB
2	undertone.com 2 redirects ads.undertone.com — Cisco Umbrella Rank: 5552 evt.undertone.com — Cisco Umbrella Rank: 6500	1 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 469	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 488	2 KB
2	yahoo.com 1 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 855 ads.yahoo.com — Cisco Umbrella Rank: 835	1 KB
2	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 355	789 B
2	advertising.com 1 redirects pixel.advertising.com — Cisco Umbrella Rank: 307	601 B
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 295	936 B
2	gstatic.com fonts.gstatic.com	46 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	75 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 704	1 KB
1	taboola.com trc.taboola.com — Cisco Umbrella Rank: 571	240 B
1	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 752	546 B
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 322	274 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 288	239 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 776	324 B
1	eyeota.net 1 redirects ps.eyeota.net — Cisco Umbrella Rank: 845	418 B
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2042	16 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2019	20 KB
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 4013	87 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 468	354 B
1	gigya.com cdns.us1.gigya.com — Cisco Umbrella Rank: 7079	133 KB
1	addthis.com 1 redirects x.dlx.addthis.com — Cisco Umbrella Rank: 982	175 B
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2180	961 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 99	15 KB
1	parsely.com p1.parsely.com — Cisco Umbrella Rank: 1996	260 B
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 754	402 B
1	cloudfront.net d1z2jf7jlzjs58.cloudfront.net	24 KB
1	amazonaws.com s3.amazonaws.com	2 MB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 770	345 B
1	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 829	10 KB
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 387	684 B
1	omtrdc.net nflenterprises.tt.omtrdc.net — Cisco Umbrella Rank: 24814	594 B
0	netmng.com Failed adb2waycm-atl.netmng.com Failed
188	53

	Domain	Requested by
40	www.therams.com	www.therams.com
18	static.clubs.nfl.com	www.therams.com
15	dpm.demdex.net	2 redirects www.therams.com
13	static.formstack.com	rams.formstack.com
12	pixel.everesttech.net	6 redirects www.therams.com
9	cm.g.doubleclick.net	8 redirects www.therams.com
9	auth-id.nfl.com	cdns.us1.gigya.com auth-id.nfl.com
8	sync-tm.everesttech.net	8 redirects
8	cm.everesttech.net	8 redirects
6	www.facebook.com	www.therams.com connect.facebook.net
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.therams.com
5	quantcast.mgr.consensu.org	www.therams.com quantcast.mgr.consensu.org
4	connect.facebook.net	www.therams.com connect.facebook.net cdns.us1.gigya.com
4	assets.adobedtm.com	www.therams.com assets.adobedtm.com
3	s.amazon-adsystem.com	2 redirects
3	www.google.de	www.therams.com
3	www.google.com	www.therams.com
3	sb.scorecardresearch.com	1 redirects www.therams.com
3	ib.adnxs.com	2 redirects www.therams.com
3	securepubads.g.doubleclick.net	www.therams.com securepubads.g.doubleclick.net
2	apis.google.com	cdns.us1.gigya.com apis.google.com
2	sync.search.spotxchange.com	1 redirects www.therams.com
2	dsum-sec.casalemedia.com	1 redirects www.therams.com
2	gum.criteo.com	2 redirects
2	pixel.advertising.com	1 redirects www.therams.com
2	match.adsrvr.org	2 redirects
2	stats.g.doubleclick.net	www.google-analytics.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.googletagmanager.com	rams.formstack.com assets.adobedtm.com
2	pm.w55c.net	2 redirects
2	loadm.exelator.com	2 redirects
2	smetrics.nfl.com	assets.adobedtm.com
2	rams.formstack.com	www.therams.com static.formstack.com
2	cdn.onesignal.com	www.therams.com cdn.onesignal.com
1	forms.hubspot.com	js.hsleadflows.net
1	track.hubspot.com
1	analytics.formstack.com	static.formstack.com
1	evt.undertone.com	1 redirects
1	ads.undertone.com	1 redirects
1	trc.taboola.com	www.therams.com
1	image2.pubmatic.com	www.therams.com
1	us-u.openx.net	www.therams.com
1	pixel.rubiconproject.com	www.therams.com
1	ads.yahoo.com	www.therams.com
1	odr.mookie1.com	www.therams.com
1	cms.analytics.yahoo.com	1 redirects
1	ps.eyeota.net	1 redirects
1	auth-id.therams.com	cdns.us1.gigya.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hsleadflows.net	js.hs-scripts.com
1	analytics.twitter.com	www.therams.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	static.www.nfl.com	www.therams.com
1	cdns.us1.gigya.com	www.therams.com
1	x.dlx.addthis.com	1 redirects
1	js.hs-scripts.com	assets.adobedtm.com
1	www.googleadservices.com	www.googletagmanager.com
1	p1.parsely.com	www.therams.com
1	d.turn.com	1 redirects
1	d1z2jf7jlzjs58.cloudfront.net	assets.adobedtm.com
1	fonts.googleapis.com	ajax.googleapis.com
1	s3.amazonaws.com	rams.formstack.com
1	audit-tcfv2.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	load77.exelator.com	www.therams.com
1	rules.quantcount.com	secure.quantserve.com
1	test.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	secure.quantserve.com	quantcast.mgr.consensu.org
1	sync.mathtag.com	1 redirects
1	nflenterprises.tt.omtrdc.net	assets.adobedtm.com
1	nfl.demdex.net	assets.adobedtm.com
1	onesignal.com	cdn.onesignal.com
1	ajax.googleapis.com	www.therams.com
1	imasdk.googleapis.com	www.therams.com
0	adb2waycm-atl.netmng.com Failed	www.therams.com
188	75

This site contains links to these domains. Also see Links.

Domain
www.nfl.com
www.ramsfanshop.com
www.pntrac.com
sports.yahoo.com
ramsnewlook.com
sofiseats.com
chat.satis.fi
www.teamworkonline.com
www.stanza.co
am.ticketmaster.com
onlocationexp.com
www.baltimoreravens.com
www.bengals.com
www.clevelandbrowns.com
www.steelers.com
www.buffalobills.com
www.miamidolphins.com
www.patriots.com
www.newyorkjets.com
www.houstontexans.com
www.colts.com
www.jaguars.com
www.tennesseetitans.com
www.denverbroncos.com
www.chiefs.com
www.chargers.com
www.raiders.com
www.chicagobears.com
www.detroitlions.com
www.packers.com
www.vikings.com
www.dallascowboys.com
www.giants.com
www.philadelphiaeagles.com
www.commanders.com
www.atlantafalcons.com
www.panthers.com
www.neworleanssaints.com
www.buccaneers.com
www.azcardinals.com
www.49ers.com
www.seahawks.com
operations.nfl.com
www.nflshop.com
nflonlocation.com
www.profootballhof.com
www.nfl.info
www.usafootball.com
www.nflextrapoints.com
www.ticketmaster.com
itunes.apple.com
play.google.com

Subject Issuer	Validity	Valid
clubs.nfl.com R3	`2022-02-02` - `2022-05-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-04` - `2022-07-03`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-10` - `2022-09-10`	a year	crt.sh
quantcast.mgr.consensu.org Amazon	`2021-04-24` - `2022-05-23`	a year	crt.sh
*.formstack.com Amazon	`2021-05-19` - `2022-06-17`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
smetrics.nfl.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-26` - `2022-08-26`	a year	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-11` - `2022-10-12`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-06-23` - `2022-07-24`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.parsely.com R3	`2022-01-16` - `2022-04-16`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-19` - `2022-02-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
cdns.gigya.com DigiCert SHA2 Secure Server CA	`2021-03-05` - `2022-03-10`	a year	crt.sh
static.www.nfl.com R3	`2021-12-23` - `2022-03-23`	3 months	crt.sh
auth-id.nfl.com Amazon	`2021-11-22` - `2022-12-20`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-06` - `2023-01-05`	a year	crt.sh
auth-id.therams.com Amazon	`2021-11-16` - `2022-12-15`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2021-06-26` - `2022-06-25`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://www.therams.com/stadium/sofi-stadium
Frame ID: 9A07B3770A0845EE126A6B352BB03DD3
Requests: 147 HTTP requests in this frame

Frame: https://nfl.demdex.net/dest5.html?d_nsid=0
Frame ID: 01D3DC5230BEA76788491B83A771C760
Requests: 34 HTTP requests in this frame

Frame: https://auth-id.nfl.com/gs/webSdk/Api.aspx?apiKey=4_9uJbeFZZVmtKTfSv1bjUVQ&version=latest&build=12833
Frame ID: 459FE13FCB2E823CC9E12D5857C7E0A5
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: EE3F87470C50CD75597DC2926716DC1E
Requests: 1 HTTP requests in this frame

Frame: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=12833
Frame ID: 70B0B0E1D3F3C419F84ED49A391EE2F3
Requests: 2 HTTP requests in this frame

Frame: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=12833
Frame ID: CA988D7FF8E708EA8B09284225D0EFFD
Requests: 2 HTTP requests in this frame

Frame: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=12833
Frame ID: F98AB1E274B3F860F86038294DBFFD52
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SoFi Stadium | Los Angeles Rams - therams.com

Detected technologies

SAP Customer Data Cloud Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

\.gigya\.com/JS/gigya\.js

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Choice (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

quantcast\.mgr\.consensu\.org

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

188
Requests

82 %
HTTPS

44 %
IPv6

53
Domains

75
Subdomains

58
IPs

7
Countries

5520 kB
Transfer

10589 kB
Size

69
Cookies

54 Outgoing links

These are links going to different origins than the main page.

URL: https://www.nfl.com/legal/privacy/
Title: privacy policy

Search URL Search Domain Scan URL

URL: https://www.ramsfanshop.com/?_s=bm-Rams-TopNav-0124
Title: RAMS SHOP

Search URL Search Domain Scan URL

URL: https://www.pntrac.com/t/2-479175-57835-55814
Title: GAME PASS

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nfl/live-video/?is_retargeting=true&af_sub1=Acquisition&c=US_Acquisition_YMktg_NFLLive_NFLinapp_NFLteamappusers&pid=partnership&af_sub5=NFLteamapps__Static_&af_sub2=US_YMktg
Title: LIVE NFL GAMES

Search URL Search Domain Scan URL

URL: https://ramsnewlook.com/?utm_source=therams.com&utm_medium=nav
Title: UNIFORMS

Search URL Search Domain Scan URL

URL: https://www.ramsfanshop.com/?_s=bm-Rams-Header-MobHotButton-061721
Title: SHOP

Search URL Search Domain Scan URL

URL: https://sofiseats.com/rams/landing

Search URL Search Domain Scan URL

URL: https://chat.satis.fi/?pageID=7240
Title: Have a question? Ask our virtual assistant!

Search URL Search Domain Scan URL

URL: https://www.nfl.com/super-bowl/event-info/gameday-guide
Title: CLICK HERE

Search URL Search Domain Scan URL

URL: https://www.teamworkonline.com/football-jobs/la-rams-careers/la-rams-micro
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.stanza.co/button/launch?calendar=https%3A%2F%2Fspoton.it%2Fschedules%2Fnfl-rams#/
Title: Add to Calendar

Search URL Search Domain Scan URL

URL: https://am.ticketmaster.com/rams/
Title: Rams Account Manager

Search URL Search Domain Scan URL

URL: https://onlocationexp.com/nfl/los-angeles-rams-tickets?utm_source=therams.com&utm_medium=referral&utm_campaign=sb56_teams-rams_footer_menu
Title: Super Bowl Packages

Search URL Search Domain Scan URL

URL: https://www.baltimoreravens.com/

Search URL Search Domain Scan URL

URL: https://www.bengals.com/

Search URL Search Domain Scan URL

URL: https://www.clevelandbrowns.com/

Search URL Search Domain Scan URL

URL: https://www.steelers.com/

Search URL Search Domain Scan URL

URL: https://www.buffalobills.com/

Search URL Search Domain Scan URL

URL: https://www.miamidolphins.com/

Search URL Search Domain Scan URL

URL: https://www.patriots.com/

Search URL Search Domain Scan URL

URL: https://www.newyorkjets.com/

Search URL Search Domain Scan URL

URL: https://www.houstontexans.com/

Search URL Search Domain Scan URL

URL: https://www.colts.com/

Search URL Search Domain Scan URL

URL: https://www.jaguars.com/

Search URL Search Domain Scan URL

URL: https://www.tennesseetitans.com/

Search URL Search Domain Scan URL

URL: https://www.denverbroncos.com/

Search URL Search Domain Scan URL

URL: https://www.chiefs.com/

Search URL Search Domain Scan URL

URL: https://www.chargers.com/

Search URL Search Domain Scan URL

URL: https://www.raiders.com/

Search URL Search Domain Scan URL

URL: https://www.chicagobears.com/

Search URL Search Domain Scan URL

URL: https://www.detroitlions.com/

Search URL Search Domain Scan URL

URL: https://www.packers.com/

Search URL Search Domain Scan URL

URL: https://www.vikings.com/

Search URL Search Domain Scan URL

URL: https://www.dallascowboys.com/

Search URL Search Domain Scan URL

URL: https://www.giants.com/

Search URL Search Domain Scan URL

URL: https://www.philadelphiaeagles.com/

Search URL Search Domain Scan URL

URL: https://www.commanders.com/

Search URL Search Domain Scan URL

URL: https://www.atlantafalcons.com/

Search URL Search Domain Scan URL

URL: https://www.panthers.com/

Search URL Search Domain Scan URL

URL: https://www.neworleanssaints.com/

Search URL Search Domain Scan URL

URL: https://www.buccaneers.com/

Search URL Search Domain Scan URL

URL: https://www.azcardinals.com/

Search URL Search Domain Scan URL

URL: https://www.49ers.com/

Search URL Search Domain Scan URL

URL: https://www.seahawks.com/

Search URL Search Domain Scan URL

URL: https://operations.nfl.com/
Title: NFL Football Operations

Search URL Search Domain Scan URL

URL: https://www.nflshop.com/source/bm-nflcom-2017-BottomBanner-shopgeneric
Title: NFL Shop

Search URL Search Domain Scan URL

URL: https://nflonlocation.com/?utm_campaign=OLE&utm_medium=referral&utm_source=nfl&utm_content=footerlink
Title: NFL On Location

Search URL Search Domain Scan URL

URL: https://www.profootballhof.com/
Title: Pro Football Hall of Fame

Search URL Search Domain Scan URL

URL: https://www.nfl.info/NFLConsProd/Welcome/index.html
Title: Licensing

Search URL Search Domain Scan URL

URL: https://www.usafootball.com/
Title: USA Football

Search URL Search Domain Scan URL

URL: https://www.nflextrapoints.com/nfl-extra-points-credit-card/?campaignId=2038&shopperid=&cellNumber=706&referrerid=NFLB070911&referrerid=NFLB070911&publisherid=&advertisementid=#national-football-league
Title: NFL Extra Points

Search URL Search Domain Scan URL

URL: https://www.ticketmaster.com/nfl?wt.mc_id=NFL_LEAGUE_FOOTER_LINK&utm_source=NFL.com&utm_medium=client&utm_campaign=NFL_LEAGUE&utm_content=FOOTER_LINK
Title: NFL Ticket Exchange

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/app/los-angeles-rams/id467623653?mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.yinzcam.nfl.rams

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1644445606666 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1644445606666

Request Chain 40

https://cm.everesttech.net/cm/dd?d_uuid=38028006613905105411222451820135309839 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YgQ-pgAAAKJJxwO1

Request Chain 42

https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=38028006613905105411222451820135309839&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d38028006613905105411222451820135309839 HTTP 302
https://dpm.demdex.net/ibs:dpid=269&dpuuid=7d6a6204-3fa6-4200-8c6e-99f073d61203&ddsuuid=38028006613905105411222451820135309839

Request Chain 47

https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=38028006613905105411222451820135309839 HTTP 302
https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=38028006613905105411222451820135309839&xl8blockcheck=1 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 52

https://pm.w55c.net/ping_match.gif?st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_ HTTP 302
https://dpm.demdex.net/ibs:dpid=359&dpuuid=KXEeNb8o1NhVqf5

Request Chain 68

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
https://dpm.demdex.net/ibs:dpid=358&dpuuid=5181495627628509417

Request Chain 70

https://sb.scorecardresearch.com/cs/3005386/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 73

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=470&dpuuid=8997232101449886322

Request Chain 82

https://x.dlx.addthis.com/e/demdex_sync?na_exid=38028006613905105411222451820135309839&ru=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%3Cna_id%3E%20 HTTP 301
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2022020922264700090843614250

Request Chain 126

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MzgwMjgwMDY2MTM5MDUxMDU0MTEyMjI0NTE4MjAxMzUzMDk4Mzk= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MzgwMjgwMDY2MTM5MDUxMDU0MTEyMjI0NTE4MjAxMzUzMDk4Mzk=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEKbUr4zGEoDuVoJqTEr731I&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 141

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.everesttech.net%2F1x1%3F HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WWdRLXBnQUFBS0pKeHdPMQ&url=/1/gr%3furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F&google_gid=CAESEAeZxlMu2p2keUy2kaAqiis&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 143

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072980%26val%3D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WWdRLXBnQUFBS0pKeHdPMQ&url=/1/gr%3furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEAeZxlMu2p2keUy2kaAqiis&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 145

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fib.adnxs.com%2Fpxj%3Faction%3Dsetuid(%27__EFGSURFER__.__EFGCK__%27)%26bidder%3D51%26seg%3D2634060der%3D51%26seg%3D2634060 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WWdRLXBnQUFBS0pKeHdPMQ&url=/1/gr%3furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D2634060der%253D51%2526seg%253D2634060 HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D2634060der%253D51%2526seg%253D2634060&google_gid=CAESEAeZxlMu2p2keUy2kaAqiis&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 146

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fexpires%3D30%26nid%3D2181%26put%3D__EFGSURFER__.__EFGCK__%26v%3D11782 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WWdRLXBnQUFBS0pKeHdPMQ&url=/1/gr%3furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2526v%253D11782 HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2526v%253D11782&google_gid=CAESEAeZxlMu2p2keUy2kaAqiis&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 147

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%3D%26piggybackCookie%3D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WWdRLXBnQUFBS0pKeHdPMQ&url=/1/gr%3furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggybackCookie%253D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggybackCookie%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEAeZxlMu2p2keUy2kaAqiis&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 148

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=903&dpuuid=53ab0483-3bc6-4e91-b182-130f4479b3d7

Request Chain 150

https://pixel.advertising.com/ups/28/sync?uid=38028006613905105411222451820135309839&_origin=1&redir=true HTTP 302
https://pixel.advertising.com/ups/28/sync?uid=38028006613905105411222451820135309839&_origin=1&redir=true&verify=true

Request Chain 151

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D71%26external_user_id%3D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WWdRLXBnQUFBS0pKeHdPMQ&url=/1/gr%3furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEAeZxlMu2p2keUy2kaAqiis&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 152

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://gum.criteo.com/sync?s=1&c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=JpfAFVJg-D9iTnG7VEZQlZ2A0NZnOUbO&gdpr=0&gdpr_consent=

Request Chain 154

https://ps.eyeota.net/match?bid=6j5b2cv&uid=38028006613905105411222451820135309839&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

Request Chain 155

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=38028006613905105411222451820135309839&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-vJdbSfJE2pFcZ7ObOSswiE4smHJKiJlR0iE-~A

Request Chain 157

https://cm.everesttech.net/cm/yh HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=YgQ-pgAAAKJJxwO1&sigv=1&esig=1~22e2bf1aa271af4d5ceb30e24f0cb6a8e9de894d

Request Chain 160

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWdRLXBnQUFBS0pKeHdPMQ==

Request Chain 161

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YgQ-pgAAAKJJxwO1&expires=90

Request Chain 162

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YgQ-pgAAAKJJxwO1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YgQ-pgAAAKJJxwO1&C=1

Request Chain 163

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
https://ib.adnxs.com/setuid?entity=158&code=YgQ-pgAAAKJJxwO1

Request Chain 166

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YgQ-pgAAAKJJxwO1

Request Chain 167

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YgQ-pgAAAKJJxwO1

Request Chain 168

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YgQ-pgAAAKJJxwO1&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YgQ-pgAAAKJJxwO1&img=1&__user_check__=1&sync_id=5fde716f-89f7-11ec-8f38-1bce7de30206

Request Chain 169

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YgQ-pgAAAKJJxwO1&t=2592000&o=0

Request Chain 177

https://ads.undertone.com/u?dp=32&url=https%3A//dpm.demdex.net/ibs%3Adpid%3D152416%26dpuuid%3D HTTP 307
https://evt.undertone.com/u?dp=32&url=https%3A//dpm.demdex.net/ibs%3Adpid%3D152416%26dpuuid%3D HTTP 302
https://dpm.demdex.net/ibs:dpid=152416&dpuuid=

Request Chain 178

https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433 HTTP 302
https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433&dcc=t HTTP 302
https://dpm.demdex.net/ibs:dpid=139200&dpuuid=bAKS6OOiRBqikVA0UbI9ww&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=38028006613905105411222451820135309839

188 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request sofi-stadium Show response
www.therams.com/stadium/ 256 KB
58 KB 634ms
496ms Document
text/html 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/stadium/sofi-stadium

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

b050f8266d783f45576d942b90896bfe8beb572b977fec609ac0bafd6a477791

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Length: 58262
content-type: text/html
server: envoy
content-encoding: gzip
access-control-allow-origin: *
service-worker-allowed: /
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-envoy-upstream-service-time: 304
strict-transport-security: max-age=31536000
origin-site: LA3
Via: 1.1 varnish, 1.1 varnish
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 22:26:46 GMT
Age: 0
X-NFL-Geo: country_code=DE
X-NFL-Dma: 276006
X-Served-By: cache-nf-las9123-NF-LAS, cache-hhn4070-HHN
X-Cache: MISS, MISS
X-Cache-Hits: 0, 0
X-Timer: S1644445606.827370,VS0,VE482
Vary: Accept-Encoding,X-NFL-Geo,Origin

GET
H/1.1 200
OK base.css
www.therams.com/compiledassets/css/ 508 KB
90 KB 157ms
156ms Stylesheet
text/css 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/css/base.css?_t=d88dbc479573a51bd84878e5bd0cfe7c

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

cf6d682f0289fa284b2a55d17f29501dc0b97a0a5777af3d0ff6e57e56b13bef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/stadium/sofi-stadium
Origin: https://www.therams.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 0
Via: 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 3
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 90932
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9120-NF-LAS, cache-hhn4070-HHN
X-NFL-Dma: 276006
last-modified: Mon, 07 Feb 2022 17:19:48 GMT
server: envoy
X-Timer: S1644445606.341857,VS0,VE150
etag: "1d81c46e86da2fd"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: text/css
access-control-allow-origin: https://www.therams.com
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 22:26:46 GMT
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK d67c44a609a9b0620bc93a8019cd60e8
www.therams.com/compiledassets/theming/ 16 KB
4 KB 27ms
7ms Stylesheet
text/css 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/theming/d67c44a609a9b0620bc93a8019cd60e8

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

47c51b8272102bc692e117de7f58ea6c6f5e7c18fc262512ad902ef1c645609b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/stadium/sofi-stadium
Origin: https://www.therams.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 872702
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: HIT, HIT, HIT
x-envoy-upstream-service-time: 34
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 3441
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9121-NF-LAS, cache-sna10744-LGB, cache-hhn4031-HHN
X-NFL-Dma: 276006
server: envoy
X-Timer: S1644445606.361701,VS0,VE1
Date: Wed, 09 Feb 2022 22:26:46 GMT
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: text/css
access-control-allow-origin: https://www.therams.com
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 1, 1, 1

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 141ms
53ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

137713432b3fc329e3d649e38ec9d5df64b1d51fd0ef3ab388178d8325f1d475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 22:26:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27114
x-xss-protection: 0
server: sffe
etag: "1127 / 335 of 1000 / last-modified: 1644427664"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 09 Feb 2022 22:26:46 GMT

GET
H2 200 gpt_proxy.js Show response
imasdk.googleapis.com/js/sdkloader/ 74 KB
27 KB 140ms
40ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/gpt_proxy.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

86bc752d0407555cfb8f83681c8cf277390cc9ca5b49f8c64a8753480f7c0e3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 22:21:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 298
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27193
x-xss-protection: 0
last-modified: Fri, 28 Jan 2022 21:07:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=900
accept-ranges: bytes
expires: Wed, 09 Feb 2022 22:36:48 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 49ms
21ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 22:26:46 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 2678
etag: W/"a393ad4e03deeab316f7121a80708ce6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6db085712b1990ee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 12 Feb 2022 22:26:46 GMT

GET
H2 200 launch-43d0dff5e3ff.min.js Show response
assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/ 273 KB
80 KB 46ms
9ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 2465a231a58b82c620d23b94ee93bb2bdc046acf40e9ded0aacf40cc43384952

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 22:26:46 GMT
content-encoding: gzip
last-modified: Thu, 23 Dec 2021 00:10:00 GMT
server: AkamaiNetStorage
etag: "2706c6195820af5978bfcfb529ca1907:1640218200.981688"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.therams.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 81255
expires: Wed, 09 Feb 2022 23:26:46 GMT

GET
H/1.1 200
OK pfzqqwyhguxgqvxd89cd.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/ 2 KB
3 KB 45ms
9ms Image
image/webp 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/pfzqqwyhguxgqvxd89cd.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: aba5ed44fb1cddc664223c23c8afd4a07e75edb3a6c5d9c89ecd9654d8898a07

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 22:26:46 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 4662371
Edge-Cache-Tag: 372951776681891745206645328894684630372,620112503730474126247409804263215884566,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 372951776681891745206645328894684630372,620112503730474126247409804263215884566,c34f21cfe162ce329654d565922e8c70
Status: 200 OK
Content-Disposition: inline; filename="pfzqqwyhguxgqvxd89cd.webp"
Connection: keep-alive
Content-Length: 1962
X-Request-Id: 777dafc29200e5f0f18cc73c49525b60
X-Served-By: cache-iad-kiad7000173-IAD, cache-iad-kiad7000036-IAD, cache-hhn4043-HHN
X-Cache: MISS, HIT, HIT
Last-Modified: Fri, 17 Dec 2021 23:20:36 GMT
Server: cloudinary
X-Timer: S1644445607.591508,VS0,VE1
Etag: "4b1a004e859023b8645a2c97add07687"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 1, 1

GET
H/1.1 200
OK lwsr9kpjckkvyhp1uegl.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/ 1 KB
2 KB 43ms
7ms Image
image/webp 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/lwsr9kpjckkvyhp1uegl.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 55412c28f1fc7230f98e49ca53c80a4794e61826175304e54c8e84520966bf7e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 22:26:46 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 4828355
Edge-Cache-Tag: 561948427067237913989577602717750212885,620112503730474126247409804263215884566,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 561948427067237913989577602717750212885,620112503730474126247409804263215884566,c34f21cfe162ce329654d565922e8c70
Status: 200 OK
Content-Disposition: inline; filename="lwsr9kpjckkvyhp1uegl.webp"
Connection: keep-alive
Content-Length: 1398
X-Request-Id: 871b2c30b8789811056dec9cce70a0b9
X-Served-By: cache-iad-kjyo7100168-IAD, cache-iad-kiad7000055-IAD, cache-hhn4057-HHN
X-Cache: MISS, HIT, HIT
Last-Modified: Thu, 16 Dec 2021 01:14:12 GMT
Server: cloudinary
X-Timer: S1644445607.591544,VS0,VE1
Etag: "fdc077fe45e7db5d60efddfcfde6cf74"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 1, 1

GET
H/1.1 200
OK br1oukintwzib84ykrha.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/ 1 KB
2 KB 43ms
8ms Image
image/webp 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/br1oukintwzib84ykrha.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: aaf03219cf050a3a022af73224f8ddad8c051e07354af2e0d880aa8a599c1782

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 22:26:46 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 6096859
Edge-Cache-Tag: 533685290724722026365348896775649987849,620112503730474126247409804263215884566,c34f21cfe162ce329654d565922e8c70
Content-Disposition: inline; filename="br1oukintwzib84ykrha.webp"
Connection: keep-alive
Content-Length: 1510
X-Served-By: cache-bwi5059-BWI, cache-dca17778-DCA, cache-iad-kiad7000162-IAD, cache-hhn4062-HHN
X-Cache: HIT, HIT, HIT, HIT
Last-Modified: Wed, 21 Jul 2021 15:24:31 GMT
Server: cloudinary
X-Timer: S1644445607.591641,VS0,VE1
Etag: "2ccb75563670bbd26063e120640ebe3b"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 1, 1, 1, 1

GET
H/1.1 200
OK qydqex97rx1x6o4w53ml.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/ 2 KB
3 KB 44ms
9ms Image
image/webp 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/qydqex97rx1x6o4w53ml.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: c576341a29cc7803eae586a5b1b0004e4391f95a0583613a5839d25eabd8fec5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 22:26:46 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 1612155
Edge-Cache-Tag: 561970991575272472998702031147990830514,620112503730474126247409804263215884566,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 561970991575272472998702031147990830514,620112503730474126247409804263215884566,c34f21cfe162ce329654d565922e8c70
Content-Disposition: inline; filename="qydqex97rx1x6o4w53ml.webp"
Connection: keep-alive
Content-Length: 1850
X-Served-By: cache-iad-kjyo7100164-IAD, cache-iad-kjyo7100032-IAD, cache-hhn4047-HHN
X-Cache: MISS, HIT, HIT
Last-Modified: Wed, 07 Jul 2021 22:02:48 GMT
Server: cloudinary
X-Timer: S1644445607.591665,VS0,VE1
Etag: "8c60384b9fcdf6ced82c2e3e29e08bb1"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 1, 1

GET
H/1.1 200
OK hlwcxdqhpdl6cu2j6a0q.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/ 2 KB
3 KB 45ms
9ms Image
image/webp 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/hlwcxdqhpdl6cu2j6a0q.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 7069bd8cd4136cf552c4c02ba4f80c03f4a9e36b9edac2f2a8d7c7313b2e1580

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 22:26:46 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 1850117
Edge-Cache-Tag: 497101282059084916626549311246049786825,620112503730474126247409804263215884566,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 497101282059084916626549311246049786825,620112503730474126247409804263215884566,c34f21cfe162ce329654d565922e8c70
Content-Disposition: inline; filename="hlwcxdqhpdl6cu2j6a0q.webp"
Connection: keep-alive
Content-Length: 1676
X-Served-By: cache-iad-kcgs7200079-IAD, cache-iad-kiad7000062-IAD, cache-hhn4052-HHN
X-Cache: MISS, HIT, HIT
Last-Modified: Sat, 26 Jun 2021 00:38:31 GMT
Server: cloudinary
X-Timer: S1644445607.592096,VS0,VE1
Etag: "9aaaafeb04c97363b8bde226d4f34f07"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 1, 1

GET
H2 200 choice.js Show response
quantcast.mgr.consensu.org/choice/gGpYeVwuEvd4w/www.therams.com/ 6 KB
2 KB 451ms
421ms Script
application/javascript 2600:9000:2240:bc00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/gGpYeVwuEvd4w/www.therams.com/choice.js
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:bc00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aafa5bd1a6d109986f239e94e42036262c7eb9189f63b4f00cefbfe963ca6ad3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 09 Feb 2022 22:26:47 GMT
content-encoding: br
last-modified: Thu, 03 Feb 2022 21:46:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
etag: W/"88ab4a15a734e08bba7a8735b1d3edf4"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront)
cache-control: max-age=900
cross-origin-resource-policy: cross-origin
x-amz-cf-id: ptGFitA7QESuJ3YgzZF6ujbcv-tw28gAvZ3Wv56Ure5mUcqRRCW7zA==

GET
H/1.1 200
OK base.css
www.therams.com/compiledassets/css/ 508 KB
90 KB 176ms
158ms Stylesheet
text/css 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/css/base.css?_t=d88dbc479573a51bd84878e5bd0cfe7c

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

cf6d682f0289fa284b2a55d17f29501dc0b97a0a5777af3d0ff6e57e56b13bef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 0
Via: 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 90932
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9120-NF-LAS, cache-hhn4078-HHN
X-NFL-Dma: 276006
last-modified: Mon, 07 Feb 2022 17:19:48 GMT
server: envoy
X-Timer: S1644445606.362778,VS0,VE151
etag: "1d81c46e86da2fd"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: text/css
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 22:26:46 GMT
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK d67c44a609a9b0620bc93a8019cd60e8
www.therams.com/compiledassets/theming/ 16 KB
4 KB 27ms
7ms Stylesheet
text/css 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/theming/d67c44a609a9b0620bc93a8019cd60e8

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

47c51b8272102bc692e117de7f58ea6c6f5e7c18fc262512ad902ef1c645609b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 827093
Via: 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 29
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 3441
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9120-NF-LAS, cache-hhn4081-HHN
X-NFL-Dma: 276006
server: envoy
X-Timer: S1644445606.365419,VS0,VE1
Date: Wed, 09 Feb 2022 22:26:46 GMT
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: text/css
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
X-Cache-Hits: 4, 1

GET
H/1.1 200
OK shifumef044hn5atijym.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/ 2 KB
3 KB 9ms
7ms Image
image/webp 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/shifumef044hn5atijym.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 82372e5085d63a3eebd690eca5c085c65b6d0de397b7fbb1a6d7b9fc87d0061e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 22:26:46 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 464861
Edge-Cache-Tag: 469045599805938173633271981388412517434,620112503730474126247409804263215884566,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 469045599805938173633271981388412517434,620112503730474126247409804263215884566,c34f21cfe162ce329654d565922e8c70
Content-Disposition: inline; filename="shifumef044hn5atijym.webp"
Connection: keep-alive
Content-Length: 1650
X-Served-By: cache-iad-kcgs7200079-IAD, cache-iad-kcgs7200156-IAD, cache-hhn4052-HHN
X-Cache: MISS, HIT, HIT
Last-Modified: Wed, 16 Jun 2021 17:49:07 GMT
Server: cloudinary
X-Timer: S1644445607.603180,VS0,VE1
Etag: "02bf793b953bcdc3e2665744cb0c3ae8"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 1, 1

GET
H/1.1 200
OK ctia3r41xpmbep1oc0jn.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/ 2 KB
3 KB 8ms
7ms Image
image/webp 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/ctia3r41xpmbep1oc0jn.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 2799001f240cd99cd731ecf4c933e4aade589dbe85f93901c900dd8ecec01999

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 22:26:46 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 1335933
Edge-Cache-Tag: 480991908323120109040887342500216578479,620112503730474126247409804263215884566,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 480991908323120109040887342500216578479,620112503730474126247409804263215884566,c34f21cfe162ce329654d565922e8c70
Content-Disposition: inline; filename="ctia3r41xpmbep1oc0jn.webp"
Connection: keep-alive
Content-Length: 1906
X-Served-By: cache-iad-kjyo7100105-IAD, cache-iad-kcgs7200066-IAD, cache-hhn4043-HHN
X-Cache: HIT, HIT, HIT
Last-Modified: Sat, 12 Jun 2021 16:01:04 GMT
Server: cloudinary
X-Timer: S1644445607.604021,VS0,VE1
Etag: "8a4e0a39c7df3e47925183cac57ca480"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 1, 1, 1

GET
H/1.1 200
OK fi9r4x7ddwhtum6n96qa.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/ 1 KB
2 KB 9ms
8ms Image
image/webp 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/fi9r4x7ddwhtum6n96qa.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 6701454491ae4d2c571f9443f60895852709199d4a02f25cf4f8070c6b35d144

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 22:26:46 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 6010974
Edge-Cache-Tag: 460529375692163520014890492295371359836,620112503730474126247409804263215884566,c34f21cfe162ce329654d565922e8c70
Content-Disposition: inline; filename="fi9r4x7ddwhtum6n96qa.webp"
Connection: keep-alive
Content-Length: 1272
X-Served-By: cache-dca17736-DCA, cache-dca17774-DCA, cache-iad-kjyo7100050-IAD, cache-hhn4047-HHN
X-Cache: HIT, HIT, HIT, HIT
Last-Modified: Tue, 25 May 2021 20:48:01 GMT
Server: cloudinary
X-Timer: S1644445607.604088,VS0,VE1
Etag: "87f645d9b64111bd61b4d7b801c3ee99"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 1, 1, 1, 1

GET
H/1.1 200
OK psbzct0hyszydhpl75gx.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/ 1 KB
2 KB 10ms
8ms Image
image/webp 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/psbzct0hyszydhpl75gx.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 0c5ef018746786c973b11ed38934a17a09d5b6ebc739a738c7e924ebe0b15528

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 22:26:46 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 463344
Edge-Cache-Tag: 468273255908452252408165268047777506138,620112503730474126247409804263215884566,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 468273255908452252408165268047777506138,620112503730474126247409804263215884566,c34f21cfe162ce329654d565922e8c70
Content-Disposition: inline; filename="psbzct0hyszydhpl75gx.webp"
Connection: keep-alive
Content-Length: 1420
X-Served-By: cache-iad-kiad7000171-IAD, cache-iad-kcgs7200153-IAD, cache-hhn4062-HHN
X-Cache: MISS, HIT, HIT
Last-Modified: Tue, 25 May 2021 20:55:31 GMT
Server: cloudinary
X-Timer: S1644445607.604309,VS0,VE1
Etag: "d3df97000ab43b3e213018206352b8da"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 1, 1

GET
H/1.1 200
OK b5xchmrrvv7idefzap1h.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/ 2 KB
3 KB 9ms
8ms Image
image/webp 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/b5xchmrrvv7idefzap1h.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 972965a2008fb7426f4a686c601836371b92cfae2afbaa4bf36c7ccbfc3f0a41

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 22:26:46 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 7221399
Edge-Cache-Tag: 396173162133534743980894201067887854722,620112503730474126247409804263215884566,c34f21cfe162ce329654d565922e8c70
Content-Disposition: inline; filename="b5xchmrrvv7idefzap1h.webp"
Connection: keep-alive
Content-Length: 1696
X-Served-By: cache-dca17783-DCA, cache-dca17783-DCA, cache-iad-kiad7000123-IAD, cache-hhn4057-HHN
X-Cache: MISS, HIT, HIT, HIT
Last-Modified: Sat, 22 May 2021 16:00:55 GMT
Server: cloudinary
X-Timer: S1644445607.604696,VS0,VE0
Etag: "10c72de5af9ba4f863e0aa6e8440e951"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 77, 1, 9

GET
H/1.1 200
OK lxv1sa2it1asazh5e8hl.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/ 2 KB
3 KB 16ms
7ms Image
image/webp 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/lxv1sa2it1asazh5e8hl.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 6199d7ca3ec10c4de7cd008b1f021eb83110f2d7bc5804483b2ab8e6644eae9a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 22:26:46 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 915192
Edge-Cache-Tag: 366107797917474013985585973057224785611,620112503730474126247409804263215884566,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 366107797917474013985585973057224785611,620112503730474126247409804263215884566,c34f21cfe162ce329654d565922e8c70
Content-Disposition: inline; filename="lxv1sa2it1asazh5e8hl.webp"
Connection: keep-alive
Content-Length: 1766
X-Served-By: cache-iad-kcgs7200068-IAD, cache-iad-kcgs7200166-IAD, cache-hhn4052-HHN
X-Cache: HIT, HIT, HIT
Last-Modified: Fri, 21 May 2021 23:51:33 GMT
Server: cloudinary
X-Timer: S1644445607.613704,VS0,VE1
Etag: "b58369db0d25c6daf41cc03bf5407680"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 1, 1, 1

GET
H/1.1 200
OK ubq0bkdxo845e71v362c.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/ 2 KB
3 KB 11ms
8ms Image
image/webp 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/t_lazy/f_auto/rams/ubq0bkdxo845e71v362c.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: b96e7301a686b33ddf2cf5a2c5c0f1767276e21ac1f2150a173cf710f353c94d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 22:26:46 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 6591014
Edge-Cache-Tag: 440552214437478461892848529320326980055,620112503730474126247409804263215884566,c34f21cfe162ce329654d565922e8c70
Content-Disposition: inline; filename="ubq0bkdxo845e71v362c.webp"
Connection: keep-alive
Content-Length: 1812
X-Served-By: cache-dca17751-DCA, cache-dca17722-DCA, cache-iad-kcgs7200084-IAD, cache-hhn4043-HHN
X-Cache: MISS, HIT, HIT, HIT
Last-Modified: Fri, 21 May 2021 17:06:22 GMT
Server: cloudinary
X-Timer: S1644445607.615209,VS0,VE1
Etag: "cace8d9730f32b22a9b3059657748a77"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 1, 1, 1

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ 13 KB
6 KB 123ms
39ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:59:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 98818
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Feb 2023 18:59:48 GMT

GET
H2 200 contactmessl Show response
rams.formstack.com/forms/js.php// 124 KB
125 KB 586ms
513ms Script
text/javascript 18.66.122.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rams.formstack.com/forms/js.php//contactmessl?&jsonp=1

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-60.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

9d8b72388801d85bbe5e728baa32bc98aed33bbc3bfe96fe3079f16acf04af02

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 22:26:46 GMT
via: 1.1 2a6277094357eb47f8dbeacb06ed96c2.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P2
strict-transport-security: max-age=63072000; includeSubDomains
x-cache: Miss from cloudfront
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: public, max-age=5, public
content-type: text/javascript;charset=UTF-8
x-amz-cf-id: 1KJSY61r-T_t07YMxaA6abgSV-Co7691CFg974jKSPrvIntr_NfHIA==
expires: Wed, 09 Feb 2022 22:26:51 GMT

GET
H/1.1 200
OK require-2.3.5.min.js Show response
www.therams.com/compiledassets/js/vendor/requirejs/ 17 KB
8 KB 465ms
446ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

55723e64f42b1751419803799a21651fdcfa9fb1df025344a07f5b619fc09155

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 0
Via: 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 7427
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9122-NF-LAS, cache-hhn4080-HHN
X-NFL-Dma: 276006
last-modified: Mon, 07 Feb 2022 17:15:06 GMT
server: envoy
X-Timer: S1644445607.632589,VS0,VE439
etag: "1d81c464054cc4a"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 22:26:47 GMT
X-Cache-Hits: 0, 1

GET
DATA 200
OK truncated
/ 73 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 476e7eb397d8ad4c1c63798669d2b7011f69f14add6f5ad92d8df3ace8456355

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK All-ProSans--medium.woff2
www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/ 19 KB
20 KB 443ms
442ms Font
font/woff2 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/All-ProSans--medium.woff2

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/css/base.css?_t=d88dbc479573a51bd84878e5bd0cfe7c

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

dfa5fd01fac7951b11788f71c5d01fe9b567ffee4e04fe57315daf90da43df02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/compiledassets/css/base.css?_t=d88dbc479573a51bd84878e5bd0cfe7c
Origin: https://www.therams.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
Age: 0
origin-site: LA3
X-Cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 3
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 19348
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9123-NF-LAS, cache-lax10628-LGB, cache-hhn4078-HHN
X-NFL-Dma: 276006
last-modified: Mon, 07 Feb 2022 17:15:06 GMT
server: envoy
X-Timer: S1644445607.563900,VS0,VE436
etag: "1d81c464054c294"
Vary: X-NFL-Geo,Origin
content-type: font/woff2
access-control-allow-origin: https://www.therams.com
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 22:26:46 GMT
X-Cache-Hits: 0, 0, 1

GET
H/1.1 200
OK All-ProSans--bold.woff2
www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/ 19 KB
20 KB 466ms
465ms Font
font/woff2 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/All-ProSans--bold.woff2

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/css/base.css?_t=d88dbc479573a51bd84878e5bd0cfe7c

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

55fde4bfab54152c832b0004120bf58a6962fa6e907063bc0ffea0cf22122dd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/compiledassets/css/base.css?_t=d88dbc479573a51bd84878e5bd0cfe7c
Origin: https://www.therams.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
Age: 0
origin-site: LA3
X-Cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 19284
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9123-NF-LAS, cache-sna10729-LGB, cache-hhn4070-HHN
X-NFL-Dma: 276006
last-modified: Mon, 07 Feb 2022 17:15:06 GMT
server: envoy
X-Timer: S1644445607.604805,VS0,VE458
etag: "1d81c464054c254"
Vary: X-NFL-Geo,Origin
content-type: font/woff2
access-control-allow-origin: https://www.therams.com
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 22:26:47 GMT
X-Cache-Hits: 0, 0, 1

GET
H/1.1 200
OK All-ProSans--regular.woff2
www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/ 18 KB
18 KB 158ms
157ms Font
font/woff2 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/All-ProSans--regular.woff2

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/css/base.css?_t=d88dbc479573a51bd84878e5bd0cfe7c

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

187a6bf381cd0cef776ca2c409928045347b7d62324c73d65f32073a3a91f915

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/compiledassets/css/base.css?_t=d88dbc479573a51bd84878e5bd0cfe7c
Origin: https://www.therams.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
Via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
Age: 0
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 18168
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9123-NF-LAS, cache-hhn4081-HHN
X-NFL-Dma: 276006
last-modified: Mon, 07 Feb 2022 17:15:06 GMT
server: envoy
X-Timer: S1644445607.604965,VS0,VE150
etag: "1d81c464054cff8"
Vary: X-NFL-Geo,Origin
content-type: font/woff2
access-control-allow-origin: https://www.therams.com
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 22:26:46 GMT
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK All-ProSans--light.woff2
www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/ 18 KB
19 KB 144ms
143ms Font
font/woff2 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/assets/fonts/NFL/All-ProSans/All-ProSans--light.woff2

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/css/base.css?_t=d88dbc479573a51bd84878e5bd0cfe7c

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

3d699a355a5d1e675af5663335726fc636aaeaacf75be421a35901874043a8e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/compiledassets/css/base.css?_t=d88dbc479573a51bd84878e5bd0cfe7c
Origin: https://www.therams.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
Via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
Age: 0
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 9
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 18504
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9121-NF-LAS, cache-hhn4031-HHN
X-NFL-Dma: 276006
last-modified: Mon, 07 Feb 2022 17:15:06 GMT
server: envoy
X-Timer: S1644445607.605276,VS0,VE136
etag: "1d81c464054c148"
Vary: X-NFL-Geo,Origin
content-type: font/woff2
access-control-allow-origin: https://www.therams.com
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 22:26:46 GMT
X-Cache-Hits: 0, 1

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 19ms
19ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 22:26:46 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 2650
etag: W/"0e269028feac530d16f00d8dad8ece74"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6db085718bae90ee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 12 Feb 2022 22:26:46 GMT

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1644445606666
https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1644445606666

7 KB
3 KB

32ms
32ms

XHR
application/json

34.242.49.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1644445606666

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

HTTP/1.1

Server

34.242.49.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-49-38.eu-west-1.compute.amazonaws.com

Software

Resource Hash

cefbe7134a635054c5a9a6d2c95252e1194275cfbe8b5b2631a006f6eae5ea22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v027-010f8de1e.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: FtcHL8FISNA=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.therams.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1993
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v027-06e9fe3ab.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://www.therams.com
X-TID: Lapl56QmSBY=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1644445606666
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 33 KB
12 KB 8ms
8ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 22:26:46 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
etag: "f259ee6445c19c2ce3c64a1b117a4f35:1597270192.577101"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.therams.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12184
expires: Wed, 09 Feb 2022 23:26:46 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 3 KB
2 KB 9ms
8ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 22:26:46 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
etag: "5dedcda2c8a6c3a51fd419d306427010:1597270192.857753"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.therams.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1594
expires: Wed, 09 Feb 2022 23:26:46 GMT

GET
H2 200 AppMeasurement_Module_AudienceManagement.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 25 KB
9 KB 9ms
9ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_AudienceManagement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: e5f0058d3d737d25b691728bce12a7d0b77183781c936ca8152e28cacf9e6e3f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 22:26:46 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:53 GMT
server: AkamaiNetStorage
etag: "c8afb92bc0d997ba5b673367e69b9ff1:1597270193.156081"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.therams.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 8762
expires: Wed, 09 Feb 2022 23:26:46 GMT

GET
H2 200 web Show response
onesignal.com/api/v1/sync/fde36100-f0c8-4d64-b942-75e4b965bf86/ 5 KB
2 KB 315ms
302ms Script
text/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/fde36100-f0c8-4d64-b942-75e4b965bf86/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b62803f92be2f3ef0d4791d44011cc25c4ff8f56e9b0d69834f2ddda78329a5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 22:26:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
status: 200 OK
x-envoy-upstream-service-time: 21
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 79e91470-e912-4a0d-811c-2a275b817351
x-runtime: 0.020451
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"b62803f92be2f3ef0d4791d44011cc25"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 6db085720c8590ee-FRA
access-control-allow-headers: SDK-Version
expires: Wed, 09 Feb 2022 23:26:47 GMT

GET
H3 200 pubads_impl_2022020801.js Show response
securepubads.g.doubleclick.net/gpt/ 357 KB
119 KB 89ms
42ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js?31064811

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

8f4b70778aa21c1c093c6acbad70c70b2e69d4d22e47d9405ee137db16ca050b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 18:35:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13900
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122244
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:34:27 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 09 Feb 2023 18:35:06 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 86 B
104 B 96ms
49ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.therams.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

7211d8b26143e07e1cb7b66219fcf0fc4a22a57f6b864c9cee37070df8592d6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Feb 2022 22:26:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 79
x-xss-protection: 0
expires: Wed, 09 Feb 2022 22:26:46 GMT

GET
H/1.1 200
OK dest5.html Show response
nfl.demdex.net/ Frame 01D3 7 KB
3 KB 134ms
30ms Document
text/html 54.155.222.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://nfl.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.155.222.85 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-155-222-85.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Wed, 9 Feb 2022 22:26:46 GMT
DCS: dcs-prod-irl1-2-v027-0da95bd13.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Wed, 19 Jan 2022 14:02:08 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: a1iSecpGRYg=
Content-Length: 2791
Connection: keep-alive

GET
H2 200 id Show response
smetrics.nfl.com/ 48 B
503 B 70ms
19ms XHR
application/x-javascript 15.188.95.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.nfl.com/id?d_visid_ver=5.2.0&d_fieldgroup=A&mcorgid=F75C3025512D2C1D0A490D44%40AdobeOrg&mid=37868878626611992181206115925239275184&ts=1644445606854

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

7f9881cd34c319ae776501e44125494a9ab9f45f9b93c80f033108a9d53bc134

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.therams.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 09 Feb 2022 22:26:46 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-cdfbd77b-ts52f
vary: Origin
x-c: main-1585.I7afc85.M0-540
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.therams.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YgQ-pgAAAKJJxwO1
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=38028006613905105411222451820135309839
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YgQ-pgAAAKJJxwO1

42 B
943 B

31ms
31ms

Image
image/gif

34.242.49.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YgQ-pgAAAKJJxwO1

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

HTTP/1.1

Server

34.242.49.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-49-38.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v027-0612854b5.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: b+yZHZl6RP8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YgQ-pgAAAKJJxwO1
Date: Wed, 09 Feb 2022 22:26:46 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H2 200 delivery Show response
nflenterprises.tt.omtrdc.net/rest/v1/ 357 B
594 B 120ms
39ms XHR
application/json 63.35.80.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nflenterprises.tt.omtrdc.net/rest/v1/delivery?client=nflenterprises&sessionId=cef4220003914451b9e9b852e709e217&version=2.4.1
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.80.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-80-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: f937112319e1a219bd29a13fbc3b2be5fdb611039fd261159ea28655de8797c4

Request headers

Referer: https://www.therams.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 09 Feb 2022 22:26:46 GMT
content-encoding: gzip
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.therams.com
access-control-allow-credentials: true
timing-allow-origin: *
x-request-id: 7fa547163ec95a0d90e951ad3498797c

GET
H/1.1

200
OK

ibs:dpid=269&dpuuid=7d6a6204-3fa6-4200-8c6e-99f073d61203&ddsuuid=38028006613905105411222451820135309839
dpm.demdex.net/ Frame 01D3
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=38028006613905105411222451820135309839&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d38028006613905...
https://dpm.demdex.net/ibs:dpid=269&dpuuid=7d6a6204-3fa6-4200-8c6e-99f073d61203&ddsuuid=38028006613905105411222451820135309839

42 B
943 B

32ms
31ms

Image
image/gif

34.242.49.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=269&dpuuid=7d6a6204-3fa6-4200-8c6e-99f073d61203&ddsuuid=38028006613905105411222451820135309839

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

HTTP/1.1

Server

34.242.49.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-49-38.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v027-095f9da51.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 5Vx1zP2lQcQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date: Wed, 09 Feb 2022 22:26:47 GMT
Server: MT3 4133 baa842e master zrh-pixel-x7 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dpm.demdex.net/ibs:dpid=269&dpuuid=7d6a6204-3fa6-4200-8c6e-99f073d61203&ddsuuid=38028006613905105411222451820135309839
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 09 Feb 2022 22:26:46 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 47ms
9ms Script
application/javascript 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/gGpYeVwuEvd4w/www.therams.com/choice.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 22:26:47 GMT
content-encoding: gzip
etag: "yoD6mq4JTyPdtDBolW+GUg=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Wed, 16 Feb 2022 22:26:47 GMT

GET
H2 200 cmp2.js Show response
quantcast.mgr.consensu.org/tcfv2/ 178 KB
43 KB 9ms
9ms Script
text/javascript 2600:9000:2240:bc00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.therams.com
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/gGpYeVwuEvd4w/www.therams.com/choice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:bc00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 32ed95b190974ab3c06dcbfe84decbe46ba5bf9ef759aaad201b053d06342d9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 22:25:54 GMT
content-encoding: br
age: 54
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Thu, 03 Feb 2022 15:12:49 GMT
server: AmazonS3
etag: W/"654a79dfaa26ade386414ddc75ea4b75"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-meta-qc-ineu: True
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: tvjW640n1rgAJ2KnMcV-ZvlE01xv9CL_e4O-qIo_TLvcWaFEPWrF_A==

GET
H2 200 cmp-list.json Show response
test.quantcast.mgr.consensu.org/GVL-v2/ 9 KB
3 KB 33ms
7ms XHR
application/json 2600:9000:225e:9800:3:a4cd:8380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test.quantcast.mgr.consensu.org/GVL-v2/cmp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.therams.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:9800:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ea2cfd052397a2a777ace87690d76dc8caa81d75a37d35639401e7e995bff377

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.therams.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 03:00:39 GMT
content-encoding: br
age: 69969
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Thu, 03 Feb 2022 19:52:29 GMT
server: AmazonS3
etag: W/"4b1249837503afcdf64c329aec87b38a"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: wJc6WWcV90znCBTeZs7CxIHimMpQQ1tj
via: 1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: FRA60-P4
content-type: application/json
x-amz-cf-id: ORDS3wx6tlUf3IBuykTbhjvyItdknleb1wwxU_HMHBnEygXBFkXw3w==

GET
H2 200 rules-p-gGpYeVwuEvd4w.js Show response
rules.quantcount.com/ 2 B
345 B 41ms
8ms Script
application/javascript 2600:9000:223f:2600:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-gGpYeVwuEvd4w.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:2600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 22:02:22 GMT
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
server: AmazonS3
age: 1465
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P5
content-length: 2
x-amz-cf-id: uJwaIrD5w_c0XDo8Y-oesvFM1bAHU43AFbNDdZQ36jtLdIaZ-bpSMw==

GET
H2

200

pixel.gif
load77.exelator.com/ Frame 01D3
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=38028006613905105411222451820135309839
https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=38028006613905105411222451820135309839&xl8blockcheck=1
https://load77.exelator.com/pixel.gif

43 B
334 B

52ms
8ms

Image
image/gif

2a02:6ea0:c700::1
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: H2
Server: 2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-77-nzt: AcO1ryysirD/wmsHAA==
x-accel-expires: @1644996069
date: Wed, 09 Feb 2022 22:26:47 GMT
etag: "59f0c3fc-2b"
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
x-77-nzt-ray: t6spgWwD1Ek=
x-77-cache: HIT
content-type: image/gif
access-control-allow-origin: *
x-cache: HIT
x-age: 486338
accept-ranges: bytes
x-77-pop: frankfurtDE
content-length: 43

Redirect headers

date: Wed, 09 Feb 2022 22:26:47 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://load77.exelator.com/pixel.gif
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2 200 cmp2ui-en.js Show response
quantcast.mgr.consensu.org/tcfv2/39/ 227 KB
55 KB 9ms
9ms Script
text/javascript 2600:9000:2240:bc00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/39/cmp2ui-en.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.therams.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:bc00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a6bdf620e64f6f9481b0b273e6365a133ce173c2feb8839cfb99542f0f7f518e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 06:09:18 GMT
content-encoding: br
age: 58649
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Thu, 03 Feb 2022 15:12:35 GMT
server: AmazonS3
etag: W/"58b24098a17406b31f4f22592394578b"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: f2jr4oV_qOIV85Rwj5wzVEShgl068bQu7NpjIE7XQlG1T2vSqu_F8Q==

GET
H2 200 vendor-list-trimmed-v1.json Show response
quantcast.mgr.consensu.org/GVL-v2/ 283 KB
33 KB 25ms
9ms XHR
application/json 2600:9000:2240:bc00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/GVL-v2/vendor-list-trimmed-v1.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.therams.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:bc00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 284f3fb5272a62c2fa10bf971794e7d86d1b18a00f5b6b6a3834c318e8cb6e1e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 03:00:36 GMT
content-encoding: br
age: 69972
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Wed, 09 Feb 2022 03:00:32 GMT
server: AmazonS3
etag: W/"23a78a08d18dd06e59e2625a31a29823"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
via: 1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: dfKCBpc3J1hkK0Ns66gWO-C-3FID53_0D2TDhVPu1suALuyTCj4QPQ==

GET
H2 200 google-atp-list.json Show response
quantcast.mgr.consensu.org/tcfv2/ 154 KB
37 KB 31ms
16ms XHR
application/json 2600:9000:2240:bc00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/google-atp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.therams.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:bc00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 551a4a808579c7378031adf0db69216f283b918c1ad8121a2537aea2de752975

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.therams.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 03:00:30 GMT
content-encoding: gzip
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 69978
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 09 Feb 2022 03:00:26 GMT
server: AmazonS3
etag: W/"ad4bcd2cac4f746076ef071869c77880"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
via: 1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront)
cache-control: max-age=172800
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: qQLEgcQhz1GaHymOPE5gTkfTUgqhl_n351NjdmAdZgIYBa5Jck--1Q==

GET
H2 200 / Show response
audit-tcfv2.quantcast.mgr.consensu.org/ 2 B
101 B 34ms
8ms XHR
text/plain 3.70.102.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://audit-tcfv2.quantcast.mgr.consensu.org/?log=%7B%22accountId%22%3A%22gGpYeVwuEvd4w%22%2C%22domain%22%3A%22www.therams.com%22%2C%22publisher%22%3A%22Rams%20Web%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.39%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22%2Be9BB1ZFFULwYoeI9%2BVz%2FA%22%2C%22clientTimestamp%22%3A1644445607157%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-g6f7lwemz2g757yq4798%22%7D
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/39/cmp2ui-en.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.70.102.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-70-102-167.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.therams.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 09 Feb 2022 22:26:47 GMT
content-length: 2
content-type: text/plain; charset=utf-8

GET
H/1.1

200
OK

ibs:dpid=359&dpuuid=KXEeNb8o1NhVqf5
dpm.demdex.net/ Frame 01D3
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_
https://dpm.demdex.net/ibs:dpid=359&dpuuid=KXEeNb8o1NhVqf5

42 B
943 B

31ms
31ms

Image
image/gif

34.242.49.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=359&dpuuid=KXEeNb8o1NhVqf5

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

HTTP/1.1

Server

34.242.49.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-49-38.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v027-069e5a96a.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: GI6B5k+EQwY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma: no-cache
Date: Wed, 09 Feb 2022 22:26:46 GMT
Server: PingMatch/v2.0.30-702-g2925257#rel-ec2-master i-0d390a4cbd087d732@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://dpm.demdex.net/ibs:dpid=359&dpuuid=KXEeNb8o1NhVqf5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 reset_3d1cc6d59f.css
static.formstack.com/forms/css/3/ 2 KB
880 B 19ms
9ms Stylesheet
text/css 18.66.122.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/forms/css/3/reset_3d1cc6d59f.css
Requested by: Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//contactmessl?&jsonp=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-60.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 86d5823df9f96c928e9981519128e09bf8f745ca88e690be0b342b5ce904d394

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 23:59:50 GMT
content-encoding: gzip
last-modified: Mon, 07 Feb 2022 18:14:30 GMT
server: nginx
age: 80817
etag: W/"62016186-616"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 2a6277094357eb47f8dbeacb06ed96c2.cloudfront.net (CloudFront)
cache-control: public, s-maxage=86400
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: wk1kFNEc09N8ZUtlayURbiXA2_mHaGZCVu4iO0NkqNS1b33uJITU6g==

GET
H2 200 jquery-ui_eb08fdf84b.css
static.formstack.com/forms/css/3/ 32 KB
6 KB 20ms
10ms Stylesheet
text/css 18.66.122.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/forms/css/3/jquery-ui_eb08fdf84b.css
Requested by: Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//contactmessl?&jsonp=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-60.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 4fd91864be6192916a0cdc95d51d179f9bc071b462b7cb1e9e311a4bed974f41

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 23:59:50 GMT
content-encoding: gzip
last-modified: Mon, 07 Feb 2022 18:14:30 GMT
server: nginx
age: 80816
etag: W/"62016186-8052"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 2a6277094357eb47f8dbeacb06ed96c2.cloudfront.net (CloudFront)
cache-control: public, s-maxage=86400
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: 9gQe67PkIN4fT0xBGluyMJIZafRzjgvX2px5HbUp_87bjeJ51rRxtw==

GET
H2 200 default-v4_febab48678.css
static.formstack.com/forms/css/3/ 35 KB
6 KB 20ms
10ms Stylesheet
text/css 18.66.122.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/forms/css/3/default-v4_febab48678.css
Requested by: Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//contactmessl?&jsonp=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-60.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: ac10112e1f23d21b3f4130d8b4ef344ce013dc634f6d8171fa4df2637e52f791

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 23:59:50 GMT
content-encoding: gzip
last-modified: Mon, 07 Feb 2022 18:14:30 GMT
server: nginx
age: 80816
etag: W/"62016186-8bc0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 2a6277094357eb47f8dbeacb06ed96c2.cloudfront.net (CloudFront)
cache-control: public, s-maxage=86400
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: cFjLaSMx3f4dLH53_xjapknZRe9BEEJpBMX0FQYnZPk2bZbysWfB1Q==

GET
H2 200 uil-static.css
static.formstack.com/common/css/ 51 KB
8 KB 24ms
13ms Stylesheet
text/css 18.66.122.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/common/css/uil-static.css
Requested by: Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//contactmessl?&jsonp=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-60.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 7e631a807e4b121be305ddb3ba1340afda0f906a8ebc768a17a2df9fc5b4328b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 18:04:21 GMT
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 12:25:40 GMT
server: nginx
age: 15746
etag: W/"6203b2c4-cb81"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 2a6277094357eb47f8dbeacb06ed96c2.cloudfront.net (CloudFront)
cache-control: public, s-maxage=86400
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: eDvsrdwTBQ-nwHKjVYpJKIm8sjmxxBKvVB-M-MjhiJH6WdvWQWryKQ==

GET
H2 200 dialogs_00a7ec5f05.css
static.formstack.com/forms/css/common/ 170 B
498 B 22ms
12ms Stylesheet
text/css 18.66.122.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/forms/css/common/dialogs_00a7ec5f05.css
Requested by: Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//contactmessl?&jsonp=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-60.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 9fc43e8f6f26a254c4570b6ccd4e08a2a5f97bedcd1f3491ede9bbb8b5012d90

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 18:04:21 GMT
via: 1.1 2a6277094357eb47f8dbeacb06ed96c2.cloudfront.net (CloudFront)
last-modified: Wed, 09 Feb 2022 12:26:49 GMT
server: nginx
age: 15746
etag: "6203b309-aa"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, s-maxage=86400
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
content-length: 170
x-amz-cf-id: eMQ2Jygr5YYMbACDtohSoH_Vxx2CP0vAbA5E_qhJnvGBDRmpMEXCBQ==

GET
H/1.1 200
OK image_16x91.jpg
s3.amazonaws.com/files.formstack.com/public/570723/ 2 MB
2 MB 447ms
139ms Image
image/jpeg 52.217.206.224
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/files.formstack.com/public/570723/image_16x91.jpg
Requested by: Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//contactmessl?&jsonp=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.206.224 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: fc98c9f06ecc9a282b433f8171fd80c4fc8a8ac778ee355530d54fffaae0ea31

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
Date: Wed, 09 Feb 2022 22:26:48 GMT
Last-Modified: Mon, 10 Jan 2022 02:03:46 GMT
Server: AmazonS3
x-amz-request-id: HZ5JFS5KK6MYH74S
ETag: "f1a4e9bba71548bbfb99204a67b0dc22"
Content-Type: image/jpeg
x-amz-replication-status: COMPLETED
Content-Length: 2542560
Accept-Ranges: bytes
X-Robots-Tag: noindex
x-amz-version-id: v._cCilrIvNrHeZt_R0e6ojQDZyMtI96
x-amz-id-2: mKM8kQop88XrVLnzCYVNmIPNypIHSgM3CqK6yppPywi/pOK39Bmo9/PucvyRwiBG8wrN/KsDRFE=

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 137ms
51ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-122484269-1

Requested by

Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//contactmessl?&jsonp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0feda09dfe306a9935b0bf6ed4c5ccdcef19cb1ebad32576cced50c84f1777dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 22:26:47 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36076
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 09 Feb 2022 22:26:47 GMT

GET
H2 200 jquery.min_1d14cd3798.js Show response
static.formstack.com/forms/js/3/ 91 KB
33 KB 21ms
15ms Script
application/javascript 18.66.122.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/forms/js/3/jquery.min_1d14cd3798.js
Requested by: Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//contactmessl?&jsonp=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-60.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 04bebecfb9f7ce92cf947ce283fccf067cf6870f65af3456dd22b6c102447c83

Request headers

Referer: https://www.therams.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 09 Feb 2022 18:04:21 GMT
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 12:25:41 GMT
server: nginx
age: 15746
etag: W/"6203b2c5-16cfa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 2a6277094357eb47f8dbeacb06ed96c2.cloudfront.net (CloudFront)
cache-control: public, s-maxage=86400
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: vX4ysYbLMbZa09qlMqXoWotx_WQLGaVNlvGKU6i6DVhbM6Uq2PfsKw==

GET
H2 200 jquery-ui.min_42a497cb9f.js Show response
static.formstack.com/forms/js/3/ 82 KB
24 KB 17ms
11ms Script
application/javascript 18.66.122.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/forms/js/3/jquery-ui.min_42a497cb9f.js
Requested by: Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//contactmessl?&jsonp=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-60.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 651dab4cb7bc37df2f04d730db54ee9e9bdc1f93fe9739a05c9ce07e0e335947

Request headers

Referer: https://www.therams.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 09 Feb 2022 03:00:40 GMT
content-encoding: gzip
last-modified: Mon, 07 Feb 2022 18:13:27 GMT
server: nginx
age: 69967
etag: W/"62016147-147b6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 2a6277094357eb47f8dbeacb06ed96c2.cloudfront.net (CloudFront)
cache-control: public, s-maxage=86400
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: AFuki7enKUnEk5-hed8MMiKvvAjFrQ1bV_n-RYhgjwu_Ufm0L0vH-A==

GET
H2 200 scripts_0d92d709f3.js Show response
static.formstack.com/forms/js/3/ 79 KB
23 KB 32ms
26ms Script
application/javascript 18.66.122.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/forms/js/3/scripts_0d92d709f3.js
Requested by: Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//contactmessl?&jsonp=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-60.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 6abf2aa9d7790ad3b128a7396c3bfd3367a98948a212d7f110607691d8fb4f2c

Request headers

Referer: https://www.therams.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 08 Feb 2022 23:59:50 GMT
content-encoding: gzip
last-modified: Mon, 07 Feb 2022 18:14:25 GMT
server: nginx
age: 80816
etag: W/"62016181-13ddc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 2a6277094357eb47f8dbeacb06ed96c2.cloudfront.net (CloudFront)
cache-control: public, s-maxage=86400
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: dIPpj8X-XvDE0OHqhE2lyr7vlRPccUKkcOJjzIwf9NVx0k11PiwNsQ==

GET
H2 200 analytics_3ca069828f.js Show response
static.formstack.com/forms/js/3/ 2 KB
1 KB 19ms
14ms Script
application/javascript 18.66.122.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/forms/js/3/analytics_3ca069828f.js
Requested by: Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//contactmessl?&jsonp=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-60.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 7cd1ce1596ca026fa2706f1bac7c02464d918ffb8d48c8af15d7fb8fd6c0a9de

Request headers

Referer: https://www.therams.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 08 Feb 2022 23:59:51 GMT
content-encoding: gzip
last-modified: Mon, 07 Feb 2022 18:14:24 GMT
server: nginx
age: 80816
etag: W/"62016180-847"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 2a6277094357eb47f8dbeacb06ed96c2.cloudfront.net (CloudFront)
cache-control: public, s-maxage=86400
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: EJ642UIParI0TyRVowuIx2w_I2JlENS5Mq-KncgFna4tXXOrrPRzAQ==

GET
H2 200 google-phone-lib_c1e61f3e9c.js Show response
static.formstack.com/forms/js/3/ 239 KB
55 KB 18ms
13ms Script
application/javascript 18.66.122.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/forms/js/3/google-phone-lib_c1e61f3e9c.js
Requested by: Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//contactmessl?&jsonp=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-60.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: f86db151732c4212c2cd57d7be7889c95ce5a8f0ca11fb40ce3410b9beeac723

Request headers

Referer: https://www.therams.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 09 Feb 2022 18:04:21 GMT
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 12:25:41 GMT
server: nginx
age: 15746
etag: W/"6203b2c5-3bca0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 2a6277094357eb47f8dbeacb06ed96c2.cloudfront.net (CloudFront)
cache-control: public, s-maxage=86400
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: QNQdbYALJxtBvdisSBc6FVsX2v5qk36jmuZfuMVt_HBfplREgn9kAg==

GET
H2 200 googleanalytics.js Show response
static.formstack.com/forms/js/3/plugins/ 2 KB
1 KB 17ms
13ms Script
application/javascript 18.66.122.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/forms/js/3/plugins/googleanalytics.js
Requested by: Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//contactmessl?&jsonp=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-60.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: bed924988f40a748ce85d013b93994b31d8b7dd8214c0b47938dab985641fd92

Request headers

Referer: https://www.therams.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 08 Feb 2022 23:59:51 GMT
content-encoding: gzip
last-modified: Mon, 07 Feb 2022 18:14:24 GMT
server: nginx
age: 80816
etag: W/"62016180-860"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 2a6277094357eb47f8dbeacb06ed96c2.cloudfront.net (CloudFront)
cache-control: public, s-maxage=86400
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: qInkHn_-bKPQJ63En0hvkeiS5s1EFZ3dJ1h22dXxflCLlr2cAbSKdQ==

GET
H2 200 utm_tracking.js Show response
static.formstack.com/forms/js/3/plugins/ 792 B
1 KB 32ms
28ms Script
application/javascript 18.66.122.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/forms/js/3/plugins/utm_tracking.js
Requested by: Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//contactmessl?&jsonp=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-60.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: b34144c367b6531b6c5a970cf4ffa526804af9b71ab1198444d988235acb3cda

Request headers

Referer: https://www.therams.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 08 Feb 2022 23:59:51 GMT
via: 1.1 2a6277094357eb47f8dbeacb06ed96c2.cloudfront.net (CloudFront)
last-modified: Mon, 07 Feb 2022 18:14:24 GMT
server: nginx
age: 80816
etag: "62016180-318"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, s-maxage=86400
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
content-length: 792
x-amz-cf-id: ulnSWE0BImOp2sNEOAAerUw9h7hcafQp4qlAT02N41lFeHgHS-o3sQ==

GET
H2 200 modernizr_60a2d5aeb5.js Show response
static.formstack.com/forms/js/3/ 13 KB
6 KB 30ms
27ms Script
application/javascript 18.66.122.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/forms/js/3/modernizr_60a2d5aeb5.js
Requested by: Host: rams.formstack.com
URL: https://rams.formstack.com/forms/js.php//contactmessl?&jsonp=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-60.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: af420c807b04fdb5136ef53f3bab83b81f2b94e43fa9856f1fad2fde88383744

Request headers

Referer: https://www.therams.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 09 Feb 2022 18:04:30 GMT
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 12:25:41 GMT
server: nginx
age: 15737
etag: W/"6203b2c5-33bc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 2a6277094357eb47f8dbeacb06ed96c2.cloudfront.net (CloudFront)
cache-control: public, s-maxage=86400
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: oNm4AZT5cqaTQICP4EfSO5whfhRC3AEL7K1hTN5ZQe5lHJhb_koHOg==

GET
H/1.1

200
OK

ibs:dpid=358&dpuuid=5181495627628509417
dpm.demdex.net/ Frame 01D3
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
https://dpm.demdex.net/ibs:dpid=358&dpuuid=5181495627628509417

42 B
943 B

32ms
32ms

Image
image/gif

34.242.49.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=358&dpuuid=5181495627628509417

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

HTTP/1.1

Server

34.242.49.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-49-38.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v027-04eb20598.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: oD8pBN26RDU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma: no-cache
Date: Wed, 09 Feb 2022 22:26:47 GMT
X-Proxy-Origin: 185.213.155.165; 185.213.155.165; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 825734f3-580a-4083-9924-6f193e9b86d0
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dpm.demdex.net/ibs:dpid=358&dpuuid=5181495627628509417
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
898 B 133ms
47ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e05625072af3c4d3ca3bcef620cecc11cad888a0441600f3c43d04c3334d2c64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 21:19:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 09 Feb 2022 22:26:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 09 Feb 2022 22:26:47 GMT

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/3005386/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

7ms
7ms

Script
application/javascript

13.32.121.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: H2
Server: 13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 22:15:16 GMT
content-encoding: gzip
etag: W/"5b0f9f0704a703b8da651007721fac57"
last-modified: Thu, 04 Mar 2021 13:31:34 GMT
server: AmazonS3
age: 692
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: STiYDilBdIsqFaLdZXYeZIPy7D0w6KOzZk8qrhT_tn0LKTj21RBUjg==

Redirect headers

date: Wed, 09 Feb 2022 22:26:47 GMT
via: 1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: /internal-cs/default/beacon.js
content-length: 52
x-amz-cf-id: obHiAMC_aajVFzfY3QckErO60I0bMJDc_1x3cqbcSeqit4dGpLCQJg==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
39 KB 61ms
61ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-861929325

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0bdf6e53be2c7ff443a82c0ad1896107ccbc0d669ad42800dfc0f4e55aa3ea93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 22:26:47 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39676
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 09 Feb 2022 22:26:47 GMT

GET
H/1.1 200
OK p.js Show response
d1z2jf7jlzjs58.cloudfront.net/keys/therams.com/ 66 KB
24 KB 35ms
9ms Script
application/javascript 52.222.250.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1z2jf7jlzjs58.cloudfront.net/keys/therams.com/p.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-115.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: d68d0ec4538467639a78668e1c3ff4f364c9d5dc2b147050baafce989ff5e868

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 22:20:47 GMT
Content-Encoding: gzip
Age: 643
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Pragma: public
Last-Modified: Tue, 20 Apr 2021 20:53:44 GMT
Server: nginx
ETag: W/"607f3f58-10707"
Content-Type: application/javascript
Via: 1.1 6fc439c8bc0a64a7ab978ce699795274.cloudfront.net (CloudFront)
Cache-Control: max-age=86400, public
X-Amz-Cf-Pop: FRA60-P3
X-Amz-Cf-Id: jg0rz2KPubte9TTMTHu9P76QTLvgwiV0UFUbEKMSPyhcQJcIBho-fw==
Expires: Thu, 10 Feb 2022 22:16:04 GMT

GET
H/1.1

200
OK

ibs:dpid=470&dpuuid=8997232101449886322
dpm.demdex.net/ Frame 01D3
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
https://dpm.demdex.net/ibs:dpid=470&dpuuid=8997232101449886322

42 B
943 B

31ms
31ms

Image
image/gif

34.242.49.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=470&dpuuid=8997232101449886322

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

HTTP/1.1

Server

34.242.49.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-49-38.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v027-0a1cb48e8.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 9ojFcDfXT60=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=470&dpuuid=8997232101449886322
pragma: no-cache
date: Wed, 09 Feb 2022 22:26:47 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1 200
OK main.js Show response
www.therams.com/compiledassets/js/ 6 KB
3 KB 146ms
145ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/main.js?_t=c8420aafa79eaa38fad40188218a06ec

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

ffb8de82eb4e7ce352d6babc3102b81fdef6a4df507ff6e0df2d4fac007d939c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 0
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 1763
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9120-NF-LAS, cache-lax10630-LGB, cache-hhn4080-HHN
X-NFL-Dma: 276006
last-modified: Mon, 07 Feb 2022 17:20:06 GMT
server: envoy
X-Timer: S1644445607.457767,VS0,VE139
etag: "1d81c46f324ff58"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 22:26:47 GMT
X-Cache-Hits: 0, 0, 1

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
260 B 425ms
110ms Image
image/gif 52.205.167.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1644445607477&plid=70776050&idsite=therams.com&url=https%3A%2F%2Fwww.therams.com%2Fstadium%2Fsofi-stadium&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.therams.com%2Fstadium%2Fsofi-stadium&sref=&sts=1644445607472&slts=0&title=SoFi+Stadium+%7C+Los+Angeles+Rams+-+therams.com&date=Wed+Feb+09+2022+22%3A26%3A47+GMT%2B0000+(GMT)&action=pageview&pvid=46804517&u=pid%3D442b6945fbb769cb7b4176cfbdf19b7b
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.167.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-167-202.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 22:26:47 GMT
Cache-Control: no-cache
Last-Modified: Wednesday, 09-Feb-2022 22:26:47 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 204 b2
sb.scorecardresearch.com/ 0
223 B 9ms
9ms Image
text/plain 13.32.121.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=3005386&gdpr=1&gdpr_p1t=0&gdpr_li=0&gdpr_purps=&gdpr_pcc=AA&cs_cmp_nc=0&cs_cmp_id=10&cs_cmp_sv=39&cs_cmp_rt=1&cs_it=b2&cv=3.8.0.210223&ns__t=1644445607489&ns_c=UTF-8&c7=https%3A%2F%2Fwww.therams.com%2Fstadium%2Fsofi-stadium&c8=SoFi%20Stadium%20%7C%20Los%20Angeles%20Rams%20-%20therams.com&c9=
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-17.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 22:26:47 GMT
via: 1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: qMCGix8BzLJdy18kALAAq12_c4AT7GCUoknCGaMHPpRqPCowufIwLA==
x-cache: Miss from cloudfront

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 127ms
38ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-122484269-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1315
date: Wed, 09 Feb 2022 22:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 10 Feb 2022 00:04:52 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 156ms
65ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-861929325

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 22:26:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14879
x-xss-protection: 0
server: cafe
etag: 17635014576153706337
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 09 Feb 2022 22:26:47 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 24ms
8ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26236
x-xss-protection: 0
pragma: public
x-fb-debug: sWfflZip+EO/qSUNA9TlvcGDoKt6xaDQtcGlJjtmYbbHeNAu4aL7fE7dQyvmj08B2PFZ7s2Xf2O25tOHxQJlbw==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 09 Feb 2022 22:26:47 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 5191967.js Show response
js.hs-scripts.com/ 1 KB
961 B 403ms
382ms Script
application/javascript 2606:4700::6811:d5cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/5191967.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5ea4e8f4344/7e05c193e65f/launch-43d0dff5e3ff.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d5cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22c071c3ed244f33ff86c96a6a7d9a25be4b0a18cc462f39c6e8a5b7fdb4ba69

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 22:26:47 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
x-hubspot-correlation-id: c7687592-b104-457b-95ed-04629c749919
last-modified: Wed, 09 Feb 2022 22:21:04 GMT
server: cloudflare
x-trace: 2B1786F99F833DC1AF10A76DA266869398493F7A13000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.therams.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 6db085774d0192a8-FRA
expires: Wed, 09 Feb 2022 22:27:47 GMT

GET
H2 200 s31495801709104 Show response
smetrics.nfl.com/b/ss/nflglobal2016/10/JS-2.22.0-LBWB/ 7 KB
8 KB 41ms
41ms Script
application/x-javascript 15.188.95.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.nfl.com/b/ss/nflglobal2016/10/JS-2.22.0-LBWB/s31495801709104?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=9%2F1%2F2022%2022%3A26%3A47%203%200&d.&nsid=0&jsonv=1&.d&sdid=049ED727477F1BDB-35802A56AA9CC8AC&mid=37868878626611992181206115925239275184&aamlh=6&ce=UTF-8&pageName=rams%3Astadium%3Astadium%3Asofi-stadium&g=https%3A%2F%2Fwww.therams.com%2Fstadium%2Fsofi-stadium&c.&visitorAPI=VisitorAPI%20Present&.c&cc=USD&ch=stadium&events=event1&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c2=stadium&v2=rams%3Astadium%3Astadium%3Asofi-stadium&v3=stadium&v4=false&c8=stadium&c12=desktop&v14=stadium&v20=2.0.0.0&c22=nflclubsrams&v24=desktop&v25=nflclubsrams&c33=rams&v33=rams&c48=pv&v48=english&c49=NFL%20Clubs%20-%20Launch%7Cv20200225%7C2.22.0%7C5.2.0%7C2021-12-23T00%3A09%3A53Z%7CServer%20Side%20ID%7C2.4.1&c50=D%3Dmid&v50=D%3Dmid&c51=D%3Dv49&c52=D%3Dv9&v57=https%3A%2F%2Fwww.therams.com%2Fstadium%2Fsofi-stadium&c67=sofi-stadium&v67=desktop&c71=Launch&c72=D%3Dv57&c73=D%3Dv73&v73=www.therams.com&v83=sofi-stadium&v88=deltatre&v94=standard%20article&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=F75C3025512D2C1D0A490D44%40AdobeOrg&AQE=1

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

7e2ce69243822d5c57292a5c0aa96d49c14773670b800e98bcfff17dcf1052da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-aam-tid: uJ3v/bGfTqw=
date: Wed, 09 Feb 2022 22:26:47 GMT
x-content-type-options: nosniff
x-c: main-1585.I7afc85.M0-540
p3p: CP="This is not a P3P policy"
vary: *
content-length: 7501
x-xss-protection: 1; mode=block
dcs: dcs-prod-irl1-1-v027-0c6e3a1f4.edge-irl1.demdex.com UNKNOWN
pragma: no-cache
last-modified: Thu, 10 Feb 2022 22:26:47 GMT
server: jag
xserver: anedge-cdfbd77b-4k8cz
etag: 3531420052992557056-4619821565172782693
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Tue, 08 Feb 2022 22:26:47 GMT

GET
H/1.1

200
OK

ibs:dpid=134096&dpuuid=2022020922264700090843614250
dpm.demdex.net/ Frame 01D3
Redirect Chain

https://x.dlx.addthis.com/e/demdex_sync?na_exid=38028006613905105411222451820135309839&ru=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%3Cna_id%3E%20
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2022020922264700090843614250

42 B
943 B

55ms
55ms

Image
image/gif

34.242.49.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2022020922264700090843614250

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

HTTP/1.1

Server

34.242.49.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-49-38.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v027-06abf313b.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: NErhnVhJTUM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2022020922264700090843614250
pragma: no-cache
date: Wed, 09 Feb 2022 22:26:47 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Wed, 09 Feb 2022 22:26:47 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
24 KB 135ms
48ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.therams.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 19:30:55 GMT
x-content-type-options: nosniff
age: 10552
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:14:03 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Feb 2023 19:30:55 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
23 KB 173ms
87ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.therams.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 19:31:18 GMT
x-content-type-options: nosniff
age: 10529
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:21:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Feb 2023 19:31:18 GMT

GET
H3 200 604658169716205 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 19ms
9ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/604658169716205?v=2.9.52&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6540382757a178aae4e2cda77f8c8634e72c93dc80e27cb1435862eac6100203

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 89176
x-xss-protection: 0
pragma: public
x-fb-debug: 3DyTWxojcUlTP6uSntfCSu34twt59IkVHRo6ZRhtp6wX8SExt3K+IsgYY1V9iqQUgtimG1VbKvNZZAepKmOcKg==
x-frame-options: DENY
date: Wed, 09 Feb 2022 22:26:47 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK requireModule.js Show response
www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/functions/ 982 B
1 KB 9ms
8ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/functions/requireModule.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

b3a0468ca1d69210db78aefafae46d1fd7efe8b3bfb43ac999b9398384b8dea7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 6945
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 539
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9123-NF-LAS, cache-lax10643-LGB, cache-hhn4080-HHN
X-NFL-Dma: 276006
last-modified: Mon, 07 Feb 2022 17:20:06 GMT
server: envoy
X-Timer: S1644445608.610448,VS0,VE1
etag: "1d81c46f324e4d6"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 22:26:47 GMT
X-Cache-Hits: 0, 0, 1

GET
H/1.1 200
OK intersectionObserver.js Show response
www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/functions/ 808 B
1 KB 9ms
8ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/functions/intersectionObserver.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

8182161d54abafd67e6e11122131bc2bcd65a4a86bf80617e655aa88265000f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 6945
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 428
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9123-NF-LAS, cache-lax10620-LGB, cache-hhn4070-HHN
X-NFL-Dma: 276006
last-modified: Mon, 07 Feb 2022 17:20:06 GMT
server: envoy
X-Timer: S1644445608.611116,VS0,VE1
etag: "1d81c46f324e428"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 22:26:47 GMT
X-Cache-Hits: 0, 0, 1

GET
H/1.1 200
OK adobeLaunch.js Show response
www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/ 2 KB
2 KB 9ms
8ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/adobeLaunch.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

590724305eb93b15b09eac9a534d173f727155ddb42c0a06275eec549f35a5f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 6945
Via: 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 837
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9122-NF-LAS, cache-hhn4078-HHN
X-NFL-Dma: 276006
last-modified: Mon, 07 Feb 2022 17:20:06 GMT
server: envoy
X-Timer: S1644445608.611475,VS0,VE1
etag: "1d81c46f324ee25"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 22:26:47 GMT
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK lazyload.js Show response
www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/ 2 KB
2 KB 9ms
8ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/lazyload.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

5377c77436bfcc620e2d5bebb1779b5daf63a9cabd28022ba959323d1d8e9b0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 6945
Via: 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 15
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 846
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9121-NF-LAS, cache-hhn4081-HHN
X-NFL-Dma: 276006
last-modified: Mon, 07 Feb 2022 17:20:06 GMT
server: envoy
X-Timer: S1644445608.611557,VS0,VE1
etag: "1d81c46f324e096"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 22:26:47 GMT
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK gigya.js Show response
cdns.us1.gigya.com/js/ 401 KB
133 KB 48ms
16ms Script
text/javascript 2.18.234.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ
Requested by: Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.36 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-36.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8d500c5e39809b42569d6da91088367963f1096de9b205972de5ae64a75e39b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 22:26:47 GMT
Content-Encoding: gzip
Content-Type: text/javascript; charset=utf-8
x-soa: true, Gator
Vary: Accept-Encoding
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
Access-Control-Allow-Origin: *
x-callid: 77d60c88f60a49e99d7d26b158c0b0c1
Cache-Control: public, max-age=900, s-maxage=3600
x-server: us1d-nomad-g14
Connection: keep-alive
x-robots-tag: none
Content-Length: 136047
Expires: Wed, 09 Feb 2022 22:41:47 GMT

GET
H/1.1 200
OK gigyaLoggedInChecker.js Show response
www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/common/ 2 KB
2 KB 9ms
8ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/common/gigyaLoggedInChecker.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

02930bc2b4c08b3da50de2d03d6374454b0ff8fbe111ae5463964d1bc251c939

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 6945
Via: 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 920
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9121-NF-LAS, cache-hhn4081-HHN
X-NFL-Dma: 276006
last-modified: Mon, 07 Feb 2022 17:20:06 GMT
server: envoy
X-Timer: S1644445608.623471,VS0,VE1
etag: "1d81c46f324e089"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 22:26:47 GMT
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK oneSignalAdobeTracker.js Show response
www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/ 907 B
1 KB 8ms
7ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/oneSignalAdobeTracker.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

9491f3caca5118a6226c06230922aa60cc2f342dec29a728970daf1d73b107a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 6945
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 387
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9123-NF-LAS, cache-lax10667-LGB, cache-hhn4078-HHN
X-NFL-Dma: 276006
last-modified: Mon, 07 Feb 2022 17:20:06 GMT
server: envoy
X-Timer: S1644445608.622078,VS0,VE1
etag: "1d81c46f324e48b"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 22:26:47 GMT
X-Cache-Hits: 0, 0, 1

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 24ms
8ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=604658169716205&ev=PageView&dl=https%3A%2F%2Fwww.therams.com%2Fstadium%2Fsofi-stadium&rl=&if=false&ts=1644445607632&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&fbp=fb.1.1644445607631.1847643072&it=1644445607579&coo=false&dpo=&exp=p0&rqm=GET

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 22:26:47 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Wed, 09 Feb 2022 22:26:47 GMT

GET
H/1.1 200
OK noconflict.js Show response
www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/ 93 B
898 B 7ms
7ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/noconflict.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

61ed9ec4c536d2eb2e32389cfff1656afce90aa7715968876853a1ac3439ca88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 6945
Via: 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 108
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9122-NF-LAS, cache-hhn4081-HHN
X-NFL-Dma: 276006
last-modified: Mon, 07 Feb 2022 17:20:06 GMT
server: envoy
X-Timer: S1644445608.640089,VS0,VE1
etag: "1d81c46f324e75d"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 22:26:47 GMT
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK adobeLaunchService.js Show response
www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/addons/services/ 180 B
981 B 7ms
7ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/addons/services/adobeLaunchService.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

a72891ab6e9b44ba1dab6cda81cb196e7a93913a05c7b8d772bbe35c402f14f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 6945
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 149
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9121-NF-LAS, cache-sna10729-LGB, cache-hhn4078-HHN
X-NFL-Dma: 276006
last-modified: Mon, 07 Feb 2022 17:20:06 GMT
server: envoy
X-Timer: S1644445608.640295,VS0,VE1
etag: "1d81c46f324e7b4"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 22:26:47 GMT
X-Cache-Hits: 0, 0, 1

GET
H/1.1 200
OK iconHelper.js Show response
www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/ 530 B
1 KB 8ms
7ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/iconHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

8bcd1a4901c7753af609970d77e8a023a889afdb02bb7ee6b343b05ca5069598

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 6945
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 380
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9123-NF-LAS, cache-lax10657-LGB, cache-hhn4070-HHN
X-NFL-Dma: 276006
last-modified: Mon, 07 Feb 2022 17:20:06 GMT
server: envoy
X-Timer: S1644445608.641078,VS0,VE1
etag: "1d81c46f324e512"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 22:26:47 GMT
X-Cache-Hits: 0, 0, 1

GET
H/1.1 200
OK gigyaHelper.js Show response
www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/helpers/ 3 KB
2 KB 7ms
7ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/helpers/gigyaHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

798e9911a02d8cc29927bfceb1f617e25d4e8e4fb5435140419c6236f7b7f5b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 6944
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 1178
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9121-NF-LAS, cache-sna10745-LGB, cache-hhn4080-HHN
X-NFL-Dma: 276006
last-modified: Mon, 07 Feb 2022 17:20:06 GMT
server: envoy
X-Timer: S1644445608.645865,VS0,VE0
etag: "1d81c46f324ec07"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 22:26:47 GMT
X-Cache-Hits: 0, 0, 2

GET
H/1.1 200
OK accountButtonService.js Show response
www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/addons/services/ 465 B
1 KB 9ms
8ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/addons/services/accountButtonService.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

b25cb256e8187eba8e3e63bc4d6bb8faf1aa6ba285c63d31eb9e85100bfc5de8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 6944
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 241
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9120-NF-LAS, cache-lax10657-LGB, cache-hhn4078-HHN
X-NFL-Dma: 276006
last-modified: Mon, 07 Feb 2022 17:20:06 GMT
server: envoy
X-Timer: S1644445608.650126,VS0,VE1
etag: "1d81c46f324e6d1"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 22:26:47 GMT
X-Cache-Hits: 0, 0, 1

GET
H/1.1 200
OK LA
static.www.nfl.com/t_q-best/league/api/clubs/logos/ 8 KB
4 KB 65ms
15ms Image
image/svg+xml 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.www.nfl.com/t_q-best/league/api/clubs/logos/LA

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

bcec1a47d702627a87baa373da863f22a6133d09fabad9fa9182380dd654134e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 524380
X-Cache: HIT, HIT
Server-Timing: fastly;dur=4;cpu=0;start=2022-02-03T20:47:06.668Z;desc=hit,rtt;dur=0
Content-Disposition: attachment; filename="LA"
Connection: keep-alive
Content-Length: 3390
Etag: W/"f3c7a18a8a089614f6d239bc13034f14"
X-Served-By: cache-iad-kcgs7200080-IAD, cache-hhn4058-HHN
Access-Control-Allow-Origin: *
Last-Modified: Tue, 27 Oct 2020 18:38:40 GMT
Server: Cloudinary
X-Timer: S1644445608.699323,VS0,VE1
Date: Wed, 09 Feb 2022 22:26:47 GMT
Vary: Accept-Encoding
Content-Type: image/svg+xml
Via: 1.1 varnish, 1.1 varnish
Access-Control-Expose-Headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
Cache-Control: public, no-transform, immutable, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK efcje9kfaeyt2wsflhil
static.clubs.nfl.com/image/private/f_auto/rams/ 203 KB
204 KB 9ms
9ms Image
image/webp 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/f_auto/rams/efcje9kfaeyt2wsflhil
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: d846793f4bd5253e13d58e1f45160575835a9ac8091d78654067c7bc5aea13eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 22:26:47 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 1764084
Edge-Cache-Tag: 574716032961607108415918991315851948435,591084183525109384174561494082774581312,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 574716032961607108415918991315851948435,591084183525109384174561494082774581312,c34f21cfe162ce329654d565922e8c70
Content-Disposition: inline; filename="efcje9kfaeyt2wsflhil.webp"
Connection: keep-alive
Content-Length: 207938
X-Served-By: cache-iad-kcgs7200134-IAD, cache-iad-kiad7000091-IAD, cache-hhn4043-HHN
X-Cache: HIT, HIT, HIT
Last-Modified: Thu, 19 Aug 2021 18:04:45 GMT
Server: cloudinary
X-Timer: S1644445608.650174,VS0,VE2
Etag: "41d37058a71a53ce2068ab00e9feaa4b"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 1, 1, 1

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 95ms
45ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=737141646&t=pageview&_s=1&dl=https%3A%2F%2Fwww.therams.com%2Fstadium%2Fsofi-stadium&ul=en-us&de=UTF-8&dt=SoFi%20Stadium%20%7C%20Los%20Angeles%20Rams%20-%20therams.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1241740656&gjid=1382130790&cid=1031073136.1644445608&tid=UA-122484269-1&_gid=1372715273.1644445608&_r=1&gtm=2ou270&z=1750667131

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.therams.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 09 Feb 2022 22:26:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.therams.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 60ms
38ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=737141646&t=pageview&_s=1&dl=https%3A%2F%2Fwww.therams.com%2Fstadium%2Fsofi-stadium&ul=en-us&de=UTF-8&dt=SoFi%20Stadium%20%7C%20Los%20Angeles%20Rams%20-%20therams.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4GDAAUABAAAAAC~&jid=&gjid=&cid=1031073136.1644445608&tid=UA-122484269-1&_gid=1372715273.1644445608&gtm=2ou270&z=2019006195

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Feb 2022 08:56:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 48639
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK navigation.js Show response
www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/ 5 KB
3 KB 10ms
10ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/navigation.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

229a2534529014c8d62688d11f598a6bfb826f82054827f6ab6633e186a608d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 6945
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 1979
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9121-NF-LAS, cache-lax10680-LGB, cache-hhn4078-HHN
X-NFL-Dma: 276006
last-modified: Mon, 07 Feb 2022 17:20:06 GMT
server: envoy
X-Timer: S1644445608.692163,VS0,VE1
etag: "1d81c46f324f2d4"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 22:26:47 GMT
X-Cache-Hits: 0, 0, 1

GET
H/1.1 200
OK search.js Show response
www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/ 2 KB
2 KB 11ms
11ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/search.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

d5fff1784193807b9cd03e9babd9b017375f622351e7024b591e6b337295e47a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 6945
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 880
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9123-NF-LAS, cache-sna10742-LGB, cache-hhn4080-HHN
X-NFL-Dma: 276006
last-modified: Mon, 07 Feb 2022 17:20:06 GMT
server: envoy
X-Timer: S1644445608.692652,VS0,VE1
etag: "1d81c46f324e0cf"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 22:26:47 GMT
X-Cache-Hits: 0, 0, 1

GET
H/1.1 200
OK smoothScroller.js Show response
www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/ 2 KB
1 KB 10ms
10ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/smoothScroller.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

6eeb370855e4f16067a57797064c296fe2ec6bf7eadb9e49db1df31d712339ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 6917
Via: 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 742
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9121-NF-LAS, cache-hhn4070-HHN
X-NFL-Dma: 276006
last-modified: Mon, 07 Feb 2022 17:20:06 GMT
server: envoy
X-Timer: S1644445608.692939,VS0,VE0
etag: "1d81c46f324e117"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 22:26:47 GMT
X-Cache-Hits: 0, 2

GET /
adb2waycm-atl.netmng.com/cm/ Frame 01D3 0
0

GET
H/1.1 200
OK jquery-3.6.0.min.js Show response
www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/vendor/jquery/ 105 KB
40 KB 11ms
11ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/vendor/jquery/jquery-3.6.0.min.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

878796facbcbeadeddda79c14175bb3967519b61d1db46ae49a36b5dc84e5dd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 6938
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 3
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 39864
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9121-NF-LAS, cache-lax10627-LGB, cache-hhn4081-HHN
X-NFL-Dma: 276006
last-modified: Mon, 07 Feb 2022 17:20:06 GMT
server: envoy
X-Timer: S1644445608.695978,VS0,VE1
etag: "1d81c46f32543e7"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 22:26:47 GMT
X-Cache-Hits: 0, 0, 1

GET
H/1.1 200
OK sha256.min.js Show response
www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/vendor/sha256/ 9 KB
5 KB 12ms
11ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/vendor/sha256/sha256.min.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

7157511697db744d384a5a2a8646af23f3c90560abf93bb240fdd690b29a898a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 6938
Via: 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 3888
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9122-NF-LAS, cache-hhn4031-HHN
X-NFL-Dma: 276006
last-modified: Mon, 07 Feb 2022 17:20:06 GMT
server: envoy
X-Timer: S1644445608.697050,VS0,VE1
etag: "1d81c46f324c439"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 22:26:47 GMT
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK nflTokenHelper.js Show response
www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/helpers/ 4 KB
2 KB 17ms
12ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/helpers/nflTokenHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

c98366a87bd0007a24b135bf9c39038ff3d7ea8d4c77f4222aa834f747afc6ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 6938
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 3
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 1551
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9123-NF-LAS, cache-sna10732-LGB, cache-hhn4078-HHN
X-NFL-Dma: 276006
last-modified: Mon, 07 Feb 2022 17:20:06 GMT
server: envoy
X-Timer: S1644445608.702308,VS0,VE1
etag: "1d81c46f324f7d5"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 22:26:47 GMT
X-Cache-Hits: 0, 0, 1

GET
H/1.1 200
OK accountButtonService.js Show response
www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/addons/services/clubs/ 1 KB
1 KB 12ms
11ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/addons/services/clubs/accountButtonService.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

2a44537ffe33c438fcc6f49f4ee6a02be0daa467010273f3c10f8101bd570073

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 6937
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 3
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 575
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9121-NF-LAS, cache-lax10652-LGB, cache-hhn4070-HHN
X-NFL-Dma: 276006
last-modified: Mon, 07 Feb 2022 17:20:06 GMT
server: envoy
X-Timer: S1644445608.703550,VS0,VE1
etag: "1d81c46f324e329"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 22:26:47 GMT
X-Cache-Hits: 0, 0, 1

GET
H3 200 /
www.facebook.com/tr/ 44 B
90 B 26ms
10ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=265163127283621&ev=Adobe-Audience-Manager-Segment&cd[segID]=8512423&noscript=1

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 22:26:47 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Wed, 09 Feb 2022 22:26:47 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/861929325/ 2 KB
2 KB 142ms
54ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/861929325/?random=1644445607698&cv=9&fst=1644445607698&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa270&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.therams.com%2Fstadium%2Fsofi-stadium&tiba=SoFi%20Stadium%20%7C%20Los%20Angeles%20Rams%20-%20therams.com&hn=www.googleadservices.com&us_privacy=1---&gbcov=0&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7be05e2b4781ede26728b7a6e0d4e5410890dc90dd691510e5b30802519c583e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Feb 2022 22:26:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1053
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK md5.js Show response
www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/vendor/md5/ 4 KB
2 KB 10ms
10ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/vendor/md5/md5.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

eec3e00ec5297b3e3a9fdfda04e1eb3495b871c01db06e469146a731fd726f98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 6937
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 1714
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9123-NF-LAS, cache-lax10630-LGB, cache-hhn4031-HHN
X-NFL-Dma: 276006
last-modified: Mon, 07 Feb 2022 17:20:06 GMT
server: envoy
X-Timer: S1644445608.709993,VS0,VE1
etag: "1d81c46f324e826"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 22:26:47 GMT
X-Cache-Hits: 0, 0, 1

GET
H2 200 sdk.config.get Show response
auth-id.nfl.com/ 4 KB
2 KB 365ms
279ms Fetch
text/javascript 52.222.236.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-id.nfl.com/sdk.config.get?apiKey=4_9uJbeFZZVmtKTfSv1bjUVQ&httpStatusCodes=true
Requested by: Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-97.fra56.r.cloudfront.net
Software: /
Resource Hash: 97de3adf74a0a5e4bc0b08f1508b103a926ab8d3f24d76767b5596db185da907

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 22:26:48 GMT
content-encoding: gzip
x-soa: true, Gator
x-amz-cf-pop: FRA56-P4
edge-cache-tag: siteid_748934946734
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
edge-control: !no-store,max-age=1h
x-cache: Miss from cloudfront
content-length: 1511
access-control-allow-origin: *
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
x-callid: 9090a91b6d2346a89c5840a54cf26c02
cache-control: public, s-maxage=3600, max-age=900
x-server: us1d-nomad-g8
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: laJRVUXus-35l0mL7gYHjjmuSxbsj60tGWAbeve_smA9W1sLSskFbA==

GET
H/1.1 200
OK browserHelper.js Show response
www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/helpers/ 2 KB
2 KB 7ms
7ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/helpers/browserHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

51f9f21b7ac45e48dea3f02ead3b3ed2151936f28cb0f7a3bf26af88bb30adb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 6938
Via: 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 3
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 761
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9122-NF-LAS, cache-hhn4031-HHN
X-NFL-Dma: 276006
last-modified: Mon, 07 Feb 2022 17:20:06 GMT
server: envoy
X-Timer: S1644445608.748863,VS0,VE1
etag: "1d81c46f324e120"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 22:26:47 GMT
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK smooth-scroll.polyfills.min.js Show response
www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/vendor/smooth-scroll/ 6 KB
4 KB 7ms
7ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/vendor/smooth-scroll/smooth-scroll.polyfills.min.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

bb6c08579f871753ec3d3bcd1e49757fa8342e136fd5a485b871a4068bc32623

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 6917
Via: 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 2828
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9120-NF-LAS, cache-hhn4070-HHN
X-NFL-Dma: 276006
last-modified: Mon, 07 Feb 2022 17:20:06 GMT
server: envoy
X-Timer: S1644445608.749633,VS0,VE1
etag: "1d81c46f324fe72"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 22:26:47 GMT
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK deferredService.js Show response
www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/services/ 751 B
1 KB 7ms
7ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/services/deferredService.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

2d347443d3ac1363e31281915b1a5a239c9905bfdbabb7f897dbb07ef981d71b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 6937
Via: 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 402
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9120-NF-LAS, cache-hhn4078-HHN
X-NFL-Dma: 276006
last-modified: Mon, 07 Feb 2022 17:20:06 GMT
server: envoy
X-Timer: S1644445608.751017,VS0,VE1
etag: "1d81c46f324e5ef"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 22:26:47 GMT
X-Cache-Hits: 0, 1

GET
H/1.1 200
OK stringHelper.js Show response
www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/helpers/ 586 B
1 KB 15ms
14ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/helpers/stringHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

788ab74adefb14b2710f86b1de56bc0040c935d09e5ba8a1825ca6d3c15dc8a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 6937
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 392
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9123-NF-LAS, cache-lax10635-LGB, cache-hhn4081-HHN
X-NFL-Dma: 276006
last-modified: Mon, 07 Feb 2022 17:20:06 GMT
server: envoy
X-Timer: S1644445608.755033,VS0,VE1
etag: "1d81c46f324e54a"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 22:26:47 GMT
X-Cache-Hits: 0, 0, 1

GET
H/1.1 200
OK dateHelper.js Show response
www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/helpers/ 287 B
1 KB 7ms
7ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/helpers/dateHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

7fe19ed9f52e04a6932f63b7de463fd9c8593b2ddbcbd4469fe0db31a0fabf30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 6937
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 202
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9121-NF-LAS, cache-sna10730-LGB, cache-hhn4080-HHN
X-NFL-Dma: 276006
last-modified: Mon, 07 Feb 2022 17:20:06 GMT
server: envoy
X-Timer: S1644445608.751166,VS0,VE1
etag: "1d81c46f324e61f"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 22:26:47 GMT
X-Cache-Hits: 0, 0, 1

GET
H/1.1 200
OK objectHelper.js Show response
www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/helpers/ 395 B
1 KB 7ms
7ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/helpers/objectHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

ab2e2395cef5812ed20caae0b0a178b1edace5036be869f62709efbfbee0580f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 6937
Via: 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 262
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9123-NF-LAS, cache-hhn4037-HHN
X-NFL-Dma: 276006
last-modified: Mon, 07 Feb 2022 17:20:06 GMT
server: envoy
X-Timer: S1644445608.751341,VS0,VE0
etag: "1d81c46f324e68b"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 22:26:47 GMT
X-Cache-Hits: 0, 2

GET
H/1.1 200
OK locationHelper.js Show response
www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/helpers/ 995 B
1 KB 7ms
7ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/modules/helpers/locationHelper.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

2bc1e39bc42a6b22ca0750f79347faf3d5720cccd8a3d611682dc53f715c82dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 6936
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LA3
X-Cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 502
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9123-NF-LAS, cache-sna10733-LGB, cache-hhn4031-HHN
X-NFL-Dma: 276006
last-modified: Mon, 07 Feb 2022 17:20:06 GMT
server: envoy
X-Timer: S1644445608.756635,VS0,VE1
etag: "1d81c46f324e4e3"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 22:26:47 GMT
X-Cache-Hits: 0, 0, 1

GET
H/1.1 200
OK js.cookie.min.js Show response
www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/vendor/js-cookie/ 2 KB
2 KB 7ms
7ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/vendor/js-cookie/js.cookie.min.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

a1e8ff6e3433451a637658e81616852233d86684186eab93629b79c94d15b28f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 6937
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: MISS, MISS, HIT
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 1126
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9121-NF-LAS, cache-lax10643-LGB, cache-hhn4070-HHN
X-NFL-Dma: 276006
last-modified: Mon, 07 Feb 2022 17:20:06 GMT
server: envoy
X-Timer: S1644445608.757193,VS0,VE0
etag: "1d81c46f324e0e6"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 22:26:47 GMT
X-Cache-Hits: 0, 0, 2

GET
H/1.1 200
OK jquery.visible.min.js Show response
www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/vendor/jquery/plugins/ 803 B
1 KB 7ms
7ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/vendor/jquery/plugins/jquery.visible.min.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

5735dc0f41e6575b3c446749ff221fed891988e66b7313e985a0e9c0cfbea52b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 6937
Via: 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 443
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9122-NF-LAS, cache-hhn4080-HHN
X-NFL-Dma: 276006
last-modified: Mon, 07 Feb 2022 17:20:06 GMT
server: envoy
X-Timer: S1644445608.759121,VS0,VE1
etag: "1d81c46f324e423"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 22:26:47 GMT
X-Cache-Hits: 0, 1

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 56ms
18ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-122484269-1&cid=1031073136.1644445608&jid=1241740656&gjid=1382130790&_gid=1372715273.1644445608&_u=YEBAAUAAAAAAAC~&z=1545211016

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.therams.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 09 Feb 2022 22:26:47 GMT
content-type: text/plain
access-control-allow-origin: https://www.therams.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK jquery.autocomplete.min.js Show response
www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/vendor/autocomplete/ 13 KB
6 KB 7ms
7ms Script
application/javascript 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.therams.com/compiledassets/js/f24c494e5d60ad3d77c9fbfd6e3161b7/vendor/autocomplete/jquery.autocomplete.min.js

Requested by

Host: www.therams.com
URL: https://www.therams.com/compiledassets/js/vendor/requirejs/require-2.3.5.min.js?_t=bebd45d1f406bbe61424136b03e50895

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

83b8975d97ad572af9b9c7bf861913699ac5d14f1ad14521e0ef5c451b71ac55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/stadium/sofi-stadium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
Age: 6937
Via: 1.1 varnish, 1.1 varnish
origin-site: LV1
X-Cache: MISS, HIT
x-envoy-upstream-service-time: 2
Connection: keep-alive
X-NFL-Geo: country_code=DE
Content-Length: 4972
x-xss-protection: 1; mode=block
service-worker-allowed: /
X-Served-By: cache-nf-las9121-NF-LAS, cache-hhn4080-HHN
X-NFL-Dma: 276006
last-modified: Mon, 07 Feb 2022 17:20:06 GMT
server: envoy
X-Timer: S1644445608.771068,VS0,VE1
etag: "1d81c46f324d59b"
Vary: Accept-Encoding,X-NFL-Geo,Origin
content-type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=5
Accept-Ranges: bytes
Date: Wed, 09 Feb 2022 22:26:47 GMT
X-Cache-Hits: 0, 1

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEKbUr4zGEoDuVoJqTEr731I&google_cver=1
dpm.demdex.net/ Frame 01D3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MzgwMjgwMDY2MTM5MDUxMDU0MTEyMjI0NTE4MjAxMzUzMDk4Mzk=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MzgwMjgwMDY2MTM5MDUxMDU0MTEyMjI0NTE4MjAxMzUzMDk4Mzk=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEKbUr4zGEoDuVoJqTEr731I&google_cver=1?gdpr=0&gdpr_consent=

42 B
943 B

33ms
33ms

Image
image/gif

34.242.49.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEKbUr4zGEoDuVoJqTEr731I&google_cver=1?gdpr=0&gdpr_consent=

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

HTTP/1.1

Server

34.242.49.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-49-38.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v027-0264697f1.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: xzekjmqERJE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 09 Feb 2022 22:26:48 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEKbUr4zGEoDuVoJqTEr731I&google_cver=1?gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=971204136971632&ev=Adobe-Audience-Manager-Segment&cd[segID]=8512423;18940937&noscript=1

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 22:26:47 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Wed, 09 Feb 2022 22:26:47 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 166ms
55ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-122484269-1&cid=1031073136.1644445608&jid=1241740656&_u=YEBAAUAAAAAAAC~&z=1620151517

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Feb 2022 22:26:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 169ms
55ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-122484269-1&cid=1031073136.1644445608&jid=1241740656&_u=YEBAAUAAAAAAAC~&z=1620151517

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Feb 2022 22:26:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK izdpunlxatdhczal942d.jpg
static.clubs.nfl.com/image/upload/v1643617485/rams/ 473 KB
474 KB 8ms
8ms Image
image/jpeg 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/upload/v1643617485/rams/izdpunlxatdhczal942d.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: c0a91f38e7d188fe81ce0bd28ba637577863b8dd5618d651d7a011a8172680f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 22:26:47 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 827889
Edge-Cache-Tag: 536327977121421022919912739173439948055,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 536327977121421022919912739173439948055,c34f21cfe162ce329654d565922e8c70
X-Cache: MISS, HIT, HIT
Connection: keep-alive
Content-Length: 484145
X-Served-By: cache-iad-kiad7000140-IAD, cache-iad-kiad7000060-IAD, cache-hhn4043-HHN
Last-Modified: Mon, 31 Jan 2022 08:24:46 GMT
Server: cloudinary
X-Timer: S1644445608.834553,VS0,VE1
Etag: "40376bcd9cb81634b3e76f3fbad237b1"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 1, 1

GET
H/1.1 200
OK pfzqqwyhguxgqvxd89cd.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/f_auto/rams/ 22 KB
23 KB 7ms
7ms Image
image/webp 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/f_auto/rams/pfzqqwyhguxgqvxd89cd.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 0d387e0a5b706be9dafcb05e88b47197fc3a04e37bf3674507432ae754d0c0b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 22:26:47 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 2986401
Edge-Cache-Tag: 372951776681891745206645328894684630372,570390401546932734906863618615812524576,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 372951776681891745206645328894684630372,570390401546932734906863618615812524576,c34f21cfe162ce329654d565922e8c70
Content-Disposition: inline; filename="pfzqqwyhguxgqvxd89cd.webp"
Connection: keep-alive
Content-Length: 22888
X-Served-By: cache-iad-kjyo7100171-IAD, cache-iad-kjyo7100027-IAD, cache-hhn4052-HHN
X-Cache: MISS, HIT, HIT
Last-Modified: Fri, 17 Dec 2021 23:20:14 GMT
Server: cloudinary
X-Timer: S1644445608.834845,VS0,VE1
Etag: "5ca3cbf356059cdfb8a61595be959e9c"
Vary: X-NFL-Image-Support
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 1, 1

GET
H/1.1 200
OK lwsr9kpjckkvyhp1uegl.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/f_auto/rams/ 26 KB
27 KB 26ms
26ms Image
image/jpeg 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/f_auto/rams/lwsr9kpjckkvyhp1uegl.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 5bad87b8d37ffcfbf7ac14becab03964573366353388a7dd80825da4d3cceea1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 22:26:47 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 2976821
Edge-Cache-Tag: 561948427067237913989577602717750212885,570390401546932734906863618615812524576,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 561948427067237913989577602717750212885,570390401546932734906863618615812524576,c34f21cfe162ce329654d565922e8c70
X-Cache: MISS, HIT, HIT
Connection: keep-alive
Content-Length: 26510
X-Served-By: cache-iad-kiad7000135-IAD, cache-iad-kjyo7100039-IAD, cache-hhn4062-HHN
Last-Modified: Thu, 16 Dec 2021 01:14:13 GMT
Server: cloudinary
X-Timer: S1644445608.841229,VS0,VE1
Etag: "ba531fdd13b1e4c09502c8efaec3cd38"
Vary: X-NFL-Image-Support
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 1, 1

GET
H/1.1 200
OK br1oukintwzib84ykrha.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/f_auto/rams/ 52 KB
53 KB 11ms
11ms Image
image/jpeg 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/f_auto/rams/br1oukintwzib84ykrha.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: c92e958b151f13f6e0ad4998d6c3c0c9bd276f3c261654ec8e1fe6da6efd2e96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 22:26:47 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 1491824
Edge-Cache-Tag: 533685290724722026365348896775649987849,570390401546932734906863618615812524576,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 533685290724722026365348896775649987849,570390401546932734906863618615812524576,c34f21cfe162ce329654d565922e8c70
X-Cache: MISS, HIT, HIT
Connection: keep-alive
Content-Length: 53455
X-Served-By: cache-iad-kcgs7200100-IAD, cache-iad-kiad7000157-IAD, cache-hhn4057-HHN
Last-Modified: Wed, 21 Jul 2021 15:22:35 GMT
Server: cloudinary
X-Timer: S1644445608.836075,VS0,VE1
Etag: "9525e2d9c85ecece2d6e4d8e7e127ebf"
Vary: X-NFL-Image-Support
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 1, 1

GET
H/1.1 200
OK qydqex97rx1x6o4w53ml.jpg
static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/f_auto/rams/ 30 KB
31 KB 29ms
28ms Image
image/jpeg 151.101.129.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clubs.nfl.com/image/private/t_editorial_landscape_3_4_desktop/f_auto/rams/qydqex97rx1x6o4w53ml.jpg
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 690507500538e422ee1d1707573b3b3acfd7a57674e1d1234f87c8ee5f587d19

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 22:26:47 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 1738631
Edge-Cache-Tag: 561970991575272472998702031147990830514,570390401546932734906863618615812524576,c34f21cfe162ce329654d565922e8c70
Cache-Tag: 561970991575272472998702031147990830514,570390401546932734906863618615812524576,c34f21cfe162ce329654d565922e8c70
X-Cache: MISS, HIT, HIT
Connection: keep-alive
Content-Length: 31071
X-Served-By: cache-iad-kjyo7100034-IAD, cache-iad-kiad7000171-IAD, cache-hhn4047-HHN
Last-Modified: Wed, 07 Jul 2021 22:03:14 GMT
Server: cloudinary
X-Timer: S1644445608.847195,VS0,VE1
Etag: "9e2de7ca249a1b40909b7ac496af57d1"
Vary: X-NFL-Image-Support
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 0, 1, 1

GET
H2 200 /
www.google.com/pagead/1p-user-list/861929325/ 42 B
548 B 138ms
54ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/861929325/?random=1644445607698&cv=9&fst=1644444000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa270&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.therams.com%2Fstadium%2Fsofi-stadium&tiba=SoFi%20Stadium%20%7C%20Los%20Angeles%20Rams%20-%20therams.com&async=1&fmt=3&is_vtc=1&random=948913766&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Feb 2022 22:26:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/861929325/ 42 B
154 B 132ms
57ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/861929325/?random=1644445607698&cv=9&fst=1644444000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa270&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.therams.com%2Fstadium%2Fsofi-stadium&tiba=SoFi%20Stadium%20%7C%20Los%20Angeles%20Rams%20-%20therams.com&async=1&fmt=3&is_vtc=1&random=948913766&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Feb 2022 22:26:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
analytics.twitter.com/i/ Frame 01D3 43 B
354 B 167ms
117ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_user_id=38028006613905105411222451820135309839&p_id=38594

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-response-time: 110
date: Wed, 09 Feb 2022 22:26:47 GMT
server: tsa_o
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: d6318c2b893c904a2151fd986f48240506ad338ff1e92bba210c94a28dd3b811
content-length: 43

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 537 KB
87 KB 93ms
35ms Script
application/javascript 2606:4700::6811:e6cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5191967.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a077659f2a6ddd4ef5faeeddb3a11f35f9e06e9d7e4983e9b6b94ae4f0c3736

Request headers

Referer: https://www.therams.com/
Origin: https://www.therams.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 22:26:48 GMT
via: 1.1 2a6e657acb4fd3f6aee2e3da45e44642.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 23966
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1076/bundle/main/lead-flows-release.js&cfRay=6dae3c63693090d4-IAD
x-cache: Hit from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 6db0857a0e309140-FRA
last-modified: Wed, 26 Jan 2022 02:14:13 UTC
server: cloudflare
etag: W/"e38a58bd3c6f3ee06e3815b92e4f051d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: tJ1VrBqTbfMgHAdgAnHHYVgYsiJaQlJ4
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD89-P1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: WdH1qA81CiXPu6hn6JAwa24nr0naprZfQgEy0PVE28mPQUsBHEN3mA==
x-hs-target-asset: lead-flows-js/static-1.1076/bundle/main/lead-flows-release.js

GET
H2 200 5191967.js Show response
js.hs-analytics.net/analytics/1644445500000/ 62 KB
20 KB 175ms
153ms Script
text/javascript 2606:4700::6811:43b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1644445500000/5191967.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5191967.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:43b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9f8cc3fcb56bb648341abb1e3b43c0089f0c67f07b5250fc2998bcfeaab34fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 22:26:48 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: DRA6F09DV5AKYCVV
x-amz-server-side-encryption: AES256
cf-ray: 6db08579dd4b9180-FRA
x-amz-id-2: EHSECUrakJ9G/PwXmOPNwWWRIirnLtbJYffBCVT8HCwVNTwVEaaCFaJuC/1Tubnes6OGgbrLShY=
last-modified: Mon, 19 Jul 2021 15:06:58 GMT
server: cloudflare
etag: W/"fe913999162c2c133c99e38a8bd81d12"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
content-type: text/javascript
expires: Wed, 09 Feb 2022 22:31:48 GMT

GET
H2 200 5191967.js Show response
js.hs-banner.com/ 61 KB
16 KB 66ms
46ms Script
text/javascript 2606:4700::6812:15bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/5191967.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5191967.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a81f1adb70a2c570ba58635581181e8678244887f8e9a3bf50b703368f211948

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 22:26:48 GMT
content-encoding: br
cf-cache-status: HIT
age: 225
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-request-id: MGB9CVAD8WA231CM
x-amz-id-2: tcgqmL+0UboVX47wTHKA2+Zn5dZQizZ6ihvAhrCdGg8cDSvHxRuPQTt1Qt7uMV32i6UlLoMgzpk=
timing-allow-origin: *
last-modified: Tue, 08 Feb 2022 23:44:45 GMT
server: cloudflare
etag: W/"bc95876d2d9b3bddcf76b200021f4390"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: gRbvMTzJhPs1HCk8BWkh37esu2d9MsL.
access-control-allow-origin: https://www.therams.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 6db08579dc645c3e-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Wed, 09 Feb 2022 22:28:01 GMT

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 01D3
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.everesttech.net%2F1x1%3F
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WWdRLXBnQUFBS0pKeHdPMQ&url=/1/gr%3furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F&google_gid=CAESEAeZxlMu2p2keUy2kaAqiis&google_cver=1
https://pixel.everesttech.net/1x1

128 B
796 B

29ms
29ms

Image
image/png

52.210.63.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: HTTP/1.1
Server: 52.210.63.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-63-97.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 22:26:48 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b521-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Wed, 09 Feb 2022 22:26:48 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 Api.aspx Show response
auth-id.nfl.com/gs/webSdk/ Frame 459F 111 KB
40 KB 292ms
276ms Document
text/html 52.222.236.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-id.nfl.com/gs/webSdk/Api.aspx?apiKey=4_9uJbeFZZVmtKTfSv1bjUVQ&version=latest&build=12833

Requested by

Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-97.fra56.r.cloudfront.net

Software

Resource Hash

220e74313fe444d28375d73fda37d0adbf38a1b3e80c76963e5521850889d44f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/

Response headers

content-type: text/html; charset=utf-8
content-length: 40238
cache-control: public, s-maxage=3600, max-age=900
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-origin: *
edge-control: !no-store,max-age=1h
edge-cache-tag: siteid_748934946734,ver_latest
strict-transport-security: max-age=63072000; includeSubDomains; preload
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
x-soa: true, Gator
x-server: us1d-nomad-g16
x-callid: 5851c8d0704641cd828406d4f64ef15b
date: Wed, 09 Feb 2022 22:26:48 GMT
accept-ranges: bytes
x-robots-tag: none
x-cache: Miss from cloudfront
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: lH4zhFv9WIvrZxrZPhJsNMKB4sHHHcwA2SglQHkMZjxmK6a-Mfrlaw==

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 01D3
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072980%26val%3D__EFGSURFER__.__EFGCK__
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WWdRLXBnQUFBS0pKeHdPMQ&url=/1/gr%3furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEA...
https://pixel.everesttech.net/1x1

128 B
691 B

29ms
29ms

Image
image/png

52.210.63.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: HTTP/1.1
Server: 52.210.63.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-63-97.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 22:26:48 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "36b521-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Wed, 09 Feb 2022 22:26:48 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H3 200 / Show response
www.facebook.com/tr/ Frame EE3F 0
15 B 8ms
7ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.therams.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.therams.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=0
date: Wed, 09 Feb 2022 22:26:48 GMT

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 01D3
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fib.adnxs.com%2Fpxj%3Faction%3Dsetuid(%27__EFGSURFER__.__EFGCK__%27)%26bidder%3D51%26seg%3D2634060der%3D51%26seg%3D2634060
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WWdRLXBnQUFBS0pKeHdPMQ&url=/1/gr%3furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%25...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D26...
https://pixel.everesttech.net/1x1

128 B
691 B

30ms
30ms

Image
image/png

52.210.63.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: HTTP/1.1
Server: 52.210.63.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-63-97.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 22:26:48 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "36b51f-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Wed, 09 Feb 2022 22:26:48 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 01D3
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fexpires%3D30%26nid%3D2181%26put%3D__EFGSURFER__.__EFGCK__%26v%3D11782
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WWdRLXBnQUFBS0pKeHdPMQ&url=/1/gr%3furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpir...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2...
https://pixel.everesttech.net/1x1

128 B
691 B

29ms
29ms

Image
image/png

52.210.63.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: HTTP/1.1
Server: 52.210.63.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-63-97.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 22:26:48 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "36b516-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Wed, 09 Feb 2022 22:26:48 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 01D3
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%3D%26piggybackCookie%3D__EFGSURFER__.__EFGCK__
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WWdRLXBnQUFBS0pKeHdPMQ&url=/1/gr%3furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fv...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggyb...
https://pixel.everesttech.net/1x1

128 B
691 B

30ms
29ms

Image
image/png

52.210.63.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: HTTP/1.1
Server: 52.210.63.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-63-97.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 22:26:48 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "36b51f-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Wed, 09 Feb 2022 22:26:48 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

ibs:dpid=903&dpuuid=53ab0483-3bc6-4e91-b182-130f4479b3d7
dpm.demdex.net/ Frame 01D3
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
https://dpm.demdex.net/ibs:dpid=903&dpuuid=53ab0483-3bc6-4e91-b182-130f4479b3d7

42 B
943 B

32ms
32ms

Image
image/gif

34.242.49.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=903&dpuuid=53ab0483-3bc6-4e91-b182-130f4479b3d7

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

HTTP/1.1

Server

34.242.49.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-49-38.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v027-09221f2e5.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: +1ASXfZyQ2I=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 09 Feb 2022 22:26:48 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dpm.demdex.net/ibs:dpid=903&dpuuid=53ab0483-3bc6-4e91-b182-130f4479b3d7
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 189

GET
H2 200 sdk.config.get Show response
auth-id.nfl.com/ Frame 459F 4 KB
2 KB 276ms
275ms Fetch
text/javascript 52.222.236.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-id.nfl.com/sdk.config.get?apiKey=4_9uJbeFZZVmtKTfSv1bjUVQ&httpStatusCodes=true
Requested by: Host: auth-id.nfl.com
URL: https://auth-id.nfl.com/gs/webSdk/Api.aspx?apiKey=4_9uJbeFZZVmtKTfSv1bjUVQ&version=latest&build=12833
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-97.fra56.r.cloudfront.net
Software: /
Resource Hash: 97de3adf74a0a5e4bc0b08f1508b103a926ab8d3f24d76767b5596db185da907

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth-id.nfl.com/gs/webSdk/Api.aspx?apiKey=4_9uJbeFZZVmtKTfSv1bjUVQ&version=latest&build=12833
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 22:26:48 GMT
content-encoding: gzip
x-soa: true, Gator
x-amz-cf-pop: FRA56-P4
edge-cache-tag: siteid_748934946734
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
edge-control: !no-store,max-age=1h
x-cache: Miss from cloudfront
content-length: 1511
access-control-allow-origin: *
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
x-callid: 9090a91b6d2346a89c5840a54cf26c02
cache-control: public, s-maxage=3600, max-age=900
x-server: us1d-nomad-g8
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: gRjDUbGauCsSfvOzkvPRfIduhgJA2P7FrcUJAk1f6lYsUykJm9qq9Q==

GET
H2

404

sync
pixel.advertising.com/ups/28/ Frame 01D3
Redirect Chain

https://pixel.advertising.com/ups/28/sync?uid=38028006613905105411222451820135309839&_origin=1&redir=true
https://pixel.advertising.com/ups/28/sync?uid=38028006613905105411222451820135309839&_origin=1&redir=true&verify=true

0
255 B

8ms
8ms

Image
text/plain

54.93.153.188
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/28/sync?uid=38028006613905105411222451820135309839&_origin=1&redir=true&verify=true

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

Server

54.93.153.188 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-93-153-188.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 22:26:48 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://pixel.advertising.com/ups/28/sync?uid=38028006613905105411222451820135309839&_origin=1&redir=true&verify=true
date: Wed, 09 Feb 2022 22:26:48 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 01D3
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D71%26external_user_id%3D__EFGSURFER__.__EFGCK__
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WWdRLXBnQUFBS0pKeHdPMQ&url=/1/gr%3furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__&google_...
https://pixel.everesttech.net/1x1

128 B
691 B

29ms
29ms

Image
image/png

52.210.63.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: HTTP/1.1
Server: 52.210.63.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-63-97.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 22:26:48 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "36b521-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Wed, 09 Feb 2022 22:26:48 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

ibs:dpid=28645&dpuuid=JpfAFVJg-D9iTnG7VEZQlZ2A0NZnOUbO&gdpr=0&gdpr_consent=
dpm.demdex.net/ Frame 01D3
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
https://gum.criteo.com/sync?s=1&c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=JpfAFVJg-D9iTnG7VEZQlZ2A0NZnOUbO&gdpr=0&gdpr_consent=

42 B
943 B

32ms
32ms

Image
image/gif

34.242.49.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=28645&dpuuid=JpfAFVJg-D9iTnG7VEZQlZ2A0NZnOUbO&gdpr=0&gdpr_consent=

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

HTTP/1.1

Server

34.242.49.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-49-38.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v027-09221f2e5.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: mkors+EwTOk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=JpfAFVJg-D9iTnG7VEZQlZ2A0NZnOUbO&gdpr=0&gdpr_consent=
date: Wed, 09 Feb 2022 22:26:48 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 3674
content-length: 227
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8

GET
H2 200 accounts.webSdkBootstrap Show response
auth-id.therams.com/ 199 B
1 KB 382ms
293ms XHR
text/javascript 13.32.121.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-id.therams.com/accounts.webSdkBootstrap?apiKey=4_9uJbeFZZVmtKTfSv1bjUVQ&pageURL=https%3A%2F%2Fwww.therams.com%2Fstadium%2Fsofi-stadium&sdk=js_latest&sdkBuild=12833&format=json
Requested by: Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-38.fra60.r.cloudfront.net
Software: /
Resource Hash: 8f73ebb686deeef5dc9318445a5b4179a8e2bbe9bc82c25a5c7600c6afd47127

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 22:26:48 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
x-soa: true, Gator
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
content-length: 166
access-control-allow-origin: https://www.therams.com
access-control-max-age: 86400
access-control-allow-methods: GET,PUT,DELETE,HEAD,OPTIONS,POST,PATCH
content-type: text/javascript; charset=utf-8
via: 1.1 d7433132a7c6595c9aab2dc2272e7060.cloudfront.net (CloudFront)
x-callid: ae15dc117ee44e2881914ad753a16fe6
cache-control: private
x-server: us1d-nomad-g5
access-control-allow-credentials: true
x-robots-tag: none
x-amz-cf-id: f17RXF2nKzfq-5DrSDjXvQfGiqEUIaMBa8M3VQ4VrcfxYQQUc11O8Q==

GET
H/1.1

200
OK

ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
dpm.demdex.net/ Frame 01D3
Redirect Chain

https://ps.eyeota.net/match?bid=6j5b2cv&uid=38028006613905105411222451820135309839&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

42 B
961 B

30ms
30ms

Image
image/gif

34.242.49.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

HTTP/1.1

Server

34.242.49.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-49-38.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v027-09de5dfea.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-Error: 104,303
X-TID: XMyMUFE9SP0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=30064&dpuuid={UUID_6j5b2cv}
Date: Wed, 09 Feb 2022 22:26:48 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H/1.1

200
OK

ibs:dpid=30646
dpm.demdex.net/ Frame 01D3
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=38028006613905105411222451820135309839&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-vJdbSfJE2pFcZ7ObOSswiE4smHJKiJlR0iE-~A

42 B
943 B

58ms
31ms

Image
image/gif

34.242.49.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-vJdbSfJE2pFcZ7ObOSswiE4smHJKiJlR0iE-~A

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

HTTP/1.1

Server

34.242.49.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-49-38.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v027-0c6e3a1f4.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: y3BVyd0sT88=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Wed, 09 Feb 2022 22:26:49 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: text/html;charset=utf-8
location: https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-vJdbSfJE2pFcZ7ObOSswiE4smHJKiJlR0iE-~A
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
content-length: 0
x-content-type-options: nosniff

GET
H2 200 v2
odr.mookie1.com/t/ Frame 01D3 43 B
324 B 56ms
20ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2?tagid=V2_676804&src.visitorId=38028006613905105411222451820135309839&gdpr=0&gdpr_consent=
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Feb 2022 22:26:49 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 01D3
Redirect Chain

https://cm.everesttech.net/cm/yh
https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=YgQ-pgAAAKJJxwO1&sigv=1&esig=1~22e2bf1aa271af4d5ceb30e24f0cb6a8e9de894d

0
194 B

61ms
20ms

Image
text/plain

2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=YgQ-pgAAAKJJxwO1&sigv=1&esig=1~22e2bf1aa271af4d5ceb30e24f0cb6a8e9de894d

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 22:26:49 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=YgQ-pgAAAKJJxwO1&sigv=1&esig=1~22e2bf1aa271af4d5ceb30e24f0cb6a8e9de894d
Date: Wed, 09 Feb 2022 22:26:49 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 sso.htm Show response
auth-id.nfl.com/gs/ Frame 70B0 78 KB
28 KB 280ms
280ms Document
text/html 52.222.236.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=12833

Requested by

Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-97.fra56.r.cloudfront.net

Software

Resource Hash

bb17e24c74e06e8b0b21efd79b1b8c9d2e39d27e33520fb6841a3e8b0af04a65

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/

Response headers

content-type: text/html; charset=utf-8
content-length: 28491
cache-control: public, s-maxage=3600, max-age=900
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-origin: *
edge-control: !no-store,max-age=1h
edge-cache-tag: siteid_7827621,ver_latest
strict-transport-security: max-age=63072000; includeSubDomains; preload
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
x-soa: true, Gator
x-server: us1d-nomad-g1
x-callid: 9895ed88a4554593a32d7f45dce8fa24
date: Wed, 09 Feb 2022 22:26:49 GMT
accept-ranges: bytes
x-robots-tag: none
x-cache: Miss from cloudfront
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: tjReey2vVbEGX5WIsYixza_HgJCIVK5c0vWa6898dJG0gCFn5QlERA==

GET
H2 200 sso.htm Show response
auth-id.nfl.com/gs/ Frame CA98 78 KB
28 KB 280ms
279ms Document
text/html 52.222.236.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=12833

Requested by

Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-97.fra56.r.cloudfront.net

Software

Resource Hash

bb17e24c74e06e8b0b21efd79b1b8c9d2e39d27e33520fb6841a3e8b0af04a65

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/

Response headers

content-type: text/html; charset=utf-8
content-length: 28491
cache-control: public, s-maxage=3600, max-age=900
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-origin: *
edge-control: !no-store,max-age=1h
edge-cache-tag: siteid_7827621,ver_latest
strict-transport-security: max-age=63072000; includeSubDomains; preload
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
x-soa: true, Gator
x-server: us1d-nomad-g1
x-callid: 9895ed88a4554593a32d7f45dce8fa24
date: Wed, 09 Feb 2022 22:26:49 GMT
accept-ranges: bytes
x-robots-tag: none
x-cache: Miss from cloudfront
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: fJwOp1SZObBxXFrZv2nqxW7fB2UscfYNZ5gR8UwpgohQpHhBWhOVFA==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 01D3
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWdRLXBnQUFBS0pKeHdPMQ==

170 B
188 B

49ms
49ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWdRLXBnQUFBS0pKeHdPMQ==

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Feb 2022 22:26:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 09 Feb 2022 22:26:49 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1644445609.355841,VS0,VE0
x-served-by: cache-hhn4023-HHN
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWdRLXBnQUFBS0pKeHdPMQ==
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 01D3
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YgQ-pgAAAKJJxwO1&expires=90

0
239 B

56ms
9ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YgQ-pgAAAKJJxwO1&expires=90
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 09 Feb 2022 22:26:49 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1644445609.427947,VS0,VE0
x-served-by: cache-hhn4023-HHN
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YgQ-pgAAAKJJxwO1&expires=90
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 01D3
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YgQ-pgAAAKJJxwO1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YgQ-pgAAAKJJxwO1&C=1

43 B
1003 B

16ms
15ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YgQ-pgAAAKJJxwO1&C=1
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Feb 2022 22:26:49 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 09 Feb 2022 22:26:49 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 09 Feb 2022 22:26:49 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YgQ-pgAAAKJJxwO1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 279
Expires: Wed, 09 Feb 2022 22:26:49 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 01D3
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
https://ib.adnxs.com/setuid?entity=158&code=YgQ-pgAAAKJJxwO1

43 B
1018 B

22ms
21ms

Image
image/gif

185.33.220.243
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=158&code=YgQ-pgAAAKJJxwO1

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

HTTP/1.1

Server

185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Feb 2022 22:26:49 GMT
X-Proxy-Origin: 185.213.155.165; 185.213.155.165; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 9cf09d1f-c474-42dc-b816-339cb08a6774
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 09 Feb 2022 22:26:49 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1644445610.629517,VS0,VE0
x-served-by: cache-hhn4023-HHN
x-cache: HIT
location: https://ib.adnxs.com/setuid?entity=158&code=YgQ-pgAAAKJJxwO1
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 sdk.config.get Show response
auth-id.nfl.com/ Frame 70B0 4 KB
2 KB 97ms
97ms Fetch
text/javascript 52.222.236.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-id.nfl.com/sdk.config.get?apiKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&httpStatusCodes=true
Requested by: Host: auth-id.nfl.com
URL: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=12833
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-97.fra56.r.cloudfront.net
Software: /
Resource Hash: 0ff95045d8ec0611e4cf43815d7975563e1800445a93584e17b777fab06af5b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=12833
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 22:26:49 GMT
content-encoding: gzip
x-soa: true, Gator
x-amz-cf-pop: FRA56-P4
edge-cache-tag: siteid_7827621
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
edge-control: !no-store,max-age=1h
x-cache: Miss from cloudfront
content-length: 1505
access-control-allow-origin: *
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
x-callid: 773b715399ac489daa97746a7e84e81f
cache-control: public, s-maxage=3600, max-age=900
x-server: us1d-nomad-g18
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: BTX7k7udkDAWRoj5sy7pDH8ov_xysa7uDUy4c6kxM1IGFiCMrNprlQ==

GET
H2 200 sdk.config.get Show response
auth-id.nfl.com/ Frame CA98 4 KB
2 KB 280ms
280ms Fetch
text/javascript 52.222.236.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-id.nfl.com/sdk.config.get?apiKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&httpStatusCodes=true
Requested by: Host: auth-id.nfl.com
URL: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=12833
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-97.fra56.r.cloudfront.net
Software: /
Resource Hash: 0ff95045d8ec0611e4cf43815d7975563e1800445a93584e17b777fab06af5b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=12833
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 22:26:49 GMT
content-encoding: gzip
x-soa: true, Gator
x-amz-cf-pop: FRA56-P4
edge-cache-tag: siteid_7827621
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
edge-control: !no-store,max-age=1h
x-cache: Miss from cloudfront
content-length: 1505
access-control-allow-origin: *
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
x-callid: 773b715399ac489daa97746a7e84e81f
cache-control: public, s-maxage=3600, max-age=900
x-server: us1d-nomad-g18
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: ScAj9EKTzZICgR0_YFKFnzjlLjMzw2FVDT_jhRNVV1PAz5QCYVfYlw==

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 01D3
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YgQ-pgAAAKJJxwO1

43 B
274 B

58ms
21ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537148856&val=YgQ-pgAAAKJJxwO1
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Feb 2022 22:26:49 GMT
via: 1.1 google
server: OXGW/17.1.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 09 Feb 2022 22:26:49 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1644445610.730368,VS0,VE0
x-served-by: cache-hhn4023-HHN
x-cache: HIT
location: https://us-u.openx.net/w/1.0/sd?id=537148856&val=YgQ-pgAAAKJJxwO1
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 01D3
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YgQ-pgAAAKJJxwO1

1 B
546 B

62ms
14ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YgQ-pgAAAKJJxwO1
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 18:41:20 GMT
cache-control: no-store, no-cache, private
x-lat: amspug0026:0:352
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 09 Feb 2022 22:26:49 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1644445610.831038,VS0,VE0
x-served-by: cache-hhn4023-HHN
x-cache: HIT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YgQ-pgAAAKJJxwO1
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 01D3
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YgQ-pgAAAKJJxwO1&img=1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YgQ-pgAAAKJJxwO1&img=1&__user_check__=1&sync_id=5fde716f-89f7-11ec-8f38-1bce7de30206

43 B
549 B

30ms
29ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YgQ-pgAAAKJJxwO1&img=1&__user_check__=1&sync_id=5fde716f-89f7-11ec-8f38-1bce7de30206
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: HTTP/1.1
Server: 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 22:26:50 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 131
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Wed, 09 Feb 2022 22:26:49 GMT
Server: nginx
Location: /partner?adv_id=6409&uid=YgQ-pgAAAKJJxwO1&img=1&__user_check__=1&sync_id=5fde716f-89f7-11ec-8f38-1bce7de30206
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 95
Connection: keep-alive
Content-Length: 0

GET
H3

200

b.php
www.facebook.com/fr/ Frame 01D3
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YgQ-pgAAAKJJxwO1&t=2592000&o=0

43 B
69 B

42ms
42ms

Image
image/gif

2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/fr/b.php?p=1531105787105294&e=YgQ-pgAAAKJJxwO1&t=2592000&o=0

Requested by

Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium

Protocol

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 14:26:50 PST
content-encoding: br
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: LOrJK2eMHaWy5dQTDjjJH+VCCYZzX+6dsCo1UWRpT8+XPZXS6ly4+JS0V/vYCLBclrle09ZJj58GJUzy1dK30g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: image/gif
vary: Accept-Encoding
cache-control: public, max-age=0
priority: u=3,i
expires: Wed, 09 Feb 2022 14:26:50 PST

Redirect headers

pragma: no-cache
date: Wed, 09 Feb 2022 22:26:50 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1644445610.032541,VS0,VE0
x-served-by: cache-hhn4023-HHN
x-cache: HIT
location: https://www.facebook.com/fr/b.php?p=1531105787105294&e=YgQ-pgAAAKJJxwO1&t=2592000&o=0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 sso.htm Show response
auth-id.nfl.com/gs/ Frame F98A 78 KB
28 KB 277ms
276ms Document
text/html 52.222.236.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=12833

Requested by

Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-97.fra56.r.cloudfront.net

Software

Resource Hash

bb17e24c74e06e8b0b21efd79b1b8c9d2e39d27e33520fb6841a3e8b0af04a65

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/

Response headers

content-type: text/html; charset=utf-8
content-length: 28491
cache-control: public, s-maxage=3600, max-age=900
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-origin: *
edge-control: !no-store,max-age=1h
edge-cache-tag: siteid_7827621,ver_latest
strict-transport-security: max-age=63072000; includeSubDomains; preload
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
x-soa: true, Gator
x-server: us1d-nomad-g1
x-callid: 9895ed88a4554593a32d7f45dce8fa24
date: Wed, 09 Feb 2022 22:26:50 GMT
accept-ranges: bytes
x-robots-tag: none
x-cache: Miss from cloudfront
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: G4SMtuKXsrZFVImj7RkLwj2FdJA46wKI5VTJhltukQDBZUauL_Ulhw==

GET
H2 200 client.js Show response
apis.google.com/js/ 13 KB
6 KB 144ms
56ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/client.js?onload=__gigya_handleClientLoad

Requested by

Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

935853b8f0d3a5ff638c5e615585e6202897241974297ee51126ed55c16462f7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6MNRGPqqlpuQKZc1ZSSwAw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 22:26:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
cross-origin-opener-policy: same-origin
etag: "95c92ebd9be63638ae6eb987d4a89f2a"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-6MNRGPqqlpuQKZc1ZSSwAw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Wed, 09 Feb 2022 22:26:50 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_EN/ 3 KB
2 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_EN/sdk.js

Requested by

Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_9uJbeFZZVmtKTfSv1bjUVQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1bb9beda70a71f266e00667eccda1af33aa42025d5d0ef198c1ffa51ca174d19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: bDqwMS1QD2XZQIXWUArhFg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Wed, 09 Feb 2022 22:35:08 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: 1DsHCpJRK/poAme/knFGX6o0isatfy56eeTQB2cqRKEm/gBJOaEaXbdBst07jnu3CkdzqR2f+3vaz/uksW8yuA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: ab951b72d7e0e6c110236838f330eecd
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 09 Feb 2022 22:26:50 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "b6cc5eefc7e55852c433e7cea3e07dff"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 285 KB
80 KB 18ms
8ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=d78246b58f98f96bb9767949a9f05fbd

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_EN/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e7dc35ca3c396aa9be42e9877023f807079fbd51af4f38d7be8487d610ff366

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.therams.com/
Origin: https://www.therams.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: gAIF06B203/4c11SRlYTtA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Thu, 09 Feb 2023 18:46:13 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 82099
x-fb-rlafr: 0
x-fb-debug: zdSzCpp7m6vTWSbwpIGbKiYWi/wFOz6/M5JydtAoULeRrO/N/tY5Tr3s+u6JxrzDbK4VRSoVJTRphzUVRNP+DQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 2b5305d7f4366ed0dde54ac9ecd72d65
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 09 Feb 2022 22:26:50 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "888cd5e759a25209d1ac724a736210aa"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H3 200 status
www.facebook.com/x/oauth/ 0
0 37ms
37ms Fetch
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=404205130228139&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.therams.com%2Fstadium%2Fsofi-stadium&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=d78246b58f98f96bb9767949a9f05fbd

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: ztKrEyEhsTKlD5jviTeEJS5/j2DjUv5yHOGKokMEYyRaZOqHc387iNZXiug6MtcxaGFdCM1uJYVkdthrRklHjA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
date: Wed, 09 Feb 2022 22:26:50 GMT
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.therams.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=1
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 cm
trc.taboola.com/sg/adobe/1/ Frame 01D3 43 B
240 B 42ms
26ms Image
image/gif 2a04:4e42:600::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent=
Requested by: Host: www.therams.com
URL: https://www.therams.com/stadium/sofi-stadium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms: 20
pragma: no-cache
date: Wed, 09 Feb 2022 22:26:50 GMT
via: 1.1 varnish
server: nginx
x-timer: S1644445610.155215,VS0,VE20
x-served-by: cache-hhn4057-HHN
x-cache: MISS
cache-control: no-cache, no-store
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.G0yl221Lv3A.O/m=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg/ 311 KB
105 KB 85ms
37ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.G0yl221Lv3A.O/m=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg/cb=gapi.loaded_0?le=oz

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/client.js?onload=__gigya_handleClientLoad

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb40a0de5789dfa39d78fc18f500b732ab0ba79f38ef4c892d8be42699e88350

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 05:51:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 146096
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107961
x-xss-protection: 0
last-modified: Tue, 11 Jan 2022 03:49:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Feb 2023 05:51:54 GMT

GET
H/1.1

200
OK

ibs:dpid=152416&dpuuid=
dpm.demdex.net/ Frame 01D3
Redirect Chain

https://ads.undertone.com/u?dp=32&url=https%3A//dpm.demdex.net/ibs%3Adpid%3D152416%26dpuuid%3D
https://evt.undertone.com/u?dp=32&url=https%3A//dpm.demdex.net/ibs%3Adpid%3D152416%26dpuuid%3D
https://dpm.demdex.net/ibs:dpid=152416&dpuuid=

42 B
961 B

30ms
30ms

Image
image/gif

34.242.49.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=152416&dpuuid=

Protocol

HTTP/1.1

Server

34.242.49.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-49-38.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v027-0dba01a99.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-Error: 104,300
X-TID: aLvC+EAOTFg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 09 Feb 2022 22:26:50 GMT
server: istio-envoy
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
location: https://dpm.demdex.net/ibs:dpid=152416&dpuuid=
cache-control: private, max-age=0, no-cache
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 01D3
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433
https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433&dcc=t
https://dpm.demdex.net/ibs:dpid=139200&dpuuid=bAKS6OOiRBqikVA0UbI9ww&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=38028006613905105411222451820135309839

43 B
556 B

103ms
103ms

Image
image/gif

209.54.180.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=38028006613905105411222451820135309839

Protocol

HTTP/1.1

Server

209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nfl.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Feb 2022 22:26:50 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: HC12MEVS13AAXVCZ3X6Y
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS: dcs-prod-irl1-1-v027-0612854b5.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: jggwZ2QmSCU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=38028006613905105411222451820135309839
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 sdk.config.get Show response
auth-id.nfl.com/ Frame F98A 4 KB
2 KB 98ms
97ms Fetch
text/javascript 52.222.236.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-id.nfl.com/sdk.config.get?apiKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&httpStatusCodes=true
Requested by: Host: auth-id.nfl.com
URL: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=12833
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-97.fra56.r.cloudfront.net
Software: /
Resource Hash: 0ff95045d8ec0611e4cf43815d7975563e1800445a93584e17b777fab06af5b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth-id.nfl.com/gs/sso.htm?APIKey=3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P&ssoSegment=&version=latest&build=12833
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 22:26:50 GMT
content-encoding: gzip
x-soa: true, Gator
x-amz-cf-pop: FRA56-P4
edge-cache-tag: siteid_7827621
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
edge-control: !no-store,max-age=1h
x-cache: Miss from cloudfront
content-length: 1505
access-control-allow-origin: *
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
x-callid: 773b715399ac489daa97746a7e84e81f
cache-control: public, s-maxage=3600, max-age=900
x-server: us1d-nomad-g18
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: sp_1TBY00Kfnb-WS-FNRZBMDnuje9-4jr-rQrvel5ArDEBbAGtlrGQ==

GET
H2 200 analytics.php Show response
rams.formstack.com/forms/ 0
321 B 575ms
575ms Script
application/javascript 18.66.122.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rams.formstack.com/forms/analytics.php?f=3301834&a=fv&m=embedded

Requested by

Host: static.formstack.com
URL: https://static.formstack.com/forms/js/3/analytics_3ca069828f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-60.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Frame-Options	sameorigin

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 22:26:50 GMT
via: 1.1 2a6277094357eb47f8dbeacb06ed96c2.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P2
x-frame-options: sameorigin
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public
strict-transport-security: max-age=63072000; includeSubDomains
x-amz-cf-id: Ko9epDlu5XeoS1LMOBxOYGM4d6MgvdjCcsusfQoVRYnYpTY9mm2Hrg==

GET
H2 200 fsa.js Show response
analytics.formstack.com/js/ 53 KB
13 KB 44ms
8ms Script
application/javascript 2600:9000:236e:3600:6:4f98:bc40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.formstack.com/js/fsa.js
Requested by: Host: static.formstack.com
URL: https://static.formstack.com/forms/js/3/scripts_0d92d709f3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:3600:6:4f98:bc40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3932e62b4ca1e14d91eaeff13bc9b5c8519b08083bd2f6748fd44877693f526

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 08:21:36 GMT
content-encoding: gzip
last-modified: Tue, 17 Apr 2018 16:12:22 GMT
server: AmazonS3
age: 50716
etag: W/"b33155f4d362b9a36ea18bee95c0797a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: TooCun2Qso5c12RFdyyS7RhhOCVIS9p_n9BekjqxFcCOhyIcU8n4zA==

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
964 B 141ms
123ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1163162232&v=1.1&a=5191967&rcu=https%3A%2F%2Fwww.therams.com%2Fstadium%2Fsofi-stadium&pu=https%3A%2F%2Fwww.therams.com%2Fstadium%2Fsofi-stadium&t=SoFi+Stadium+%7C+Los+Angeles+Rams+-+therams.com&cts=1644445610473&vi=03123c82033c8c2a7a980f17ec16ca91&nc=true&u=121074455.03123c82033c8c2a7a980f17ec16ca91.1644445610470.1644445610470.1644445610470.1&b=121074455.1.1644445610471&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 22:26:50 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 21c496eb-078d-4997-a99b-8fd432b2bf1a
cf-ray: 6db08589980e91de-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xonliY%2FkKtvcitHVGZYR4GEVOB0%2BTTJMeP8LgsAatMNqLOKMlwYhDtAV%2FSS0GUHayqzOD9B20ofbBvury3eO%2FfL9COGpODpONi13S9RPwiBSlj6hskKw0PxgD4rNGO7AocVfOPV1g3jlcKntLYMe"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 46ms
46ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=737141646&t=pageview&ni=1&_s=1&dl=https%3A%2F%2Fwww.therams.com%2Fstadium%2Fsofi-stadium&ul=en-us&de=UTF-8&dt=SoFi%20Stadium%20%7C%20Los%20Angeles%20Rams%20-%20therams.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=AACAAEABCAAAAC~&jid=1981043399&gjid=1873138097&cid=1031073136.1644445608&tid=UA-122484269-1&_gid=1372715273.1644445608&_r=1&_slc=1&z=1291877824

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.therams.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 09 Feb 2022 22:26:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.therams.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 38ms
38ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=737141646&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.therams.com%2Fstadium%2Fsofi-stadium&ul=en-us&de=UTF-8&dt=SoFi%20Stadium%20%7C%20Los%20Angeles%20Rams%20-%20therams.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Formstack%20Form%203301834&ea=view&_u=AACAAEABCAAAAC~&jid=&gjid=&cid=1031073136.1644445608&tid=UA-122484269-1&_gid=1372715273.1644445608&z=126686796

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Feb 2022 08:56:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 48642
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 167 B
1 KB 166ms
148ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=5191967&utk=03123c82033c8c2a7a980f17ec16ca91&__hstc=121074455.03123c82033c8c2a7a980f17ec16ca91.1644445610470.1644445610470.1644445610470.1&__hssc=121074455.1.1644445610471&currentUrl=https%3A%2F%2Fwww.therams.com%2Fstadium%2Fsofi-stadium

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc7cd51cde342565f1a0473800f0340a203020bb0c7f7895fafe7b291833c1ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 22:26:50 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: c1b77476-9b0a-4085-a115-7394a9a8c0ef
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag: none
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h9Aun7XrefFqgIGy08nd8AwkcumWWUj4Qyo81RMeO%2FsqVwffkqCuqZvkgRzFTKXWw2bvW9FW8tM3RvY2DSBtbw8wCwvlutvgvjWcYAtSW5N48LFB9cyhfa3KquBgyPqueGspVyF%2Fz0ehmYnejLO7"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.therams.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 6db08589b80e90af-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 45ms
24ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-122484269-1&cid=1031073136.1644445608&jid=1981043399&gjid=1873138097&_gid=1372715273.1644445608&_u=AACAAEAACAAAAC~&z=151849505

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.therams.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 09 Feb 2022 22:26:50 GMT
content-type: text/plain
access-control-allow-origin: https://www.therams.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 101ms
52ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-122484269-1&cid=1031073136.1644445608&jid=1981043399&_u=AACAAEAACAAAAC~&z=98013383

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Feb 2022 22:26:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 93ms
46ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-122484269-1&cid=1031073136.1644445608&jid=1981043399&_u=AACAAEAACAAAAC~&z=98013383

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.therams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Feb 2022 22:26:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: adb2waycm-atl.netmng.com
URL: https://adb2waycm-atl.netmng.com/cm/

Verdicts & Comments Add Verdict or Comment

168 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

69 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.therams.com/	1969-12-31 23:59:59	Name: at_check Value: true
.demdex.net/	1970-01-20 05:06:37	Name: demdex Value: 38028006613905105411222451820135309839
.therams.com/	1969-12-31 23:59:59	Name: AMCVS_F75C3025512D2C1D0A490D44%40AdobeOrg Value: 1
.everesttech.net/	1970-01-20 09:33:01	Name: everest_g_v2 Value: g_surferid~YgQ-pgAAAKJJxwO1
.therams.com/	1970-01-20 18:21:30	Name: mbox Value: session#cef4220003914451b9e9b852e709e217#1644447467\|PC#cef4220003914451b9e9b852e709e217.37_0#1707690407
.dpm.demdex.net/	1970-01-20 05:06:37	Name: dpm Value: 38028006613905105411222451820135309839
.therams.com/	1970-01-20 18:18:37	Name: AMCV_F75C3025512D2C1D0A490D44%40AdobeOrg Value: -1124106680%7CMCIDTS%7C19033%7CMCMID%7C37868878626611992181206115925239275184%7CMCAAMLH-1645050406%7C6%7CMCAAMB-1645050406%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1644452806s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19040%7CvVersion%7C5.2.0
.mathtag.com/	1970-01-20 10:13:20	Name: uuid Value: 7d6a6204-3fa6-4200-8c6e-99f073d61203
.exelator.com/	1970-01-20 03:40:13	Name: EE Value: "3b1e0295887b35605b73b1c7a5a13f31"
.exelator.com/	1970-01-20 03:40:13	Name: ud Value: "eJxrXxzq6XKLQcE4yTDVwMjS1MLCPMnY1MzANMkcKJRsnmiaaGicZmy4uCy1aMHS0uLUlKRDSypySnKaVpfFhzrGuzn6evpELnPOKMrPTV0BFgpzDVpkabEkvygzfZGL6%252BKilDSGRSXFp4L3F%252FgAAEdIKU0%253D"
.w55c.net/	1970-01-20 10:13:20	Name: wfivefivec Value: KXEeNb8o1NhVqf5
.w55c.net/	1970-01-20 01:30:37	Name: matchdmx Value: 5
static.formstack.com/	1970-01-20 00:57:30	Name: AWSALBCORS Value: z3uS92MG6Cm/69OEZ9WZQAJVbMOIcEta0GvlOA7ON/x6+2b1oKz/5c27SBfEYavQitHPymHOnMIsCUVtrAySTrEhwx0S3Ry+hm5p1m2J7b02pUzJ9KKXFTZk0TJ2
.adnxs.com/	1970-01-20 02:57:01	Name: uuid2 Value: 5181495627628509417
.therams.com/	1970-01-20 00:47:27	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://www.therams.com/stadium/sofi-stadium%22%2C%22sref%22:%22%22%2C%22sts%22:1644445607472%2C%22slts%22:0}
.therams.com/	1970-01-20 10:16:49	Name: _parsely_visitor Value: {%22id%22:%22pid=442b6945fbb769cb7b4176cfbdf19b7b%22%2C%22session_count%22:1%2C%22last_session_ts%22:1644445607472}
.therams.com/	1970-01-20 02:57:01	Name: _gcl_au Value: 1.1.1115473398.1644445608
.therams.com/	1970-01-20 00:47:27	Name: s_pv Value: rams%3Astadium%3Astadium%3Asofi-stadium
.turn.com/	1970-01-20 05:06:37	Name: uid Value: 8997232101449886322
.therams.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.therams.com/	1970-01-20 02:57:01	Name: _fbp Value: fb.1.1644445607631.1847643072
.therams.com/	1970-01-20 18:18:37	Name: _ga Value: GA1.2.1031073136.1644445608
.therams.com/	1970-01-20 00:48:52	Name: _gid Value: GA1.2.1372715273.1644445608
.therams.com/	1970-01-20 00:47:25	Name: _gat_gtag_UA_122484269_1 Value: 1
.www.therams.com/	1969-12-31 23:59:59	Name: gig_canary Value: false
.www.therams.com/	1969-12-31 23:59:59	Name: gig_canary_ver Value: 12833-3-27407370
.twitter.com/	1970-01-20 18:18:37	Name: personalization_id Value: "v1_AkTaCFtTGDJyvPC/0FJyog=="
.doubleclick.net/	1970-01-20 10:09:01	Name: IDE Value: AHWqTUmEcI6Fu4CCsF_7WLTUxHv57SlxLkez9ufEQFzaNPKOa_H3J6auHVLcJyG0pWg
.everesttech.net/	1970-01-20 01:32:04	Name: ev_sync_ax Value: 20220209
.everesttech.net/	1969-12-31 23:59:59	Name: everest_session_v2 Value: YgQ-qAAAAIN9DnOl
.adsrvr.org/	1970-01-20 09:33:01	Name: TDID Value: 53ab0483-3bc6-4e91-b182-130f4479b3d7
.advertising.com/	1970-01-20 09:34:28	Name: APID Value: UP5f10d9d8-89f7-11ec-831f-0634c696e188
.adsrvr.org/	1970-01-20 09:33:01	Name: TDCPM Value: CAESEgoDYWFtEgsIgpDbuKmJtjoQBRgFIAEoAjILCNL8x-W_ibY6EAU4AQ..
.auth-id.nfl.com/	1970-01-20 09:33:01	Name: apiDomain_3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P Value: auth-id.therams.com
.criteo.com/	1970-01-20 10:09:01	Name: uid Value: ce7074ba-9291-4ec0-9512-8893d3f2a61a
.eyeota.net/	1970-01-20 00:47:26	Name: SERVERID Value: 20028~DM
.yahoo.com/	1970-01-20 09:33:23	Name: A3 Value: d=AQABBKk_BGICEO6rAaVfCl0aWSpTC6CpeBE&S=AQAAAuQxZb82jFhZH6DT8L-U_Ak
.auth-id.therams.com/	1970-01-20 09:33:01	Name: gmid Value: gmid.ver4.AcbHYfcBEw.b9OvfK-pEiqcJ-q2fNHw-8yPplW4H7wBsEn9ynsCgB20tufW9yDpzVxzZYE1hm-L.AbM4yj9Le-R2HvbdTE2hehI_xTvuvCIRF19SG3bbU8-BNbWxjnESbolsHf1efesBdq4_4sT-hEjx472oabMLPg.sc3
.auth-id.therams.com/	1970-01-20 09:33:01	Name: ucid Value: H6r1LEugBMxhActuV7o7TQ
.auth-id.therams.com/	1970-01-20 05:08:00	Name: hasGmid Value: ver4
.everesttech.net/	1970-01-20 01:32:04	Name: ev_sync_yh Value: 20220209
.therams.com/	1970-01-20 09:33:01	Name: gig_bootstrap_4_9uJbeFZZVmtKTfSv1bjUVQ Value: auth-id_ver4
.casalemedia.com/	1970-01-20 09:33:01	Name: CMID Value: YgQ-qfj8zOItY7ETl.UI5gAA
.casalemedia.com/	1970-01-20 02:57:01	Name: CMPS Value: 3270
.casalemedia.com/	1970-01-20 02:57:01	Name: CMPRO Value: 1184
.casalemedia.com/	1970-01-20 00:48:52	Name: CMST Value: YgQ-qWIEP6kA
.casalemedia.com/	1970-01-20 09:33:01	Name: CMRUM3 Value: 5862043fa92760YgQ-pgAAAKJJxwO1
.adnxs.com/	1970-01-20 02:57:01	Name: anj Value: dTM7k!M4.FErk#WF']wIg2E?fmskS_!]tbPl1MwL(!R7qUY$+0XTi)/YWJXsU[LZicW2LhwyCee<QG=%9sk?bIRwi:w9Ld1i[3C'TWBCu(lOfM!x']a*ShBf
.auth-id.nfl.com/	1970-01-20 09:33:01	Name: gig_canary_3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P Value: false
.auth-id.nfl.com/	1970-01-20 09:33:01	Name: gig_canary_ver_3_h1AiUI9kcBduMJ2JoYPP6EXq3FGIy75RiS2DqkxjARGPcVazXVlNcGAOhgAfrU0P Value: 12833-3-27407370
.pubmatic.com/	1970-01-20 02:57:01	Name: KRTBCOOKIE_218 Value: 4056-YgQ-pgAAAKJJxwO1&KRTB&22978-YgQ-pgAAAKJJxwO1&KRTB&23194-YgQ-pgAAAKJJxwO1&KRTB&23209-YgQ-pgAAAKJJxwO1
.pubmatic.com/	1970-01-20 01:30:37	Name: PugT Value: 1644432080
.pubmatic.com/	1970-01-20 02:57:01	Name: PUBMDCID Value: 3
.spotxchange.com/	1970-01-20 09:33:05	Name: audience Value: 5fde7124-89f7-11ec-8f38-1bce7de30206
.google.com/	1970-01-20 05:10:56	Name: NID Value: 511=OaYIPwPIkk-5kv0K9MXcpDXGTxI1uu_du8yWXBmy8mHZUP75A3RDwzjiQHZQvnCwVo9-fOPCTFelpXmvo4coYtsuSw8hU6VFaQyzKxx2OuRBFazFlJe7byvC2XOTr1Q8IniIImHZuSlJNMEW09GM_Gb5NP942Z2Xh8eTB66h6As
.demdex.net/	1970-01-20 05:06:37	Name: dextp Value: 269-1-1644445607005\|3-1-1644445607106\|359-1-1644445607215\|358-1-1644445607316\|470-1-1644445607448\|843-1-1644445607557\|640-1-1644445607690\|771-1-1644445607812\|1123-1-1644445607913\|1083-1-1644445608014\|1085-1-1644445608115\|1086-1-1644445608215\|1087-1-1644445608316\|1088-1-1644445608417\|903-1-1644445608518\|6835-1-1644445608619\|19913-1-1644445608720\|28645-1-1644445608820\|30064-1-1644445608921\|30646-1-1644445609022\|30862-1-1644445609123\|83349-1-1644445609223\|144230-1-1644445609324\|144231-1-1644445609425\|144232-1-1644445609526\|144233-1-1644445609626\|144234-1-1644445609727\|144235-1-1644445609828\|144236-1-1644445609928\|144237-1-1644445610029\|147592-1-1644445610137\|152416-1-1644445610238\|139200-1-1644445610342
www.therams.com/	1970-01-20 10:09:01	Name: __hstc Value: 121074455.03123c82033c8c2a7a980f17ec16ca91.1644445610470.1644445610470.1644445610470.1
www.therams.com/	1970-01-20 10:09:01	Name: hubspotutk Value: 03123c82033c8c2a7a980f17ec16ca91
www.therams.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
www.therams.com/	1970-01-20 00:47:27	Name: __hssc Value: 121074455.1.1644445610471
.therams.com/	1970-01-20 00:47:25	Name: _gat Value: 1
.therams.com/	1970-01-20 18:18:37	Name: FSAV Value: 1263112057.1078514947.1644445611.1644445611.1644445611.1.
.therams.com/	1970-01-20 05:10:13	Name: FSAC Value: 1263112057.1644445611.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)
.therams.com/	1969-12-31 23:59:59	Name: s_ptc Value: pt.rdr%240.00%5E%5Ept.apc%240.00%5E%5Ept.dns%240.04%5E%5Ept.tcp%240.10%5E%5Ept.req%240.50%5E%5Ept.rsp%240.02%5E%5Ept.prc%244.13%5E%5Ept.onl%240.02%5E%5Ept.tot%244.79%5E%5Ept.pfi%241
.hubspot.com/	1970-01-20 00:47:27	Name: __cf_bm Value: 0CVDtYDUdiwteRE9mMHXylnPLLW3qqOIyb3Zl8NBsI0-1644445610-0-AafzPrTxdLtl6KhrSaIjUG9ZVbdkIzB/dumTKIqx0pdoYgsWUvITIvYrP60LJuiGnT+hSu33+JQZsC5tRzFvHo8=
.amazon-adsystem.com/	1970-01-20 06:24:23	Name: ad-id Value: A1L_VlauCESFgj4GWiqKWVk
.amazon-adsystem.com/	1970-01-21 21:50:18	Name: ad-privacy Value: 0
.undertone.com/	1970-01-20 09:33:01	Name: UTID Value: cd6c20a7b0fc400f8db997d94606a1a6
.undertone.com/	1970-01-20 09:33:01	Name: UTID_ENC Value: c5tb0s6dpb8598jebawjkbrty

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.therams.com/stadium/sofi-stadium(Line 49) Message: A preload for 'https://www.therams.com/compiledassets/css/base.css?_t=d88dbc479573a51bd84878e5bd0cfe7c' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other	warning	URL: https://www.therams.com/stadium/sofi-stadium(Line 50) Message: A preload for 'https://www.therams.com/compiledassets/theming/d67c44a609a9b0620bc93a8019cd60e8' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
javascript	warning	URL: https://rams.formstack.com/forms/js.php//contactmessl?&jsonp=1(Line 1941) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://static.formstack.com/forms/js/3/jquery.min_1d14cd3798.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://rams.formstack.com/forms/js.php//contactmessl?&jsonp=1(Line 1942) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://static.formstack.com/forms/js/3/jquery-ui.min_42a497cb9f.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://rams.formstack.com/forms/js.php//contactmessl?&jsonp=1(Line 1943) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://static.formstack.com/forms/js/3/scripts_0d92d709f3.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://rams.formstack.com/forms/js.php//contactmessl?&jsonp=1(Line 1944) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://static.formstack.com/forms/js/3/analytics_3ca069828f.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://rams.formstack.com/forms/js.php//contactmessl?&jsonp=1(Line 1945) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://static.formstack.com/forms/js/3/google-phone-lib_c1e61f3e9c.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://rams.formstack.com/forms/js.php//contactmessl?&jsonp=1(Line 1946) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://static.formstack.com/forms/js/3/plugins/googleanalytics.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://rams.formstack.com/forms/js.php//contactmessl?&jsonp=1(Line 1947) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://static.formstack.com/forms/js/3/plugins/utm_tracking.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://rams.formstack.com/forms/js.php//contactmessl?&jsonp=1(Line 1948) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://static.formstack.com/forms/js/3/modernizr_60a2d5aeb5.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://pixel.advertising.com/ups/28/sync?uid=38028006613905105411222451820135309839&_origin=1&redir=true&verify=true Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adb2waycm-atl.netmng.com
ads.undertone.com
ads.yahoo.com
ajax.googleapis.com
analytics.formstack.com
analytics.twitter.com
apis.google.com
assets.adobedtm.com
audit-tcfv2.quantcast.mgr.consensu.org
auth-id.nfl.com
auth-id.therams.com
cdn.onesignal.com
cdns.us1.gigya.com
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
d.turn.com
d1z2jf7jlzjs58.cloudfront.net
dpm.demdex.net
dsum-sec.casalemedia.com
evt.undertone.com
fonts.googleapis.com
fonts.gstatic.com
forms.hubspot.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
image2.pubmatic.com
imasdk.googleapis.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsleadflows.net
load77.exelator.com
loadm.exelator.com
match.adsrvr.org
nfl.demdex.net
nflenterprises.tt.omtrdc.net
odr.mookie1.com
onesignal.com
p1.parsely.com
pixel.advertising.com
pixel.everesttech.net
pixel.rubiconproject.com
pm.w55c.net
ps.eyeota.net
quantcast.mgr.consensu.org
rams.formstack.com
rules.quantcount.com
s.amazon-adsystem.com
s3.amazonaws.com
sb.scorecardresearch.com
secure.quantserve.com
securepubads.g.doubleclick.net
smetrics.nfl.com
static.clubs.nfl.com
static.formstack.com
static.www.nfl.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
sync.search.spotxchange.com
test.quantcast.mgr.consensu.org
track.hubspot.com
trc.taboola.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.therams.com
x.dlx.addthis.com
adb2waycm-atl.netmng.com
104.244.42.195
104.76.200.221
13.32.121.17
13.32.121.38
142.250.184.226
142.250.186.66
15.188.95.229
151.101.129.153
151.101.130.49
18.66.122.60
18.66.97.124
185.29.132.241
185.33.220.243
185.64.189.110
185.94.180.126
2.18.234.21
2.18.234.36
2001:678:cb4:bbbb::13
209.54.180.144
212.82.100.182
216.58.212.162
2600:9000:223f:2600:6:44e3:f8c0:93a1
2600:9000:2240:bc00:9:46dc:4700:93a1
2600:9000:225e:9800:3:a4cd:8380:93a1
2600:9000:236e:3600:6:4f98:bc40:93a1
2606:4700::6811:43b0
2606:4700::6811:d5cc
2606:4700::6811:e6cc
2606:4700::6812:15bf
2606:4700::6812:e134
2606:4700::6813:9a53
2606:4700::6813:9b53
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1288:80:800::7000
2a00:1450:4001:808::200e
2a00:1450:4001:810::2003
2a00:1450:4001:812::2004
2a00:1450:4001:812::200a
2a00:1450:4001:813::200a
2a00:1450:4001:829::2002
2a00:1450:4001:829::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2008
2a00:1450:400c:c06::9b
2a02:2638:1::13
2a02:26f0:6c00:28a::1e80
2a02:6ea0:c700::1
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a04:4e42:600::300
3.120.29.221
3.121.27.153
3.70.102.167
34.242.49.38
34.248.191.66
34.254.143.3
34.98.67.61
35.244.159.8
44.198.213.18
52.205.167.202
52.210.63.97
52.217.206.224
52.222.236.97
52.222.250.115
52.223.40.198
54.155.222.85
54.93.153.188
63.35.80.202
69.173.144.139
02930bc2b4c08b3da50de2d03d6374454b0ff8fbe111ae5463964d1bc251c939
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2
04bebecfb9f7ce92cf947ce283fccf067cf6870f65af3456dd22b6c102447c83
083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bdf6e53be2c7ff443a82c0ad1896107ccbc0d669ad42800dfc0f4e55aa3ea93
0c5ef018746786c973b11ed38934a17a09d5b6ebc739a738c7e924ebe0b15528
0d387e0a5b706be9dafcb05e88b47197fc3a04e37bf3674507432ae754d0c0b6
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0feda09dfe306a9935b0bf6ed4c5ccdcef19cb1ebad32576cced50c84f1777dd
0ff95045d8ec0611e4cf43815d7975563e1800445a93584e17b777fab06af5b8
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
137713432b3fc329e3d649e38ec9d5df64b1d51fd0ef3ab388178d8325f1d475
187a6bf381cd0cef776ca2c409928045347b7d62324c73d65f32073a3a91f915
1bb9beda70a71f266e00667eccda1af33aa42025d5d0ef198c1ffa51ca174d19
220e74313fe444d28375d73fda37d0adbf38a1b3e80c76963e5521850889d44f
229a2534529014c8d62688d11f598a6bfb826f82054827f6ab6633e186a608d0
22c071c3ed244f33ff86c96a6a7d9a25be4b0a18cc462f39c6e8a5b7fdb4ba69
2465a231a58b82c620d23b94ee93bb2bdc046acf40e9ded0aacf40cc43384952
2799001f240cd99cd731ecf4c933e4aade589dbe85f93901c900dd8ecec01999
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
284f3fb5272a62c2fa10bf971794e7d86d1b18a00f5b6b6a3834c318e8cb6e1e
2a44537ffe33c438fcc6f49f4ee6a02be0daa467010273f3c10f8101bd570073
2bc1e39bc42a6b22ca0750f79347faf3d5720cccd8a3d611682dc53f715c82dd
2d347443d3ac1363e31281915b1a5a239c9905bfdbabb7f897dbb07ef981d71b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
32ed95b190974ab3c06dcbfe84decbe46ba5bf9ef759aaad201b053d06342d9e
3d699a355a5d1e675af5663335726fc636aaeaacf75be421a35901874043a8e5
3e7dc35ca3c396aa9be42e9877023f807079fbd51af4f38d7be8487d610ff366
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
476e7eb397d8ad4c1c63798669d2b7011f69f14add6f5ad92d8df3ace8456355
47c51b8272102bc692e117de7f58ea6c6f5e7c18fc262512ad902ef1c645609b
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fd91864be6192916a0cdc95d51d179f9bc071b462b7cb1e9e311a4bed974f41
51f9f21b7ac45e48dea3f02ead3b3ed2151936f28cb0f7a3bf26af88bb30adb1
5377c77436bfcc620e2d5bebb1779b5daf63a9cabd28022ba959323d1d8e9b0b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
551a4a808579c7378031adf0db69216f283b918c1ad8121a2537aea2de752975
55412c28f1fc7230f98e49ca53c80a4794e61826175304e54c8e84520966bf7e
55723e64f42b1751419803799a21651fdcfa9fb1df025344a07f5b619fc09155
55fde4bfab54152c832b0004120bf58a6962fa6e907063bc0ffea0cf22122dd7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5735dc0f41e6575b3c446749ff221fed891988e66b7313e985a0e9c0cfbea52b
590724305eb93b15b09eac9a534d173f727155ddb42c0a06275eec549f35a5f3
5bad87b8d37ffcfbf7ac14becab03964573366353388a7dd80825da4d3cceea1
5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153
6199d7ca3ec10c4de7cd008b1f021eb83110f2d7bc5804483b2ab8e6644eae9a
61ed9ec4c536d2eb2e32389cfff1656afce90aa7715968876853a1ac3439ca88
651dab4cb7bc37df2f04d730db54ee9e9bdc1f93fe9739a05c9ce07e0e335947
6540382757a178aae4e2cda77f8c8634e72c93dc80e27cb1435862eac6100203
6701454491ae4d2c571f9443f60895852709199d4a02f25cf4f8070c6b35d144
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda
690507500538e422ee1d1707573b3b3acfd7a57674e1d1234f87c8ee5f587d19
6abf2aa9d7790ad3b128a7396c3bfd3367a98948a212d7f110607691d8fb4f2c
6eeb370855e4f16067a57797064c296fe2ec6bf7eadb9e49db1df31d712339ba
7069bd8cd4136cf552c4c02ba4f80c03f4a9e36b9edac2f2a8d7c7313b2e1580
7157511697db744d384a5a2a8646af23f3c90560abf93bb240fdd690b29a898a
7211d8b26143e07e1cb7b66219fcf0fc4a22a57f6b864c9cee37070df8592d6d
7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403
788ab74adefb14b2710f86b1de56bc0040c935d09e5ba8a1825ca6d3c15dc8a1
798e9911a02d8cc29927bfceb1f617e25d4e8e4fb5435140419c6236f7b7f5b3
7be05e2b4781ede26728b7a6e0d4e5410890dc90dd691510e5b30802519c583e
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7cd1ce1596ca026fa2706f1bac7c02464d918ffb8d48c8af15d7fb8fd6c0a9de
7e2ce69243822d5c57292a5c0aa96d49c14773670b800e98bcfff17dcf1052da
7e631a807e4b121be305ddb3ba1340afda0f906a8ebc768a17a2df9fc5b4328b
7f9881cd34c319ae776501e44125494a9ab9f45f9b93c80f033108a9d53bc134
7fe19ed9f52e04a6932f63b7de463fd9c8593b2ddbcbd4469fe0db31a0fabf30
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8182161d54abafd67e6e11122131bc2bcd65a4a86bf80617e655aa88265000f1
82372e5085d63a3eebd690eca5c085c65b6d0de397b7fbb1a6d7b9fc87d0061e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83b8975d97ad572af9b9c7bf861913699ac5d14f1ad14521e0ef5c451b71ac55
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86bc752d0407555cfb8f83681c8cf277390cc9ca5b49f8c64a8753480f7c0e3e
86d5823df9f96c928e9981519128e09bf8f745ca88e690be0b342b5ce904d394
878796facbcbeadeddda79c14175bb3967519b61d1db46ae49a36b5dc84e5dd9
8a077659f2a6ddd4ef5faeeddb3a11f35f9e06e9d7e4983e9b6b94ae4f0c3736
8bcd1a4901c7753af609970d77e8a023a889afdb02bb7ee6b343b05ca5069598
8d500c5e39809b42569d6da91088367963f1096de9b205972de5ae64a75e39b0
8f4b70778aa21c1c093c6acbad70c70b2e69d4d22e47d9405ee137db16ca050b
8f73ebb686deeef5dc9318445a5b4179a8e2bbe9bc82c25a5c7600c6afd47127
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
935853b8f0d3a5ff638c5e615585e6202897241974297ee51126ed55c16462f7
9491f3caca5118a6226c06230922aa60cc2f342dec29a728970daf1d73b107a8
972965a2008fb7426f4a686c601836371b92cfae2afbaa4bf36c7ccbfc3f0a41
97de3adf74a0a5e4bc0b08f1508b103a926ab8d3f24d76767b5596db185da907
9d8b72388801d85bbe5e728baa32bc98aed33bbc3bfe96fe3079f16acf04af02
9fc43e8f6f26a254c4570b6ccd4e08a2a5f97bedcd1f3491ede9bbb8b5012d90
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1e8ff6e3433451a637658e81616852233d86684186eab93629b79c94d15b28f
a6bdf620e64f6f9481b0b273e6365a133ce173c2feb8839cfb99542f0f7f518e
a72891ab6e9b44ba1dab6cda81cb196e7a93913a05c7b8d772bbe35c402f14f7
a81f1adb70a2c570ba58635581181e8678244887f8e9a3bf50b703368f211948
a9f8cc3fcb56bb648341abb1e3b43c0089f0c67f07b5250fc2998bcfeaab34fb
aaf03219cf050a3a022af73224f8ddad8c051e07354af2e0d880aa8a599c1782
aafa5bd1a6d109986f239e94e42036262c7eb9189f63b4f00cefbfe963ca6ad3
ab2e2395cef5812ed20caae0b0a178b1edace5036be869f62709efbfbee0580f
aba5ed44fb1cddc664223c23c8afd4a07e75edb3a6c5d9c89ecd9654d8898a07
ac10112e1f23d21b3f4130d8b4ef344ce013dc634f6d8171fa4df2637e52f791
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af420c807b04fdb5136ef53f3bab83b81f2b94e43fa9856f1fad2fde88383744
b050f8266d783f45576d942b90896bfe8beb572b977fec609ac0bafd6a477791
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3
b25cb256e8187eba8e3e63bc4d6bb8faf1aa6ba285c63d31eb9e85100bfc5de8
b34144c367b6531b6c5a970cf4ffa526804af9b71ab1198444d988235acb3cda
b3a0468ca1d69210db78aefafae46d1fd7efe8b3bfb43ac999b9398384b8dea7
b62803f92be2f3ef0d4791d44011cc25c4ff8f56e9b0d69834f2ddda78329a5c
b96e7301a686b33ddf2cf5a2c5c0f1767276e21ac1f2150a173cf710f353c94d
bb17e24c74e06e8b0b21efd79b1b8c9d2e39d27e33520fb6841a3e8b0af04a65
bb40a0de5789dfa39d78fc18f500b732ab0ba79f38ef4c892d8be42699e88350
bb6c08579f871753ec3d3bcd1e49757fa8342e136fd5a485b871a4068bc32623
bcec1a47d702627a87baa373da863f22a6133d09fabad9fa9182380dd654134e
bed924988f40a748ce85d013b93994b31d8b7dd8214c0b47938dab985641fd92
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f
c0a91f38e7d188fe81ce0bd28ba637577863b8dd5618d651d7a011a8172680f3
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c576341a29cc7803eae586a5b1b0004e4391f95a0583613a5839d25eabd8fec5
c92e958b151f13f6e0ad4998d6c3c0c9bd276f3c261654ec8e1fe6da6efd2e96
c98366a87bd0007a24b135bf9c39038ff3d7ea8d4c77f4222aa834f747afc6ee
cefbe7134a635054c5a9a6d2c95252e1194275cfbe8b5b2631a006f6eae5ea22
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf6d682f0289fa284b2a55d17f29501dc0b97a0a5777af3d0ff6e57e56b13bef
d5fff1784193807b9cd03e9babd9b017375f622351e7024b591e6b337295e47a
d68d0ec4538467639a78668e1c3ff4f364c9d5dc2b147050baafce989ff5e868
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
d846793f4bd5253e13d58e1f45160575835a9ac8091d78654067c7bc5aea13eb
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dc7cd51cde342565f1a0473800f0340a203020bb0c7f7895fafe7b291833c1ca
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfa5fd01fac7951b11788f71c5d01fe9b567ffee4e04fe57315daf90da43df02
e05625072af3c4d3ca3bcef620cecc11cad888a0441600f3c43d04c3334d2c64
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5f0058d3d737d25b691728bce12a7d0b77183781c936ca8152e28cacf9e6e3f
ea2cfd052397a2a777ace87690d76dc8caa81d75a37d35639401e7e995bff377
eec3e00ec5297b3e3a9fdfda04e1eb3495b871c01db06e469146a731fd726f98
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3932e62b4ca1e14d91eaeff13bc9b5c8519b08083bd2f6748fd44877693f526
f86db151732c4212c2cd57d7be7889c95ce5a8f0ca11fb40ce3410b9beeac723
f937112319e1a219bd29a13fbc3b2be5fdb611039fd261159ea28655de8797c4
fc98c9f06ecc9a282b433f8171fd80c4fc8a8ac778ee355530d54fffaae0ea31
ffb8de82eb4e7ce352d6babc3102b81fdef6a4df507ff6e0df2d4fac007d939c

www.therams.com Open in urlscan Pro 151.101.129.153 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

188 Requests

82 %HTTPS

44 %IPv6

53 Domains

75 Subdomains

58 IPs

7 Countries

5520 kBTransfer

10589 kBSize

69 Cookies

54 Outgoing links

Redirected requests

188 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.therams.com Open in urlscan Pro
151.101.129.153 Public Scan

Screenshot
Live screenshot

Full Image

188
Requests

82 %
HTTPS

44 %
IPv6

53
Domains

75
Subdomains

58
IPs

7
Countries

5520 kB
Transfer

10589 kB
Size

69
Cookies

188 HTTP transactions
2 data transactions